This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/IPb5d35plrMJG2iIT309KL2lmj0.roa File: IPb5d35plrMJG2iIT309KL2lmj0.roa (raw, json) Hash identifier: KRvF/nchRUjNO7qEjTuRMT/eoA6wApPgVHaxY0nL3kc= Subject key identifier: 20:F6:F9:77:7E:69:96:B3:09:1B:68:88:4F:7D:3D:28:BD:A5:9A:3D Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f Certificate serial: 019B7C12BC46448DC1CB4B03E69DABDE5193 Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/IPb5d35plrMJG2iIT309KL2lmj0.roa Signing time: Fri 02 Jan 2026 00:19:21 +0000 ROA not before: Fri 02 Jan 2026 00:19:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211604 IP address blocks: 2a0a:280:1200::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.mft rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 12:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:bc:46:44:8d:c1:cb:4b:03:e6:9d:ab:de:51:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f Validity Not Before: Jan 2 00:19:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=20f6f9777e6996b3091b68884f7d3d28bda59a3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:44:ff:6e:23:10:6c:54:d8:8c:d4:2c:6e:1b: 8c:da:fe:7d:f3:aa:e0:94:07:02:8e:d5:72:11:81: b6:d4:01:c4:fd:67:da:da:6f:69:b7:8d:77:a6:68: 91:7a:c7:c9:9a:41:98:48:91:e7:40:48:f0:67:f4: 36:a9:2b:e5:e9:3c:ff:4c:88:8a:30:68:98:a1:62: 0b:2f:c6:63:9b:19:3e:a2:67:5e:73:57:57:c3:0e: 61:fe:cb:5b:f3:0e:ee:53:c3:bb:05:ee:ae:23:07: 89:2f:7c:a7:a6:af:5b:c6:24:fc:f5:ae:b0:b8:58: 7c:fe:ab:bc:d2:a9:8d:58:ed:23:87:d6:be:ce:ce: 79:e2:16:84:c4:39:89:03:a2:f9:07:41:63:18:a8: d2:62:14:46:3e:4a:30:0e:e4:e1:a7:a9:a4:89:14: 4e:0e:d5:4e:7c:e6:7a:38:c2:15:31:23:7d:58:c9: c9:39:0a:cd:f6:bd:b4:30:17:7f:35:f1:1c:da:ac: fe:94:ed:4e:0a:e2:55:dc:ec:05:21:53:cb:b7:4a: a4:d8:a8:fd:83:05:0f:70:f1:03:88:0c:c6:52:d2: cb:46:5f:45:e1:5c:b3:20:d6:45:d6:48:2c:30:d2: a9:ae:90:92:c7:bf:62:08:00:35:f4:12:e3:f8:64: 6b:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:F6:F9:77:7E:69:96:B3:09:1B:68:88:4F:7D:3D:28:BD:A5:9A:3D X509v3 Authority Key Identifier: keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/IPb5d35plrMJG2iIT309KL2lmj0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:280:1200::/40 Signature Algorithm: sha256WithRSAEncryption 58:a0:29:ee:3e:5e:5b:c2:22:c3:2b:96:38:2a:ea:71:9b:24: d0:cd:8f:7f:16:a8:db:4c:ff:b2:57:7e:4d:db:a0:31:6a:82: 5f:47:e6:01:a2:1e:75:09:39:91:c9:c3:b1:35:0d:24:e1:87: 22:eb:c4:4f:43:ea:52:29:a2:20:01:59:c0:91:7a:33:58:59: da:75:10:3a:47:db:d2:b8:60:6e:a1:a7:5b:b2:35:40:48:7d: a6:60:4f:e7:42:f9:5a:e5:e8:7f:4b:48:e2:39:93:1f:86:96: 26:51:01:8d:07:ef:2a:e1:46:84:08:72:fb:5e:8b:7f:9d:df: f3:f1:de:26:24:81:10:cc:79:4b:d7:9e:82:bc:b2:10:cb:1c: 00:03:f0:af:29:66:9f:2b:5d:c1:13:79:cb:f3:a8:0c:b4:e5: 8b:e3:be:88:8e:cd:e5:04:1d:83:4e:ac:93:ac:73:ea:9c:3c: c7:d6:a1:a0:61:86:4e:c3:aa:8a:6d:fd:5b:bc:5d:47:0d:06: 7f:5a:a0:87:97:d6:91:a7:03:33:5a:23:dc:55:3c:21:f4:79: 91:be:fd:9e:e1:71:bb:34:c4:76:fa:40:f5:6c:16:5f:93:c8: e0:fc:b6:a7:e1:7c:01:1a:4d:3f:4f:ac:c0:be:5a:1b:98:39: e0:32:aa:ec -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt8ErxGRI3By0sD5p2r3lGTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi MzM2OWYwHhcNMjYwMTAyMDAxOTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMGY2Zjk3NzdlNjk5NmIzMDkxYjY4ODg0ZjdkM2QyOGJkYTU5YTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUT/biMQbFTYjNQsbhuM2v5986rg lAcCjtVyEYG21AHE/Wfa2m9pt413pmiResfJmkGYSJHnQEjwZ/Q2qSvl6Tz/TIiK MGiYoWILL8Zjmxk+omdec1dXww5h/stb8w7uU8O7Be6uIweJL3ynpq9bxiT89a6w uFh8/qu80qmNWO0jh9a+zs554haExDmJA6L5B0FjGKjSYhRGPkowDuThp6mkiRRO DtVOfOZ6OMIVMSN9WMnJOQrN9r20MBd/NfEc2qz+lO1OCuJV3OwFIVPLt0qk2Kj9 gwUPcPEDiAzGUtLLRl9F4VyzINZF1kgsMNKprpCSx79iCAA19BLj+GRrkQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFCD2+Xd+aZazCRtoiE99PSi9pZo9MB8GA1UdIwQY MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt ZjUxYzVmYjNkZjlhLzEvSVBiNWQzNXBsck1KRzJpSVQzMDlLTDJsbWowLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBIw DQYJKoZIhvcNAQELBQADggEBAFigKe4+XlvCIsMrljgq6nGbJNDNj38WqNtM/7JX fk3boDFqgl9H5gGiHnUJOZHJw7E1DSThhyLrxE9D6lIpoiABWcCRejNYWdp1EDpH 29K4YG6hp1uyNUBIfaZgT+dC+Vrl6H9LSOI5kx+GliZRAY0H7yrhRoQIcvtei3+d 3/Px3iYkgRDMeUvXnoK8shDLHAAD8K8pZp8rXcETecvzqAy05YvjvoiOzeUEHYNO rJOsc+qcPMfWoaBhhk7Dqopt/Vu8XUcNBn9aoIeX1pGnAzNaI9xVPCH0eZG+/Z7h cbs0xHb6QPVsFl+TyOD8tqfhfAEaTT9PrMC+WhuYOeAyquw= -----END CERTIFICATE-----Generated at Wed Jan 21 17:31:45 2026 by rpki-client