This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/xufYcSXKkHoVIuH3wXm2L2ThbKQ.roa File: xufYcSXKkHoVIuH3wXm2L2ThbKQ.roa (raw, json) Hash identifier: 0VyAhXg6SJtDxoQNjVgedz+ggwVUOU4c0jA3RBXRQw4= Subject key identifier: C6:E7:D8:71:25:CA:90:7A:15:22:E1:F7:C1:79:B6:2F:64:E1:6C:A4 Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Certificate serial: 019AE3CFF89678EA7D0CFDC47012F72ACD6F Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/xufYcSXKkHoVIuH3wXm2L2ThbKQ.roa Signing time: Wed 03 Dec 2025 10:44:08 +0000 ROA not before: Wed 03 Dec 2025 10:44:08 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 206604 IP address blocks: 2a0d:d940:70::/44 maxlen: 48 2a0d:d940:2004::/48 maxlen: 48 2a0d:d940:2005::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 04:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e3:cf:f8:96:78:ea:7d:0c:fd:c4:70:12:f7:2a:cd:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Validity Not Before: Dec 3 10:44:08 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=c6e7d87125ca907a1522e1f7c179b62f64e16ca4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:88:32:2a:ae:a3:a8:8c:5c:9b:72:b0:c3:b1: 60:d6:87:fc:d8:b7:67:b0:c2:c5:c9:2a:84:7a:a9: 0b:a7:61:14:c6:21:72:20:51:e1:4e:ca:11:b4:d4: e9:98:f8:c6:59:5c:ff:93:de:cb:2b:89:2b:7a:e8: c0:32:c7:21:04:05:ba:51:42:a8:52:98:0c:44:11: 3f:86:7e:e9:be:a8:fd:d1:b9:3f:75:c5:24:a0:9c: 46:18:84:38:fa:b1:b4:f4:f5:7f:cb:a6:5a:43:03: 0d:6a:f5:85:06:de:cc:d6:93:62:2d:81:5e:9a:94: f6:a8:4b:eb:f3:69:94:03:dc:be:74:44:f5:0d:28: 71:e8:53:53:16:7b:a7:95:96:d8:1a:4f:8f:0d:70: 3f:27:bc:13:16:a3:c3:98:f4:db:ef:88:aa:d8:cc: 46:c5:98:86:45:c8:52:70:02:47:bc:e9:58:67:7b: a9:27:4a:d4:11:61:db:e6:39:32:33:4b:21:aa:4b: b6:3d:d0:f9:bc:fe:af:17:a2:9c:17:e3:64:2f:ca: aa:08:4e:5b:6c:5a:e8:22:3d:a6:88:3d:7a:58:5e: 0f:3a:3c:e1:e7:20:3c:8c:3a:0a:16:73:71:84:1b: 2f:42:71:b2:36:44:a8:40:c8:c1:6b:c2:7a:64:db: d7:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:E7:D8:71:25:CA:90:7A:15:22:E1:F7:C1:79:B6:2F:64:E1:6C:A4 X509v3 Authority Key Identifier: keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/xufYcSXKkHoVIuH3wXm2L2ThbKQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:d940:70::/44 2a0d:d940:2004::/47 Signature Algorithm: sha256WithRSAEncryption 34:b3:11:25:8c:01:3d:58:38:07:9f:2a:69:35:0c:6c:f4:06: 22:f2:01:60:80:e9:2a:b6:93:67:02:8a:2e:c3:92:6c:4a:ae: de:5e:25:ef:3f:52:08:28:dc:c3:98:0b:58:08:c3:3f:e4:8d: 82:95:fe:64:34:7d:06:23:00:c8:4f:d2:5e:ae:02:78:7b:6c: a2:60:77:cb:c8:05:d7:ae:7a:d2:9e:f5:30:a2:46:db:dd:ca: 2f:d3:09:96:22:73:ad:df:44:7f:10:62:2c:c3:f3:96:d1:37: 13:b3:a6:b9:8a:4b:dc:af:64:e0:63:a5:69:2c:35:9d:46:03: 99:72:23:4b:ef:4c:cb:63:c1:95:11:a1:0c:d0:dd:3b:b0:86: 4e:08:6d:57:d4:8a:bf:d8:8a:53:43:b1:fe:30:1c:ff:d4:85: ac:50:ee:60:5a:0c:e7:19:02:54:1a:7c:40:8e:13:32:6e:cc: 0c:51:26:17:5d:74:12:d4:4e:48:d5:ed:86:e2:b1:37:4c:1d: 58:57:ec:04:12:57:9d:b4:8e:da:28:e8:ed:e3:b6:f8:33:b5: ba:83:6e:0f:a0:96:c4:fe:49:52:e9:3b:6e:41:78:1f:8f:e7: 41:75:49:fa:de:d9:d7:cd:a0:db:9f:17:39:5c:1f:f3:75:dc: 0c:63:53:6e -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZrjz/iWeOp9DP3EcBL3Ks1vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj YmJjNzQwHhcNMjUxMjAzMTA0NDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNmU3ZDg3MTI1Y2E5MDdhMTUyMmUxZjdjMTc5YjYyZjY0ZTE2Y2E0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04gyKq6jqIxcm3Kww7Fg1of82Ldn sMLFySqEeqkLp2EUxiFyIFHhTsoRtNTpmPjGWVz/k97LK4kreujAMschBAW6UUKo UpgMRBE/hn7pvqj90bk/dcUkoJxGGIQ4+rG09PV/y6ZaQwMNavWFBt7M1pNiLYFe mpT2qEvr82mUA9y+dET1DShx6FNTFnunlZbYGk+PDXA/J7wTFqPDmPTb74iq2MxG xZiGRchScAJHvOlYZ3upJ0rUEWHb5jkyM0shqku2PdD5vP6vF6KcF+NkL8qqCE5b bFroIj2miD16WF4POjzh5yA8jDoKFnNxhBsvQnGyNkSoQMjBa8J6ZNvXfwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFMbn2HElypB6FSLh98F5ti9k4WykMB8GA1UdIwQY MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt MTRkMjM4NTI3ODM1LzEveHVmWWNTWEtrSG9WSXVIM3dYbTJMMlRoYktRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1 LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg3ZQABw AwcBKg3ZQCAEMA0GCSqGSIb3DQEBCwUAA4IBAQA0sxEljAE9WDgHnyppNQxs9AYi 8gFggOkqtpNnAoouw5JsSq7eXiXvP1IIKNzDmAtYCMM/5I2Clf5kNH0GIwDIT9Je rgJ4e2yiYHfLyAXXrnrSnvUwokbb3cov0wmWInOt30R/EGIsw/OW0TcTs6a5ikvc r2TgY6VpLDWdRgOZciNL70zLY8GVEaEM0N07sIZOCG1X1Iq/2IpTQ7H+MBz/1IWs UO5gWgznGQJUGnxAjhMybswMUSYXXXQS1E5I1e2G4rE3TB1YV+wEEledtI7aKOjt 47b4M7W6g24PoJbE/klS6TtuQXgfj+dBdUn63tnXzaDbnxc5XB/zddwMY1Nu -----END CERTIFICATE-----Generated at Thu Dec 4 10:31:06 2025 by rpki-client