This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/9ybQ34e8dEmBjQ6HOBBKZDyyZdQ.roa File: 9ybQ34e8dEmBjQ6HOBBKZDyyZdQ.roa (raw, json) Hash identifier: cdlCSuNwjoKBSHjatuM6HP4m/AWkOkUbKPwUi14aP4g= Subject key identifier: F7:26:D0:DF:87:BC:74:49:81:8D:0E:87:38:10:4A:64:3C:B2:65:D4 Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad Certificate serial: 019A934890E54E87BD0CF7AADF94C7550A60 Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/9ybQ34e8dEmBjQ6HOBBKZDyyZdQ.roa Signing time: Mon 17 Nov 2025 19:26:37 +0000 ROA not before: Mon 17 Nov 2025 19:26:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 212238 IP address blocks: 2a12:6d80::/29 maxlen: 29 2a13:c540::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.mft rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 07:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:93:48:90:e5:4e:87:bd:0c:f7:aa:df:94:c7:55:0a:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad Validity Not Before: Nov 17 19:26:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f726d0df87bc7449818d0e8738104a643cb265d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:78:4c:1f:7e:a3:a0:69:d2:1e:89:7c:f3:0c: 99:90:88:44:26:23:35:4f:b4:fd:ea:2e:a4:82:bd: fb:49:4e:ea:75:c5:3e:5c:08:96:cb:16:f4:11:8b: f2:82:08:90:7c:2d:61:c5:88:6c:98:f1:9b:c9:11: 55:ce:50:ad:4b:60:7e:3f:e2:9e:47:1a:bf:b3:9f: bb:d3:02:b9:3a:4d:6e:4f:8c:71:71:b0:70:45:b3: ed:36:b5:39:d4:d1:83:3a:8f:93:8d:45:6c:11:8a: f1:bb:ce:53:a2:ac:81:0d:ff:d5:34:00:83:e7:fa: 37:dd:72:b3:1c:ff:31:24:03:a5:dc:ed:32:c3:a5: 2b:b7:0d:98:24:22:ec:ba:54:ff:38:ef:24:4a:c1: 48:54:12:c1:3d:b7:2d:55:c0:71:1b:9f:0f:e5:f4: 06:f4:97:84:78:4f:c7:f7:61:fd:0b:26:ce:ab:f8: 17:83:cc:18:26:74:cc:c6:c3:40:04:61:a2:60:78: f4:a7:85:c9:28:50:3a:d5:0c:e7:91:c9:ce:6b:3b: 16:86:2c:a3:6f:7c:83:61:bf:12:50:c7:3d:91:6a: ea:5f:13:93:0e:2f:01:07:28:ab:cd:e2:c4:8f:21: d2:85:c9:04:b1:85:0c:1b:67:30:b5:1e:66:3f:2b: 30:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:26:D0:DF:87:BC:74:49:81:8D:0E:87:38:10:4A:64:3C:B2:65:D4 X509v3 Authority Key Identifier: keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/9ybQ34e8dEmBjQ6HOBBKZDyyZdQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:6d80::/29 2a13:c540::/29 Signature Algorithm: sha256WithRSAEncryption 3e:e6:6f:b8:70:df:fc:1d:e4:69:22:6e:bc:f2:85:5b:9f:7f: d7:f6:c8:4e:b0:be:f8:7b:ab:bb:bb:3a:12:17:b5:98:52:df: 3d:e3:d6:4c:30:8d:76:c7:05:39:08:bd:c8:af:44:a6:c8:be: 0b:a2:2d:83:66:d5:ad:42:58:ca:ca:e7:f4:3d:2a:27:c5:87: 5e:50:c7:03:25:28:1d:60:0b:00:ef:94:05:69:9f:bc:04:f3: b1:ca:1a:3c:48:50:20:ac:cc:06:8a:51:83:92:fc:24:60:12: 5e:cc:c2:fd:d0:08:56:5e:2d:b3:97:63:01:52:10:83:62:d2: b9:6e:d4:b2:12:49:b4:73:bb:b4:a3:d2:ad:12:a7:9d:32:46: bb:79:46:65:82:02:66:7e:ed:59:3c:aa:72:3b:63:27:3f:a2: 4a:8f:03:98:f5:3c:d0:af:a1:20:3b:44:73:cb:a2:4c:44:de: 2d:a0:e2:ed:84:45:a5:af:f5:cb:28:83:5e:74:98:f5:40:da: 25:68:9b:cf:44:2a:7c:a3:2f:32:2b:64:28:4e:de:95:12:2e: a1:28:e6:42:86:c8:80:a9:49:dd:60:0b:4c:65:2e:f0:d8:15: 51:9e:38:8e:88:7e:6f:9d:dd:07:6c:13:46:15:ea:60:a8:26: 45:d6:a5:02 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZqTSJDlToe9DPeq35THVQpgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0 NjExYWQwHhcNMjUxMTE3MTkyNjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNzI2ZDBkZjg3YmM3NDQ5ODE4ZDBlODczODEwNGE2NDNjYjI2NWQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3hMH36joGnSHol88wyZkIhEJiM1 T7T96i6kgr37SU7qdcU+XAiWyxb0EYvyggiQfC1hxYhsmPGbyRFVzlCtS2B+P+Ke Rxq/s5+70wK5Ok1uT4xxcbBwRbPtNrU51NGDOo+TjUVsEYrxu85ToqyBDf/VNACD 5/o33XKzHP8xJAOl3O0yw6Urtw2YJCLsulT/OO8kSsFIVBLBPbctVcBxG58P5fQG 9JeEeE/H92H9CybOq/gXg8wYJnTMxsNABGGiYHj0p4XJKFA61QznkcnOazsWhiyj b3yDYb8SUMc9kWrqXxOTDi8BByirzeLEjyHShckEsYUMG2cwtR5mPysweQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFPcm0N+HvHRJgY0OhzgQSmQ8smXUMB8GA1UdIwQY MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct YzVkODk1MDgxOGVjLzEvOXliUTM0ZThkRW1CalE2SE9CQktaRHl5WmRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhJtgAMF AyoTxUAwDQYJKoZIhvcNAQELBQADggEBAD7mb7hw3/wd5GkibrzyhVuff9f2yE6w vvh7q7u7OhIXtZhS3z3j1kwwjXbHBTkIvcivRKbIvguiLYNm1a1CWMrK5/Q9KifF h15QxwMlKB1gCwDvlAVpn7wE87HKGjxIUCCszAaKUYOS/CRgEl7Mwv3QCFZeLbOX YwFSEINi0rlu1LISSbRzu7Sj0q0Sp50yRrt5RmWCAmZ+7Vk8qnI7Yyc/okqPA5j1 PNCvoSA7RHPLokxE3i2g4u2ERaWv9csog150mPVA2iVom89EKnyjLzIrZChO3pUS LqEo5kKGyICpSd1gC0xlLvDYFVGeOI6Ifm+d3QdsE0YV6mCoJkXWpQI= -----END CERTIFICATE-----Generated at Wed Dec 3 12:02:54 2025 by rpki-client