This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/CX2-XqJbgxFtfbz1ZXOm-VfI4xk.roa File: CX2-XqJbgxFtfbz1ZXOm-VfI4xk.roa (raw, json) Hash identifier: zBpyaivrS8dLO7I1EYJl3tAX+exEI6hLkdP3m9an98o= Subject key identifier: 09:7D:BE:5E:A2:5B:83:11:6D:7D:BC:F5:65:73:A6:F9:57:C8:E3:19 Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Certificate serial: 019B7AC87B3B78D362CC6C8429E352D9B4F0 Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/CX2-XqJbgxFtfbz1ZXOm-VfI4xk.roa Signing time: Thu 01 Jan 2026 18:18:37 +0000 ROA not before: Thu 01 Jan 2026 18:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212112 IP address blocks: 2a0d:d940:9009::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 14:20:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:7b:3b:78:d3:62:cc:6c:84:29:e3:52:d9:b4:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Validity Not Before: Jan 1 18:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=097dbe5ea25b83116d7dbcf56573a6f957c8e319 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:4e:ea:68:b1:85:01:f9:40:bb:d2:0a:fc:9d: 1c:de:71:ac:e9:8f:99:bd:f0:39:0f:ad:a8:52:43: b1:e5:5f:14:c6:95:ae:d4:78:a6:48:76:fb:82:68: ec:ae:57:ae:87:d5:85:65:42:f3:bb:47:2e:50:24: ed:2a:74:ca:2a:89:3a:00:4d:5c:5f:db:0b:20:90: 84:4a:3c:e2:58:36:c3:bb:c5:c0:15:cc:42:29:1e: 30:fe:c4:8f:cf:8f:aa:0a:31:f7:15:2f:8b:8c:ef: 9b:2e:1e:cd:0b:19:a2:24:49:cd:26:20:db:bb:07: cf:a8:4c:25:d2:22:5a:c6:68:31:f4:23:19:6b:b7: 98:ca:88:08:d0:98:d1:fc:02:59:ad:c4:57:f3:8d: b0:29:fa:e2:10:81:44:44:11:2c:f6:34:eb:26:92: d6:e7:d8:ea:40:ce:90:f8:90:cb:db:93:f2:06:a3: 3b:19:a8:38:ba:7c:6a:94:4f:ab:0e:42:57:ca:b7: ab:66:18:a8:75:a0:29:d3:41:27:2c:03:c3:7f:8b: e9:4a:49:78:c7:ce:0d:37:a6:1d:56:bf:ef:13:e1: 7f:14:67:1d:27:db:eb:04:74:e2:cb:3e:c5:81:9f: 46:a6:ff:81:28:bf:3e:6a:3d:ba:06:26:50:db:ae: bb:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:7D:BE:5E:A2:5B:83:11:6D:7D:BC:F5:65:73:A6:F9:57:C8:E3:19 X509v3 Authority Key Identifier: keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/CX2-XqJbgxFtfbz1ZXOm-VfI4xk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:d940:9009::/48 Signature Algorithm: sha256WithRSAEncryption 5e:86:f4:c7:ba:2b:f5:30:4d:99:84:55:4f:1c:5a:de:62:69: 50:78:7f:bc:8e:9a:d7:99:ab:d9:bd:09:c9:68:29:89:8d:5c: 14:c1:f8:64:eb:05:2c:2d:46:18:b2:fe:1e:a2:d5:6b:ec:bf: 11:0a:1f:d4:64:55:6c:5a:4b:30:46:03:00:ae:da:3f:82:de: 55:ce:6e:9a:f0:03:95:62:8e:5c:a2:ea:0b:48:ed:61:fe:31: a0:35:d2:72:84:aa:35:77:ea:54:bf:43:76:26:e3:da:35:8a: 23:83:8e:8b:67:7f:74:64:7d:f5:88:0e:b1:e1:89:a7:e5:b5: aa:7e:11:1c:37:80:3a:4c:11:c1:d5:16:04:c3:c7:96:e9:c5: 57:a7:f5:b9:34:0e:50:28:c9:04:54:51:50:d7:fc:11:5b:71: 24:38:f4:f4:88:14:7a:81:ce:53:1b:ac:b1:7d:b7:55:02:eb: f4:47:8a:eb:1a:08:96:ef:7f:4c:a6:15:a4:b6:d4:5d:be:13: ce:f3:1a:d6:2c:42:bc:84:59:53:f2:95:e9:52:6c:07:bb:28: 4f:9e:7c:db:b4:af:84:e3:71:02:55:2c:90:2c:cc:fb:b2:fa: c4:f6:e8:77:26:b7:9b:58:f3:4f:c7:be:fe:10:c7:fc:e7:fd: 47:ba:71:c2 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt6yHs7eNNizGyEKeNS2bTwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj YmJjNzQwHhcNMjYwMTAxMTgxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOTdkYmU1ZWEyNWI4MzExNmQ3ZGJjZjU2NTczYTZmOTU3YzhlMzE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtk7qaLGFAflAu9IK/J0c3nGs6Y+Z vfA5D62oUkOx5V8UxpWu1HimSHb7gmjsrleuh9WFZULzu0cuUCTtKnTKKok6AE1c X9sLIJCESjziWDbDu8XAFcxCKR4w/sSPz4+qCjH3FS+LjO+bLh7NCxmiJEnNJiDb uwfPqEwl0iJaxmgx9CMZa7eYyogI0JjR/AJZrcRX842wKfriEIFERBEs9jTrJpLW 59jqQM6Q+JDL25PyBqM7Gag4unxqlE+rDkJXyrerZhiodaAp00EnLAPDf4vpSkl4 x84NN6YdVr/vE+F/FGcdJ9vrBHTiyz7FgZ9Gpv+BKL8+aj26BiZQ2667ywIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAl9vl6iW4MRbX289WVzpvlXyOMZMB8GA1UdIwQY MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt MTRkMjM4NTI3ODM1LzEvQ1gyLVhxSmJneEZ0ZmJ6MVpYT20tVmZJNHhrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1 LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg3ZQJAJ MA0GCSqGSIb3DQEBCwUAA4IBAQBehvTHuiv1ME2ZhFVPHFreYmlQeH+8jprXmavZ vQnJaCmJjVwUwfhk6wUsLUYYsv4eotVr7L8RCh/UZFVsWkswRgMArto/gt5Vzm6a 8AOVYo5couoLSO1h/jGgNdJyhKo1d+pUv0N2JuPaNYojg46LZ390ZH31iA6x4Ymn 5bWqfhEcN4A6TBHB1RYEw8eW6cVXp/W5NA5QKMkEVFFQ1/wRW3EkOPT0iBR6gc5T G6yxfbdVAuv0R4rrGgiW739MphWkttRdvhPO8xrWLEK8hFlT8pXpUmwHuyhPnnzb tK+E43ECVSyQLMz7svrE9uh3JrebWPNPx77+EMf85/1HunHC -----END CERTIFICATE-----Generated at Wed Jan 21 16:59:35 2026 by rpki-client