This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/cLd7Hkq6OLQ88wqOCulKFwPWIhA.roa File: cLd7Hkq6OLQ88wqOCulKFwPWIhA.roa (raw, json) Hash identifier: 1mV/iXnszbgwmTY4FDleNEYWP0RXJ8tA44NN2awcFns= Subject key identifier: 70:B7:7B:1E:4A:BA:38:B4:3C:F3:0A:8E:0A:E9:4A:17:03:D6:22:10 Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058 Certificate serial: 019B7E392C3081E3D6965A926E9F5A327486 Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/cLd7Hkq6OLQ88wqOCulKFwPWIhA.roa Signing time: Fri 02 Jan 2026 10:20:34 +0000 ROA not before: Fri 02 Jan 2026 10:20:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58305 IP address blocks: 2a0c:b642:1a0d::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:2c:30:81:e3:d6:96:5a:92:6e:9f:5a:32:74:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05976801363d375786152e4d061e75c8beb35058 Validity Not Before: Jan 2 10:20:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=70b77b1e4aba38b43cf30a8e0ae94a1703d62210 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:41:21:d9:ba:d3:d0:12:1d:44:fa:62:db:4d: 5d:f6:3d:e0:06:b2:67:16:44:7d:5d:e6:38:42:51: ad:b4:42:bb:f1:6f:c5:ad:2d:72:4d:2b:e0:15:c2: c8:3b:50:d6:59:48:e9:82:6e:22:4e:cb:cb:21:ef: 44:64:3d:65:17:6a:b4:d2:3b:24:81:e4:51:0f:17: b6:ee:79:de:7e:68:82:1c:2a:5c:eb:63:f3:84:a9: 30:41:46:fa:5b:89:1e:2c:5f:ff:b0:8f:9b:ff:a6: 50:15:5f:fb:ed:21:53:f7:b6:67:9c:b8:4e:fd:5d: e3:7d:92:db:69:1b:2a:57:51:6b:2e:24:c5:bf:40: b5:c5:1b:52:95:49:60:da:b3:3f:57:42:e8:95:21: 38:ab:ef:82:a6:26:38:3e:5a:16:f7:f8:80:6e:78: 5f:0e:3a:9c:b5:5d:90:c7:42:0c:89:16:4e:55:be: 1f:03:59:88:71:aa:78:69:eb:a1:4d:19:e9:3f:de: af:b4:ff:db:57:ef:65:f3:d1:3c:44:50:93:2d:75: f8:26:15:b8:9b:55:0f:d1:00:db:e2:50:a5:3a:f2: d1:c2:5f:22:50:41:95:49:02:d2:3e:3b:9e:6a:98: e9:f3:6c:ff:8d:9d:68:bf:08:3a:c1:74:fb:8c:92: af:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:B7:7B:1E:4A:BA:38:B4:3C:F3:0A:8E:0A:E9:4A:17:03:D6:22:10 X509v3 Authority Key Identifier: keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/cLd7Hkq6OLQ88wqOCulKFwPWIhA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:b642:1a0d::/48 Signature Algorithm: sha256WithRSAEncryption 04:29:8d:b2:32:2d:d2:14:30:e9:c7:a8:92:15:38:db:e5:f4: 11:9b:ec:29:41:fe:0a:63:b6:eb:77:db:8c:d2:f5:09:7e:04: 60:a4:f1:00:aa:d4:40:95:9c:f7:78:6a:67:ed:be:ed:16:38: b3:2b:f7:5d:82:3c:60:ee:88:86:a6:dd:1a:7e:20:3b:6b:44: 6b:99:43:44:9d:70:63:8d:13:ec:da:47:7c:80:41:ab:d0:61: 03:79:b5:7a:c4:84:a8:83:4b:23:91:4c:7f:c2:79:33:ba:d1: b9:bf:d6:83:ac:95:64:13:3e:a1:3e:c9:86:5e:ea:0a:6f:ee: c6:71:b8:bf:4b:8a:48:96:82:48:f5:1e:2a:fc:87:18:09:c1: e7:4e:56:31:8c:a6:d9:a9:2b:ff:0f:fe:40:6e:b4:1d:8b:58: 96:4e:93:e5:bc:c5:b1:7b:c0:a5:66:9e:1d:b3:05:bf:7f:c3: 0a:42:13:a1:5a:ba:2a:95:05:83:ed:82:7a:95:d4:af:83:84: 54:31:87:96:89:33:80:6e:b9:bb:76:ad:38:42:6e:6e:65:db: 3e:fd:2e:65:69:a5:80:02:17:38:3a:15:31:85:48:b2:fa:14: fb:8f:2e:23:7c:03:08:52:b9:2c:d6:54:21:62:27:10:3b:c8: fa:da:73:d3 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+OSwwgePWllqSbp9aMnSGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi MzUwNTgwHhcNMjYwMTAyMTAyMDM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MGI3N2IxZTRhYmEzOGI0M2NmMzBhOGUwYWU5NGExNzAzZDYyMjEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkEh2brT0BIdRPpi201d9j3gBrJn FkR9XeY4QlGttEK78W/FrS1yTSvgFcLIO1DWWUjpgm4iTsvLIe9EZD1lF2q00jsk geRRDxe27nnefmiCHCpc62PzhKkwQUb6W4keLF//sI+b/6ZQFV/77SFT97ZnnLhO /V3jfZLbaRsqV1FrLiTFv0C1xRtSlUlg2rM/V0LolSE4q++CpiY4PloW9/iAbnhf DjqctV2Qx0IMiRZOVb4fA1mIcap4aeuhTRnpP96vtP/bV+9l89E8RFCTLXX4JhW4 m1UP0QDb4lClOvLRwl8iUEGVSQLSPjueapjp82z/jZ1ovwg6wXT7jJKvBQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFHC3ex5Kuji0PPMKjgrpShcD1iIQMB8GA1UdIwQY MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et NWVjOGM4ZWQ2MGZkLzEvY0xkN0hrcTZPTFE4OHdxT0N1bEtGd1BXSWhBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgy2QhoN MA0GCSqGSIb3DQEBCwUAA4IBAQAEKY2yMi3SFDDpx6iSFTjb5fQRm+wpQf4KY7br d9uM0vUJfgRgpPEAqtRAlZz3eGpn7b7tFjizK/ddgjxg7oiGpt0afiA7a0RrmUNE nXBjjRPs2kd8gEGr0GEDebV6xISog0sjkUx/wnkzutG5v9aDrJVkEz6hPsmGXuoK b+7Gcbi/S4pIloJI9R4q/IcYCcHnTlYxjKbZqSv/D/5AbrQdi1iWTpPlvMWxe8Cl Zp4dswW/f8MKQhOhWroqlQWD7YJ6ldSvg4RUMYeWiTOAbrm7dq04Qm5uZds+/S5l aaWAAhc4OhUxhUiy+hT7jy4jfAMIUrks1lQhYicQO8j62nPT -----END CERTIFICATE-----Generated at Tue Jan 20 02:44:51 2026 by rpki-client