This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/oBXcY9E5U1GBb72h8m09mGmm-Vo.roa File: oBXcY9E5U1GBb72h8m09mGmm-Vo.roa (raw, json) Hash identifier: 9fw2PFDyEVoaxUE4CEIY7mthU2LIqsQo2HGJzEoheK4= Subject key identifier: A0:15:DC:63:D1:39:53:51:81:6F:BD:A1:F2:6D:3D:98:69:A6:F9:5A Certificate issuer: /CN=cbf74cd846493138f522c57c0065b5c60512dd09 Certificate serial: 019B7910DCE1E22348BC43FFBF0C6AFB143E Authority key identifier: CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/oBXcY9E5U1GBb72h8m09mGmm-Vo.roa Signing time: Thu 01 Jan 2026 10:18:26 +0000 ROA not before: Thu 01 Jan 2026 10:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 2a06:3b80:154::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.crl rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.mft rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:dc:e1:e2:23:48:bc:43:ff:bf:0c:6a:fb:14:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbf74cd846493138f522c57c0065b5c60512dd09 Validity Not Before: Jan 1 10:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a015dc63d1395351816fbda1f26d3d9869a6f95a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:9b:fd:02:98:13:1d:84:47:d0:6b:cc:f9:54: ab:bb:ed:17:59:ce:88:3e:40:e3:5d:be:4e:b8:b3: 95:4e:cd:e6:7f:e9:8f:59:76:7f:89:7a:08:11:58: ee:3b:53:61:c2:fa:69:9f:87:d2:a6:f1:23:a6:1f: 48:23:9c:ce:cb:8f:9f:ac:57:d2:31:35:39:f6:61: 26:e2:bf:df:68:6a:b0:d6:f6:ad:38:60:df:b4:61: 2c:99:c6:00:3d:8f:37:ca:e1:73:c1:bc:3f:02:de: 5d:df:a6:3c:62:ee:02:b7:34:1b:60:57:7d:ef:c5: ad:38:15:d8:64:05:23:61:25:71:cc:d4:09:0d:50: a4:29:9c:be:98:c7:ed:82:70:c8:27:3c:3c:b3:6e: f8:13:dc:1e:c8:92:4d:6c:63:c9:f3:4c:46:f6:61: fb:0c:5f:e3:96:f9:8f:f2:c5:9d:47:d2:7f:68:45: 31:43:32:5b:17:df:06:50:6d:23:54:1d:9f:bd:20: 6b:01:da:ce:2d:42:0d:8b:82:24:bf:90:76:d7:9e: 74:24:45:61:81:c4:24:0e:bd:39:5a:54:f2:63:16: e5:9c:1c:ee:51:6b:d5:af:b8:8a:3d:60:73:23:f0: b7:13:23:ca:56:53:23:11:c0:ce:9c:34:62:01:77: 41:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:15:DC:63:D1:39:53:51:81:6F:BD:A1:F2:6D:3D:98:69:A6:F9:5A X509v3 Authority Key Identifier: keyid:CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/oBXcY9E5U1GBb72h8m09mGmm-Vo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:3b80:154::/48 Signature Algorithm: sha256WithRSAEncryption 99:72:8c:e8:e2:ca:49:73:25:7d:20:c8:47:e3:3f:00:72:f7: 6d:e4:0b:ce:6e:b1:c0:b8:0b:f9:b2:d4:87:03:4d:23:50:c3: 00:29:d1:7a:28:aa:fa:3a:bc:0e:23:ae:37:bc:d7:94:9b:69: 71:69:a6:73:86:c6:f3:25:50:9d:f7:fc:3a:38:c8:d2:00:bb: 7e:2c:f0:87:2e:be:72:03:fd:e7:f5:0b:e9:92:95:1f:f1:e8: a4:e7:63:e8:91:ab:7a:92:ca:2e:f8:2f:6d:af:33:83:e4:37: e9:e1:72:6c:3f:1a:36:28:77:62:13:16:26:12:ed:f5:a8:5e: 34:8f:63:cb:be:65:68:5c:98:2c:d3:57:10:cb:d1:e5:5f:af: 81:32:24:44:66:6f:88:cf:ea:1f:55:1f:ea:8c:82:d8:0c:ea: a6:e5:da:e4:ae:2c:68:e7:e4:fa:ae:c7:ad:e4:14:05:61:68: 78:c2:28:05:9a:ec:96:89:21:fd:a6:d6:dc:f0:57:d0:76:08: 35:f9:a9:f2:14:96:23:7c:78:81:b9:95:f9:bc:73:50:e5:af: 11:a5:fc:6e:d2:22:f0:6b:54:1d:28:f2:0d:32:fc:5c:c4:21: a5:10:d9:11:c7:20:74:61:82:c1:61:1d:07:cd:fa:cd:7e:d4: b4:5a:51:a3 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5ENzh4iNIvEP/vwxq+xQ+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiZjc0Y2Q4NDY0OTMxMzhmNTIyYzU3YzAwNjViNWM2MDUx MmRkMDkwHhcNMjYwMTAxMTAxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDE1ZGM2M2QxMzk1MzUxODE2ZmJkYTFmMjZkM2Q5ODY5YTZmOTVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5v9ApgTHYRH0GvM+VSru+0XWc6I PkDjXb5OuLOVTs3mf+mPWXZ/iXoIEVjuO1Nhwvppn4fSpvEjph9II5zOy4+frFfS MTU59mEm4r/faGqw1vatOGDftGEsmcYAPY83yuFzwbw/At5d36Y8Yu4CtzQbYFd9 78WtOBXYZAUjYSVxzNQJDVCkKZy+mMftgnDIJzw8s274E9weyJJNbGPJ80xG9mH7 DF/jlvmP8sWdR9J/aEUxQzJbF98GUG0jVB2fvSBrAdrOLUINi4Ikv5B21550JEVh gcQkDr05WlTyYxblnBzuUWvVr7iKPWBzI/C3EyPKVlMjEcDOnDRiAXdB9wIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFKAV3GPROVNRgW+9ofJtPZhppvlaMB8GA1UdIwQY MBaAFMv3TNhGSTE49SLFfABltcYFEt0JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveV9kTTJFWkpNVGoxSXNWOEFHVzF4Z1VTM1FrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zNDg3ODktMzIwOC00ODQ3LTljM2Yt OTgyZDFmMjFhMzJiLzEvb0JYY1k5RTVVMUdCYjcyaDhtMDltR21tLVZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zNDg3ODktMzIwOC00ODQ3LTljM2YtOTgyZDFmMjFhMzJi LzEveV9kTTJFWkpNVGoxSXNWOEFHVzF4Z1VTM1FrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgY7gAFU MA0GCSqGSIb3DQEBCwUAA4IBAQCZcozo4spJcyV9IMhH4z8Acvdt5AvObrHAuAv5 stSHA00jUMMAKdF6KKr6OrwOI643vNeUm2lxaaZzhsbzJVCd9/w6OMjSALt+LPCH Lr5yA/3n9QvpkpUf8eik52Pokat6ksou+C9trzOD5Dfp4XJsPxo2KHdiExYmEu31 qF40j2PLvmVoXJgs01cQy9HlX6+BMiREZm+Iz+ofVR/qjILYDOqm5drkrixo5+T6 rset5BQFYWh4wigFmuyWiSH9ptbc8FfQdgg1+anyFJYjfHiBuZX5vHNQ5a8Rpfxu 0iLwa1QdKPINMvxcxCGlENkRxyB0YYLBYR0HzfrNftS0WlGj -----END CERTIFICATE-----Generated at Wed Jan 7 23:47:56 2026 by rpki-client