This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/x4pQf17vDFkXV3GUtqmWbktS3Fo.roa File: x4pQf17vDFkXV3GUtqmWbktS3Fo.roa (raw, json) Hash identifier: TF4r3ErV+VPSElRBLhwHiJMcDMk0C1SKhfdxBMi4KUM= Subject key identifier: C7:8A:50:7F:5E:EF:0C:59:17:57:71:94:B6:A9:96:6E:4B:52:DC:5A Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75 Certificate serial: 019B7AC82DD232F7CF7982FAA2FBF36B8690 Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/x4pQf17vDFkXV3GUtqmWbktS3Fo.roa Signing time: Thu 01 Jan 2026 18:18:17 +0000 ROA not before: Thu 01 Jan 2026 18:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 53356 IP address blocks: 2a09:fb86::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:2d:d2:32:f7:cf:79:82:fa:a2:fb:f3:6b:86:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75 Validity Not Before: Jan 1 18:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c78a507f5eef0c5917577194b6a9966e4b52dc5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:ef:7f:23:ca:95:69:b7:a7:08:28:a3:93:7a: 73:c3:de:ed:a0:42:86:38:dd:64:49:15:81:c6:b1: c5:c1:ed:be:21:7f:2b:9e:43:b7:92:3a:c1:81:b8: 9e:46:ac:3b:c0:da:98:1f:f8:e9:ec:ed:fd:97:2d: 92:3a:6d:5b:c9:cc:2c:7d:98:55:1c:4b:0e:6c:dc: 55:06:55:2a:de:56:80:e6:c1:fc:89:b1:02:79:d7: 1e:b5:2b:20:e6:51:7b:e8:56:02:76:ad:af:d5:b5: 46:d2:48:4b:cd:b7:e2:75:76:34:a3:bf:33:d7:f4: 37:75:05:a7:4b:6e:4a:2b:97:41:45:b1:89:95:64: 82:54:6f:07:b1:85:f1:f2:5b:cc:60:a0:73:25:7b: e9:08:b4:ca:7b:e8:bd:5d:32:7f:a1:5b:4f:fd:3b: 3a:81:87:6c:81:05:c2:68:2a:1c:88:c3:28:ed:0f: 59:6f:85:3f:b9:e6:36:e3:e2:96:1d:87:18:0b:3b: a7:6c:a1:d1:f0:cb:31:4d:00:48:33:9a:df:26:92: c8:d5:ff:03:55:dc:c0:a8:d6:97:d8:cf:47:01:fa: 65:e8:32:29:c6:f9:f0:d1:cb:94:0e:1f:eb:85:24: 26:66:aa:7b:fe:43:8c:e3:38:40:7a:43:0f:e5:68: 2d:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:8A:50:7F:5E:EF:0C:59:17:57:71:94:B6:A9:96:6E:4B:52:DC:5A X509v3 Authority Key Identifier: keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/x4pQf17vDFkXV3GUtqmWbktS3Fo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:fb86::/32 Signature Algorithm: sha256WithRSAEncryption 16:08:87:73:3e:42:6e:80:17:4e:3c:51:9b:e2:02:6b:b1:fd: aa:a7:33:d5:2c:e1:9d:e9:ef:d6:74:c6:e8:4d:e6:9f:40:d2: d1:57:d2:56:8c:0b:18:b0:9d:1c:e5:89:28:6d:aa:a9:ce:e3: a5:2a:07:71:97:ec:f6:23:3b:c1:72:79:6f:7c:6f:4c:57:90: 1e:56:5a:f8:08:c1:58:21:9c:99:56:02:40:5f:fa:93:83:04: bd:f6:db:a3:f4:8c:24:5a:af:23:cd:75:43:b7:3d:6d:1b:d0: d0:c9:35:5e:57:2b:7f:ae:3d:f3:ec:8a:31:d5:b6:15:74:4e: b2:cd:de:0e:6f:b3:08:69:28:ee:c0:f9:3d:b4:92:80:1e:b9: 65:b2:85:fe:22:05:db:0c:f4:1b:8b:37:d0:fa:e3:0d:f1:3a: 17:14:fb:10:91:62:12:33:b7:1d:9b:fd:3b:28:98:1d:36:71: 34:b4:a8:6c:91:3f:46:fc:6d:4f:f2:92:4c:19:0a:a6:4e:d3: 8d:26:03:b6:c8:8c:c2:3c:cf:cb:2e:30:03:17:a0:4a:10:6e: 54:57:ec:7b:6c:ca:ef:e2:46:e1:e9:59:83:ba:4a:ef:c5:3c: e4:6b:8b:61:cf:dd:a1:be:2f:3c:4b:d2:91:bd:77:9d:f9:22: 05:3a:08:59 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt6yC3SMvfPeYL6ovvza4aQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3 MjRmNzUwHhcNMjYwMTAxMTgxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNzhhNTA3ZjVlZWYwYzU5MTc1NzcxOTRiNmE5OTY2ZTRiNTJkYzVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO9/I8qVabenCCijk3pzw97toEKG ON1kSRWBxrHFwe2+IX8rnkO3kjrBgbieRqw7wNqYH/jp7O39ly2SOm1bycwsfZhV HEsObNxVBlUq3laA5sH8ibECedcetSsg5lF76FYCdq2v1bVG0khLzbfidXY0o78z 1/Q3dQWnS25KK5dBRbGJlWSCVG8HsYXx8lvMYKBzJXvpCLTKe+i9XTJ/oVtP/Ts6 gYdsgQXCaCociMMo7Q9Zb4U/ueY24+KWHYcYCzunbKHR8MsxTQBIM5rfJpLI1f8D VdzAqNaX2M9HAfpl6DIpxvnw0cuUDh/rhSQmZqp7/kOM4zhAekMP5WgtUwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFMeKUH9e7wxZF1dxlLaplm5LUtxaMB8GA1UdIwQY MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt MzZkZTY1NzIzMmJlLzEveDRwUWYxN3ZERmtYVjNHVXRxbVdia3RTM0ZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgn7hjAN BgkqhkiG9w0BAQsFAAOCAQEAFgiHcz5CboAXTjxRm+ICa7H9qqcz1Szhnenv1nTG 6E3mn0DS0VfSVowLGLCdHOWJKG2qqc7jpSoHcZfs9iM7wXJ5b3xvTFeQHlZa+AjB WCGcmVYCQF/6k4MEvfbbo/SMJFqvI811Q7c9bRvQ0Mk1Xlcrf6498+yKMdW2FXRO ss3eDm+zCGko7sD5PbSSgB65ZbKF/iIF2wz0G4s30PrjDfE6FxT7EJFiEjO3HZv9 OyiYHTZxNLSobJE/RvxtT/KSTBkKpk7TjSYDtsiMwjzPyy4wAxegShBuVFfse2zK 7+JG4elZg7pK78U85GuLYc/dob4vPEvSkb13nfkiBToIWQ== -----END CERTIFICATE-----Generated at Mon Jan 19 23:20:30 2026 by rpki-client