This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/xhIYDYP-D_94abz_ABQxo_dh-K0.roa File: xhIYDYP-D_94abz_ABQxo_dh-K0.roa (raw, json) Hash identifier: BrbeKBiijEYvrN352WzI/clyi67r0Hr8vCiYufQmI0c= Subject key identifier: C6:12:18:0D:83:FE:0F:FF:78:69:BC:FF:00:14:31:A3:F7:61:F8:AD Certificate issuer: /CN=727309f110347cc61b8c27bbfbf10a6bfb408358 Certificate serial: 019B7E3903A822037DFA808DEDA08D3A3158 Authority key identifier: 72:73:09:F1:10:34:7C:C6:1B:8C:27:BB:FB:F1:0A:6B:FB:40:83:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/xhIYDYP-D_94abz_ABQxo_dh-K0.roa Signing time: Fri 02 Jan 2026 10:20:24 +0000 ROA not before: Fri 02 Jan 2026 10:20:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199351 IP address blocks: 2001:67c:1394::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.crl rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.mft rsync://rpki.ripe.net/repository/DEFAULT/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:03:a8:22:03:7d:fa:80:8d:ed:a0:8d:3a:31:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=727309f110347cc61b8c27bbfbf10a6bfb408358 Validity Not Before: Jan 2 10:20:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c612180d83fe0fff7869bcff001431a3f761f8ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:d4:1c:2c:84:37:ac:a8:5e:5e:d7:fb:d5:c3: e9:af:a1:20:64:a1:22:f6:ba:02:91:ef:92:6f:b7: a3:c5:52:e8:00:a9:4e:59:92:cb:7f:8a:14:87:0c: ed:42:46:be:49:fd:e1:63:09:75:84:a6:c8:3f:52: 63:82:5a:3e:b6:8a:37:81:fc:a3:53:6e:d8:4f:e2: 6c:6d:de:92:1a:bf:f0:89:f1:8f:13:e2:f7:f4:ed: c6:60:a1:a0:46:cb:6d:36:41:0f:b5:2a:34:47:5a: 25:f1:e5:2f:c4:58:f1:44:cb:a0:ec:dc:01:38:aa: 0d:eb:28:29:d3:ad:7d:af:33:7b:ce:b9:18:9b:a9: 37:51:ac:6f:1e:6d:b8:b1:e6:a4:b8:c3:13:f3:3b: de:83:7f:8c:85:0c:8c:4a:8e:cd:3e:f3:7c:d9:e6: 7c:7c:7e:69:c7:ee:5a:16:40:46:ff:46:b8:02:cc: 18:1a:03:11:be:c8:92:f4:34:dc:80:f6:ab:e9:38: 6b:3a:70:0c:6c:b2:ad:09:6f:72:db:a0:6f:3c:b5: f3:07:f5:94:f5:10:18:75:ca:67:73:b3:05:6d:62: 6b:cb:6b:cb:8b:d7:4b:d7:c8:bd:03:d1:06:23:28: e0:e5:6e:37:23:be:a0:b3:8c:6e:03:1e:d5:9f:8d: ba:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:12:18:0D:83:FE:0F:FF:78:69:BC:FF:00:14:31:A3:F7:61:F8:AD X509v3 Authority Key Identifier: keyid:72:73:09:F1:10:34:7C:C6:1B:8C:27:BB:FB:F1:0A:6B:FB:40:83:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/xhIYDYP-D_94abz_ABQxo_dh-K0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:1394::/48 Signature Algorithm: sha256WithRSAEncryption 