This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FgjLxUm2F9qQ3LCAXEpyFYJpvlQ.roa File: FgjLxUm2F9qQ3LCAXEpyFYJpvlQ.roa (raw, json) Hash identifier: QYgXAQxZf0ygFwExPJoofebiudOMAiTQ+hA5f99hhgw= Subject key identifier: 16:08:CB:C5:49:B6:17:DA:90:DC:B0:80:5C:4A:72:15:82:69:BE:54 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B864D1C879D95DFB35EC017F1BE3B2B31 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FgjLxUm2F9qQ3LCAXEpyFYJpvlQ.roa Signing time: Sat 03 Jan 2026 23:59:19 +0000 ROA not before: Sat 03 Jan 2026 23:59:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211626 IP address blocks: 2a0e:97c0:930::/44 maxlen: 48 2a0e:97c0:93a::/48 maxlen: 48 2a0e:97c0:93b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:86:4d:1c:87:9d:95:df:b3:5e:c0:17:f1:be:3b:2b:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 3 23:59:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1608cbc549b617da90dcb0805c4a72158269be54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:b2:b5:ea:6f:e6:23:36:bd:4c:10:e4:c1:e4: 16:a7:4d:05:be:18:ae:72:a1:4a:01:12:71:ce:0b: 37:d7:4e:a2:16:5c:db:c5:77:30:d2:08:75:7a:68: aa:a2:12:2b:42:1b:c6:a8:3b:2f:2b:c0:2f:cf:18: f7:61:b1:89:7b:0d:75:fc:8e:9e:f0:a1:80:6b:97: d4:51:90:fe:37:91:9a:bf:fa:fc:1a:03:54:5f:33: 06:82:12:4c:dc:12:f9:66:e9:90:c4:bd:8e:bd:3c: 1e:7b:15:27:e0:ad:b1:7c:39:ec:71:7c:7f:78:11: c6:cd:88:a8:d1:6b:3f:1f:be:ae:76:0f:b3:61:25: 5c:13:b9:91:d7:10:69:e4:3b:88:33:40:38:dc:ea: 75:fa:5f:fb:d8:5e:6a:09:f8:87:0a:76:cc:07:c1: 95:08:fb:5e:4b:50:c1:c7:ed:06:22:2d:2b:82:e3: ef:ba:6a:ce:0e:67:23:56:f0:ab:b0:51:7f:a0:a6: 5f:6a:4e:51:42:78:41:4c:82:72:72:35:d0:e6:ba: d0:34:8e:f7:31:76:10:b5:06:71:92:a4:f4:f6:42: 68:cb:20:4f:ef:91:e2:ba:18:67:7e:87:70:38:57: 84:e2:77:7d:79:05:be:a3:cd:40:60:94:ab:39:45: 96:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:08:CB:C5:49:B6:17:DA:90:DC:B0:80:5C:4A:72:15:82:69:BE:54 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FgjLxUm2F9qQ3LCAXEpyFYJpvlQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:97c0:930::/44 Signature Algorithm: sha256WithRSAEncryption 25:48:0f:8e:ee:35:d2:e2:9d:eb:23:37:d5:b5:b2:0b:f0:e7: f0:5d:de:ee:e3:e2:cc:32:bf:c3:95:1b:21:40:99:40:00:64: 8d:6e:6a:68:77:5b:87:6a:0d:29:6a:3a:43:52:d5:bf:53:aa: 29:9d:87:49:9a:a4:d0:ba:3a:24:fe:cf:dc:ae:12:58:61:16: 73:02:9c:96:c7:f9:47:04:1c:81:7c:27:c1:08:0e:aa:2c:34: fc:68:83:99:95:f9:ad:b4:13:e3:b9:48:ce:51:e7:14:fc:8b: e9:b6:7d:2b:9a:e9:c8:e6:02:61:47:00:3a:9f:12:28:ea:6c: d1:af:bc:28:bd:e1:ae:b4:17:3b:bd:32:3a:d5:81:1d:8b:a4: 5b:5f:59:80:01:fe:26:34:94:b2:e3:85:d0:68:f8:4b:c2:07: f3:d1:25:e3:03:26:08:69:bf:f7:47:c2:78:82:71:85:98:48: d4:b9:eb:2f:f2:ec:7e:52:a4:13:24:bb:23:4d:59:7b:81:12: 72:e3:e3:0d:48:f4:50:35:5d:78:47:ac:77:ec:78:81:da:59: c4:2b:0e:49:e1:7c:58:73:fe:21:d1:24:6e:34:9a:1b:4a:16: 39:5f:3d:6b:7a:83:9f:dd:4c:4d:e9:a5:38:b5:b5:9e:69:ee: 92:3d:bc:39 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZuGTRyHnZXfs17AF/G+OysxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAzMjM1OTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNjA4Y2JjNTQ5YjYxN2RhOTBkY2IwODA1YzRhNzIxNTgyNjliZTU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LK16m/mIza9TBDkweQWp00Fvhiu cqFKARJxzgs3106iFlzbxXcw0gh1emiqohIrQhvGqDsvK8Avzxj3YbGJew11/I6e 8KGAa5fUUZD+N5Gav/r8GgNUXzMGghJM3BL5ZumQxL2OvTweexUn4K2xfDnscXx/ eBHGzYio0Ws/H76udg+zYSVcE7mR1xBp5DuIM0A43Op1+l/72F5qCfiHCnbMB8GV CPteS1DBx+0GIi0rguPvumrODmcjVvCrsFF/oKZfak5RQnhBTIJycjXQ5rrQNI73 MXYQtQZxkqT09kJoyyBP75HiuhhnfodwOFeE4nd9eQW+o81AYJSrOUWWlwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFBYIy8VJthfakNywgFxKchWCab5UMB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvRmdqTHhVbTJGOXFRM0xDQVhFcHlGWUpwdmxRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAkw MA0GCSqGSIb3DQEBCwUAA4IBAQAlSA+O7jXS4p3rIzfVtbIL8OfwXd7u4+LMMr/D lRshQJlAAGSNbmpod1uHag0pajpDUtW/U6opnYdJmqTQujok/s/crhJYYRZzApyW x/lHBByBfCfBCA6qLDT8aIOZlfmttBPjuUjOUecU/Ivptn0rmunI5gJhRwA6nxIo 6mzRr7woveGutBc7vTI61YEdi6RbX1mAAf4mNJSy44XQaPhLwgfz0SXjAyYIab/3 R8J4gnGFmEjUuesv8ux+UqQTJLsjTVl7gRJy4+MNSPRQNV14R6x37HiB2lnEKw5J 4XxYc/4h0SRuNJobShY5Xz1reoOf3UxN6aU4tbWeae6SPbw5 -----END CERTIFICATE-----Generated at Fri Jan 9 13:13:25 2026 by rpki-client