This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/0PPbfmrSWqp7ys4h3O-UCipvp6k.roa File: 0PPbfmrSWqp7ys4h3O-UCipvp6k.roa (raw, json) Hash identifier: bZhqBB8M0aQuJFXwOjkIpKWxx+QZg6kD5m+J3nxztvk= Subject key identifier: D0:F3:DB:7E:6A:D2:5A:AA:7B:CA:CE:21:DC:EF:94:0A:2A:6F:A7:A9 Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058 Certificate serial: 019B8EBE113BC00E412981BD5A4BE9F20829 Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/0PPbfmrSWqp7ys4h3O-UCipvp6k.roa Signing time: Mon 05 Jan 2026 15:19:39 +0000 ROA not before: Mon 05 Jan 2026 15:19:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215080 IP address blocks: 2a0c:b641:8c0::/44 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8e:be:11:3b:c0:0e:41:29:81:bd:5a:4b:e9:f2:08:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05976801363d375786152e4d061e75c8beb35058 Validity Not Before: Jan 5 15:19:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d0f3db7e6ad25aaa7bcace21dcef940a2a6fa7a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ef:91:ea:e5:e7:29:ad:61:83:f5:fc:e1:56: 91:d0:37:27:d0:16:79:86:1c:7d:af:ad:c9:a4:fa: 09:09:f8:ba:d1:0b:81:1d:3b:8c:46:eb:52:97:19: 43:17:e2:03:43:ba:30:f0:72:0e:ff:ad:39:ab:c9: f6:c9:29:7a:77:fb:34:db:b0:96:cf:ba:fe:cf:88: d6:b7:b1:5e:5f:a7:4f:ee:1c:c0:c3:f5:b5:8a:37: c9:7b:87:48:13:90:36:3b:e6:4b:b5:56:05:17:77: 87:94:4f:d7:f0:5d:6c:7c:05:5f:ef:08:2c:f3:d3: 4f:e6:7d:84:44:39:1d:f2:ab:ee:aa:c1:7e:f3:10: 33:b3:a0:09:83:48:6a:b4:29:9c:f6:da:f3:37:e7: c6:64:10:55:d8:9d:62:86:3e:56:29:ec:9c:56:04: 38:4d:3d:2c:89:bc:f6:25:5c:f7:8f:83:3a:b0:31: 5c:f4:74:d6:0f:bb:b5:7c:22:7c:27:ac:e5:dd:1b: e2:60:9b:2e:4e:79:14:04:b7:3d:08:84:fb:40:af: b6:20:f3:38:f1:84:72:3a:a2:a5:fb:13:12:78:c7: 81:f7:32:74:2c:ab:7d:ed:21:ea:48:24:2a:05:3b: a2:db:1c:08:7c:3d:51:63:88:93:f7:35:16:7e:7a: 88:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:F3:DB:7E:6A:D2:5A:AA:7B:CA:CE:21:DC:EF:94:0A:2A:6F:A7:A9 X509v3 Authority Key Identifier: keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/0PPbfmrSWqp7ys4h3O-UCipvp6k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:b641:8c0::/44 Signature Algorithm: sha256WithRSAEncryption 84:61:81:d4:cf:52:1f:19:3a:c9:95:65:d6:47:68:4c:5f:bb: b0:01:25:e7:44:da:ff:cd:26:bc:fe:0d:48:bd:9b:1b:da:06: 62:ca:c5:6e:c5:91:46:73:4d:17:40:3a:e4:b4:77:c4:a4:d0: 90:56:fc:fd:ba:78:b8:20:33:24:35:6e:0b:db:02:6e:6d:67: 73:b7:3e:1c:d6:47:82:41:17:60:ba:05:ed:74:3c:65:b0:d1: f5:65:a3:ca:77:cf:f4:48:95:89:81:7b:7d:48:bc:b0:8e:3c: 5f:96:1a:46:08:50:0f:d7:36:88:ce:cf:6e:18:2a:64:f6:4c: 5d:a2:df:7f:87:7f:2b:93:1d:a8:3a:b3:8e:c6:02:96:a6:70: 9d:24:e7:c9:e2:08:4e:f3:48:ed:d2:ed:9b:ae:9f:b6:f4:1b: d5:d6:4a:e1:5e:83:05:82:7a:9b:29:8a:08:5d:c5:77:d5:38: d7:59:26:c1:a6:3f:a9:cb:c4:80:f6:89:07:f4:8e:6f:db:9f: 05:1d:4d:96:c5:97:8a:e9:97:9b:d2:35:34:9e:7b:58:df:1f: bb:fa:0d:47:ac:03:e1:14:07:c4:be:bb:e0:e5:31:fb:17:99: fa:20:c9:2b:65:e6:60:d3:cd:a9:1d:5c:f9:df:0f:7b:ee:22: 26:62:01:46 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZuOvhE7wA5BKYG9Wkvp8ggpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi MzUwNTgwHhcNMjYwMTA1MTUxOTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMGYzZGI3ZTZhZDI1YWFhN2JjYWNlMjFkY2VmOTQwYTJhNmZhN2E5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru+R6uXnKa1hg/X84VaR0Dcn0BZ5 hhx9r63JpPoJCfi60QuBHTuMRutSlxlDF+IDQ7ow8HIO/605q8n2ySl6d/s027CW z7r+z4jWt7FeX6dP7hzAw/W1ijfJe4dIE5A2O+ZLtVYFF3eHlE/X8F1sfAVf7wgs 89NP5n2ERDkd8qvuqsF+8xAzs6AJg0hqtCmc9trzN+fGZBBV2J1ihj5WKeycVgQ4 TT0sibz2JVz3j4M6sDFc9HTWD7u1fCJ8J6zl3RviYJsuTnkUBLc9CIT7QK+2IPM4 8YRyOqKl+xMSeMeB9zJ0LKt97SHqSCQqBTui2xwIfD1RY4iT9zUWfnqITwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFNDz235q0lqqe8rOIdzvlAoqb6epMB8GA1UdIwQY MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et NWVjOGM4ZWQ2MGZkLzEvMFBQYmZtclNXcXA3eXM0aDNPLVVDaXB2cDZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQjA MA0GCSqGSIb3DQEBCwUAA4IBAQCEYYHUz1IfGTrJlWXWR2hMX7uwASXnRNr/zSa8 /g1IvZsb2gZiysVuxZFGc00XQDrktHfEpNCQVvz9uni4IDMkNW4L2wJubWdztz4c 1keCQRdgugXtdDxlsNH1ZaPKd8/0SJWJgXt9SLywjjxflhpGCFAP1zaIzs9uGCpk 9kxdot9/h38rkx2oOrOOxgKWpnCdJOfJ4ghO80jt0u2brp+29BvV1krhXoMFgnqb KYoIXcV31TjXWSbBpj+py8SA9okH9I5v258FHU2WxZeK6Zeb0jU0nntY3x+7+g1H rAPhFAfEvrvg5TH7F5n6IMkrZeZg082pHVz53w977iImYgFG -----END CERTIFICATE-----Generated at Tue Jan 20 04:28:23 2026 by rpki-client