This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/3f6640-5d82-4ac6-9389-6ff1d427d971/1/CQU1i8i4vqvuY4KqJGZlaSLhz1o.roa File: CQU1i8i4vqvuY4KqJGZlaSLhz1o.roa (raw, json) Hash identifier: CuYb2a2XddVX7SxALr1d1KIhl+UGwYzhtlyXuVxbI4M= Subject key identifier: 09:05:35:8B:C8:B8:BE:AB:EE:63:82:AA:24:66:65:69:22:E1:CF:5A Certificate issuer: /CN=c5bd7854aa050fd6e550fc7cd02b558730bfbb7a Certificate serial: 019B7F138F2262BAC4D1DF8F59D4EAB02A8C Authority key identifier: C5:BD:78:54:AA:05:0F:D6:E5:50:FC:7C:D0:2B:55:87:30:BF:BB:7A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xb14VKoFD9blUPx80CtVhzC_u3o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/3f6640-5d82-4ac6-9389-6ff1d427d971/1/CQU1i8i4vqvuY4KqJGZlaSLhz1o.roa Signing time: Fri 02 Jan 2026 14:19:06 +0000 ROA not before: Fri 02 Jan 2026 14:19:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41111 IP address blocks: 2a0b:cd41::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/3f6640-5d82-4ac6-9389-6ff1d427d971/1/xb14VKoFD9blUPx80CtVhzC_u3o.crl rsync://rpki.ripe.net/repository/DEFAULT/39/3f6640-5d82-4ac6-9389-6ff1d427d971/1/xb14VKoFD9blUPx80CtVhzC_u3o.mft rsync://rpki.ripe.net/repository/DEFAULT/xb14VKoFD9blUPx80CtVhzC_u3o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 08:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:8f:22:62:ba:c4:d1:df:8f:59:d4:ea:b0:2a:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5bd7854aa050fd6e550fc7cd02b558730bfbb7a Validity Not Before: Jan 2 14:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0905358bc8b8beabee6382aa2466656922e1cf5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:78:b0:b2:bd:db:3b:5e:39:53:26:29:9d:1c: 79:ff:92:cc:97:d9:18:55:52:aa:48:7d:6f:b1:cc: 56:c6:34:1e:c6:53:b6:98:a7:37:70:a6:d6:27:63: 01:9a:c1:2f:56:3a:1b:08:4f:07:2e:9f:a3:1d:c0: f4:3c:56:c9:de:11:af:92:69:77:64:72:f5:9c:43: 8e:a7:32:a6:f4:e0:da:3d:fe:91:26:45:aa:2b:7f: 80:47:59:12:36:d9:08:77:92:c3:a5:f4:13:d1:50: e4:dd:fc:33:32:00:47:91:c0:44:4f:ff:3e:fa:df: 23:8a:4d:20:60:b4:cf:9f:b4:5c:2f:1e:f2:f5:1b: 67:4c:bf:f5:16:e7:bb:66:19:65:c1:da:b3:5c:2e: 09:cb:c4:25:db:e7:59:fa:f1:46:21:89:5b:94:b0: e5:cb:68:5a:d2:0c:d0:a4:a4:6b:11:b3:7b:5c:4c: 4e:3d:f6:87:ee:44:cf:94:d7:33:6c:ff:ae:88:c3: 3e:4d:a9:b3:a1:dc:63:df:33:ec:89:10:ce:53:43: e0:0b:b8:66:98:3d:3b:1a:41:19:f6:33:07:93:56: f3:ff:c7:42:94:f2:56:f3:36:1a:2b:e9:29:bf:b0: dd:9c:e6:d8:53:ea:94:47:8a:77:86:c1:df:ae:e4: 30:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:05:35:8B:C8:B8:BE:AB:EE:63:82:AA:24:66:65:69:22:E1:CF:5A X509v3 Authority Key Identifier: