This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/AtV2hA3YXGqznUtgR3uB6bOY8lI.roa File: AtV2hA3YXGqznUtgR3uB6bOY8lI.roa (raw, json) Hash identifier: E9jIH1WdWmHG5Hqaca5c+6ilzJbhu15ZC+JxJ/GcG+0= Subject key identifier: 02:D5:76:84:0D:D8:5C:6A:B3:9D:4B:60:47:7B:81:E9:B3:98:F2:52 Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e Certificate serial: 019B7A5B3AB2C2D806A1B2111C8512D759CA Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/AtV2hA3YXGqznUtgR3uB6bOY8lI.roa Signing time: Thu 01 Jan 2026 16:19:17 +0000 ROA not before: Thu 01 Jan 2026 16:19:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 5.57.80.0/22 maxlen: 22 2001:7f8:17::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.mft rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:3a:b2:c2:d8:06:a1:b2:11:1c:85:12:d7:59:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e Validity Not Before: Jan 1 16:19:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=02d576840dd85c6ab39d4b60477b81e9b398f252 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:ab:52:b3:e0:43:e5:11:3c:b2:3a:5a:b4:46: 95:58:b8:08:ac:fc:28:ec:db:46:a4:3d:1f:c1:ed: 1d:26:cc:fd:fa:8c:fa:c4:19:a5:1f:f7:7d:60:b9: 0f:1c:30:6e:66:a8:5f:6e:65:48:bd:8b:72:c7:c3: a5:3a:6a:5d:ec:75:fd:a0:45:9c:56:cb:4a:e4:d7: b8:7b:46:ad:9d:4a:9b:42:a0:40:22:4b:ed:5c:d1: a6:6a:59:aa:66:04:75:18:ef:98:40:8b:18:79:12: f1:14:34:9f:2a:87:d6:99:35:d4:3e:05:bd:16:bd: 79:de:a3:cf:4d:8d:92:44:19:7d:5a:9e:d5:5e:3a: 78:3d:b0:bb:26:a8:bc:bd:19:ce:86:e3:51:c9:e5: dc:5b:ca:f9:63:32:bb:60:4b:98:d1:e6:da:9e:fb: fe:1a:20:96:f2:ea:9b:2a:09:52:0d:eb:bd:f4:a9: 14:4a:1a:12:9d:6a:e5:d9:62:15:6c:39:e4:9f:be: d5:9e:7f:f9:ec:31:66:5d:96:f4:22:58:4f:fb:f7: 9f:d1:7e:5f:a7:86:41:35:00:c7:f7:98:d0:4c:52: cf:0a:1f:73:aa:ac:88:5a:6e:42:69:ed:c1:29:bc: 69:b7:99:01:d0:b9:20:6e:05:7d:12:07:e0:ef:59: 83:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:D5:76:84:0D:D8:5C:6A:B3:9D:4B:60:47:7B:81:E9:B3:98:F2:52 X509v3 Authority Key Identifier: keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/AtV2hA3YXGqznUtgR3uB6bOY8lI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.57.80.0/22 IPv6: 2001:7f8:17::/64 Signature Algorithm: sha256WithRSAEncryption 1d:a7:26:e4:b8:bf:a8:f5:d4:30:89:0b:af:09:6c:7c:fe:19: 80:d0:29:10:6c:f5:5f:ad:1a:c5:a7:58:d2:f3:c5:e8:26:d5: 39:d0:5d:ce:70:07:9b:1f:cd:01:8c:34:ad:a2:dd:6b:db:c6: a1:02:80:2f:18:33:2f:19:d6:e1:44:6b:60:97:08:df:4c:1b: dc:24:08:9d:0a:92:55:ed:32:e7:41:10:64:ff:36:18:00:1f: 54:3e:01:5b:bb:29:31:a6:94:20:66:70:3d:95:f6:5a:cc:8f: 9b:ec:dc:38:ef:d5:28:58:fb:69:63:53:84:35:98:8a:b5:8f: d7:5c:30:ed:d1:46:18:dc:9d:f2:d9:4e:10:3f:48:c7:46:a6: 63:36:98:fd:ee:b3:ed:cc:d7:e3:4b:66:d2:17:85:c6:d9:31: 87:71:c2:3b:9f:4b:5d:6a:5d:df:b9:44:16:b0:06:22:4e:df: bd:3e:7c:4f:f5:73:96:f7:fd:ea:67:bb:ef:9c:d2:14:8a:32: 28:06:0f:8a:7b:33:6d:41:a4:02:8d:0b:d4:6f:1a:f6:1f:e9: 4f:ca:84:a8:40:80:f8:d3:62:de:75:e8:47:28:d5:dd:ed:6b: a2:66:f1:e8:65:01:1d:84:42:d3:4b:85:73:53:47:8b:7b:41: a0:d3:e2:c8 -----BEGIN CERTIFICATE----- MIIFEDCCA/igAwIBAgISAZt6WzqywtgGobIRHIUS11nKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlOGQwN2I0NWY3ZDgzMTI0YzlmOGMwZmFjMDNiZWMwMjQ2 OGIzN2UwHhcNMjYwMTAxMTYxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMmQ1NzY4NDBkZDg1YzZhYjM5ZDRiNjA0NzdiODFlOWIzOThmMjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKtSs+BD5RE8sjpatEaVWLgIrPwo 7NtGpD0fwe0dJsz9+oz6xBmlH/d9YLkPHDBuZqhfbmVIvYtyx8OlOmpd7HX9oEWc VstK5Ne4e0atnUqbQqBAIkvtXNGmalmqZgR1GO+YQIsYeRLxFDSfKofWmTXUPgW9 Fr153qPPTY2SRBl9Wp7VXjp4PbC7Jqi8vRnOhuNRyeXcW8r5YzK7YEuY0ebanvv+ GiCW8uqbKglSDeu99KkUShoSnWrl2WIVbDnkn77Vnn/57DFmXZb0IlhP+/ef0X5f p4ZBNQDH95jQTFLPCh9zqqyIWm5Cae3BKbxpt5kB0LkgbgV9Egfg71mDGQIDAQAB o4ICHDCCAhgwHQYDVR0OBBYEFALVdoQN2Fxqs51LYEd7gemzmPJSMB8GA1UdIwQY MBaAFF6NB7RffYMSTJ+MD6wDvsAkaLN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQt NmM4ZmQ4NGJiNWY1LzEvQXRWMmhBM1lYR3F6blV0Z1IzdUI2Yk9ZOGxJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQtNmM4ZmQ4NGJiNWY1 LzEvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQCBTlQMBEE AgACMAsDCQAgAQf4ABcAADANBgkqhkiG9w0BAQsFAAOCAQEAHacm5Li/qPXUMIkL rwlsfP4ZgNApEGz1X60axadY0vPF6CbVOdBdznAHmx/NAYw0raLda9vGoQKALxgz LxnW4URrYJcI30wb3CQInQqSVe0y50EQZP82GAAfVD4BW7spMaaUIGZwPZX2WsyP m+zcOO/VKFj7aWNThDWYirWP11ww7dFGGNyd8tlOED9Ix0amYzaY/e6z7czX40tm 0heFxtkxh3HCO59LXWpd37lEFrAGIk7fvT58T/Vzlvf96me775zSFIoyKAYPinsz bUGkAo0L1G8a9h/pT8qEqECA+NNi3nXoRyjV3e1rombx6GUBHYRC00uFc1NHi3tB oNPiyA== -----END CERTIFICATE-----Generated at Fri Jan 9 00:57:55 2026 by rpki-client