This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/c8e20a-589f-44fc-964a-5a694607435e/1/n_wbhjTQEKQYbyBhAiLXuF8aRHE.roa File: n_wbhjTQEKQYbyBhAiLXuF8aRHE.roa (raw, json) Hash identifier: qCMkNN9URM/S++Y4VUWJX4fLpuRES7PHrbUt6B67Juk= Subject key identifier: 9F:FC:1B:86:34:D0:10:A4:18:6F:20:61:02:22:D7:B8:5F:1A:44:71 Certificate issuer: /CN=3a8e07940dcd6344e1a81620bd78a268be9c3798 Certificate serial: 019BE05ED653952D281C70C89854ECD6BC75 Authority key identifier: 3A:8E:07:94:0D:CD:63:44:E1:A8:16:20:BD:78:A2:68:BE:9C:37:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oo4HlA3NY0ThqBYgvXiiaL6cN5g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/c8e20a-589f-44fc-964a-5a694607435e/1/n_wbhjTQEKQYbyBhAiLXuF8aRHE.roa Signing time: Wed 21 Jan 2026 11:44:30 +0000 ROA not before: Wed 21 Jan 2026 11:44:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20712 IP address blocks: 2001:67c:2bc::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/c8e20a-589f-44fc-964a-5a694607435e/1/Oo4HlA3NY0ThqBYgvXiiaL6cN5g.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/c8e20a-589f-44fc-964a-5a694607435e/1/Oo4HlA3NY0ThqBYgvXiiaL6cN5g.mft rsync://rpki.ripe.net/repository/DEFAULT/Oo4HlA3NY0ThqBYgvXiiaL6cN5g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e0:5e:d6:53:95:2d:28:1c:70:c8:98:54:ec:d6:bc:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a8e07940dcd6344e1a81620bd78a268be9c3798 Validity Not Before: Jan 21 11:44:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9ffc1b8634d010a4186f20610222d7b85f1a4471 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:ba:c0:4b:96:55:56:b4:9b:05:5c:1c:df:c6: 95:3d:4d:21:df:4f:5c:65:10:34:41:d1:39:b2:3d: 8b:4e:11:69:d5:ff:44:ed:0f:f5:df:eb:69:3d:b3: 26:38:55:a7:c3:18:4c:d6:1f:30:68:7a:22:69:c7: fb:01:bf:6a:fe:01:1e:d2:d5:de:29:8f:6a:da:f0: 38:52:37:4d:47:99:39:e1:79:77:0f:d9:79:a8:98: df:a9:f0:a1:08:4e:57:a7:1f:ae:8b:ca:41:63:4d: 05:6b:c1:c4:5f:06:6f:6b:5b:b3:d2:d2:a9:4d:86: ee:39:48:be:dd:d7:2e:2a:36:5a:24:16:a6:b2:cf: aa:b0:67:06:78:11:0b:22:31:a5:f7:3b:49:8f:aa: 4a:39:ff:07:ca:af:63:cd:42:08:1b:03:df:08:e3: b8:7c:34:4d:f5:ed:14:c3:75:3d:ba:c6:36:18:ef: 46:be:7c:f6:2a:04:51:6f:70:82:7b:9c:2e:bd:49: 4f:b4:77:0c:43:61:94:3a:6a:15:ee:64:1c:59:42: b2:63:38:52:aa:bf:46:b0:81:7d:8d:b3:f4:3a:82: 44:ca:31:7a:87:51:d7:f0:36:d4:75:5b:62:ef:ee: 09:86:16:82:c0:d1:20:3a:de:19:f5:a1:5f:02:7b: 33:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:FC:1B:86:34:D0:10:A4:18:6F:20:61:02:22:D7:B8:5F:1A:44:71 X509v3 Authority Key Identifier: keyid:3A:8E:07:94:0D:CD:63:44:E1:A8:16:20:BD:78:A2:68:BE:9C:37:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oo4HlA3NY0ThqBYgvXiiaL6cN5g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/c8e20a-589f-44fc-964a-5a694607435e/1/n_wbhjTQEKQYbyBhAiLXuF8aRHE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/c8e20a-589f-44fc-964a-5a694607435e/1/Oo4HlA3NY0ThqBYgvXiiaL6cN5g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:2bc::/48 