This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/pK6hDJxmfZUaCBepnWZvEBb9jQ8.roa File: pK6hDJxmfZUaCBepnWZvEBb9jQ8.roa (raw, json) Hash identifier: +OSS7va6u+BokiYgs5Z+5mtwaa42GT6KDBzxwPZg2k4= Subject key identifier: A4:AE:A1:0C:9C:66:7D:95:1A:08:17:A9:9D:66:6F:10:16:FD:8D:0F Certificate issuer: /CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f Certificate serial: 019B7DC9A4BC7516914F854C5F675A973919 Authority key identifier: FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/pK6hDJxmfZUaCBepnWZvEBb9jQ8.roa Signing time: Fri 02 Jan 2026 08:18:45 +0000 ROA not before: Fri 02 Jan 2026 08:18:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 2a0a:4540:220::/48 maxlen: 48 2a0a:4540:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.mft rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 14:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:a4:bc:75:16:91:4f:85:4c:5f:67:5a:97:39:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f Validity Not Before: Jan 2 08:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a4aea10c9c667d951a0817a99d666f1016fd8d0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:31:33:de:21:8f:84:06:2a:2a:88:22:7b:53: 64:32:fa:94:5d:6e:da:6e:8b:4c:96:b9:aa:3d:83: 4f:ca:01:d1:21:59:e1:a1:ec:cd:2e:b9:c5:5e:fb: 03:96:c4:67:11:59:fa:04:b2:8b:02:c4:91:84:46: 17:9a:b6:09:1b:51:f8:18:f9:dd:ac:bb:4b:5e:b6: c1:55:b4:f8:4b:64:61:ae:a7:ad:ba:d5:1a:4a:cf: 62:b2:a4:64:ae:91:ee:dd:ec:68:28:1b:9a:ab:8c: 7a:79:11:57:1b:ee:45:1c:f7:19:b8:2a:ed:7d:c9: 0e:59:ec:0c:c9:6d:92:49:63:cb:1e:7e:38:91:0e: b8:8d:08:9e:61:bf:14:56:03:cd:45:c3:29:4a:9a: 05:da:e3:24:77:04:59:1a:58:ef:dc:ed:32:a7:c6: 0b:3e:b0:e4:01:44:d3:d1:d4:f7:f6:72:62:31:d6: 18:52:30:d1:5d:79:d2:b1:d5:a4:3f:03:a2:cc:d0: b0:ea:f1:15:e2:22:a1:77:a7:81:ed:b2:ba:61:43: 8f:90:b6:64:16:dd:c8:6c:d3:38:8f:b6:31:22:d5: c2:b9:55:26:11:d9:6e:84:3a:c5:f4:3e:0c:b4:85: 74:23:03:26:fa:08:7d:af:43:59:72:58:3b:7f:46: 28:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:AE:A1:0C:9C:66:7D:95:1A:08:17:A9:9D:66:6F:10:16:FD:8D:0F X509v3 Authority Key Identifier: keyid:FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/pK6hDJxmfZUaCBepnWZvEBb9jQ8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:4540:220::/48 2a0a:4540:1000::/48 Signature Algorithm: sha256WithRSAEncryption 8c:d1:c4:58:06:77:9f:0b:15:da:96:44:a2:74:03:a1:34:57: f0:a9:7c:56:ea:f4:58:89:82:e4:5e:23:22:56:db:d9:39:c6: