This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/OIt3ukO0E1JzCMnd9CPupDVaSy0.roa File: OIt3ukO0E1JzCMnd9CPupDVaSy0.roa (raw, json) Hash identifier: QYZJFW7gCaEe9Rlefd1C8/39+7XSdniZC8eeSt5Y7rI= Subject key identifier: 38:8B:77:BA:43:B4:13:52:73:08:C9:DD:F4:23:EE:A4:35:5A:4B:2D Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be Certificate serial: 019B7EA708ABB81AED71D0DA252ED56AE0C0 Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/OIt3ukO0E1JzCMnd9CPupDVaSy0.roa Signing time: Fri 02 Jan 2026 12:20:34 +0000 ROA not before: Fri 02 Jan 2026 12:20:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198981 IP address blocks: 2a01:ecc0:2000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.mft rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:08:ab:b8:1a:ed:71:d0:da:25:2e:d5:6a:e0:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be Validity Not Before: Jan 2 12:20:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=388b77ba43b413527308c9ddf423eea4355a4b2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:84:2d:d1:c8:d9:62:9e:f3:d1:6a:0e:f7:6a: fd:46:76:bb:2d:08:fb:61:0b:21:09:7f:18:67:b2: 4e:69:01:54:fb:6e:ef:55:66:7e:bf:97:45:4d:86: 3b:fd:98:c2:70:5e:e4:bc:1e:fb:9e:0d:d0:9e:16: 81:a0:ae:df:cf:6d:d9:68:dc:e4:c1:f2:ad:d4:a7: db:a6:24:50:08:e6:13:b3:97:30:e6:d6:5d:f2:36: e8:f6:e4:67:6a:97:51:f0:a2:71:61:44:93:2a:f6: 08:ab:aa:02:73:3c:a9:50:f0:2c:08:d2:80:1f:eb: 3e:4f:90:61:ea:b6:81:b6:51:10:9e:b6:b2:6f:8b: 17:8c:30:26:ef:71:3f:c5:c6:28:5d:0c:82:dc:dd: 50:ec:0e:d9:d5:42:43:82:fa:c8:28:06:33:5a:69: 00:d6:c7:14:59:21:73:11:f1:39:50:69:d0:63:03: af:6a:c1:4a:d5:c6:57:b0:82:49:49:9c:2a:4a:1d: a1:47:5d:2a:1b:61:e1:7f:f5:32:3e:13:9d:b3:ff: 5d:85:b2:1a:d5:e8:3b:16:5c:62:2e:3e:08:44:14: 2a:07:00:49:95:04:d4:1a:84:a5:87:8c:f2:95:b1: cd:0f:82:62:aa:cd:b1:be:e8:99:04:45:c2:c8:b2: d3:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:8B:77:BA:43:B4:13:52:73:08:C9:DD:F4:23:EE:A4:35:5A:4B:2D X509v3 Authority Key Identifier: keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/OIt3ukO0E1JzCMnd9CPupDVaSy0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:ecc0:2000::/36 Signature Algorithm: sha256WithRSAEncryption 19:05:78:2d:2e:d5:72:71:76:2e:06:d4:2d:d8:53:86:4e:d4: e5:fa:95:d5:b4:86:68:df:66:b0:bb:7d:a7:b0:ab:8f:d7:bc: 32:39:2e:ab:7a:52:12:56:2f:c1:c4:3b:61:cf:b2:c6:ac:e0: 5a:d6:63:dd:83:84:ba:ce:17:86:29:28:d2:3b:82:dc:13:81: c7:2d:e7:90:e0:eb:5d:2b:96:1e:18:70:fc:52:3e:18:62:e5: cc:c2:44:06:cd:c6:40:67:67:d4:cb:b9:13:92:3c:c6:4c:65: 93:b1:91:21:73:5f:fd:13:ac:4e:e9:d7:39:6f:4d:70:ef:8e: c5:5b:b7:53:0d:cf:4f:7a:65:5d:d4:d3:bd:d0:17:fe:67:53: 81:b8:77:74:25:fc:92:a3:73:44:20:47:15:f5:a4:92:8a:d9: d0:ea:9a:c6:4d:81:ba:42:98:88:ed:50:6f:54:c0:fd:e4:d0: 50:af:db:b7:93:19:7c:6b:fe:ae:45:1e:d1:62:7a:56:ab:b4: 29:c0:08:cd:93:7b:58:c2:b1:29:e5:39:b6:ab:b9:5b:ce:8b: 4e:ad:94:03:76:b8:9d:01:9a:d1:19:b2:c7:08:b1:1f:55:68: ce:fe:b2:90:7f:66:5f:e9:4a:a8:5d:cc:c4:17:ea:60:31:e7: d3:c4:69:4a -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt+pwiruBrtcdDaJS7VauDAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0 ZWU1YmUwHhcNMjYwMTAyMTIyMDM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODhiNzdiYTQzYjQxMzUyNzMwOGM5ZGRmNDIzZWVhNDM1NWE0YjJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIQt0cjZYp7z0WoO92r9Rna7LQj7 YQshCX8YZ7JOaQFU+27vVWZ+v5dFTYY7/ZjCcF7kvB77ng3QnhaBoK7fz23ZaNzk wfKt1KfbpiRQCOYTs5cw5tZd8jbo9uRnapdR8KJxYUSTKvYIq6oCczypUPAsCNKA H+s+T5Bh6raBtlEQnrayb4sXjDAm73E/xcYoXQyC3N1Q7A7Z1UJDgvrIKAYzWmkA 1scUWSFzEfE5UGnQYwOvasFK1cZXsIJJSZwqSh2hR10qG2Hhf/UyPhOds/9dhbIa 1eg7FlxiLj4IRBQqBwBJlQTUGoSlh4zylbHND4Jiqs2xvuiZBEXCyLLTUQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFDiLd7pDtBNScwjJ3fQj7qQ1WkstMB8GA1UdIwQY MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt NjM0NTE1NDg5NzlkLzEvT0l0M3VrTzBFMUp6Q01uZDlDUHVwRFZhU3kwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgHswCAw DQYJKoZIhvcNAQELBQADggEBABkFeC0u1XJxdi4G1C3YU4ZO1OX6ldW0hmjfZrC7 faewq4/XvDI5Lqt6UhJWL8HEO2HPssas4FrWY92DhLrOF4YpKNI7gtwTgcct55Dg 610rlh4YcPxSPhhi5czCRAbNxkBnZ9TLuROSPMZMZZOxkSFzX/0TrE7p1zlvTXDv jsVbt1MNz096ZV3U073QF/5nU4G4d3Ql/JKjc0QgRxX1pJKK2dDqmsZNgbpCmIjt UG9UwP3k0FCv27eTGXxr/q5FHtFielartCnACM2Te1jCsSnlObaruVvOi06tlAN2 uJ0BmtEZsscIsR9VaM7+spB/Zl/pSqhdzMQX6mAx59PEaUo= -----END CERTIFICATE-----Generated at Sun Jan 25 22:13:22 2026 by rpki-client