This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/36cd40-9081-40e6-97c7-1620cfdc7117/1/5kqLZgQxvPjZ3-R1JIK5dfgcysw.roa File: 5kqLZgQxvPjZ3-R1JIK5dfgcysw.roa (raw, json) Hash identifier: lJZUCOq4a1uyWOYuADdFBX3wVMiqs3oDIl7Z99UtsuA= Subject key identifier: E6:4A:8B:66:04:31:BC:F8:D9:DF:E4:75:24:82:B9:75:F8:1C:CA:CC Certificate issuer: /CN=bc2613e0f26d3907f096340be050c201d358d6d5 Certificate serial: 019ACF1541B56EF3F821D0900694CF651638 Authority key identifier: BC:26:13:E0:F2:6D:39:07:F0:96:34:0B:E0:50:C2:01:D3:58:D6:D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vCYT4PJtOQfwljQL4FDCAdNY1tU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/36cd40-9081-40e6-97c7-1620cfdc7117/1/5kqLZgQxvPjZ3-R1JIK5dfgcysw.roa Signing time: Sat 29 Nov 2025 10:07:48 +0000 ROA not before: Sat 29 Nov 2025 10:07:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 213904 IP address blocks: 2a0b:bb00::/29 maxlen: 32 2a0b:bb00::/32 maxlen: 32 2a0b:bb01::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/36cd40-9081-40e6-97c7-1620cfdc7117/1/vCYT4PJtOQfwljQL4FDCAdNY1tU.crl rsync://rpki.ripe.net/repository/DEFAULT/22/36cd40-9081-40e6-97c7-1620cfdc7117/1/vCYT4PJtOQfwljQL4FDCAdNY1tU.mft rsync://rpki.ripe.net/repository/DEFAULT/vCYT4PJtOQfwljQL4FDCAdNY1tU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 13:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:cf:15:41:b5:6e:f3:f8:21:d0:90:06:94:cf:65:16:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bc2613e0f26d3907f096340be050c201d358d6d5 Validity Not Before: Nov 29 10:07:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=e64a8b660431bcf8d9dfe4752482b975f81ccacc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:ce:3b:8f:a5:d9:8e:ed:2c:2c:0d:50:b3:ee: 08:2a:3f:33:95:77:e1:72:db:a2:6d:9d:20:57:e8: b7:6a:5e:1e:7e:03:94:fb:b6:54:93:03:9b:a9:d3: ab:c0:63:57:9e:8c:81:27:cc:a5:47:4f:14:ec:32: a1:1e:66:f6:8b:92:91:7c:27:ed:a0:6a:47:15:c0: b6:47:3f:af:98:d8:b0:f1:3d:08:7e:af:5e:c8:b1: a8:22:7f:98:24:56:e8:0d:62:b4:36:f7:03:8e:41: 48:7b:8c:e4:a5:e1:be:60:54:81:af:5e:27:3d:d1: 1e:66:b5:c3:97:73:32:a6:1d:f4:d1:ee:73:de:56: 71:f0:55:b3:21:7d:7a:a7:82:88:0f:f5:06:73:57: 65:ed:44:b3:1e:53:47:19:b1:fd:5f:1a:d0:83:f4: e9:e0:73:6f:09:15:ca:dc:0f:d9:9c:a2:8b:55:74: 73:e1:6f:63:a1:e4:4f:97:63:14:5e:3a:d4:2c:a2: d5:9e:87:8a:02:46:01:e2:0d:da:f3:70:6a:83:6e: b6:d1:69:b5:14:ef:26:f1:6f:4e:ef:5d:8e:e4:5e: 56:de:a9:96:2a:9e:85:aa:3b:2c:cb:88:e9:45:05: d8:07:fe:aa:f6:0b:38:d7:78:44:09:0c:32:7f:6b: c9:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:4A:8B:66:04:31:BC:F8:D9:DF:E4:75:24:82:B9:75:F8:1C:CA:CC X509v3 Authority Key Identifier: