This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/od0bdlBQ3sobnN1hyfexb3wY_FQ.roa File: od0bdlBQ3sobnN1hyfexb3wY_FQ.roa (raw, json) Hash identifier: rta50g9TtlemjZDdridMdL4fMYg6RQHlD53VDbgNNIw= Subject key identifier: A1:DD:1B:76:50:50:DE:CA:1B:9C:DD:61:C9:F7:B1:6F:7C:18:FC:54 Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034 Certificate serial: 019B7F82BD0EB6B2EC31D77DB7FD19D30269 Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/od0bdlBQ3sobnN1hyfexb3wY_FQ.roa Signing time: Fri 02 Jan 2026 16:20:33 +0000 ROA not before: Fri 02 Jan 2026 16:20:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44024 IP address blocks: 2a0b:b83:b8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 07:01:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:bd:0e:b6:b2:ec:31:d7:7d:b7:fd:19:d3:02:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034 Validity Not Before: Jan 2 16:20:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a1dd1b765050deca1b9cdd61c9f7b16f7c18fc54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:5b:34:e6:43:d6:80:8b:aa:48:4d:39:c8:d3: 67:bb:c2:7d:8e:fb:9b:47:6c:00:df:2c:e2:45:6d: b0:3e:1a:b4:82:8b:8f:aa:42:9b:19:9b:b3:67:09: 3f:a0:f6:b9:04:38:8d:94:07:9b:5d:3f:08:62:1e: f5:73:db:f0:3d:87:60:ea:38:a6:10:f7:b8:9f:be: be:96:f7:4f:a9:76:9b:62:b4:36:8b:00:c9:97:51: 8c:29:87:54:c6:e7:5d:73:59:67:b7:91:5e:13:10: 7a:1e:14:67:43:c8:55:80:dd:63:6b:07:5c:7e:62: cf:5b:49:a3:6d:b5:c6:c8:25:71:9f:bf:a7:58:52: 5a:50:5a:20:09:6b:26:1b:6b:be:6b:d7:e1:a8:da: 10:c1:90:5f:bc:7c:d2:ae:cd:b6:72:e8:bc:dc:45: f6:7e:0e:6a:3e:5c:0d:c1:ee:56:4a:f7:87:5f:c2: f1:b8:9e:42:15:ff:9d:7d:86:54:e4:b9:4d:88:df: 2c:a4:28:b3:11:5a:23:52:e1:3d:9f:ba:aa:4a:91: e2:98:f6:2f:d4:e6:8b:46:10:56:a3:0c:62:dc:42: 81:34:26:12:55:15:0b:f8:5b:f8:a0:24:3f:0e:a4: 97:d4:92:b3:d2:11:d9:ec:a9:41:1b:c2:6e:c8:04: a0:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:DD:1B:76:50:50:DE:CA:1B:9C:DD:61:C9:F7:B1:6F:7C:18:FC:54 X509v3 Authority Key Identifier: keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/od0bdlBQ3sobnN1hyfexb3wY_FQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:b83:b8::/48 Signature Algorithm: sha256WithRSAEncryption aa:53:01:75:58:61:48:b7:b9:cb:9c:a8:1d:28:d4:7f:ec:fe: 55:fd:4a:32:9a:94:5e:d9:fb:d2:c2:8a:b7:e4:9d:fe:57:f9: 1c:44:bc:5c:c2:5b:81:4f:4f:75:d8:51:f8:fe:c7:06:0f:ad: da:e8:29:c3:66:b2:5c:b6:1a:2c:cf:d7:5e:0e:0e:ec:ca:7a: e7:35:50:90:82:d9:32:aa:9e:13:30:4c:4a:96:1a:99:c9:70: 01:c7:e8:1b:aa:a4:34:f6:4f:dc:2a:c1:24:7d:36:2a:2f:36: e9:e0:e3:fc:e0:62:8f:0f:af:8e:a1:f8:3e:f2:00:ac:89:36: 8c:24:e0:02:0c:c5:e9:01:8e:19:8a:20:d5:b0:a4:8c:5a:cd: 70:de:ea:47:8d:43:66:a1:5b:32:6f:54:20:35:9f:53:c5:4f: e3:74:08:50:c0:61:04:f3:36:d2:1b:a0:4b:48:a5:86:41:9d: ef:c6:38:47:d1:9f:60:01:ce:6e:48:99:fb:a3:c9:47:22:38: b3:0a:a4:3d:32:5a:3f:4b:74:4b:6b:29:00:ac:8e:e9:fc:73: 57:e7:b4:db:95:09:3a:12:5d:cf:5c:ea:68:4a:e3:9b:2e:3e: 1d:b5:fa:f1:e8:6e:29:62:78:85:1f:30:27:ce:ca:e5:6e:22: 02:c1:96:57 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/gr0OtrLsMdd9t/0Z0wJpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz YjUwMzQwHhcNMjYwMTAyMTYyMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMWRkMWI3NjUwNTBkZWNhMWI5Y2RkNjFjOWY3YjE2ZjdjMThmYzU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1s05kPWgIuqSE05yNNnu8J9jvub R2wA3yziRW2wPhq0gouPqkKbGZuzZwk/oPa5BDiNlAebXT8IYh71c9vwPYdg6jim EPe4n76+lvdPqXabYrQ2iwDJl1GMKYdUxuddc1lnt5FeExB6HhRnQ8hVgN1jawdc fmLPW0mjbbXGyCVxn7+nWFJaUFogCWsmG2u+a9fhqNoQwZBfvHzSrs22cui83EX2 fg5qPlwNwe5WSveHX8LxuJ5CFf+dfYZU5LlNiN8spCizEVojUuE9n7qqSpHimPYv 1OaLRhBWowxi3EKBNCYSVRUL+Fv4oCQ/DqSX1JKz0hHZ7KlBG8JuyASgyQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFKHdG3ZQUN7KG5zdYcn3sW98GPxUMB8GA1UdIwQY MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It Mzk0YWNkMjFmMzliLzEvb2QwYmRsQlEzc29ibk4xaHlmZXhiM3dZX0ZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLgwC4 MA0GCSqGSIb3DQEBCwUAA4IBAQCqUwF1WGFIt7nLnKgdKNR/7P5V/UoympRe2fvS woq35J3+V/kcRLxcwluBT0912FH4/scGD63a6CnDZrJcthosz9deDg7synrnNVCQ gtkyqp4TMExKlhqZyXABx+gbqqQ09k/cKsEkfTYqLzbp4OP84GKPD6+Oofg+8gCs iTaMJOACDMXpAY4ZiiDVsKSMWs1w3upHjUNmoVsyb1QgNZ9TxU/jdAhQwGEE8zbS G6BLSKWGQZ3vxjhH0Z9gAc5uSJn7o8lHIjizCqQ9Mlo/S3RLaykArI7p/HNX57Tb lQk6El3PXOpoSuObLj4dtfrx6G4pYniFHzAnzsrlbiICwZZX -----END CERTIFICATE-----Generated at Tue Jan 20 15:19:01 2026 by rpki-client