This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/SuJb0HpRFGi9UuUXaLPYJ4R7Poo.roa File: SuJb0HpRFGi9UuUXaLPYJ4R7Poo.roa (raw, json) Hash identifier: FRsrBMpWirVSEHhW/WJJlI37os8wGABewXuo9qZuhxk= Subject key identifier: 4A:E2:5B:D0:7A:51:14:68:BD:52:E5:17:68:B3:D8:27:84:7B:3E:8A Certificate issuer: /CN=dd2a1217673eb11ca98a35139520407c9768dfc3 Certificate serial: 019B7DC9D822D38BA1E78B813A6F2ACAC8E3 Authority key identifier: DD:2A:12:17:67:3E:B1:1C:A9:8A:35:13:95:20:40:7C:97:68:DF:C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SoSF2c-sRypijUTlSBAfJdo38M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/SuJb0HpRFGi9UuUXaLPYJ4R7Poo.roa Signing time: Fri 02 Jan 2026 08:18:58 +0000 ROA not before: Fri 02 Jan 2026 08:18:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15943 IP address blocks: 2a0b:29c0:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/3SoSF2c-sRypijUTlSBAfJdo38M.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/3SoSF2c-sRypijUTlSBAfJdo38M.mft rsync://rpki.ripe.net/repository/DEFAULT/3SoSF2c-sRypijUTlSBAfJdo38M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 14:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:d8:22:d3:8b:a1:e7:8b:81:3a:6f:2a:ca:c8:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd2a1217673eb11ca98a35139520407c9768dfc3 Validity Not Before: Jan 2 08:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4ae25bd07a511468bd52e51768b3d827847b3e8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:49:f5:00:fd:22:7c:aa:14:35:cf:6f:31:a3: 59:c1:3c:44:cf:4c:d4:45:13:24:5d:00:4a:b5:c3: bd:08:c6:ad:90:fb:b3:7f:b2:3d:29:6b:84:eb:b6: 09:97:a2:12:eb:c1:cc:18:61:44:6b:fb:68:de:0c: 1a:d5:23:20:4d:89:c4:64:26:78:15:d8:7f:9a:36: 59:e9:30:7f:75:98:bc:1c:19:5b:60:6e:d3:1d:a6: e0:92:16:e2:36:5e:6f:a2:c5:1b:85:25:56:6c:39: e8:08:29:e3:3f:2b:e7:a9:1b:e8:55:a1:89:0a:e7: e3:5c:cb:3f:f9:40:d7:5c:ea:5d:38:ac:ee:40:67: de:c8:eb:70:08:c4:ac:bb:af:d8:62:9c:44:f2:9d: 8f:f6:2e:5d:97:63:32:97:35:fc:23:f4:2b:0e:97: 1b:7a:bd:de:fc:e1:43:af:09:e0:b6:c6:8a:0a:36: 39:bf:3a:d8:31:e0:39:fa:8f:11:bc:f6:ed:5f:ab: ce:0d:a2:98:21:c2:e6:9a:db:a7:e2:17:0a:2d:4a: 80:fc:35:a6:36:75:7d:90:d8:82:b5:cc:84:a0:af: ce:5e:22:ad:aa:95:09:b5:21:8c:82:f6:58:84:71: d1:0e:ce:a8:3d:1d:84:ae:c2:0e:fd:a7:c6:2f:42: b6:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:E2:5B:D0:7A:51:14:68:BD:52:E5:17:68:B3:D8:27:84:7B:3E:8A X509v3 Authority Key Identifier: keyid:DD:2A:12:17:67:3E:B1:1C:A9:8A:35:13:95:20:40:7C:97:68:DF:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SoSF2c-sRypijUTlSBAfJdo38M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/SuJb0HpRFGi9UuUXaLPYJ4R7Poo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/4a93c6-170a-4aa2-8dfc-6b9641823ca4/1/3SoSF2c-sRypijUTlSBAfJdo38M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:29c0:1::/48 