This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ciy8_zmOx6Mqj3ft6nwaZblyVp0.roa File: ciy8_zmOx6Mqj3ft6nwaZblyVp0.roa (raw, json) Hash identifier: XjcrCdg79q4ZGmJleMuiyChuiHpDp4plLOQmOWSeabs= Subject key identifier: 72:2C:BC:FF:39:8E:C7:A3:2A:8F:77:ED:EA:7C:1A:65:B9:72:56:9D Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5D535586635A4F18C90D57E21B52A9 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ciy8_zmOx6Mqj3ft6nwaZblyVp0.roa Signing time: Fri 02 Jan 2026 06:20:26 +0000 ROA not before: Fri 02 Jan 2026 06:20:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212568 IP address blocks: 2a10:2f00:151::/48 maxlen: 48 2a10:2f01:300::/44 maxlen: 48 2a10:2f01:30a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:53:55:86:63:5a:4f:18:c9:0d:57:e2:1b:52:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=722cbcff398ec7a32a8f77edea7c1a65b972569d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:23:dd:74:1f:b5:f6:17:bb:66:be:b4:36:38: bd:36:97:a4:b4:62:08:19:b2:1e:05:c7:e3:a6:92: 2b:6b:25:22:54:02:13:57:51:34:03:6a:b7:1d:34: c2:70:32:5a:f2:63:54:bf:1f:79:64:be:34:67:af: 33:5b:fe:6c:28:71:b3:4b:d8:14:f2:95:60:57:8d: 4d:1f:1f:87:59:d5:b0:88:0a:3b:7d:a6:09:25:57: 0b:e7:e2:63:b7:59:d9:6d:2f:4f:da:47:f6:4c:40: bf:96:ee:b5:d0:b3:04:32:58:f3:b8:18:9e:bb:44: b0:d8:3a:f5:23:f0:f5:dd:57:c8:97:7a:22:f1:af: c5:10:dd:2f:a1:33:aa:e4:1a:49:c0:c1:62:67:bd: f7:68:b5:8f:86:d9:97:a6:4e:f7:d2:63:04:aa:e4: 82:8f:57:5a:71:60:84:4f:9a:c0:64:43:76:58:59: 79:25:3a:7e:33:46:81:49:7c:cb:05:7d:a8:d9:c5: 2c:01:7b:68:0d:df:99:fa:89:b5:0b:fe:a5:26:1d: b5:4c:4b:ee:06:7c:ff:4e:fc:46:5c:67:1f:ea:bb: 5e:11:7f:58:74:db:ac:6d:73:d1:2c:c5:c2:5c:11: 23:b6:1f:8d:12:d6:4e:31:3f:c9:f5:21:2b:2f:a6: f0:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:2C:BC:FF:39:8E:C7:A3:2A:8F:77:ED:EA:7C:1A:65:B9:72:56:9D X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ciy8_zmOx6Mqj3ft6nwaZblyVp0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:2f00:151::/48 2a10:2f01:300::/44 Signature Algorithm: sha256WithRSAEncryption 0d:58:70:a4:37:6e:35:25:9d:98:36:25:87:04:45:3d:2d:16: 2d:82:b7:a8:fe:bf:f1:10:f8:1c:27:72:e1:44:7d:e5:d6:12: c7:d1:2c:22:71:08:fb:c8:5a:2e:94:aa:06:29:5c:c9:6e:5f: 5e:34:8d:84:c6:72:ba:36:81:6a:53:8f:70:3d:28:8b:ce:0c: 74:6d:a4:24:2f:2b:b6:c3:2e:9a:83:9f:3d:a3:32:ea:f0:c7: 24:1b:b5:21:2f:d2:fa:a0:3a:ab:76:cf:1f:90:4f:d4:48:fd: df:30:33:1c:8b:69:3b:16:5c:97:47:0b:13:74:25:03:a3:4c: 56:64:66:a1:a6:4e:10:a4:ae:eb:a1:a7:c0:29:64:aa:2b:5d: 81:d0:bd:24:82:06:16:ba:27:3d:5d:29:09:02:ae:80:bb:a5: e0:7d:5a:d2:7e:b0:87:c7:98:d5:fd:c5:19:40:8e:5b:30:14: d6:cb:7d:a8:5d:6f:da:bb:14:3e:70:36:7c:9a:f0:fc:ff:64: 4b:b1:49:72:91:dd:bb:e7:6c:61:3a:02:6d:90:e8:c2:ff:68: 22:e0:7d:7a:9a:fb:25:fb:09:a5:98:d8:9d:f0:59:b2:97:24: 4c:ba:6f:29:72:fd:4e:a4:3c:a9:62:39:d6:94:69:f0:fc:b9: 86:0f:34:06 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9XVNVhmNaTxjJDVfiG1KpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjJjYmNmZjM5OGVjN2EzMmE4Zjc3ZWRlYTdjMWE2NWI5NzI1NjlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yPddB+19he7Zr60Nji9NpektGII GbIeBcfjppIrayUiVAITV1E0A2q3HTTCcDJa8mNUvx95ZL40Z68zW/5sKHGzS9gU 8pVgV41NHx+HWdWwiAo7faYJJVcL5+Jjt1nZbS9P2kf2TEC/lu610LMEMljzuBie u0Sw2Dr1I/D13VfIl3oi8a/FEN0voTOq5BpJwMFiZ733aLWPhtmXpk730mMEquSC j1dacWCET5rAZEN2WFl5JTp+M0aBSXzLBX2o2cUsAXtoDd+Z+om1C/6lJh21TEvu Bnz/TvxGXGcf6rteEX9YdNusbXPRLMXCXBEjth+NEtZOMT/J9SErL6bw1wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFHIsvP85jsejKo937ep8GmW5cladMB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvY2l5OF96bU94Nk1xajNmdDZud2FaYmx5VnAwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhAvAAFR AwcEKhAvAQMAMA0GCSqGSIb3DQEBCwUAA4IBAQANWHCkN241JZ2YNiWHBEU9LRYt greo/r/xEPgcJ3LhRH3l1hLH0SwicQj7yFoulKoGKVzJbl9eNI2ExnK6NoFqU49w PSiLzgx0baQkLyu2wy6ag589ozLq8MckG7UhL9L6oDqrds8fkE/USP3fMDMci2k7 FlyXRwsTdCUDo0xWZGahpk4QpK7roafAKWSqK12B0L0kggYWuic9XSkJAq6Au6Xg fVrSfrCHx5jV/cUZQI5bMBTWy32oXW/auxQ+cDZ8mvD8/2RLsUlykd2752xhOgJt kOjC/2gi4H16mvsl+wmlmNid8FmylyRMum8pcv1OpDypYjnWlGnw/LmGDzQG -----END CERTIFICATE-----Generated at Fri Jan 9 13:11:50 2026 by rpki-client