This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/nd38Jl9GS-ovNl5OsKJkN0mvFuk.roa File: nd38Jl9GS-ovNl5OsKJkN0mvFuk.roa (raw, json) Hash identifier: +a+k3S7OpdnAaL3kda9OiF2GoFJVq8WjQucpO4FYUeI= Subject key identifier: 9D:DD:FC:26:5F:46:4B:EA:2F:36:5E:4E:B0:A2:64:37:49:AF:16:E9 Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019BE0FBC6FA7D1F71188EA5D5B51741AAC4 Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/nd38Jl9GS-ovNl5OsKJkN0mvFuk.roa Signing time: Wed 21 Jan 2026 14:35:55 +0000 ROA not before: Wed 21 Jan 2026 14:35:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210881 IP address blocks: 2a12:bec4:1ea0::/44 maxlen: 44 2a12:bec4:1eb0::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e0:fb:c6:fa:7d:1f:71:18:8e:a5:d5:b5:17:41:aa:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 21 14:35:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9dddfc265f464bea2f365e4eb0a2643749af16e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:b8:72:29:4b:bb:d6:55:35:42:ad:df:fd:ef: e5:9d:db:0e:33:6f:0f:ba:90:52:b9:59:17:f2:19: 0e:b2:03:31:fc:81:2c:c3:86:a4:ce:8f:3e:33:89: 40:99:a8:f5:0f:d8:c4:d5:ee:10:45:0c:b6:bb:60: 92:82:9a:05:ed:79:1b:e3:90:5f:f7:18:1c:c0:23: b6:d1:e0:48:3f:ec:f7:8a:74:bd:5b:97:b7:5b:99: f9:98:e2:86:75:68:3a:09:56:f9:32:86:f2:95:1d: 56:a5:b7:a7:b4:a2:fd:98:aa:95:56:e6:ff:4e:f3: 48:45:62:3c:4f:9f:c8:76:be:f9:5e:3d:e5:74:69: 1f:f8:21:41:93:f7:ff:43:f8:2a:da:2e:ee:4d:51: 68:cd:39:1d:5d:3e:dd:54:13:37:4c:b8:45:42:16: 05:03:af:de:bb:0d:a6:e8:7e:97:b5:23:09:35:4c: 8b:7c:d8:c5:d5:1e:45:1b:26:8e:e6:fb:a9:d5:9c: f6:fc:1a:c3:39:87:09:a9:6f:b6:e9:fb:52:56:40: 81:d9:85:1a:55:76:ae:3b:e7:66:6f:5d:c5:3c:d4: 1f:66:10:0a:17:35:b5:d0:ca:11:6e:68:db:68:b0: 8b:44:3f:17:65:2b:d6:0b:8e:54:8d:df:7f:89:fe: ac:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:DD:FC:26:5F:46:4B:EA:2F:36:5E:4E:B0:A2:64:37:49:AF:16:E9 X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/nd38Jl9GS-ovNl5OsKJkN0mvFuk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec4:1ea0::/43 Signature Algorithm: sha256WithRSAEncryption 97:11:60:5a:c7:03:12:26:5c:98:88:53:60:22:7e:09:e4:dd: 07:3e:ed:a9:c7:3b:b0:d2:23:0c:d1:3e:22:b2:a1:88:47:fe: 3b:8d:70:0c:b5:21:42:17:01:c9:bf:e6:cb:62:7b:34:db:70: 77:9d:f8:d6:6a:db:f5:9c:57:01:d3:90:e6:7a:00:4c:31:15: 6f:30:9e:27:0c:ca:d9:4c:19:8e:9d:63:05:a4:f5:1a:66:67: 29:9f:bf:de:eb:f0:fd:0d:9f:2a:21:e9:4f:83:28:02:72:78: e7:0c:88:aa:c8:e8:f5:93:97:5d:05:46:ec:09:7d:1e:95:9b: 57:15:03:ed:4b:db:e6:19:fc:a9:6e:61:a3:64:fc:03:f3:34: 74:9b:8d:e2:2e:3a:74:28:fd:59:d5:95:29:a4:fa:fd:3e:61: 34:d8:4a:29:04:f5:47:0d:9d:11:19:db:07:35:b3:e5:96:bd: b5:d8:a5:0a:98:bd:8f:d3:26:21:4c:ee:fd:aa:5b:a1:85:b3: ec:c1:47:98:f8:af:e0:d7:1b:85:50:10:ff:3a:be:cb:81:6f: b5:fd:85:55:4b:a4:b8:88:3d:34:4b:fb:a3:0a:38:6f:9b:e7: aa:d1:3d:dd:e9:7e:19:87:ec:bb:92:d8:91:f4:56:ff:f0:22: 52:95:b4:da -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZvg+8b6fR9xGI6l1bUXQarEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTIxMTQzNTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZGRkZmMyNjVmNDY0YmVhMmYzNjVlNGViMGEyNjQzNzQ5YWYxNmU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibhyKUu71lU1Qq3f/e/lndsOM28P upBSuVkX8hkOsgMx/IEsw4akzo8+M4lAmaj1D9jE1e4QRQy2u2CSgpoF7Xkb45Bf 9xgcwCO20eBIP+z3inS9W5e3W5n5mOKGdWg6CVb5MobylR1WpbentKL9mKqVVub/ TvNIRWI8T5/Idr75Xj3ldGkf+CFBk/f/Q/gq2i7uTVFozTkdXT7dVBM3TLhFQhYF A6/euw2m6H6XtSMJNUyLfNjF1R5FGyaO5vup1Zz2/BrDOYcJqW+26ftSVkCB2YUa VXauO+dmb13FPNQfZhAKFzW10MoRbmjbaLCLRD8XZSvWC45Ujd9/if6sWQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJ3d/CZfRkvqLzZeTrCiZDdJrxbpMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvbmQzOEpsOUdTLW92Tmw1T3NLSmtOMG12RnVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcFKhK+xB6g MA0GCSqGSIb3DQEBCwUAA4IBAQCXEWBaxwMSJlyYiFNgIn4J5N0HPu2pxzuw0iMM 0T4isqGIR/47jXAMtSFCFwHJv+bLYns023B3nfjWatv1nFcB05DmegBMMRVvMJ4n DMrZTBmOnWMFpPUaZmcpn7/e6/D9DZ8qIelPgygCcnjnDIiqyOj1k5ddBUbsCX0e lZtXFQPtS9vmGfypbmGjZPwD8zR0m43iLjp0KP1Z1ZUppPr9PmE02EopBPVHDZ0R GdsHNbPllr212KUKmL2P0yYhTO79qluhhbPswUeY+K/g1xuFUBD/Or7LgW+1/YVV S6S4iD00S/ujCjhvm+eq0T3d6X4Zh+y7ktiR9Fb/8CJSlbTa -----END CERTIFICATE-----Generated at Sun Jan 25 09:41:14 2026 by rpki-client