This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/0j8mKPNVQTMhrPMoTB8vqumItaY.roa File: 0j8mKPNVQTMhrPMoTB8vqumItaY.roa (raw, json) Hash identifier: RfwfX7kQEbOpbeZ05eE31bx2DYFysCnm/nQLdjd7Xnk= Subject key identifier: D2:3F:26:28:F3:55:41:33:21:AC:F3:28:4C:1F:2F:AA:E9:88:B5:A6 Certificate issuer: /CN=0e64f81b9e36b849917787678d014db4bfcef311 Certificate serial: 019B78A2A88578F54AA8CED77F4D08C1153C Authority key identifier: 0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/0j8mKPNVQTMhrPMoTB8vqumItaY.roa Signing time: Thu 01 Jan 2026 08:18:04 +0000 ROA not before: Thu 01 Jan 2026 08:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 138181 IP address blocks: 2a12:a307:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.mft rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 11:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:a8:85:78:f5:4a:a8:ce:d7:7f:4d:08:c1:15:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e64f81b9e36b849917787678d014db4bfcef311 Validity Not Before: Jan 1 08:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d23f2628f355413321acf3284c1f2faae988b5a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:89:b9:17:89:2d:71:ad:13:62:7f:4d:53:03: a2:65:a8:45:0f:2d:17:49:c5:5c:4b:1a:69:d1:cd: 92:6e:2e:27:24:03:f9:6f:c1:75:78:fb:bf:28:04: 17:31:78:21:b2:b3:b7:b8:bc:e7:53:3a:7e:0b:19: 2f:67:3a:f0:83:ff:31:37:86:6f:d1:80:57:96:bd: 44:97:c1:7e:40:13:d4:8c:d8:62:6d:6e:73:95:1d: c2:40:6e:a7:86:62:7c:f8:f2:ad:bd:42:6a:36:48: d2:a0:c6:5e:02:07:3a:07:dd:b7:02:7c:0a:36:0a: a2:86:37:2c:3d:62:b9:3a:d5:91:d7:aa:e9:3d:eb: 57:3f:20:90:d4:17:b3:95:0f:62:9b:21:c4:02:f3: 7e:b6:c4:1f:5d:b9:08:b0:e4:3f:b2:84:be:9e:5b: 84:af:f2:c4:9e:15:d7:43:77:c5:cb:f2:e2:cc:c2: 33:ef:7e:6e:03:0c:86:c1:92:41:e9:41:a1:e4:78: 5f:f2:dc:8f:8f:e3:4d:c1:a8:9d:b8:16:ca:81:64: 44:2c:f0:59:fd:5a:69:e8:dc:88:07:91:af:97:11: cc:49:03:ad:a5:de:cf:b4:bd:e4:4b:29:90:6d:16: f2:15:72:a3:c3:a8:b4:5d:68:ac:22:1d:c1:36:60: 96:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:3F:26:28:F3:55:41:33:21:AC:F3:28:4C:1F:2F:AA:E9:88:B5:A6 X509v3 Authority Key Identifier: keyid:0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/0j8mKPNVQTMhrPMoTB8vqumItaY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:a307:3::/48 Signature Algorithm: sha256WithRSAEncryption 55:d6:fa:5c:f1:4c:80:10:c1:86:5c:5c:85:c1:df:21:a0:a1: 0d:f9:86:ea:ad:fa:8d:2e:37:60:4d:52:90:3f:21:58:e8:15: 92:15:49:e6:c8:4c:5e:93:d8:be:45:e2:a7:9c:75:0d:e2:2d: c7:e0:bd:73:71:7e:c8:03:2c:bc:93:20:de:2c:2a:dd:34:58: a3:ba:49:9e:62:9f:7d:24:39:b3:d6:18:9e:4a:42:d9:63:d2: 8e:8e:a4:d2:2c:bb:42:79:c5:5b:91:1e:7a:ef:3f:88:db:96: e3:48:f9:39:ff:e6:4b:8f:21:ae:67:89:f2:15:bf:1f:a7:2c: db:38:27:d8:3d:cb:29:cd:96:34:32:1f:1a:8e:08:ee:99:49: 74:94:2c:f6:0d:3b:5d:36:21:72:1f:4b:93:6b:5c:8a:19:42: 2f:24:b1:5b:6e:80:43:49:0c:29:67:59:54:5a:b0:72:80:1d: 0f:b0:c4:ec:f2:d9:88:83:2b:ef:18:5e:33:45:52:53:9b:45: 98:0c:e8:86:f2:c4:7b:1d:67:77:5c:31:e3:ec:08:eb:8f:aa: 8a:05:84:5d:38:ec:6b:36:d9:ac:9d:c5:d0:b2:6d:77:57:c1: 37:e9:2e:a8:5b:cd:63:52:d4:48:b9:15:cf:01:f4:79:da:85: 54:19:93:59 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt4oqiFePVKqM7Xf00IwRU8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlNjRmODFiOWUzNmI4NDk5MTc3ODc2NzhkMDE0ZGI0YmZj ZWYzMTEwHhcNMjYwMTAxMDgxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMjNmMjYyOGYzNTU0MTMzMjFhY2YzMjg0YzFmMmZhYWU5ODhiNWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4m5F4ktca0TYn9NUwOiZahFDy0X ScVcSxpp0c2Sbi4nJAP5b8F1ePu/KAQXMXghsrO3uLznUzp+CxkvZzrwg/8xN4Zv 0YBXlr1El8F+QBPUjNhibW5zlR3CQG6nhmJ8+PKtvUJqNkjSoMZeAgc6B923AnwK NgqihjcsPWK5OtWR16rpPetXPyCQ1BezlQ9imyHEAvN+tsQfXbkIsOQ/soS+nluE r/LEnhXXQ3fFy/LizMIz735uAwyGwZJB6UGh5Hhf8tyPj+NNwaiduBbKgWRELPBZ /Vpp6NyIB5GvlxHMSQOtpd7PtL3kSymQbRbyFXKjw6i0XWisIh3BNmCWdQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFNI/JijzVUEzIazzKEwfL6rpiLWmMB8GA1UdIwQY MBaAFA5k+BueNrhJkXeHZ40BTbS/zvMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTct YzhmMTgyZTk1ZWE1LzEvMGo4bUtQTlZRVE1oclBNb1RCOHZxdW1JdGFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTctYzhmMTgyZTk1ZWE1 LzEvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKjBwAD MA0GCSqGSIb3DQEBCwUAA4IBAQBV1vpc8UyAEMGGXFyFwd8hoKEN+YbqrfqNLjdg TVKQPyFY6BWSFUnmyExek9i+ReKnnHUN4i3H4L1zcX7IAyy8kyDeLCrdNFijukme Yp99JDmz1hieSkLZY9KOjqTSLLtCecVbkR567z+I25bjSPk5/+ZLjyGuZ4nyFb8f pyzbOCfYPcspzZY0Mh8ajgjumUl0lCz2DTtdNiFyH0uTa1yKGUIvJLFbboBDSQwp Z1lUWrBygB0PsMTs8tmIgyvvGF4zRVJTm0WYDOiG8sR7HWd3XDHj7Ajrj6qKBYRd OOxrNtmsncXQsm13V8E36S6oW81jUtRIuRXPAfR52oVUGZNZ -----END CERTIFICATE-----Generated at Fri Jan 2 18:21:24 2026 by rpki-client