This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/jG8rX6RswAYq2SOPVzachTaDBy0.roa File: jG8rX6RswAYq2SOPVzachTaDBy0.roa (raw, json) Hash identifier: NQyI/4F7zDXM7kJBuMw9wC8oQPDWE8X9n66B2YS+O10= Subject key identifier: 8C:6F:2B:5F:A4:6C:C0:06:2A:D9:23:8F:57:36:9C:85:36:83:07:2D Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Certificate serial: 019B7EA6D295F6C72AAA0DDED55F2C7D95CB Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/jG8rX6RswAYq2SOPVzachTaDBy0.roa Signing time: Fri 02 Jan 2026 12:20:20 +0000 ROA not before: Fri 02 Jan 2026 12:20:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 149476 IP address blocks: 2a0c:9a40:9c00::/40 maxlen: 48 2a10:a507:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 02:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:d2:95:f6:c7:2a:aa:0d:de:d5:5f:2c:7d:95:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Validity Not Before: Jan 2 12:20:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8c6f2b5fa46cc0062ad9238f57369c853683072d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:dd:52:1f:2d:5c:2a:b2:e1:6b:29:2f:13:53: 91:9e:2e:a1:69:04:15:27:6c:64:ec:56:c9:7f:3c: 69:c3:70:a2:dc:e6:77:8a:e4:8a:1f:63:8f:04:5e: 86:b0:81:33:53:72:a5:9d:54:38:f0:2e:3f:1f:9e: 9b:ad:e0:b4:02:e9:ac:3a:f3:aa:ee:77:a5:00:ca: 03:40:3e:47:73:d3:23:80:b4:fa:ff:2b:2e:fc:52: c7:1e:07:cd:8c:83:52:5d:2c:5e:d1:8f:77:50:b8: 85:06:4c:25:28:97:3a:d8:fc:db:16:5a:89:9f:2c: 1e:78:b3:49:0b:dc:7e:3a:22:ce:10:db:2f:ab:1a: f1:77:72:8c:c4:f9:21:6b:9d:e7:97:92:c8:d9:3a: 7a:37:b5:b0:83:bd:56:09:d0:96:46:86:30:e7:ee: 97:d8:13:70:8f:02:20:58:f9:0c:69:e5:88:b8:79: 46:08:67:af:88:68:33:a6:ba:65:df:f2:77:0c:58: b5:cf:ec:0e:8f:d4:04:c8:0b:89:04:70:51:1e:7d: b2:4a:b3:b8:89:39:f1:b1:1f:2d:e9:63:50:17:df: be:1f:e4:a1:cf:f7:29:91:c2:3b:bf:85:ef:2a:63: 21:b8:ec:47:c4:4c:e9:78:fb:22:27:da:c7:e0:e1: 36:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:6F:2B:5F:A4:6C:C0:06:2A:D9:23:8F:57:36:9C:85:36:83:07:2D X509v3 Authority Key Identifier: keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/jG8rX6RswAYq2SOPVzachTaDBy0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:9a40:9c00::/40 2a10:a507:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 7b:fd:fb:8e:77:da:3b:39:12:3b:f2:f2:e7:d5:e7:79:0c:1e: e3:07:93:13:d5:95:25:b4:bb:d3:1f:25:0b:18:7e:99:b2:d3: 28:27:a5:d5:3e:89:aa:c4:9e:2c:7c:26:20:6a:e9:e9:1b:38: 4f:0d:a8:f7:76:91:2f:f7:16:74:da:60:9d:3c:6d:d8:92:6a: 66:52:75:4b:c9:3b:59:b8:42:13:0b:bd:04:ab:d9:0b:77:be: 40:7a:1f:33:ed:46:ee:fa:64:68:fa:e3:58:71:20:1a:c6:6f: 40:16:16:65:9b:d6:e7:ab:c3:77:08:71:30:d0:6e:07:fa:5c: a0:c9:49:a5:7f:ff:b0:3d:21:35:39:82:4b:56:dd:64:15:da: fb:28:be:54:0d:91:80:25:40:a2:12:ee:fc:04:eb:00:2d:d3: bd:5e:94:4c:02:53:9a:b5:3d:92:c6:08:9a:80:75:98:33:14: db:a7:9d:b3:4c:f2:74:5a:8b:c7:68:48:53:05:09:4f:6b:c6: e4:8d:52:a7:67:c6:c9:96:ec:1d:03:88:fe:fb:f0:b1:11:61: 1a:f2:23:2a:8a:cc:80:76:b6:06:96:be:88:4f:a9:b6:c3:15: ea:a8:47:c3:f9:36:00:28:03:8f:e1:7e:40:92:17:3c:de:06: 20:6b:74:08 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZt+ptKV9scqqg3e1V8sfZXLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl NDgwMDgwHhcNMjYwMTAyMTIyMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YzZmMmI1ZmE0NmNjMDA2MmFkOTIzOGY1NzM2OWM4NTM2ODMwNzJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN1SHy1cKrLhaykvE1ORni6haQQV J2xk7FbJfzxpw3Ci3OZ3iuSKH2OPBF6GsIEzU3KlnVQ48C4/H56breC0AumsOvOq 7nelAMoDQD5Hc9MjgLT6/ysu/FLHHgfNjINSXSxe0Y93ULiFBkwlKJc62PzbFlqJ nyweeLNJC9x+OiLOENsvqxrxd3KMxPkha53nl5LI2Tp6N7Wwg71WCdCWRoYw5+6X 2BNwjwIgWPkMaeWIuHlGCGeviGgzprpl3/J3DFi1z+wOj9QEyAuJBHBRHn2ySrO4 iTnxsR8t6WNQF9++H+Shz/cpkcI7v4XvKmMhuOxHxEzpePsiJ9rH4OE21QIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFIxvK1+kbMAGKtkjj1c2nIU2gwctMB8GA1UdIwQY MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt YmY0ZTUyN2I5ZmE4LzEvakc4clg2UnN3QVlxMlNPUFZ6YWNoVGFEQnkwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4 LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKgyaQJwD BwAqEKUHsAswDQYJKoZIhvcNAQELBQADggEBAHv9+4532js5Ejvy8ufV53kMHuMH kxPVlSW0u9MfJQsYfpmy0ygnpdU+iarEnix8JiBq6ekbOE8NqPd2kS/3FnTaYJ08 bdiSamZSdUvJO1m4QhMLvQSr2Qt3vkB6HzPtRu76ZGj641hxIBrGb0AWFmWb1uer w3cIcTDQbgf6XKDJSaV//7A9ITU5gktW3WQV2vsovlQNkYAlQKIS7vwE6wAt071e lEwCU5q1PZLGCJqAdZgzFNunnbNM8nRai8doSFMFCU9rxuSNUqdnxsmW7B0DiP77 8LERYRryIyqKzIB2tgaWvohPqbbDFeqoR8P5NgAoA4/hfkCSFzzeBiBrdAg= -----END CERTIFICATE-----Generated at Tue Jan 20 09:06:14 2026 by rpki-client