This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/VzKdjGXdZ8mDWSlQuKcQZe-MS1k.roa File: VzKdjGXdZ8mDWSlQuKcQZe-MS1k.roa (raw, json) Hash identifier: gBnD2i5pIKxBV+o+ERZNaHlCowvL2p22IQEspH1v3c8= Subject key identifier: 57:32:9D:8C:65:DD:67:C9:83:59:29:50:B8:A7:10:65:EF:8C:4B:59 Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058 Certificate serial: 019B7E395B71F3D8559A2C9EA3830C86221A Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/VzKdjGXdZ8mDWSlQuKcQZe-MS1k.roa Signing time: Fri 02 Jan 2026 10:20:46 +0000 ROA not before: Fri 02 Jan 2026 10:20:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212871 IP address blocks: 2a0c:b641:290::/44 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:5b:71:f3:d8:55:9a:2c:9e:a3:83:0c:86:22:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05976801363d375786152e4d061e75c8beb35058 Validity Not Before: Jan 2 10:20:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=57329d8c65dd67c983592950b8a71065ef8c4b59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:3d:7a:23:66:d3:ba:5f:9a:fb:8f:1d:b2:6f: 1c:56:db:c3:f1:d7:2e:2d:a4:f3:ae:a8:51:49:1c: 4c:fd:df:50:03:65:d6:8c:e6:98:8b:be:ab:46:11: dd:1c:d4:91:f8:6b:1a:ed:83:2a:bb:e8:cb:cb:fc: bf:19:b3:14:1c:3f:08:1c:94:49:7a:58:56:25:f3: 07:c1:0f:65:f9:f8:fb:a3:88:e9:35:fc:64:bb:1f: 2f:86:a6:52:a7:d5:12:84:11:f7:7b:e0:98:76:47: 8d:65:e0:26:e5:9e:ae:59:c2:57:4b:7b:06:48:9e: 50:3d:9d:1d:60:44:44:5b:60:05:90:7e:fe:57:14: da:0d:ae:63:3a:00:1e:2e:5e:b5:ea:93:b5:9b:bf: 31:36:73:41:d8:3c:27:f1:76:c1:69:3a:5f:03:5f: be:c6:52:cd:40:87:a4:4d:63:8d:51:bd:c7:02:89: 24:cc:da:d9:90:c7:27:02:9b:1b:24:ec:25:b7:cf: 37:d4:0d:6e:36:65:bb:be:15:fa:e4:17:2c:84:7c: bc:4b:d2:03:fd:3f:f2:06:bf:3d:ec:a8:0a:59:c8: fc:2f:4a:9a:15:63:08:6b:be:37:ba:7b:5a:c7:ac: 54:db:1c:3f:66:9b:c7:b7:50:30:17:02:0a:f7:01: fa:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:32:9D:8C:65:DD:67:C9:83:59:29:50:B8:A7:10:65:EF:8C:4B:59 X509v3 Authority Key Identifier: keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/VzKdjGXdZ8mDWSlQuKcQZe-MS1k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:b641:290::/44 Signature Algorithm: sha256WithRSAEncryption 0b:95:ef:30:c8:c4:4f:c4:10:00:68:9e:37:4f:ed:56:c2:3c: 57:20:26:76:df:38:ac:ec:6a:0d:c9:0b:3d:03:93:4c:93:95: e7:cd:02:26:94:7e:61:fd:f4:ed:4f:5e:50:9d:95:1a:37:ab: fe:5c:45:52:96:0e:6c:24:b6:fd:81:fd:87:46:15:1d:31:76: bd:ff:c6:e6:51:c9:2c:3e:6a:6b:8c:5f:17:9d:fa:a7:39:2a: 3b:85:eb:c8:3e:e0:f0:0e:ff:b4:22:14:c8:65:39:42:ca:ee: c2:9c:7e:47:0b:24:f2:93:f1:59:d6:68:46:ed:b0:cc:a0:ea: 24:4f:4c:56:0e:55:f9:c1:a5:1e:c1:27:b6:cd:3b:fa:de:3d: f0:33:c7:84:31:94:0b:94:31:ed:a4:a5:f8:78:b0:d3:e7:11: a8:db:c1:3e:7c:d5:c7:f7:d6:dc:ef:b6:f7:45:ce:7e:15:ca: 72:10:22:aa:1a:ca:4c:24:05:25:e9:5f:ee:93:f7:15:3e:bb: 0c:4f:6d:6a:b3:ae:13:3e:d2:bb:59:a4:60:8d:a6:ed:f0:6d: 8a:4b:38:06:e8:f5:6e:89:f6:e3:59:43:dd:16:58:c2:c4:44: 40:2b:da:df:5c:38:6f:4e:95:48:a8:78:88:02:f1:79:01:0c: 94:ba:fb:00 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+OVtx89hVmiyeo4MMhiIaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi MzUwNTgwHhcNMjYwMTAyMTAyMDQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NzMyOWQ4YzY1ZGQ2N2M5ODM1OTI5NTBiOGE3MTA2NWVmOGM0YjU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj16I2bTul+a+48dsm8cVtvD8dcu LaTzrqhRSRxM/d9QA2XWjOaYi76rRhHdHNSR+Gsa7YMqu+jLy/y/GbMUHD8IHJRJ elhWJfMHwQ9l+fj7o4jpNfxkux8vhqZSp9UShBH3e+CYdkeNZeAm5Z6uWcJXS3sG SJ5QPZ0dYEREW2AFkH7+VxTaDa5jOgAeLl616pO1m78xNnNB2Dwn8XbBaTpfA1++ xlLNQIekTWONUb3HAokkzNrZkMcnApsbJOwlt8831A1uNmW7vhX65BcshHy8S9ID /T/yBr897KgKWcj8L0qaFWMIa743untax6xU2xw/ZpvHt1AwFwIK9wH6QQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFFcynYxl3WfJg1kpULinEGXvjEtZMB8GA1UdIwQY MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et NWVjOGM4ZWQ2MGZkLzEvVnpLZGpHWGRaOG1EV1NsUXVLY1FaZS1NUzFrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQKQ MA0GCSqGSIb3DQEBCwUAA4IBAQALle8wyMRPxBAAaJ43T+1WwjxXICZ23zis7GoN yQs9A5NMk5XnzQImlH5h/fTtT15QnZUaN6v+XEVSlg5sJLb9gf2HRhUdMXa9/8bm UcksPmprjF8XnfqnOSo7hevIPuDwDv+0IhTIZTlCyu7CnH5HCyTyk/FZ1mhG7bDM oOokT0xWDlX5waUewSe2zTv63j3wM8eEMZQLlDHtpKX4eLDT5xGo28E+fNXH99bc 77b3Rc5+FcpyECKqGspMJAUl6V/uk/cVPrsMT21qs64TPtK7WaRgjabt8G2KSzgG 6PVuifbjWUPdFljCxERAK9rfXDhvTpVIqHiIAvF5AQyUuvsA -----END CERTIFICATE-----Generated at Tue Jan 20 02:45:00 2026 by rpki-client