Signature Algorithm: sha256WithRSAEncryption 8a:86:e4:8a:7a:de:60:a7:54:0f:a3:79:f6:6f:51:73:49:bf: b8:6d:90:72:f4:76:4a:51:bc:ac:d8:65:ff:ea:c9:0a:70:46: 8e:84:5f:a7:fb:74:88:99:a1:09:44:c1:1e:81:03:59:17:9e: eb:3c:35:bc:df:5a:be:86:d0:71:51:8c:79:54:b6:7e:5d:5c: 66:20:05:a2:e8:52:e8:9e:8b:f8:09:77:56:d8:45:73:03:1c: 54:cc:9f:b9:44:65:90:1d:8e:6a:0a:77:42:7d:c2:f7:89:80: 96:38:7d:3b:cc:28:aa:73:af:e0:20:e2:f3:3b:48:5d:a8:55: 6c:91:92:11:f0:0f:b2:29:41:d8:e0:0a:99:b6:16:73:b6:d5: ca:5f:fe:e9:c0:4f:d6:cb:51:29:e6:7e:07:42:a4:6d:3f:d7: 0c:72:3a:a6:56:2f:a0:ab:51:90:3b:d3:54:fe:1d:43:03:d2: d7:0a:76:78:75:70:48:17:3f:d7:ba:7f:96:f0:da:eb:0c:bf: 9f:99:6f:01:48:54:57:a9:f4:f9:8c:10:c9:12:6f:fa:76:bd: 84:f2:bf:81:73:32:ea:ff:90:6f:f3:1b:6d:6a:9b:c9:93:b9: e5:94:96:c1:72:3a:0a:1f:87:4d:92:52:b4:69:d2:c7:6f:97: 5a:0d:a4:2b -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9ydgi04uh54uBOm8qysjjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkMmExMjE3NjczZWIxMWNhOThhMzUxMzk1MjA0MDdjOTc2 OGRmYzMwHhcNMjYwMTAyMDgxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YWUyNWJkMDdhNTExNDY4YmQ1MmU1MTc2OGIzZDgyNzg0N2IzZThhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEn1AP0ifKoUNc9vMaNZwTxEz0zU RRMkXQBKtcO9CMatkPuzf7I9KWuE67YJl6IS68HMGGFEa/to3gwa1SMgTYnEZCZ4 Fdh/mjZZ6TB/dZi8HBlbYG7THabgkhbiNl5vosUbhSVWbDnoCCnjPyvnqRvoVaGJ CufjXMs/+UDXXOpdOKzuQGfeyOtwCMSsu6/YYpxE8p2P9i5dl2MylzX8I/QrDpcb er3e/OFDrwngtsaKCjY5vzrYMeA5+o8RvPbtX6vODaKYIcLmmtun4hcKLUqA/DWm NnV9kNiCtcyEoK/OXiKtqpUJtSGMgvZYhHHRDs6oPR2ErsIO/afGL0K2fQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFEriW9B6URRovVLlF2iz2CeEez6KMB8GA1UdIwQY MBaAFN0qEhdnPrEcqYo1E5UgQHyXaN/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1NvU0YyYy1zUnlwaWpVVGxTQkFmSmRvMzhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80YTkzYzYtMTcwYS00YWEyLThkZmMt NmI5NjQxODIzY2E0LzEvU3VKYjBIcFJGR2k5VXVVWGFMUFlKNFI3UG9vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS80YTkzYzYtMTcwYS00YWEyLThkZmMtNmI5NjQxODIzY2E0 LzEvM1NvU0YyYy1zUnlwaWpVVGxTQkFmSmRvMzhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgspwAAB MA0GCSqGSIb3DQEBCwUAA4IBAQCKhuSKet5gp1QPo3n2b1FzSb+4bZBy9HZKUbys 2GX/6skKcEaOhF+n+3SImaEJRMEegQNZF57rPDW831q+htBxUYx5VLZ+XVxmIAWi 6FLonov4CXdW2EVzAxxUzJ+5RGWQHY5qCndCfcL3iYCWOH07zCiqc6/gIOLzO0hd qFVskZIR8A+yKUHY4AqZthZzttXKX/7pwE/Wy1Ep5n4HQqRtP9cMcjqmVi+gq1GQ O9NU/h1DA9LXCnZ4dXBIFz/Xun+W8NrrDL+fmW8BSFRXqfT5jBDJEm/6dr2E8r+B czLq/5Bv8xttapvJk7nllJbBcjoKH4dNklK0adLHb5daDaQr -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:50 2026 by rpki-client