This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Q-iUguW_2HhC1bDkcmyzNBZnllQ.roa File: Q-iUguW_2HhC1bDkcmyzNBZnllQ.roa (raw, json) Hash identifier: CFBg/kvuqmCzBEFjtGooj1eADwR3ND+5MR1aMJ1fBxI= Subject key identifier: 43:E8:94:82:E5:BF:D8:78:42:D5:B0:E4:72:6C:B3:34:16:67:96:54 Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058 Certificate serial: 019B7E393DB0BCFE1FAD276AB73374ED1C2B Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Q-iUguW_2HhC1bDkcmyzNBZnllQ.roa Signing time: Fri 02 Jan 2026 10:20:39 +0000 ROA not before: Fri 02 Jan 2026 10:20:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206971 IP address blocks: 2a0c:b641:5d0::/44 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:3d:b0:bc:fe:1f:ad:27:6a:b7:33:74:ed:1c:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05976801363d375786152e4d061e75c8beb35058 Validity Not Before: Jan 2 10:20:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=43e89482e5bfd87842d5b0e4726cb33416679654 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:76:f1:b7:8d:0c:c1:0a:89:71:17:48:11:f8: 12:cc:fb:36:75:62:ba:d7:43:92:a0:79:3e:4b:2c: df:aa:8f:cf:5a:f2:98:2e:5a:c1:83:5c:e4:a9:d5: d4:cb:d7:c0:0e:42:96:08:fb:fc:b9:31:c5:9c:7b: 5d:ee:43:31:7a:86:64:53:51:3c:03:48:cd:68:44: d3:0a:32:b0:23:d7:f1:7e:6a:e8:0c:a4:d3:ca:41: 9a:7d:07:a9:8d:56:4f:62:76:c2:5c:d4:b8:1b:cb: d3:5a:f7:1a:f4:61:11:91:b9:46:4c:17:f2:a9:10: a3:d4:79:e1:a2:1b:af:b8:e2:ad:ea:6a:3e:d2:79: 80:18:2e:22:44:7a:11:6b:ec:2f:7c:14:8d:ef:07: c9:09:2b:de:40:2c:28:76:ab:94:8b:96:ae:0d:8c: 03:fd:46:c8:45:a4:1c:d4:94:bd:7a:f5:d2:e8:20: d8:f9:f3:27:91:eb:3a:1d:dc:b9:d2:91:13:a3:4c: 69:3c:b6:1c:e5:a0:36:5f:bf:01:80:45:77:28:9d: 86:39:1b:7d:31:0b:01:ed:f1:83:75:3f:b8:65:6c: 6d:25:a1:98:ca:b2:c4:54:ed:24:30:ac:15:7b:4a: 66:f4:3c:6d:f5:dd:2d:7c:6a:93:c5:f3:a3:a8:79: 02:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:E8:94:82:E5:BF:D8:78:42:D5:B0:E4:72:6C:B3:34:16:67:96:54 X509v3 Authority Key Identifier: keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Q-iUguW_2HhC1bDkcmyzNBZnllQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:b641:5d0::/44 Signature Algorithm: sha256WithRSAEncryption 7d:f0:ec:12:a5:04:b4:52:cb:29:da:53:3f:95:ed:e8:92:56: 57:30:6f:4a:80:be:b8:56:63:ef:88:48:7c:de:ea:b5:c1:27: 9e:a7:d7:9c:b5:df:76:bc:a0:d0:cc:69:01:b8:bc:af:12:6a: 53:c5:f0:56:a3:64:6e:5d:d0:c4:78:b1:27:0f:07:f9:cc:23: 00:f0:80:43:d7:34:3b:52:ae:ec:65:07:8b:5e:ee:1d:09:bb: e1:63:b0:a1:88:c8:9d:3f:e3:20:35:14:3c:de:e6:9f:05:46: d0:de:86:9b:08:e1:94:d1:b2:63:d0:f4:e0:0c:f1:02:59:ad: b5:f0:f6:bb:39:a1:e3:71:d1:7f:b5:bd:03:1f:8a:6c:45:24: 94:77:38:fd:8d:23:c1:71:2b:5c:ac:53:3e:b8:62:25:78:d2: 81:57:29:75:63:c1:dc:66:be:54:c5:74:dd:95:26:22:68:fe: 88:a9:2c:35:b4:00:1f:96:c5:c2:8b:a3:64:18:6e:8f:20:8f: b8:87:6c:8a:40:ca:4c:56:44:c6:c3:a2:7b:98:bb:b7:1c:9d: 75:fd:1b:97:58:c2:ea:87:ea:aa:08:d6:16:3a:ba:fb:c0:82: f8:39:a5:c1:6e:d1:1c:9c:00:c7:9d:13:2b:97:89:10:42:9a: 43:d6:b5:90 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+OT2wvP4frSdqtzN07RwrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi MzUwNTgwHhcNMjYwMTAyMTAyMDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0M2U4OTQ4MmU1YmZkODc4NDJkNWIwZTQ3MjZjYjMzNDE2Njc5NjU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXbxt40MwQqJcRdIEfgSzPs2dWK6 10OSoHk+Syzfqo/PWvKYLlrBg1zkqdXUy9fADkKWCPv8uTHFnHtd7kMxeoZkU1E8 A0jNaETTCjKwI9fxfmroDKTTykGafQepjVZPYnbCXNS4G8vTWvca9GERkblGTBfy qRCj1HnhohuvuOKt6mo+0nmAGC4iRHoRa+wvfBSN7wfJCSveQCwodquUi5auDYwD /UbIRaQc1JS9evXS6CDY+fMnkes6Hdy50pETo0xpPLYc5aA2X78BgEV3KJ2GORt9 MQsB7fGDdT+4ZWxtJaGYyrLEVO0kMKwVe0pm9Dxt9d0tfGqTxfOjqHkCeQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFEPolILlv9h4QtWw5HJsszQWZ5ZUMB8GA1UdIwQY MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et NWVjOGM4ZWQ2MGZkLzEvUS1pVWd1V18ySGhDMWJEa2NteXpOQlpubGxRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQXQ MA0GCSqGSIb3DQEBCwUAA4IBAQB98OwSpQS0Ussp2lM/le3oklZXMG9KgL64VmPv iEh83uq1wSeep9ectd92vKDQzGkBuLyvEmpTxfBWo2RuXdDEeLEnDwf5zCMA8IBD 1zQ7Uq7sZQeLXu4dCbvhY7ChiMidP+MgNRQ83uafBUbQ3oabCOGU0bJj0PTgDPEC Wa218Pa7OaHjcdF/tb0DH4psRSSUdzj9jSPBcStcrFM+uGIleNKBVyl1Y8HcZr5U xXTdlSYiaP6IqSw1tAAflsXCi6NkGG6PII+4h2yKQMpMVkTGw6J7mLu3HJ11/RuX WMLqh+qqCNYWOrr7wIL4OaXBbtEcnADHnRMrl4kQQppD1rWQ -----END CERTIFICATE-----Generated at Sun Jan 18 11:24:57 2026 by rpki-client