This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/gdPf_9J48AuAm5t2dI1fssbsADo.roa File: gdPf_9J48AuAm5t2dI1fssbsADo.roa (raw, json) Hash identifier: 9nHrQt/aYypST/tF0feBU2QsIkOO5iZuvGA8PzS+Ip8= Subject key identifier: 81:D3:DF:FF:D2:78:F0:0B:80:9B:9B:76:74:8D:5F:B2:C6:EC:00:3A Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058 Certificate serial: 019B7E392A2DF08804BE2B9A4CA89897DF58 Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/gdPf_9J48AuAm5t2dI1fssbsADo.roa Signing time: Fri 02 Jan 2026 10:20:34 +0000 ROA not before: Fri 02 Jan 2026 10:20:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50124 IP address blocks: 2a0c:b641:8f0::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:2a:2d:f0:88:04:be:2b:9a:4c:a8:98:97:df:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05976801363d375786152e4d061e75c8beb35058 Validity Not Before: Jan 2 10:20:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=81d3dfffd278f00b809b9b76748d5fb2c6ec003a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:62:82:af:60:14:d9:90:2d:49:49:24:29:25: 9e:d1:3e:80:19:fb:53:09:ba:88:2e:f0:1f:82:64: 39:29:c3:d6:62:e6:f2:ed:cf:41:56:49:ed:b0:6d: 35:cc:97:82:ed:14:71:66:a0:0d:e7:88:cb:95:c1: a4:7b:b2:51:aa:21:44:68:7c:a5:36:56:a3:cc:0d: fe:3c:d8:7f:d2:7f:fa:57:7b:4e:c3:1d:c2:17:62: 44:b4:9b:0a:af:82:1f:77:f7:4c:50:d0:91:da:ec: d4:5e:6f:a5:e2:d6:62:82:98:f7:fa:da:e2:f2:b6: 48:96:4c:45:37:bb:fb:c6:7b:d5:db:2b:ca:4d:ca: 3a:ae:d8:82:b2:61:0d:5e:33:fc:20:bb:56:a3:09: df:ba:d3:1c:25:18:2f:53:8f:93:33:78:22:13:92: 05:a1:0f:eb:1b:86:82:68:e0:e6:6c:d7:e6:c0:02: 5d:a8:fd:29:aa:e4:13:0d:08:b7:75:45:45:e1:2c: b5:93:a0:37:0a:c1:7e:db:23:8b:a9:61:53:dc:32: 90:c8:7b:05:6c:fb:03:09:8f:99:bc:f0:69:e1:25: d6:65:bb:ec:4f:10:de:d1:25:60:12:5b:a9:41:30: 1b:e5:ff:7d:db:d9:c6:20:b5:3b:e4:37:9e:ec:4d: d2:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:D3:DF:FF:D2:78:F0:0B:80:9B:9B:76:74:8D:5F:B2:C6:EC:00:3A X509v3 Authority Key Identifier: keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/gdPf_9J48AuAm5t2dI1fssbsADo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:b641:8f0::/44 Signature Algorithm: sha256WithRSAEncryption 9e:6c:20:03:60:28:71:81:c7:67:84:7b:2c:b1:de:82:34:f8: cb:ae:72:c4:56:b3:21:6c:b4:47:e7:c6:fb:00:d5:ed:c9:21: 71:a6:9e:8e:0d:d1:4f:b8:df:d3:dd:bd:ea:ba:a3:8e:7c:d3: 54:57:98:23:af:f6:d4:3f:f0:fb:2c:be:b4:25:df:c3:59:40: 80:55:c3:44:f0:5f:68:d2:a5:fe:47:9e:e1:f3:db:9b:dc:69: e7:23:62:88:3d:6a:79:56:52:83:51:6f:f0:be:05:c8:85:98: 40:ad:be:6e:b2:80:b2:da:f0:c7:09:a1:1d:70:7e:9d:a9:d0: 8b:e6:d7:cb:14:b0:e0:f5:75:ed:f7:12:f1:a8:98:a6:1e:ec: 1c:66:46:8b:7c:07:d8:05:5f:46:83:5b:4f:4f:69:81:7c:c0: 64:1e:3a:fa:16:59:74:ed:c7:1c:10:a5:73:51:0c:90:ce:7b: a6:33:74:57:9a:9c:ed:91:ab:98:e6:6a:4e:5a:64:cb:36:4e: 47:c8:cd:8d:f9:ff:9f:24:16:51:f3:ad:b2:d6:97:04:b5:75: e6:b8:c4:4f:aa:36:7d:c6:3e:f5:49:51:98:b6:67:08:9f:2c: c8:e7:86:ad:00:ef:78:36:75:7d:2d:69:e8:3f:21:61:f5:73: 94:63:60:a5 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+OSot8IgEviuaTKiYl99YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi MzUwNTgwHhcNMjYwMTAyMTAyMDM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MWQzZGZmZmQyNzhmMDBiODA5YjliNzY3NDhkNWZiMmM2ZWMwMDNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WKCr2AU2ZAtSUkkKSWe0T6AGftT CbqILvAfgmQ5KcPWYuby7c9BVkntsG01zJeC7RRxZqAN54jLlcGke7JRqiFEaHyl NlajzA3+PNh/0n/6V3tOwx3CF2JEtJsKr4Ifd/dMUNCR2uzUXm+l4tZigpj3+tri 8rZIlkxFN7v7xnvV2yvKTco6rtiCsmENXjP8ILtWownfutMcJRgvU4+TM3giE5IF oQ/rG4aCaODmbNfmwAJdqP0pquQTDQi3dUVF4Sy1k6A3CsF+2yOLqWFT3DKQyHsF bPsDCY+ZvPBp4SXWZbvsTxDe0SVgElupQTAb5f9929nGILU75Dee7E3S4QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFIHT3//SePALgJubdnSNX7LG7AA6MB8GA1UdIwQY MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et NWVjOGM4ZWQ2MGZkLzEvZ2RQZl85SjQ4QXVBbTV0MmRJMWZzc2JzQURvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQjw MA0GCSqGSIb3DQEBCwUAA4IBAQCebCADYChxgcdnhHsssd6CNPjLrnLEVrMhbLRH 58b7ANXtySFxpp6ODdFPuN/T3b3quqOOfNNUV5gjr/bUP/D7LL60Jd/DWUCAVcNE 8F9o0qX+R57h89ub3GnnI2KIPWp5VlKDUW/wvgXIhZhArb5usoCy2vDHCaEdcH6d qdCL5tfLFLDg9XXt9xLxqJimHuwcZkaLfAfYBV9Gg1tPT2mBfMBkHjr6Fll07ccc EKVzUQyQznumM3RXmpztkauY5mpOWmTLNk5HyM2N+f+fJBZR862y1pcEtXXmuMRP qjZ9xj71SVGYtmcInyzI54atAO94NnV9LWnoPyFh9XOUY2Cl -----END CERTIFICATE-----Generated at Tue Jan 20 02:44:49 2026 by rpki-client