This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/IF1lFlhmDijtffZOXFPxRrxwaag.roa File: IF1lFlhmDijtffZOXFPxRrxwaag.roa (raw, json) Hash identifier: 6NSvTtWal08vd58dK+mzUmaAijlwNrmQKzVSV49xKLQ= Subject key identifier: 20:5D:65:16:58:66:0E:28:ED:7D:F6:4E:5C:53:F1:46:BC:70:69:A8 Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Certificate serial: 019B7EA707EFB3B6FDE69347C83C8E0A4B30 Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/IF1lFlhmDijtffZOXFPxRrxwaag.roa Signing time: Fri 02 Jan 2026 12:20:34 +0000 ROA not before: Fri 02 Jan 2026 12:20:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213733 IP address blocks: 2a0c:9a40:8ae0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 02:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:07:ef:b3:b6:fd:e6:93:47:c8:3c:8e:0a:4b:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Validity Not Before: Jan 2 12:20:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=205d651658660e28ed7df64e5c53f146bc7069a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:fb:77:bf:20:c7:a8:a6:00:3e:30:bf:39:b9: d5:25:e1:43:ea:33:05:80:dd:7b:e3:9b:00:fa:b9: 85:d4:9a:07:bb:1d:64:40:24:5b:8c:78:33:60:d6: 60:34:29:16:90:b6:7c:a9:2d:37:52:9c:a4:22:46: e6:24:3d:f2:48:81:52:d6:97:aa:34:8a:3b:86:40: d4:5c:30:10:76:bd:b9:7e:bd:6f:49:e2:23:85:2e: f2:6a:45:a8:ec:6b:64:de:b4:d6:3f:59:4f:96:5d: 65:ac:16:38:0b:c0:cc:4c:d8:3c:e5:85:74:e4:1d: 13:d9:6e:58:d4:6b:f4:ac:72:b9:be:17:c4:10:eb: c9:42:c0:e2:21:c2:b1:c8:7e:c9:46:2d:23:c0:75: e8:86:cf:23:ed:34:97:ca:22:8a:f9:7f:58:3b:b9: 90:82:f9:14:4e:72:86:f5:5e:84:e3:e0:29:0e:7d: 57:10:28:88:ce:0f:d7:90:8e:53:bd:ec:19:53:f3: e8:66:6d:20:a4:e0:49:20:f3:d7:64:68:2e:96:94: 02:5c:1a:13:e5:ed:95:a2:c5:39:f3:2d:b4:db:e7: 12:93:14:e8:09:71:06:82:60:84:3d:85:3d:21:da: ab:20:c8:33:53:38:bb:dc:b1:2d:f4:bd:dd:9e:d1: 42:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:5D:65:16:58:66:0E:28:ED:7D:F6:4E:5C:53:F1:46:BC:70:69:A8 X509v3 Authority Key Identifier: keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/IF1lFlhmDijtffZOXFPxRrxwaag.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:9a40:8ae0::/48 Signature Algorithm: sha256WithRSAEncryption 32:23:01:c6:29:20:ae:0b:7a:19:19:f2:a8:4f:95:be:b7:b4: ee:79:b8:c7:f2:8d:63:fe:0c:a2:ed:af:3d:97:e1:ec:92:e4: d7:a5:cb:31:04:16:cf:a4:23:10:97:4f:4d:6c:58:f3:d8:3a: 8f:95:53:6e:31:dd:71:1a:04:61:14:8e:01:d0:1e:33:2e:95: bf:01:dc:ec:d0:55:98:be:a5:fe:33:73:86:fa:2b:0b:40:9d: 9e:13:f1:4f:41:e0:04:85:41:13:2f:2c:68:b3:99:1c:fc:1f: 7f:9d:14:9a:38:65:e1:a5:fc:3a:52:16:95:11:9a:b6:63:03: 38:7a:1d:7f:6d:b2:68:5d:0e:93:20:8e:78:18:59:2c:a5:8d: 51:b4:30:b7:7e:bc:7a:a9:82:38:e9:4c:31:99:71:1e:77:97: 4e:8b:b2:f0:9f:7f:6d:a2:8e:53:ef:e7:1d:40:60:1d:86:27: 53:46:6b:c8:ef:19:cd:82:54:d8:77:c5:c3:23:c3:e4:f6:cb: 20:40:16:66:be:ef:7d:ad:2f:b9:32:88:db:7d:67:d2:c2:9f: ab:7a:49:fa:1b:5c:50:5c:13:15:70:41:5a:2b:21:91:dc:6a: 90:ab:e7:bd:c9:42:1d:68:90:eb:9d:fa:66:1d:22:ce:d4:6d: b0:50:0a:9e -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+pwfvs7b95pNHyDyOCkswMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl NDgwMDgwHhcNMjYwMTAyMTIyMDM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDVkNjUxNjU4NjYwZTI4ZWQ3ZGY2NGU1YzUzZjE0NmJjNzA2OWE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/t3vyDHqKYAPjC/ObnVJeFD6jMF gN1745sA+rmF1JoHux1kQCRbjHgzYNZgNCkWkLZ8qS03UpykIkbmJD3ySIFS1peq NIo7hkDUXDAQdr25fr1vSeIjhS7yakWo7Gtk3rTWP1lPll1lrBY4C8DMTNg85YV0 5B0T2W5Y1Gv0rHK5vhfEEOvJQsDiIcKxyH7JRi0jwHXohs8j7TSXyiKK+X9YO7mQ gvkUTnKG9V6E4+ApDn1XECiIzg/XkI5TvewZU/PoZm0gpOBJIPPXZGgulpQCXBoT 5e2VosU58y202+cSkxToCXEGgmCEPYU9IdqrIMgzUzi73LEt9L3dntFCwwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFCBdZRZYZg4o7X32TlxT8Ua8cGmoMB8GA1UdIwQY MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt YmY0ZTUyN2I5ZmE4LzEvSUYxbEZsaG1EaWp0ZmZaT1hGUHhScnh3YWFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4 LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIrg MA0GCSqGSIb3DQEBCwUAA4IBAQAyIwHGKSCuC3oZGfKoT5W+t7TuebjH8o1j/gyi 7a89l+HskuTXpcsxBBbPpCMQl09NbFjz2DqPlVNuMd1xGgRhFI4B0B4zLpW/Adzs 0FWYvqX+M3OG+isLQJ2eE/FPQeAEhUETLyxos5kc/B9/nRSaOGXhpfw6UhaVEZq2 YwM4eh1/bbJoXQ6TII54GFkspY1RtDC3frx6qYI46UwxmXEed5dOi7Lwn39too5T 7+cdQGAdhidTRmvI7xnNglTYd8XDI8Pk9ssgQBZmvu99rS+5MojbfWfSwp+rekn6 G1xQXBMVcEFaKyGR3GqQq+e9yUIdaJDrnfpmHSLO1G2wUAqe -----END CERTIFICATE-----Generated at Tue Jan 20 09:03:39 2026 by rpki-client