Signature Algorithm: sha256WithRSAEncryption 8d:f3:bf:43:08:e2:9f:38:71:02:8a:0a:71:8a:6a:62:47:9a: e6:c2:15:5b:54:dc:4c:5f:f1:fe:bd:bc:18:b6:67:e0:4c:da: d2:8d:f5:17:83:2d:53:1e:e6:2e:5a:64:4b:c8:21:38:6c:0b: 80:fe:cb:08:ff:dc:93:cb:f4:a8:cc:5f:d6:35:b7:a9:90:60: 72:bc:5d:f8:7c:17:36:4e:2e:26:13:00:d1:4b:05:8a:75:a3: ba:29:e1:8a:05:b8:fc:57:a4:53:c2:b1:55:53:b5:b3:f9:c5: 3d:bf:8f:81:55:64:cb:41:df:f6:d3:37:15:78:0d:d6:a5:66: 5f:73:ae:62:80:c6:12:62:6e:ff:8b:62:60:0c:a3:22:32:76: 9a:90:e1:3d:61:82:58:00:29:f8:6d:87:c5:33:92:3e:fe:9c: d6:b8:c5:aa:36:d4:12:3f:a2:77:72:1c:63:b6:c0:7d:2d:37: 3c:f9:c8:c0:d6:ed:47:52:6c:68:40:a2:cd:76:ea:be:97:85: 77:fc:9d:9d:18:c7:9a:13:95:4d:49:0a:be:81:c3:42:ee:8f: 52:9b:a7:ad:4d:db:2f:35:66:97:a5:99:4e:2a:1c:be:96:2a: 60:af:74:9e:a1:24:36:cb:8d:29:86:8a:4b:b8:5d:09:d9:55: c9:c4:61:8c -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZvgXtZTlS0oHHDImFTs1rx1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhOGUwNzk0MGRjZDYzNDRlMWE4MTYyMGJkNzhhMjY4YmU5 YzM3OTgwHhcNMjYwMTIxMTE0NDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZmZjMWI4NjM0ZDAxMGE0MTg2ZjIwNjEwMjIyZDdiODVmMWE0NDcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLrAS5ZVVrSbBVwc38aVPU0h309c ZRA0QdE5sj2LThFp1f9E7Q/13+tpPbMmOFWnwxhM1h8waHoiacf7Ab9q/gEe0tXe KY9q2vA4UjdNR5k54Xl3D9l5qJjfqfChCE5Xpx+ui8pBY00Fa8HEXwZva1uz0tKp TYbuOUi+3dcuKjZaJBamss+qsGcGeBELIjGl9ztJj6pKOf8Hyq9jzUIIGwPfCOO4 fDRN9e0Uw3U9usY2GO9Gvnz2KgRRb3CCe5wuvUlPtHcMQ2GUOmoV7mQcWUKyYzhS qr9GsIF9jbP0OoJEyjF6h1HX8DbUdVti7+4JhhaCwNEgOt4Z9aFfAnsz2QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJ/8G4Y00BCkGG8gYQIi17hfGkRxMB8GA1UdIwQY MBaAFDqOB5QNzWNE4agWIL14omi+nDeYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT280SGxBM05ZMFRocUJZZ3ZYaWlhTDZjTjVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9jOGUyMGEtNTg5Zi00NGZjLTk2NGEt NWE2OTQ2MDc0MzVlLzEvbl93YmhqVFFFS1FZYnlCaEFpTFh1RjhhUkhFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC9jOGUyMGEtNTg5Zi00NGZjLTk2NGEtNWE2OTQ2MDc0MzVl LzEvT280SGxBM05ZMFRocUJZZ3ZYaWlhTDZjTjVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAK8 MA0GCSqGSIb3DQEBCwUAA4IBAQCN879DCOKfOHECigpximpiR5rmwhVbVNxMX/H+ vbwYtmfgTNrSjfUXgy1THuYuWmRLyCE4bAuA/ssI/9yTy/SozF/WNbepkGByvF34 fBc2Ti4mEwDRSwWKdaO6KeGKBbj8V6RTwrFVU7Wz+cU9v4+BVWTLQd/20zcVeA3W pWZfc65igMYSYm7/i2JgDKMiMnaakOE9YYJYACn4bYfFM5I+/pzWuMWqNtQSP6J3 chxjtsB9LTc8+cjA1u1HUmxoQKLNduq+l4V3/J2dGMeaE5VNSQq+gcNC7o9Sm6et TdsvNWaXpZlOKhy+lipgr3SeoSQ2y40phopLuF0J2VXJxGGM -----END CERTIFICATE-----Generated at Sun Jan 25 20:47:20 2026 by rpki-client