keyid:BC:26:13:E0:F2:6D:39:07:F0:96:34:0B:E0:50:C2:01:D3:58:D6:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vCYT4PJtOQfwljQL4FDCAdNY1tU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/36cd40-9081-40e6-97c7-1620cfdc7117/1/5kqLZgQxvPjZ3-R1JIK5dfgcysw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/36cd40-9081-40e6-97c7-1620cfdc7117/1/vCYT4PJtOQfwljQL4FDCAdNY1tU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:bb00::/29 Signature Algorithm: sha256WithRSAEncryption 2a:0c:64:d5:f2:95:c3:52:a4:18:bd:a2:a6:35:31:ab:51:58: 22:65:94:26:0c:5a:d1:18:69:f0:ec:eb:ec:1c:f4:1d:cb:eb: 58:40:61:bf:ee:1a:4e:1a:cd:65:6a:54:fe:88:73:e2:f7:68: 75:1e:d8:eb:d5:25:cb:6d:e2:df:33:59:c5:58:d3:25:f8:2a: fd:77:ee:39:75:1b:29:95:ca:e1:fa:6c:de:fe:f8:14:c4:4d: 6d:a8:a9:67:e9:38:cc:00:b8:d2:39:30:b0:6f:53:72:49:68: 2e:ca:b3:5e:5d:69:d8:d8:38:a4:f2:a9:fc:42:50:2c:c2:8a: ab:1a:b6:86:cc:91:10:99:ed:10:bc:23:f8:7e:6e:c2:d5:01: 78:74:3d:f6:ca:b6:80:9c:6a:8b:02:a1:e4:44:d9:46:42:b8: 79:79:56:19:29:b1:7c:00:63:2b:40:3c:b5:05:39:c3:ff:6b: 1f:12:d5:2d:a8:98:66:f6:ca:94:d7:cc:4d:5a:0b:80:a8:74: 20:d0:45:f1:3e:75:91:a3:8d:45:d5:8f:ca:27:42:c8:32:4b: ea:46:f0:d8:62:2f:1b:15:d7:66:7e:7b:21:c5:c6:0d:c4:2a: 00:51:94:6c:a7:fb:08:71:14:d5:f8:39:dd:91:25:14:8a:72: 16:fd:ad:38 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZrPFUG1bvP4IdCQBpTPZRY4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjMjYxM2UwZjI2ZDM5MDdmMDk2MzQwYmUwNTBjMjAxZDM1 OGQ2ZDUwHhcNMjUxMTI5MTAwNzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNjRhOGI2NjA0MzFiY2Y4ZDlkZmU0NzUyNDgyYjk3NWY4MWNjYWNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3c47j6XZju0sLA1Qs+4IKj8zlXfh ctuibZ0gV+i3al4efgOU+7ZUkwObqdOrwGNXnoyBJ8ylR08U7DKhHmb2i5KRfCft oGpHFcC2Rz+vmNiw8T0Ifq9eyLGoIn+YJFboDWK0NvcDjkFIe4zkpeG+YFSBr14n PdEeZrXDl3Myph300e5z3lZx8FWzIX16p4KID/UGc1dl7USzHlNHGbH9XxrQg/Tp 4HNvCRXK3A/ZnKKLVXRz4W9joeRPl2MUXjrULKLVnoeKAkYB4g3a83Bqg2620Wm1 FO8m8W9O712O5F5W3qmWKp6Fqjssy4jpRQXYB/6q9gs413hECQwyf2vJrwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFOZKi2YEMbz42d/kdSSCuXX4HMrMMB8GA1UdIwQY MBaAFLwmE+DybTkH8JY0C+BQwgHTWNbVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdkNZVDRQSnRPUWZ3bGpRTDRGRENBZE5ZMXRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zNmNkNDAtOTA4MS00MGU2LTk3Yzct MTYyMGNmZGM3MTE3LzEvNWtxTFpnUXh2UGpaMy1SMUpJSzVkZmdjeXN3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi8zNmNkNDAtOTA4MS00MGU2LTk3YzctMTYyMGNmZGM3MTE3 LzEvdkNZVDRQSnRPUWZ3bGpRTDRGRENBZE5ZMXRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgu7ADAN BgkqhkiG9w0BAQsFAAOCAQEAKgxk1fKVw1KkGL2ipjUxq1FYImWUJgxa0Rhp8Ozr 7Bz0HcvrWEBhv+4aThrNZWpU/ohz4vdodR7Y69Uly23i3zNZxVjTJfgq/XfuOXUb KZXK4fps3v74FMRNbaipZ+k4zAC40jkwsG9TckloLsqzXl1p2Ng4pPKp/EJQLMKK qxq2hsyREJntELwj+H5uwtUBeHQ99sq2gJxqiwKh5ETZRkK4eXlWGSmxfABjK0A8 tQU5w/9rHxLVLaiYZvbKlNfMTVoLgKh0INBF8T51kaONRdWPyidCyDJL6kbw2GIv GxXXZn57IcXGDcQqAFGUbKf7CHEU1fg53ZElFIpyFv2tOA== -----END CERTIFICATE-----Generated at Mon Dec 15 19:27:51 2025 by rpki-client