This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/XZTw4KFczy0Ar8IqCJPDnCcipmc.roa File: XZTw4KFczy0Ar8IqCJPDnCcipmc.roa (raw, json) Hash identifier: T2Q5bH+6BDTYW67ls/KJ2Hzqb6SSUc6QBDh+WpjZUpI= Subject key identifier: 5D:94:F0:E0:A1:5C:CF:2D:00:AF:C2:2A:08:93:C3:9C:27:22:A6:67 Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f Certificate serial: 019B7F13E81F5CF108E9C9372066AB70595C Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/XZTw4KFczy0Ar8IqCJPDnCcipmc.roa Signing time: Fri 02 Jan 2026 14:19:29 +0000 ROA not before: Fri 02 Jan 2026 14:19:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41002 IP address blocks: 2a03:1ac0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 05 Feb 2026 23:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:e8:1f:5c:f1:08:e9:c9:37:20:66:ab:70:59:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f Validity Not Before: Jan 2 14:19:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d94f0e0a15ccf2d00afc22a0893c39c2722a667 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:15:13:0a:ab:dc:b6:2f:53:90:53:ef:5f:1c: 81:61:4d:ed:da:4e:92:31:f9:04:d6:28:4e:1b:af: 12:6b:db:8c:ae:59:d9:56:a0:f9:e1:d5:ce:6c:94: 6e:5e:79:ec:7b:42:ad:16:e2:6c:c3:5d:9e:41:63: 3f:57:40:75:bd:bb:53:62:a5:88:ab:35:cf:ce:91: ab:7d:82:9b:fb:64:c8:19:a4:4a:70:0e:87:eb:a7: df:b6:9c:5b:54:6b:c0:09:dc:de:90:24:3b:a7:d1: 24:36:e8:a7:9a:69:b2:e9:49:50:52:e5:b4:e2:ba: 34:65:75:58:42:dc:1d:f1:02:f1:d7:ee:fd:00:33: 8c:95:e5:a7:b9:92:a6:e8:6d:21:6e:1d:49:5b:eb: bb:c2:3f:0d:c4:32:1c:19:da:15:8e:e4:69:3c:7c: f4:35:86:10:e3:0d:8d:21:a2:77:6a:b3:e6:00:25: c7:9a:d1:c7:d1:e8:66:f8:c1:b6:b8:71:7c:15:2c: 94:24:8f:b2:8c:42:9f:71:8a:c5:35:13:41:bf:1c: 53:84:7c:5d:1b:ba:ac:88:74:ee:a6:24:c9:27:ac: 9c:78:85:24:ce:c3:53:8d:d6:c3:2f:2a:3d:59:cf: 1e:af:68:c6:2b:9f:9d:d5:79:7b:98:e3:8d:9f:fc: c0:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:94:F0:E0:A1:5C:CF:2D:00:AF:C2:2A:08:93:C3:9C:27:22:A6:67 X509v3 Authority Key Identifier: keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/XZTw4KFczy0Ar8IqCJPDnCcipmc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:1ac0::/48 Signature Algorithm: sha256WithRSAEncryption 27:70:81:b9:42:ac:01:fd:dc:ff:73:8f:54:75:51:40:40:7b: 4d:6d:98:e7:a9:42:ab:66:5d:85:fe:9a:66:2a:eb:2b:ed:4f: f1:72:cf:77:e0:43:bb:d4:63:ca:96:95:30:e8:ef:61:b2:f8: 70:43:fb:e5:c1:69:75:c5:00:27:71:d1:f0:5e:5d:3b:dd:6f: 35:87:32:60:63:a4:63:74:f6:0e:4d:ce:31:fe:82:91:78:55: 0f:af:00:2a:70:4c:4c:9a:23:a6:39:08:77:9a:6e:07:a6:34: 06:79:94:5e:ad:4b:24:5f:52:1d:a0:a9:14:f4:02:29:96:f5: a8:86:25:91:c8:23:a1:0b:03:bc:91:65:ef:c9:71:53:45:ad: 95:68:45:31:c5:8f:16:38:ee:fd:0e:40:d0:f7:57:e4:70:42: 8f:6d:c1:93:09:52:41:ef:37:10:f6:de:74:83:f7:c5:e7:26: 38:b6:71:65:39:47:e5:4c:ab:74:d7:14:42:9d:70:a7:33:dd: b3:80:fd:e0:b3:8d:37:fe:3c:10:2d:d9:09:c8:4a:c2:cf:67: 62:5a:ca:d5:e1:b8:70:65:e3:31:97:8f:7c:d2:74:bb:bb:95: b7:6c:27:45:51:d1:aa:dd:ff:27:55:b4:20:a4:1a:a6:db:a9: 07:6f:7d:b1 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/E+gfXPEI6ck3IGarcFlcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi ODJiNWYwHhcNMjYwMTAyMTQxOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDk0ZjBlMGExNWNjZjJkMDBhZmMyMmEwODkzYzM5YzI3MjJhNjY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hUTCqvcti9TkFPvXxyBYU3t2k6S MfkE1ihOG68Sa9uMrlnZVqD54dXObJRuXnnse0KtFuJsw12eQWM/V0B1vbtTYqWI qzXPzpGrfYKb+2TIGaRKcA6H66fftpxbVGvACdzekCQ7p9EkNuinmmmy6UlQUuW0 4ro0ZXVYQtwd8QLx1+79ADOMleWnuZKm6G0hbh1JW+u7wj8NxDIcGdoVjuRpPHz0 NYYQ4w2NIaJ3arPmACXHmtHH0ehm+MG2uHF8FSyUJI+yjEKfcYrFNRNBvxxThHxd G7qsiHTupiTJJ6yceIUkzsNTjdbDLyo9Wc8er2jGK5+d1Xl7mOONn/zAqwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFF2U8OChXM8tAK/CKgiTw5wnIqZnMB8GA1UdIwQY MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt Y2YwYWEzZWNhZDI4LzEvWFpUdzRLRmN6eTBBcjhJcUNKUERuQ2NpcG1jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4 LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMawAAA MA0GCSqGSIb3DQEBCwUAA4IBAQAncIG5QqwB/dz/c49UdVFAQHtNbZjnqUKrZl2F /ppmKusr7U/xcs934EO71GPKlpUw6O9hsvhwQ/vlwWl1xQAncdHwXl073W81hzJg Y6RjdPYOTc4x/oKReFUPrwAqcExMmiOmOQh3mm4HpjQGeZRerUskX1IdoKkU9AIp lvWohiWRyCOhCwO8kWXvyXFTRa2VaEUxxY8WOO79DkDQ91fkcEKPbcGTCVJB7zcQ 9t50g/fF5yY4tnFlOUflTKt01xRCnXCnM92zgP3gs403/jwQLdkJyErCz2diWsrV 4bhwZeMxl4980nS7u5W3bCdFUdGq3f8nVbQgpBqm26kHb32x -----END CERTIFICATE-----Generated at Thu Feb 5 05:53:45 2026 by rpki-client