This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/299VDXb908RrjfhJ-5_K9PQZ2OU.roa File: 299VDXb908RrjfhJ-5_K9PQZ2OU.roa (raw, json) Hash identifier: JgnN5hmKTxIWi7DhnDUs85H4h2Usx3B4vuW3SXCz/uM= Subject key identifier: DB:DF:55:0D:76:FD:D3:C4:6B:8D:F8:49:FB:9F:CA:F4:F4:19:D8:E5 Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3 Certificate serial: 019B7BA5224966EB2ED47BA36A99E53630B8 Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/299VDXb908RrjfhJ-5_K9PQZ2OU.roa Signing time: Thu 01 Jan 2026 22:19:38 +0000 ROA not before: Thu 01 Jan 2026 22:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207021 IP address blocks: 2a04:2b00:14cc::/48 maxlen: 48 2a04:2b00:14dd::/48 maxlen: 48 2a04:2b00:14ee::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.mft rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:22:49:66:eb:2e:d4:7b:a3:6a:99:e5:36:30:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3 Validity Not Before: Jan 1 22:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dbdf550d76fdd3c46b8df849fb9fcaf4f419d8e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:0c:99:47:6e:14:93:af:8f:40:81:91:36:53: aa:26:ee:62:95:eb:7d:c7:89:3a:17:ac:29:ed:8a: 85:24:62:12:12:c2:bd:38:6b:39:9d:b1:d9:14:b2: 14:6c:c7:56:57:0c:da:fe:a6:4d:4d:ba:b9:46:3c: d7:31:d2:c1:06:67:18:ca:17:65:fd:86:c3:92:ed: 2b:6e:1c:5b:e6:e4:73:d0:3c:81:df:f9:e5:1b:2d: 50:80:bf:2b:c7:63:b0:81:b8:20:bd:44:f4:88:cd: d7:de:d6:79:f7:bf:28:d2:2d:4e:79:a6:2e:43:c4: 38:83:ee:66:1d:ad:13:6b:68:9d:7d:91:b0:bc:32: d7:b7:14:59:f6:a1:ab:91:08:0f:8d:75:72:0c:9a: cb:bd:41:25:dc:28:5a:9f:35:51:15:f2:67:e7:40: 1d:dd:a1:f8:2c:1f:26:a2:d6:d9:59:9e:65:45:b4: a4:f4:5c:c4:27:1c:89:e8:ff:2a:7b:73:1e:23:31: 16:bd:2d:cf:e3:61:98:5e:21:77:38:02:14:65:5e: 64:fa:18:10:17:65:68:12:11:93:27:60:d8:f1:c1: 40:1d:e2:35:38:3a:d7:2e:0c:ad:a9:7a:a4:1f:83: 02:81:f4:34:6e:26:a2:5f:79:08:3e:c9:40:dc:16: d9:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:DF:55:0D:76:FD:D3:C4:6B:8D:F8:49:FB:9F:CA:F4:F4:19:D8:E5 X509v3 Authority Key Identifier: keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/299VDXb908RrjfhJ-5_K9PQZ2OU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a04:2b00:14cc::/48 2a04:2b00:14dd::/48 2a04:2b00:14ee::/48 Signature Algorithm: sha256WithRSAEncryption 64:66:fe:df:d1:bb:04:e3:9a:f5:4b:b8:87:b7:cb:35:37:9b: 71:52:97:a7:73:e7:f7:1c:a5:d8:83:70:8f:f5:54:bf:28:2a: 86:c7:80:53:5a:d4:c1:64:c5:3d:55:92:b0:ad:af:09:38:d1: 70:62:68:37:79:ce:ba:41:d5:a4:92:20:66:57:06:de:54:0b: ab:7b:b3:f2:2e:72:0b:5a:e7:fc:8d:fb:a4:bc:ef:12:71:59: 77:82:cc:f9:d7:c0:1a:ca:d9:b9:20:fb:fb:67:52:f2:14:6f: aa:6b:b2:44:7a:1b:ea:bb:63:d5:e7:a3:5e:09:a1:13:15:9e: 6a:3f:c0:a4:49:fa:03:04:a9:ac:72:84:97:8d:0b:90:09:ae: b7:2d:10:ca:8f:7b:e1:53:83:93:e3:3a:ee:53:a3:c1:e1:45: 7c:dd:0f:6d:7b:e1:5a:31:7d:ab:3e:69:48:c9:d7:29:ae:fa: 44:9a:0e:ad:08:db:b2:18:bf:6a:b8:bb:93:14:e6:2c:35:6a: b5:c9:df:9a:4e:7b:5a:80:ad:87:e8:f2:42:1f:06:90:3f:c9: f4:24:63:e7:dd:62:55:d9:bd:b8:49:1b:c4:0f:7a:25:66:24: 90:f6:ae:0c:be:b5:67:05:b6:e2:6a:44:f2:b5:92:4b:92:f4: 98:92:dc:48 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7pSJJZusu1HujapnlNjC4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3 ZGY4ZDMwHhcNMjYwMTAxMjIxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYmRmNTUwZDc2ZmRkM2M0NmI4ZGY4NDlmYjlmY2FmNGY0MTlkOGU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAyZR24Uk6+PQIGRNlOqJu5ilet9 x4k6F6wp7YqFJGISEsK9OGs5nbHZFLIUbMdWVwza/qZNTbq5RjzXMdLBBmcYyhdl /YbDku0rbhxb5uRz0DyB3/nlGy1QgL8rx2OwgbggvUT0iM3X3tZ5978o0i1OeaYu Q8Q4g+5mHa0Ta2idfZGwvDLXtxRZ9qGrkQgPjXVyDJrLvUEl3ChanzVRFfJn50Ad 3aH4LB8motbZWZ5lRbSk9FzEJxyJ6P8qe3MeIzEWvS3P42GYXiF3OAIUZV5k+hgQ F2VoEhGTJ2DY8cFAHeI1ODrXLgytqXqkH4MCgfQ0biaiX3kIPslA3BbZ+QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNvfVQ12/dPEa434SfufyvT0GdjlMB8GA1UdIwQY MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt MDUzOGU5NWYzZjEyLzEvMjk5VkRYYjkwOFJyamZoSi01X0s5UFFaMk9VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgQrABTM AwcAKgQrABTdAwcAKgQrABTuMA0GCSqGSIb3DQEBCwUAA4IBAQBkZv7f0bsE45r1 S7iHt8s1N5txUpenc+f3HKXYg3CP9VS/KCqGx4BTWtTBZMU9VZKwra8JONFwYmg3 ec66QdWkkiBmVwbeVAure7PyLnILWuf8jfukvO8ScVl3gsz518Aaytm5IPv7Z1Ly FG+qa7JEehvqu2PV56NeCaETFZ5qP8CkSfoDBKmscoSXjQuQCa63LRDKj3vhU4OT 4zruU6PB4UV83Q9te+FaMX2rPmlIydcprvpEmg6tCNuyGL9quLuTFOYsNWq1yd+a TntagK2H6PJCHwaQP8n0JGPn3WJV2b24SRvED3olZiSQ9q4MvrVnBbbiakTytZJL kvSYktxI -----END CERTIFICATE-----Generated at Mon Jan 26 21:17:39 2026 by rpki-client