This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/qUTKfMDduS5G83IwddW0Srvow3k.roa File: qUTKfMDduS5G83IwddW0Srvow3k.roa (raw, json) Hash identifier: cOBAb4cGXrEFXoWSmcqXtalPKxlVlDLrCL2/MXUlMlg= Subject key identifier: A9:44:CA:7C:C0:DD:B9:2E:46:F3:72:30:75:D5:B4:4A:BB:E8:C3:79 Certificate issuer: /CN=351a14ce9d25239b92fe5abce532515044c1aba4 Certificate serial: 019B7DCB0F1CAAC7131AD493717F62C52818 Authority key identifier: 35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/qUTKfMDduS5G83IwddW0Srvow3k.roa Signing time: Fri 02 Jan 2026 08:20:18 +0000 ROA not before: Fri 02 Jan 2026 08:20:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216249 IP address blocks: 2a05:91c3:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.mft rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:0f:1c:aa:c7:13:1a:d4:93:71:7f:62:c5:28:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=351a14ce9d25239b92fe5abce532515044c1aba4 Validity Not Before: Jan 2 08:20:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a944ca7cc0ddb92e46f3723075d5b44abbe8c379 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ef:31:6c:42:9b:70:23:f2:59:f8:9a:11:0c: 83:80:2d:9a:29:87:a8:e3:b7:fd:73:40:08:c1:f6: 8f:ed:90:71:52:4b:60:7d:c9:28:5a:29:e8:83:26: d8:09:27:6e:37:54:db:7a:98:91:bc:fa:62:32:67: 09:78:f7:9a:ef:38:9c:7b:2e:ae:06:8d:21:6a:54: 1c:45:99:38:78:fb:30:a1:cb:f1:7e:23:a2:39:8f: ae:15:cd:6c:4a:cf:92:de:e5:0c:e8:10:13:52:9a: db:db:b5:9a:0e:b6:57:96:dc:99:cf:0a:74:6e:df: 87:ca:5d:ab:9c:e5:c9:a5:ab:71:c0:3b:f5:00:2d: 9b:16:9a:b6:2d:11:82:c4:65:38:26:55:83:fd:04: 90:3b:5f:4e:fb:90:e0:68:85:18:17:63:5a:b5:fd: e3:5c:84:05:3b:13:ac:d3:32:72:df:9b:cd:15:0b: 2d:eb:64:16:61:b6:d7:06:a0:45:25:19:bc:ae:03: 89:67:8c:4c:84:85:62:cd:6e:b3:bd:fa:32:01:97: f8:f1:3e:8c:ec:8e:72:5a:eb:80:c0:58:cc:1d:db: cf:3a:d3:40:5e:3a:2d:82:00:78:09:d2:27:f6:e2: 69:a5:f0:e7:21:d7:04:a9:c6:fe:87:0a:3d:f3:27: 44:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:44:CA:7C:C0:DD:B9:2E:46:F3:72:30:75:D5:B4:4A:BB:E8:C3:79 X509v3 Authority Key Identifier: keyid:35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/qUTKfMDduS5G83IwddW0Srvow3k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:91c3:3::/48 Signature Algorithm: sha256WithRSAEncryption 5a:e2:19:11:8d:70:b0:1a:a0:6b:ab:7d:90:a5:05:2c:bf:30: b6:07:f9:75:f3:5e:24:eb:5f:98:98:1c:f4:61:f6:99:a1:c5: ee:6e:46:68:20:2e:96:6a:a7:6f:51:4c:81:2f:cd:e8:79:d1: 54:13:57:ba:8e:3b:62:ca:7b:15:36:09:d9:87:8b:97:28:4d: 44:a9:09:be:81:bc:e7:10:9f:22:aa:de:a1:d5:40:e4:f2:e8: ca:d2:77:71:5c:fa:67:d0:69:22:b0:52:81:94:7a:1a:c5:07: 47:ff:55:de:d1:43:63:7e:18:d4:0a:4d:d4:f1:51:20:30:db: 0a:72:7c:61:f7:97:ad:0d:70:fe:83:9c:b5:cc:d4:c5:7f:df: ca:57:5b:14:1f:15:76:e9:93:17:a0:d6:b9:6a:62:40:5d:e8: 6d:31:a1:d1:c2:0d:19:0a:aa:94:dd:2a:a4:c8:a6:6b:75:bc: 43:d0:0a:2e:0e:50:05:8c:b5:17:85:78:42:a1:08:ea:82:7b: 7d:0a:af:ad:60:14:cb:b0:df:3c:10:15:9a:6a:48:a9:ba:45: 97:af:11:5c:45:0a:88:9e:12:9f:6a:0f:22:9c:46:fe:5f:2f: 97:f6:a9:ee:2a:c7:fd:c2:35:28:d1:b3:76:da:00:de:b9:17: d7:23:14:5e -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9yw8cqscTGtSTcX9ixSgYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MWExNGNlOWQyNTIzOWI5MmZlNWFiY2U1MzI1MTUwNDRj MWFiYTQwHhcNMjYwMTAyMDgyMDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhOTQ0Y2E3Y2MwZGRiOTJlNDZmMzcyMzA3NWQ1YjQ0YWJiZThjMzc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzu8xbEKbcCPyWfiaEQyDgC2aKYeo 47f9c0AIwfaP7ZBxUktgfckoWinogybYCSduN1TbepiRvPpiMmcJePea7zicey6u Bo0halQcRZk4ePswocvxfiOiOY+uFc1sSs+S3uUM6BATUprb27WaDrZXltyZzwp0 bt+Hyl2rnOXJpatxwDv1AC2bFpq2LRGCxGU4JlWD/QSQO19O+5DgaIUYF2Natf3j XIQFOxOs0zJy35vNFQst62QWYbbXBqBFJRm8rgOJZ4xMhIVizW6zvfoyAZf48T6M 7I5yWuuAwFjMHdvPOtNAXjotggB4CdIn9uJppfDnIdcEqcb+hwo98ydEdQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFKlEynzA3bkuRvNyMHXVtEq76MN5MB8GA1UdIwQY MBaAFDUaFM6dJSObkv5avOUyUVBEwaukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEt Mjk1Mzg5NGIxZjZkLzEvcVVUS2ZNRGR1UzVHODNJd2RkVzBTcnZvdzNrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEtMjk1Mzg5NGIxZjZk LzEvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWRwwAD MA0GCSqGSIb3DQEBCwUAA4IBAQBa4hkRjXCwGqBrq32QpQUsvzC2B/l1814k61+Y mBz0YfaZocXubkZoIC6WaqdvUUyBL83oedFUE1e6jjtiynsVNgnZh4uXKE1EqQm+ gbznEJ8iqt6h1UDk8ujK0ndxXPpn0GkisFKBlHoaxQdH/1Xe0UNjfhjUCk3U8VEg MNsKcnxh95etDXD+g5y1zNTFf9/KV1sUHxV26ZMXoNa5amJAXehtMaHRwg0ZCqqU 3SqkyKZrdbxD0AouDlAFjLUXhXhCoQjqgnt9Cq+tYBTLsN88EBWaakipukWXrxFc RQqInhKfag8inEb+Xy+X9qnuKsf9wjUo0bN22gDeuRfXIxRe -----END CERTIFICATE-----Generated at Mon Jan 26 04:39:29 2026 by rpki-client