This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/YA7jZM5xQMw-tFprTErznVMZLN8.roa File: YA7jZM5xQMw-tFprTErznVMZLN8.roa (raw, json) Hash identifier: fWgoeQ1IYq5nr/zvtEy4ZLCTWstmm0nzfL+h/cggI8o= Subject key identifier: 60:0E:E3:64:CE:71:40:CC:3E:B4:5A:6B:4C:4A:F3:9D:53:19:2C:DF Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Certificate serial: 019B7B361EF1D62F845895AA080E0620B1A2 Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/YA7jZM5xQMw-tFprTErznVMZLN8.roa Signing time: Thu 01 Jan 2026 20:18:22 +0000 ROA not before: Thu 01 Jan 2026 20:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 398343 IP address blocks: 2a11:a540::/29 maxlen: 29 2a12:ad80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 16 Jan 2026 04:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:1e:f1:d6:2f:84:58:95:aa:08:0e:06:20:b1:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Validity Not Before: Jan 1 20:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=600ee364ce7140cc3eb45a6b4c4af39d53192cdf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:30:78:67:e1:70:8a:e9:0b:b6:fb:dd:5f:69: 44:12:c5:3d:b8:90:08:f8:d4:ac:50:51:69:ba:0d: 00:35:9b:27:bc:6a:2d:af:33:2c:34:8b:dd:73:18: 2f:5c:7e:1d:4a:4c:9e:45:10:11:1d:dc:32:cb:d1: 72:59:00:35:ae:ed:77:cc:42:4e:4d:31:e5:e0:d3: a4:31:45:25:d4:ee:ad:5a:4d:4f:2a:7e:2d:0e:cb: 75:ea:bf:b4:14:ff:c8:81:c6:0e:c2:65:de:2e:39: 03:0e:5c:a6:23:e7:e2:38:ea:e7:2d:99:08:59:09: ec:b9:58:76:dc:64:ba:12:ed:e7:83:20:8e:dc:2f: 92:44:a1:c9:21:b6:73:c2:03:b5:7a:5a:fa:6b:35: bb:22:62:5a:a7:29:4d:a5:28:e5:db:f7:03:22:48: a3:79:38:62:b8:fb:fc:4d:c2:70:23:f4:f4:a1:da: 38:95:0b:46:ae:8f:a5:e0:eb:0f:a0:61:9a:49:87: 60:17:f0:fb:c9:51:3c:10:be:d9:a5:df:27:9b:6a: 6e:80:71:82:b1:34:e2:e3:12:af:85:f1:52:7e:eb: 66:61:a9:e6:17:19:8e:1f:e9:d3:52:fa:4a:39:f0: cb:4f:cb:ae:b8:ce:81:67:d3:cc:0b:52:01:de:49: 75:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:0E:E3:64:CE:71:40:CC:3E:B4:5A:6B:4C:4A:F3:9D:53:19:2C:DF X509v3 Authority Key Identifier: keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/YA7jZM5xQMw-tFprTErznVMZLN8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:a540::/29 2a12:ad80::/29 Signature Algorithm: sha256WithRSAEncryption 9d:d7:fb:eb:7f:eb:78:cf:45:a0:e6:30:3c:d5:b2:24:c8:24: 64:04:0d:4d:54:94:cc:de:a4:3d:9a:7c:7f:b2:3e:49:bc:44: e8:66:df:93:bf:3c:04:b8:45:db:6e:c7:a6:75:d8:12:da:89: 97:47:8a:5c:1c:4a:d2:b6:59:38:03:22:54:e2:9d:df:2c:c7: c4:f3:ba:69:46:1d:4b:e7:a5:9e:01:00:f1:be:65:8b:81:c9: e0:66:36:cf:03:d0:60:4b:a2:99:39:02:7b:29:99:88:ca:bd: 4b:24:70:05:44:50:d4:1a:e3:9b:1b:2e:fe:cd:13:7c:d6:c2: 11:fc:a1:53:77:84:af:5b:77:85:b2:84:d3:fc:37:01:67:ee: 65:39:e8:dc:05:72:63:57:cc:ca:a9:57:28:43:4b:18:23:ff: 64:37:6a:55:9b:0e:06:50:b6:3b:d9:33:c3:a5:1f:3c:5a:82: e0:6f:40:f1:32:c9:bb:cd:3e:c4:e6:f7:e1:dc:76:78:11:33: 0d:ef:51:60:f5:b0:85:07:fb:7a:1f:39:51:58:8b:2e:c9:c3: 9d:2d:58:49:9f:37:fd:f9:48:03:92:8c:43:38:ef:b9:2c:fd: cf:7e:e3:38:3f:1c:50:75:7e:05:dc:28:15:b7:b3:9a:f5:a4: 8f:f0:f2:3a -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt7Nh7x1i+EWJWqCA4GILGiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw N2VlNTYwHhcNMjYwMTAxMjAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MDBlZTM2NGNlNzE0MGNjM2ViNDVhNmI0YzRhZjM5ZDUzMTkyY2RmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDB4Z+FwiukLtvvdX2lEEsU9uJAI +NSsUFFpug0ANZsnvGotrzMsNIvdcxgvXH4dSkyeRRARHdwyy9FyWQA1ru13zEJO TTHl4NOkMUUl1O6tWk1PKn4tDst16r+0FP/IgcYOwmXeLjkDDlymI+fiOOrnLZkI WQnsuVh23GS6Eu3ngyCO3C+SRKHJIbZzwgO1elr6azW7ImJapylNpSjl2/cDIkij eThiuPv8TcJwI/T0odo4lQtGro+l4OsPoGGaSYdgF/D7yVE8EL7Zpd8nm2pugHGC sTTi4xKvhfFSfutmYanmFxmOH+nTUvpKOfDLT8uuuM6BZ9PMC1IB3kl1lQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFGAO42TOcUDMPrRaa0xK851TGSzfMB8GA1UdIwQY MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt OGJmYmRkNDVjYjYyLzEvWUE3alpNNXhRTXctdEZwclRFcnpuVk1aTE44LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhGlQAMF AyoSrYAwDQYJKoZIhvcNAQELBQADggEBAJ3X++t/63jPRaDmMDzVsiTIJGQEDU1U lMzepD2afH+yPkm8ROhm35O/PAS4Rdtux6Z12BLaiZdHilwcStK2WTgDIlTind8s x8TzumlGHUvnpZ4BAPG+ZYuByeBmNs8D0GBLopk5AnspmYjKvUskcAVEUNQa45sb Lv7NE3zWwhH8oVN3hK9bd4WyhNP8NwFn7mU56NwFcmNXzMqpVyhDSxgj/2Q3alWb DgZQtjvZM8OlHzxaguBvQPEyybvNPsTm9+HcdngRMw3vUWD1sIUH+3ofOVFYiy7J w50tWEmfN/35SAOSjEM477ks/c9+4zg/HFB1fgXcKBW3s5r1pI/w8jo= -----END CERTIFICATE-----Generated at Thu Jan 15 13:19:16 2026 by rpki-client