This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/_qGpnfoq0RIQZSg2OZDqTa0dLBk.roa File: _qGpnfoq0RIQZSg2OZDqTa0dLBk.roa (raw, json) Hash identifier: ybY1jw9QuVARJXQAyD3Up3vr0hHVN1d8hKwrTNH/dDU= Subject key identifier: FE:A1:A9:9D:FA:2A:D1:12:10:65:28:36:39:90:EA:4D:AD:1D:2C:19 Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Certificate serial: 019A7F27F968B7D2CD2CA6D9D4C01620DD4D Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/_qGpnfoq0RIQZSg2OZDqTa0dLBk.roa Signing time: Thu 13 Nov 2025 21:38:37 +0000 ROA not before: Thu 13 Nov 2025 21:38:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 58212 IP address blocks: 2a0d:d940:b1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:7f:27:f9:68:b7:d2:cd:2c:a6:d9:d4:c0:16:20:dd:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Validity Not Before: Nov 13 21:38:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=fea1a99dfa2ad112106528363990ea4dad1d2c19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:43:da:eb:ad:3f:18:2a:12:ee:46:12:00:ef: 75:e8:e4:5e:b8:24:a1:42:15:08:2e:de:e9:10:41: 1c:0a:40:70:b1:06:27:3b:b1:62:a4:fe:60:b4:c9: 3a:86:75:01:11:08:15:bc:ee:02:85:e6:3e:0c:59: 0a:d8:b4:da:e2:71:30:b9:d3:b4:0c:c5:30:06:6c: 39:65:d9:74:bc:14:f8:7b:f1:cf:cb:34:ff:59:3d: bc:d1:03:8c:ff:73:c0:a0:7e:4d:9c:9f:0a:29:f0: 11:3e:a1:05:a0:98:14:0e:ce:cc:43:1d:6f:87:bc: 87:19:82:d9:ec:e1:db:72:06:cc:85:fd:c3:97:64: 39:b2:4d:98:2e:9f:c9:05:f3:8f:bc:91:e1:29:e8: 3a:1f:fd:43:cc:da:db:32:f7:44:3e:8d:73:eb:74: 7d:e0:47:0a:df:02:d4:cb:00:c4:5d:b7:e2:f8:82: 2c:c4:94:e6:3e:8e:4c:b2:7f:fd:22:97:0e:a2:72: 40:e6:e0:4c:56:4c:5a:14:1a:7c:b1:e9:3f:0b:6d: bd:b7:cd:12:7b:d8:8b:ae:10:b1:67:1e:ad:ad:bb: 3a:ef:d4:cb:99:cd:07:3e:b7:fd:01:ce:5e:5a:b2: 99:df:d1:b9:21:bc:57:1c:f6:0f:ef:c8:6f:ea:0b: 20:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:A1:A9:9D:FA:2A:D1:12:10:65:28:36:39:90:EA:4D:AD:1D:2C:19 X509v3 Authority Key Identifier: keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/_qGpnfoq0RIQZSg2OZDqTa0dLBk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:d940:b1::/48 Signature Algorithm: sha256WithRSAEncryption 91:20:2e:04:03:66:b1:df:f4:38:25:d3:21:29:e0:a2:85:37: 1e:70:1b:2b:c9:53:34:94:91:e2:be:3e:73:57:92:e1:85:10: 44:49:6b:e2:77:a1:f2:ce:e9:9a:e8:f2:ce:ed:08:5f:3e:6f: 69:6d:99:e5:4e:d6:a9:6a:ec:90:19:21:02:6f:b3:87:82:c6: b1:4f:03:90:8e:5b:c5:d1:d0:ea:79:26:89:cc:17:98:5d:1c: 1a:a6:bb:42:fc:04:3e:32:7c:ae:67:c7:21:f3:6c:dd:6d:98: 77:1b:a6:9a:79:2a:b1:63:37:49:2a:06:0c:a2:7b:bb:57:75: 4e:26:81:23:57:63:87:52:0b:df:73:e1:4a:d1:02:01:8b:31: 74:7e:9c:38:a6:83:8c:d8:bd:1b:0c:91:e8:95:ae:6b:c1:14: 63:d0:cd:90:28:47:1f:32:bf:9d:c5:04:eb:c0:b6:f1:c0:bd: ef:28:01:60:24:00:2a:19:a5:d9:24:6e:fc:a5:29:fe:0d:1a: f6:4a:2e:f1:10:36:fd:44:5a:03:68:ec:82:79:42:2c:35:59: ad:b7:e5:33:19:02:15:f1:01:c2:1a:9b:f1:d6:fd:e2:45:03: 89:c6:49:2d:2d:4f:bc:a4:1a:08:91:37:13:ef:01:ff:fd:d8: 49:28:fb:4a -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZp/J/lot9LNLKbZ1MAWIN1NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj YmJjNzQwHhcNMjUxMTEzMjEzODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZWExYTk5ZGZhMmFkMTEyMTA2NTI4MzYzOTkwZWE0ZGFkMWQyYzE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8kPa660/GCoS7kYSAO916OReuCSh QhUILt7pEEEcCkBwsQYnO7FipP5gtMk6hnUBEQgVvO4CheY+DFkK2LTa4nEwudO0 DMUwBmw5Zdl0vBT4e/HPyzT/WT280QOM/3PAoH5NnJ8KKfARPqEFoJgUDs7MQx1v h7yHGYLZ7OHbcgbMhf3Dl2Q5sk2YLp/JBfOPvJHhKeg6H/1DzNrbMvdEPo1z63R9 4EcK3wLUywDEXbfi+IIsxJTmPo5Msn/9IpcOonJA5uBMVkxaFBp8sek/C229t80S e9iLrhCxZx6trbs679TLmc0HPrf9Ac5eWrKZ39G5IbxXHPYP78hv6gsgXQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFP6hqZ36KtESEGUoNjmQ6k2tHSwZMB8GA1UdIwQY MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt MTRkMjM4NTI3ODM1LzEvX3FHcG5mb3EwUklRWlNnMk9aRHFUYTBkTEJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1 LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg3ZQACx MA0GCSqGSIb3DQEBCwUAA4IBAQCRIC4EA2ax3/Q4JdMhKeCihTcecBsryVM0lJHi vj5zV5LhhRBESWvid6Hyzuma6PLO7QhfPm9pbZnlTtapauyQGSECb7OHgsaxTwOQ jlvF0dDqeSaJzBeYXRwaprtC/AQ+MnyuZ8ch82zdbZh3G6aaeSqxYzdJKgYMonu7 V3VOJoEjV2OHUgvfc+FK0QIBizF0fpw4poOM2L0bDJHola5rwRRj0M2QKEcfMr+d xQTrwLbxwL3vKAFgJAAqGaXZJG78pSn+DRr2Si7xEDb9RFoDaOyCeUIsNVmtt+Uz GQIV8QHCGpvx1v3iRQOJxkktLU+8pBoIkTcT7wH//dhJKPtK -----END CERTIFICATE-----Generated at Fri Dec 5 07:04:04 2025 by rpki-client