3a:49:23:e2:1c:56:72:d8:c1:e9:1b:59:d9:20:e0:5b:31:1e: 54:e3:ab:1b:07:58:89:73:70:d0:41:9e:68:8e:81:1b:52:5f: f5:9c:5e:04:dd:21:21:bf:65:e9:20:2a:6f:b8:8f:a8:05:68: 72:e2:b5:b2:f4:f2:1d:42:b1:f6:fc:3b:44:f7:50:04:fa:27: 3e:4b:69:1a:7e:8e:fa:f0:23:67:ea:e2:28:df:0b:8b:ad:38: d5:63:51:f2:d0:da:55:04:79:e0:fb:9b:25:11:93:50:93:27: 6e:76:01:ed:3f:5e:88:de:27:96:27:4b:28:f5:8f:b3:49:30: 06:d8:1a:35:63:dd:33:a4:b8:69:84:1a:f5:b0:9e:d2:50:0c: 71:00:61:bd:67:48:30:60:a5:12:51:15:d3:45:39:fe:ea:a5: 74:f1:c5:3a:ce:c1:42:9a:46:f7:d4:db:e4:d9:29:e0:77:48: d1:2d:3e:4b:7a:fc:26:06:33:f8:96:29:6f:bd:ef:bb:ea:a0: 68:88:c0:8d:57:5d:6a:09:5e:05:45:12:85:8d:d1:87:a1:9e: 45:db:4c:e1:44:90:5a:7a:19:7e:be:26:fb:64:a7:6b:51:a0: 21:5b:43:c9:0a:09:58:c2:ed:e3:19:9e:a3:00:83:fe:62:cf: 78:a3:50:08 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+OQOoIgN9+oCN7aCNOjFYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyNzMwOWYxMTAzNDdjYzYxYjhjMjdiYmZiZjEwYTZiZmI0 MDgzNTgwHhcNMjYwMTAyMTAyMDI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjEyMTgwZDgzZmUwZmZmNzg2OWJjZmYwMDE0MzFhM2Y3NjFmOGFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9QcLIQ3rKheXtf71cPpr6EgZKEi 9roCke+Sb7ejxVLoAKlOWZLLf4oUhwztQka+Sf3hYwl1hKbIP1Jjglo+too3gfyj U27YT+Jsbd6SGr/wifGPE+L39O3GYKGgRsttNkEPtSo0R1ol8eUvxFjxRMug7NwB OKoN6ygp0619rzN7zrkYm6k3UaxvHm24seakuMMT8zveg3+MhQyMSo7NPvN82eZ8 fH5px+5aFkBG/0a4AswYGgMRvsiS9DTcgPar6ThrOnAMbLKtCW9y26BvPLXzB/WU 9RAYdcpnc7MFbWJry2vLi9dL18i9A9EGIyjg5W43I76gs4xuAx7Vn426RwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFMYSGA2D/g//eGm8/wAUMaP3YfitMB8GA1UdIwQY MBaAFHJzCfEQNHzGG4wnu/vxCmv7QINYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY25NSjhSQTBmTVliakNlNy1fRUthX3RBZzFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wMDg5MDktNzJlYS00NzkxLWE1YmYt ZjIzMzQ2YmNjMjE3LzEveGhJWURZUC1EXzk0YWJ6X0FCUXhvX2RoLUswLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC8wMDg5MDktNzJlYS00NzkxLWE1YmYtZjIzMzQ2YmNjMjE3 LzEvY25NSjhSQTBmTVliakNlNy1fRUthX3RBZzFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBOU MA0GCSqGSIb3DQEBCwUAA4IBAQA6SSPiHFZy2MHpG1nZIOBbMR5U46sbB1iJc3DQ QZ5ojoEbUl/1nF4E3SEhv2XpICpvuI+oBWhy4rWy9PIdQrH2/DtE91AE+ic+S2ka fo768CNn6uIo3wuLrTjVY1Hy0NpVBHng+5slEZNQkydudgHtP16I3ieWJ0so9Y+z STAG2Bo1Y90zpLhphBr1sJ7SUAxxAGG9Z0gwYKUSURXTRTn+6qV08cU6zsFCmkb3 1Nvk2Sngd0jRLT5LevwmBjP4lilvve+76qBoiMCNV11qCV4FRRKFjdGHoZ5F20zh RJBaehl+vib7ZKdrUaAhW0PJCglYwu3jGZ6jAIP+Ys94o1AI -----END CERTIFICATE-----Generated at Tue Feb 10 06:26:01 2026 by rpki-client