ad:ce:52:dd:48:c0:82:9a:8a:15:0d:fb:d4:71:53:60:bc:aa: 8e:2f:7c:72:41:1c:75:8a:b7:56:5d:4f:aa:9f:62:1c:86:c5: 6f:73:e1:ae:5e:88:27:8b:67:cb:b1:1e:d2:22:ba:87:70:a2: ca:5d:be:1c:89:05:3f:18:eb:f4:57:27:8e:cb:da:34:d7:b5: ee:cf:bf:22:d1:d9:df:cd:8c:f8:79:6b:73:95:f4:f0:a2:50: d1:c4:a0:b2:0a:b3:e9:0a:a8:6a:58:ce:8b:16:58:53:96:85: a5:8c:97:ce:51:cd:36:03:cf:ef:1d:ff:50:b8:e1:66:f8:e9: e5:52:61:68:1c:78:c9:d9:9b:ab:7d:2e:c5:a8:ba:61:ee:67: fc:39:f0:5f:65:47:6d:e4:d0:1e:24:1f:bc:1e:d8:48:95:d2: 6a:5a:ff:33:ca:89:78:24:8a:cf:35:40:08:9e:a4:7d:a5:da: 35:ed:15:bb:c0:d0:b8:9d:cc:57:a5:1c:2d:2e:20:80:4f:b2: 0f:57:be:c8:50:af:ba:ee:89:af:2f:3b:91:da:64:23:01:31: dc:22:9a:ba -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt9yaS8dRaRT4VMX2dalzkZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZiYWM1MGYxOWQ5OTMwYWVlYzA5Y2QyN2Y1MDhmYzUwMmVh MTRkMWYwHhcNMjYwMTAyMDgxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNGFlYTEwYzljNjY3ZDk1MWEwODE3YTk5ZDY2NmYxMDE2ZmQ4ZDBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzEz3iGPhAYqKogie1NkMvqUXW7a botMlrmqPYNPygHRIVnhoezNLrnFXvsDlsRnEVn6BLKLAsSRhEYXmrYJG1H4GPnd rLtLXrbBVbT4S2RhrqetutUaSs9isqRkrpHu3exoKBuaq4x6eRFXG+5FHPcZuCrt fckOWewMyW2SSWPLHn44kQ64jQieYb8UVgPNRcMpSpoF2uMkdwRZGljv3O0yp8YL PrDkAUTT0dT39nJiMdYYUjDRXXnSsdWkPwOizNCw6vEV4iKhd6eB7bK6YUOPkLZk Ft3IbNM4j7YxItXCuVUmEdluhDrF9D4MtIV0IwMm+gh9r0NZclg7f0YoNQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFKSuoQycZn2VGggXqZ1mbxAW/Y0PMB8GA1UdIwQY MBaAFPusUPGdmTCu7AnNJ/UI/FAuoU0fMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS02eFE4WjJaTUs3c0NjMG45UWo4VUM2aFRSOC5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvOGZjMDlkLTdkMjUtNDI1Yy04Yjkx LWQ2MmU0NTRiZjM3Zi8xL3BLNmhESnhtZlpVYUNCZXBuV1p2RUJiOWpROC5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNGUvOGZjMDlkLTdkMjUtNDI1Yy04YjkxLWQ2MmU0NTRiZjM3 Zi8xLzEtNnhROFoyWk1LN3NDYzBuOVFqOFVDNmhUUjguY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgACMBIDBwAqCkVA AiADBwAqCkVAEAAwDQYJKoZIhvcNAQELBQADggEBAIzRxFgGd58LFdqWRKJ0A6E0 V/CpfFbq9FiJguReIyJW29k5xq3OUt1IwIKaihUN+9RxU2C8qo4vfHJBHHWKt1Zd T6qfYhyGxW9z4a5eiCeLZ8uxHtIiuodwospdvhyJBT8Y6/RXJ47L2jTXte7PvyLR 2d/NjPh5a3OV9PCiUNHEoLIKs+kKqGpYzosWWFOWhaWMl85RzTYDz+8d/1C44Wb4 6eVSYWgceMnZm6t9LsWoumHuZ/w58F9lR23k0B4kH7we2EiV0mpa/zPKiXgkis81 QAiepH2l2jXtFbvA0LidzFelHC0uIIBPsg9XvshQr7ruia8vO5HaZCMBMdwimro= -----END CERTIFICATE-----Generated at Wed Jan 7 23:47:46 2026 by rpki-client