keyid:C5:BD:78:54:AA:05:0F:D6:E5:50:FC:7C:D0:2B:55:87:30:BF:BB:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xb14VKoFD9blUPx80CtVhzC_u3o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/3f6640-5d82-4ac6-9389-6ff1d427d971/1/CQU1i8i4vqvuY4KqJGZlaSLhz1o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/3f6640-5d82-4ac6-9389-6ff1d427d971/1/xb14VKoFD9blUPx80CtVhzC_u3o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:cd41::/32 Signature Algorithm: sha256WithRSAEncryption 7a:31:e6:0c:d1:e4:5d:54:36:f3:15:e0:92:2f:7c:ac:db:6b: 37:01:88:14:d5:79:70:2e:0a:c8:43:cf:47:35:c0:eb:8d:9b: e4:69:c9:a8:0e:8e:fc:57:23:50:1b:b1:f6:cd:8e:e1:c3:64: f3:02:ae:08:5b:c6:8d:ba:c2:77:fe:94:9d:d7:c8:7d:8e:10: 11:ac:42:f0:53:ec:fb:d6:4f:00:be:1e:08:70:3e:07:85:d6: 3a:75:c1:d7:02:29:06:20:e3:8b:2d:8f:c4:4e:63:94:3a:bf: a3:f8:1e:e2:cc:49:53:b9:06:ca:69:5e:b6:68:d5:8e:f4:ab: 5e:19:06:5d:d4:5f:73:dd:5e:d0:15:74:fe:ea:db:83:0b:c6: 28:6d:a9:41:a5:f9:36:7b:d6:a1:8b:78:ab:19:f0:89:50:37: 13:c5:0b:da:72:6b:b1:df:6e:ba:10:d8:58:84:30:76:d5:ac: 6e:59:4e:f3:1e:70:92:7d:b0:23:ca:df:55:6b:44:c3:5c:8b: f7:e6:95:cf:23:89:5a:b3:15:a8:99:c7:7a:7c:0f:2f:4e:11: e6:9e:f4:a6:81:73:05:67:81:2b:06:88:84:f6:93:3f:9f:8f: 2d:8e:2c:13:4a:ee:a7:ae:14:de:6c:43:94:6d:46:80:e0:0a: 11:0e:f7:35 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt/E48iYrrE0d+PWdTqsCqMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YmQ3ODU0YWEwNTBmZDZlNTUwZmM3Y2QwMmI1NTg3MzBi ZmJiN2EwHhcNMjYwMTAyMTQxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOTA1MzU4YmM4YjhiZWFiZWU2MzgyYWEyNDY2NjU2OTIyZTFjZjVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Xiwsr3bO145UyYpnRx5/5LMl9kY VVKqSH1vscxWxjQexlO2mKc3cKbWJ2MBmsEvVjobCE8HLp+jHcD0PFbJ3hGvkml3 ZHL1nEOOpzKm9ODaPf6RJkWqK3+AR1kSNtkId5LDpfQT0VDk3fwzMgBHkcBET/8+ +t8jik0gYLTPn7RcLx7y9RtnTL/1Fue7ZhllwdqzXC4Jy8Ql2+dZ+vFGIYlblLDl y2ha0gzQpKRrEbN7XExOPfaH7kTPlNczbP+uiMM+Tamzodxj3zPsiRDOU0PgC7hm mD07GkEZ9jMHk1bz/8dClPJW8zYaK+kpv7DdnObYU+qUR4p3hsHfruQwBQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFAkFNYvIuL6r7mOCqiRmZWki4c9aMB8GA1UdIwQY MBaAFMW9eFSqBQ/W5VD8fNArVYcwv7t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGIxNFZLb0ZEOWJsVVB4ODBDdFZoekNfdTNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zZjY2NDAtNWQ4Mi00YWM2LTkzODkt NmZmMWQ0MjdkOTcxLzEvQ1FVMWk4aTR2cXZ1WTRLcUpHWmxhU0xoejFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8zZjY2NDAtNWQ4Mi00YWM2LTkzODktNmZmMWQ0MjdkOTcx LzEveGIxNFZLb0ZEOWJsVVB4ODBDdFZoekNfdTNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgvNQTAN BgkqhkiG9w0BAQsFAAOCAQEAejHmDNHkXVQ28xXgki98rNtrNwGIFNV5cC4KyEPP RzXA642b5GnJqA6O/FcjUBux9s2O4cNk8wKuCFvGjbrCd/6UndfIfY4QEaxC8FPs +9ZPAL4eCHA+B4XWOnXB1wIpBiDjiy2PxE5jlDq/o/ge4sxJU7kGymletmjVjvSr XhkGXdRfc91e0BV0/urbgwvGKG2pQaX5NnvWoYt4qxnwiVA3E8UL2nJrsd9uuhDY WIQwdtWsbllO8x5wkn2wI8rfVWtEw1yL9+aVzyOJWrMVqJnHenwPL04R5p70poFz BWeBKwaIhPaTP5+PLY4sE0rup64U3mxDlG1GgOAKEQ73NQ== -----END CERTIFICATE-----Generated at Wed Jan 21 15:24:31 2026 by rpki-client