This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/xRZUDhx7ihJfUObQvwoPd_wjCIE.roa File: xRZUDhx7ihJfUObQvwoPd_wjCIE.roa (raw, json) Hash identifier: CaizEiyOxtBDcQtuUG7hvPJywCQ5SLbLXz2o0r0E2ec= Subject key identifier: C5:16:54:0E:1C:7B:8A:12:5F:50:E6:D0:BF:0A:0F:77:FC:23:08:81 Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02 Certificate serial: 019B7EA559FD9A3F4F62795E7872F02172B5 Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/xRZUDhx7ihJfUObQvwoPd_wjCIE.roa Signing time: Fri 02 Jan 2026 12:18:44 +0000 ROA not before: Fri 02 Jan 2026 12:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202827 IP address blocks: 2a10:4646:70::/48 maxlen: 48 2a13:89c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.mft rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 31 Jan 2026 15:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:59:fd:9a:3f:4f:62:79:5e:78:72:f0:21:72:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02 Validity Not Before: Jan 2 12:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c516540e1c7b8a125f50e6d0bf0a0f77fc230881 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:10:33:1f:53:40:59:e9:7d:36:f2:f9:90:ee: bd:1d:6a:10:c7:8c:1c:47:9a:0f:df:4c:33:a7:07: 41:53:2e:38:b1:53:d0:d2:d3:1e:a8:10:e8:2d:ed: af:3d:1d:01:24:c5:0f:62:de:ca:f1:86:ed:dd:bd: da:4c:ed:eb:17:75:a0:c5:38:3c:71:b9:3a:24:5c: 5e:cb:ef:17:fa:b7:b2:f5:8d:fb:7b:4b:60:1e:9a: 32:66:52:1a:b4:bb:97:1c:71:f9:44:df:7e:71:0a: 21:5d:96:cc:71:cd:6f:46:e5:9e:b8:df:62:07:73: b9:a5:e8:ab:5b:b6:31:70:aa:79:30:5c:eb:c7:e1: a9:06:5d:9b:8f:18:e9:fc:3c:59:07:83:7d:27:73: 74:24:c7:09:64:a0:b1:89:b9:96:20:d4:0c:ab:f6: 47:2e:47:d4:f5:b3:f1:2f:c4:0e:7f:62:0e:a9:e8: f0:8a:25:4e:5a:98:86:9c:5b:0e:c5:94:02:aa:9c: 0f:6e:d5:85:0d:5a:6c:af:71:33:33:d0:cd:a9:fe: ea:10:65:46:c3:e7:38:f0:6d:6b:ba:d4:55:01:00: 58:ad:7a:69:30:57:f6:1a:08:c8:75:cc:3d:c2:2b: cd:51:10:91:d0:a4:67:d7:64:44:ee:b7:41:c1:01: 48:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:16:54:0E:1C:7B:8A:12:5F:50:E6:D0:BF:0A:0F:77:FC:23:08:81 X509v3 Authority Key Identifier: keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/xRZUDhx7ihJfUObQvwoPd_wjCIE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:4646:70::/48 2a13:89c0::/32 Signature Algorithm: sha256WithRSAEncryption d1:9f:87:3b:c2:ef:b6:70:8a:d2:1d:d4:9b:0c:62:ed:f8:11: 5e:5d:4f:74:12:d3:84:e8:b8:ac:4a:be:7f:ed:40:5d:32:45: 5b:d5:0d:9a:9a:8c:c1:70:8b:77:83:2c:3f:90:b9:88:1c:53: f5:93:41:a7:95:e2:90:3e:85:0d:95:a1:30:0b:e4:ec:8d:53: 8e:da:b4:09:92:3a:7f:a6:29:d6:d2:d2:42:5c:cb:c1:1c:42: 0e:a3:1d:d2:f2:ed:78:b3:b4:ce:03:d1:99:85:44:78:c1:16: 08:ad:53:48:a5:7a:6a:6a:2b:00:21:6a:8b:51:c7:a5:1c:a3: 36:35:b5:2f:43:15:77:71:c3:05:44:b4:37:e6:9b:6c:6c:cc: d0:10:ce:41:98:f7:30:e8:10:7a:de:fd:f4:60:73:18:a7:03: 90:31:90:ae:bc:ce:fd:e4:22:2d:a9:f4:23:38:31:6e:64:8a: 14:bb:f6:59:66:4a:0a:42:cb:66:59:7d:24:7d:dd:d4:0e:03: 07:18:81:12:0e:3c:0d:85:76:41:56:90:eb:ac:3e:2b:3b:91: 05:1d:32:8d:79:79:eb:3e:5f:7b:ba:01:b0:87:09:37:b7:1a: 0b:05:76:6f:53:24:68:39:3a:ca:e4:28:ee:b0:96:79:f0:be: 86:ad:a6:3c -----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgISAZt+pVn9mj9PYnleeHLwIXK1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2 N2RmMDIwHhcNMjYwMTAyMTIxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNTE2NTQwZTFjN2I4YTEyNWY1MGU2ZDBiZjBhMGY3N2ZjMjMwODgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRAzH1NAWel9NvL5kO69HWoQx4wc R5oP30wzpwdBUy44sVPQ0tMeqBDoLe2vPR0BJMUPYt7K8Ybt3b3aTO3rF3WgxTg8 cbk6JFxey+8X+rey9Y37e0tgHpoyZlIatLuXHHH5RN9+cQohXZbMcc1vRuWeuN9i B3O5peirW7YxcKp5MFzrx+GpBl2bjxjp/DxZB4N9J3N0JMcJZKCxibmWINQMq/ZH LkfU9bPxL8QOf2IOqejwiiVOWpiGnFsOxZQCqpwPbtWFDVpsr3EzM9DNqf7qEGVG w+c48G1rutRVAQBYrXppMFf2GgjIdcw9wivNURCR0KRn12RE7rdBwQFIlQIDAQAB o4ICEzCCAg8wHQYDVR0OBBYEFMUWVA4ce4oSX1Dm0L8KD3f8IwiBMB8GA1UdIwQY MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt YWU5MjgzZTc5NjRlLzEveFJaVURoeDdpaEpmVU9iUXZ3b1BkX3dqQ0lFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAKhBGRgBw AwUAKhOJwDANBgkqhkiG9w0BAQsFAAOCAQEA0Z+HO8LvtnCK0h3Umwxi7fgRXl1P dBLThOi4rEq+f+1AXTJFW9UNmpqMwXCLd4MsP5C5iBxT9ZNBp5XikD6FDZWhMAvk 7I1Tjtq0CZI6f6Yp1tLSQlzLwRxCDqMd0vLteLO0zgPRmYVEeMEWCK1TSKV6amor ACFqi1HHpRyjNjW1L0MVd3HDBUS0N+abbGzM0BDOQZj3MOgQet799GBzGKcDkDGQ rrzO/eQiLan0IzgxbmSKFLv2WWZKCkLLZll9JH3d1A4DBxiBEg48DYV2QVaQ66w+ KzuRBR0yjXl56z5fe7oBsIcJN7caCwV2b1MkaDk6yuQo7rCWefC+hq2mPA== -----END CERTIFICATE-----Generated at Fri Jan 30 22:55:36 2026 by rpki-client