This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/8dffgbceyZZN2GD0DQntG3Z8fxU.roa File: 8dffgbceyZZN2GD0DQntG3Z8fxU.roa (raw, json) Hash identifier: 7MA6pNhMj3p3AaurB3f6qiL2uGgtlKFoFp4bhK94tNs= Subject key identifier: F1:D7:DF:81:B7:1E:C9:96:4D:D8:60:F4:0D:09:ED:1B:76:7C:7F:15 Certificate issuer: /CN=0e64f81b9e36b849917787678d014db4bfcef311 Certificate serial: 019B78A2A74F84D4631859DA988CD2D8F6D0 Authority key identifier: 0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/8dffgbceyZZN2GD0DQntG3Z8fxU.roa Signing time: Thu 01 Jan 2026 08:18:04 +0000 ROA not before: Thu 01 Jan 2026 08:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 4785 IP address blocks: 2a12:a300::/29 maxlen: 128 2a14:1f80::/29 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.mft rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 05:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:a7:4f:84:d4:63:18:59:da:98:8c:d2:d8:f6:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e64f81b9e36b849917787678d014db4bfcef311 Validity Not Before: Jan 1 08:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f1d7df81b71ec9964dd860f40d09ed1b767c7f15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:21:f8:20:90:de:33:b9:17:5f:b5:9f:3c:61: 47:b8:fe:d2:69:76:87:96:03:6e:10:95:54:6a:42: 7a:51:2b:22:53:29:70:79:6a:2e:3a:5c:26:39:ea: 22:9f:ae:c9:15:af:2c:e1:85:fd:ae:34:37:e3:2d: 81:39:f8:6d:48:8e:c6:e7:07:a6:87:7b:ae:fe:ac: ce:5b:59:ed:93:ca:bc:03:9e:95:b0:fb:91:87:95: a9:01:09:3a:d1:b5:00:16:6b:ad:05:0d:88:8d:72: a9:d6:16:52:5e:95:0b:a5:2f:a7:b5:bb:cd:c6:7c: 99:29:9f:05:15:39:5c:ff:ef:86:d9:67:b0:6f:d2: 0d:a7:65:67:bd:65:c4:1b:37:cf:e9:53:03:f0:d1: c4:a0:c0:1a:0a:f6:20:53:71:62:e3:a4:00:3d:27: b2:68:6f:c7:53:6d:8d:f7:aa:ec:3d:bd:c6:ab:c0: 3b:3c:9a:10:22:df:5e:fa:02:8e:af:bf:08:31:69: 4c:b9:82:09:1c:17:50:ef:7d:00:37:29:78:5f:ee: 2e:5e:a8:e0:f9:2d:17:52:27:5f:53:56:9d:2c:58: 41:95:7a:4d:4a:59:d1:a8:7f:43:09:63:e8:91:00: 8d:ad:79:42:f6:49:2d:6d:7e:1f:67:3f:f8:cb:ad: cd:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:D7:DF:81:B7:1E:C9:96:4D:D8:60:F4:0D:09:ED:1B:76:7C:7F:15 X509v3 Authority Key Identifier: keyid:0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/8dffgbceyZZN2GD0DQntG3Z8fxU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:a300::/29 2a14:1f80::/29 Signature Algorithm: sha256WithRSAEncryption 7c:16:b0:e5:b9:37:b3:c7:e6:64:d2:fa:1e:84:d2:42:6d:d8: 20:52:6c:e9:10:6d:87:0a:25:c7:3d:8f:0a:4d:26:04:38:a3: e4:82:8a:77:11:73:e3:e7:b3:9c:3f:72:0e:7c:fc:44:ba:4d: 5b:ab:b7:2e:15:ae:54:b3:c9:83:0f:01:4f:1a:1d:f7:36:f9: 3b:35:a1:10:c8:72:53:9c:73:9a:47:89:59:b7:5d:04:2b:83: 26:b6:39:3d:7e:7e:bf:f4:d7:ae:7e:a1:15:d1:6e:42:40:09: df:80:52:a0:86:bc:23:7e:53:c4:71:93:e6:2f:5e:8b:46:47: b2:01:2b:d8:e2:30:8d:d1:78:70:b3:4b:c7:26:af:ec:e7:09: 0c:db:ea:36:77:b4:04:77:d3:21:8f:9a:d9:a5:60:71:03:9f: 0e:2c:33:c2:87:9e:e8:22:eb:0a:ef:8e:fd:21:40:f7:ef:0f: e4:6f:90:1b:76:28:95:b3:25:fc:ff:e3:dd:09:91:95:2e:cf: 12:bf:a1:36:bb:5e:11:68:ff:94:3b:6c:d2:48:a1:39:af:dd: e1:cc:cb:d1:9a:de:d7:7a:23:4d:1b:27:33:52:c6:fc:6f:13: 9c:d9:db:2e:df:0a:c7:93:83:3f:8e:cc:c1:49:d0:de:b9:8f: 03:e0:6c:31 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt4oqdPhNRjGFnamIzS2PbQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlNjRmODFiOWUzNmI4NDk5MTc3ODc2NzhkMDE0ZGI0YmZj ZWYzMTEwHhcNMjYwMTAxMDgxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMWQ3ZGY4MWI3MWVjOTk2NGRkODYwZjQwZDA5ZWQxYjc2N2M3ZjE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSH4IJDeM7kXX7WfPGFHuP7SaXaH lgNuEJVUakJ6USsiUylweWouOlwmOeoin67JFa8s4YX9rjQ34y2BOfhtSI7G5wem h3uu/qzOW1ntk8q8A56VsPuRh5WpAQk60bUAFmutBQ2IjXKp1hZSXpULpS+ntbvN xnyZKZ8FFTlc/++G2Wewb9INp2VnvWXEGzfP6VMD8NHEoMAaCvYgU3Fi46QAPSey aG/HU22N96rsPb3Gq8A7PJoQIt9e+gKOr78IMWlMuYIJHBdQ730ANyl4X+4uXqjg +S0XUidfU1adLFhBlXpNSlnRqH9DCWPokQCNrXlC9kktbX4fZz/4y63NowIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFPHX34G3HsmWTdhg9A0J7Rt2fH8VMB8GA1UdIwQY MBaAFA5k+BueNrhJkXeHZ40BTbS/zvMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTct YzhmMTgyZTk1ZWE1LzEvOGRmZmdiY2V5WlpOMkdEMERRbnRHM1o4ZnhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTctYzhmMTgyZTk1ZWE1 LzEvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhKjAAMF AyoUH4AwDQYJKoZIhvcNAQELBQADggEBAHwWsOW5N7PH5mTS+h6E0kJt2CBSbOkQ bYcKJcc9jwpNJgQ4o+SCincRc+Pns5w/cg58/ES6TVurty4VrlSzyYMPAU8aHfc2 +Ts1oRDIclOcc5pHiVm3XQQrgya2OT1+fr/0165+oRXRbkJACd+AUqCGvCN+U8Rx k+YvXotGR7IBK9jiMI3ReHCzS8cmr+znCQzb6jZ3tAR30yGPmtmlYHEDnw4sM8KH nugi6wrvjv0hQPfvD+RvkBt2KJWzJfz/490JkZUuzxK/oTa7XhFo/5Q7bNJIoTmv 3eHMy9Ga3td6I00bJzNSxvxvE5zZ2y7fCseTgz+OzMFJ0N65jwPgbDE= -----END CERTIFICATE-----Generated at Wed Jan 21 13:49:22 2026 by rpki-client