This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/cxZr5WeEEoSi7bJFnkDYNQkLsRI.roa File: cxZr5WeEEoSi7bJFnkDYNQkLsRI.roa (raw, json) Hash identifier: ohg/2w/+ciG+gSkKwemx/D24YI9eJ3bhnC/JUnNespU= Subject key identifier: 73:16:6B:E5:67:84:12:84:A2:ED:B2:45:9E:40:D8:35:09:0B:B1:12 Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8 Certificate serial: 019B77C72E36F1C84740E49638F514FC3549 Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/cxZr5WeEEoSi7bJFnkDYNQkLsRI.roa Signing time: Thu 01 Jan 2026 04:18:20 +0000 ROA not before: Thu 01 Jan 2026 04:18:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200081 IP address blocks: 2a0e:4006::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:2e:36:f1:c8:47:40:e4:96:38:f5:14:fc:35:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8 Validity Not Before: Jan 1 04:18:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=73166be567841284a2edb2459e40d835090bb112 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:86:8c:8b:7b:a1:da:7f:d0:00:be:7a:9a:aa: 27:33:00:b6:b6:b3:a4:22:11:06:8d:db:58:89:96: a5:76:db:82:86:30:fb:fc:17:ed:80:1d:f3:66:6f: 33:0f:f5:aa:46:8c:54:29:fc:7e:6b:d3:e3:67:ad: 1d:36:c1:27:1e:9d:4f:18:3e:19:45:30:29:ae:3b: fd:db:0e:29:91:92:71:99:9d:6e:11:a0:a5:dd:75: de:00:88:18:60:ac:66:58:b2:f7:d8:52:d3:9e:4d: 1b:fd:d8:3d:10:5c:e3:1f:6b:9e:52:29:8e:8e:65: c0:78:e1:4e:6c:63:ca:aa:62:df:e0:6e:3f:7c:9b: 9a:ed:cd:57:e8:5c:df:3b:e8:e2:b2:96:63:30:1f: 19:df:8e:09:7d:46:f4:10:ab:e0:16:3f:25:f4:15: dd:75:d9:92:c2:e0:b8:bc:ca:fc:e1:c2:9a:e9:ef: 93:69:e2:33:8f:c3:33:a8:97:26:03:67:00:96:78: 92:22:8a:a6:8f:5f:52:03:08:2a:16:fc:d5:f2:5e: a9:15:d2:0f:c1:ec:11:24:e5:5b:3d:85:03:90:63: e9:31:44:00:22:a5:63:3c:02:cc:40:ae:a0:55:b9: 94:a3:dd:08:bf:01:60:87:3e:bc:46:eb:87:6e:d9: a1:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:16:6B:E5:67:84:12:84:A2:ED:B2:45:9E:40:D8:35:09:0B:B1:12 X509v3 Authority Key Identifier: keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/cxZr5WeEEoSi7bJFnkDYNQkLsRI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:4006::/32 Signature Algorithm: sha256WithRSAEncryption 99:2e:50:76:af:d1:21:ea:66:f7:2b:95:d4:ee:99:a1:12:b5: 94:9f:65:e4:d4:de:a3:1a:04:8a:67:28:b8:90:b6:87:17:05: e8:1b:c8:23:01:50:5d:50:50:53:7e:75:a1:24:aa:25:d7:37: c0:0f:71:c5:92:7d:9a:0f:ed:31:58:77:bc:4f:58:b5:6f:68: ee:f8:1c:88:4f:2d:76:75:a3:8a:7a:09:e9:4f:3a:9f:99:9d: 06:f5:b8:a4:54:42:0d:a9:25:24:a2:11:18:b8:20:58:de:d3: e8:34:95:c6:62:16:1a:b8:fb:eb:12:63:19:e7:cf:b3:72:83: bd:82:43:76:85:c8:d6:d9:46:8c:93:2a:54:79:af:80:a5:2b: 74:01:0a:f8:c7:39:f3:48:1f:19:a3:ad:59:f9:3f:c8:75:3e: bc:6a:6a:78:3b:6d:b8:ec:66:b0:4f:d3:1c:69:0b:76:fe:ab: 2a:49:34:4d:97:0f:c2:dc:6e:9a:2b:de:3d:62:26:eb:41:7d: 14:9a:b5:a0:57:e5:08:cd:6e:27:23:da:6a:d4:2b:13:2e:d2: 6d:c5:0c:40:44:f9:f1:e7:f5:e5:58:d2:e1:43:65:fb:b5:ce: c6:51:ee:bd:5b:8e:a2:0f:01:d7:e7:25:2c:74:d1:db:4e:38: 6f:d3:2f:4b -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt3xy428chHQOSWOPUU/DVJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl OTU5ZDgwHhcNMjYwMTAxMDQxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MzE2NmJlNTY3ODQxMjg0YTJlZGIyNDU5ZTQwZDgzNTA5MGJiMTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoaMi3uh2n/QAL56mqonMwC2trOk IhEGjdtYiZaldtuChjD7/BftgB3zZm8zD/WqRoxUKfx+a9PjZ60dNsEnHp1PGD4Z RTAprjv92w4pkZJxmZ1uEaCl3XXeAIgYYKxmWLL32FLTnk0b/dg9EFzjH2ueUimO jmXAeOFObGPKqmLf4G4/fJua7c1X6FzfO+jispZjMB8Z344JfUb0EKvgFj8l9BXd ddmSwuC4vMr84cKa6e+TaeIzj8MzqJcmA2cAlniSIoqmj19SAwgqFvzV8l6pFdIP wewRJOVbPYUDkGPpMUQAIqVjPALMQK6gVbmUo90IvwFghz68RuuHbtmhXQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFHMWa+VnhBKEou2yRZ5A2DUJC7ESMB8GA1UdIwQY MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt NGJkNjNhZGM3MzU0LzEvY3hacjVXZUVFb1NpN2JKRm5rRFlOUWtMc1JJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0 LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5ABjAN BgkqhkiG9w0BAQsFAAOCAQEAmS5Qdq/RIepm9yuV1O6ZoRK1lJ9l5NTeoxoEimco uJC2hxcF6BvIIwFQXVBQU351oSSqJdc3wA9xxZJ9mg/tMVh3vE9YtW9o7vgciE8t dnWjinoJ6U86n5mdBvW4pFRCDaklJKIRGLggWN7T6DSVxmIWGrj76xJjGefPs3KD vYJDdoXI1tlGjJMqVHmvgKUrdAEK+Mc580gfGaOtWfk/yHU+vGpqeDttuOxmsE/T HGkLdv6rKkk0TZcPwtxumivePWIm60F9FJq1oFflCM1uJyPaatQrEy7SbcUMQET5 8ef15VjS4UNl+7XOxlHuvVuOog8B1+clLHTR2044b9MvSw== -----END CERTIFICATE-----Generated at Wed Jan 21 06:46:59 2026 by rpki-client