This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x-YZhoVDEK4-SQSN6PLYlXe734E.roa File: x-YZhoVDEK4-SQSN6PLYlXe734E.roa (raw, json) Hash identifier: 0yZZSNp03djJLM9y2Qzdv5uk8RY9FEpVnmt82rSM8Ro= Subject key identifier: C7:E6:19:86:85:43:10:AE:3E:49:04:8D:E8:F2:D8:95:77:BB:DF:81 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5D4D691B1B72DC1704A6BDEA03E6A9 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x-YZhoVDEK4-SQSN6PLYlXe734E.roa Signing time: Fri 02 Jan 2026 06:20:25 +0000 ROA not before: Fri 02 Jan 2026 06:20:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212227 IP address blocks: 2a0e:b107:139::/48 maxlen: 48 2a10:2f00:15e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:4d:69:1b:1b:72:dc:17:04:a6:bd:ea:03:e6:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c7e61986854310ae3e49048de8f2d89577bbdf81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:9f:5c:bc:ba:66:5e:5c:4e:33:8f:5c:96:4d: 11:34:23:2b:59:6e:5a:80:0e:5a:11:c1:17:9c:70: 17:5e:c0:76:0d:d5:06:84:4f:58:43:0b:cd:2f:d0: 59:6d:93:14:f8:dc:ad:d5:6d:ad:dc:1e:6f:6c:4b: e8:df:13:db:b1:aa:6e:a6:1f:d1:e9:eb:97:7e:9f: b8:34:c3:13:07:48:b3:07:c9:86:66:db:16:90:0b: 9a:3c:d1:4f:0b:a4:36:31:04:45:14:11:b4:8a:2e: 69:36:20:d5:cb:ba:aa:6e:92:d8:93:b8:21:51:e6: 3a:8d:45:34:27:4a:85:89:63:09:e2:2e:db:06:da: d8:bc:75:e8:b1:51:4f:32:1f:e9:f9:c2:8f:df:df: df:d6:7f:f0:57:a5:36:bb:8d:64:9e:84:be:ad:f1: 62:aa:4c:4f:bf:7f:c0:ca:ff:6d:d2:e9:7f:9e:97: 8a:d1:b1:72:73:14:e6:c9:46:9d:41:26:b6:db:da: 3d:a6:64:f8:b5:51:61:d2:de:af:f2:ef:4f:e1:d6: 44:02:e4:6b:6f:85:95:8c:e6:5c:60:3e:fd:c5:74: d1:5d:2b:d3:8a:74:ba:f7:05:0d:bd:18:a8:af:35: 5b:b2:53:91:35:f8:92:81:8e:3b:cc:f8:d4:f5:ad: f8:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:E6:19:86:85:43:10:AE:3E:49:04:8D:E8:F2:D8:95:77:BB:DF:81 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x-YZhoVDEK4-SQSN6PLYlXe734E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:b107:139::/48 2a10:2f00:15e::/48 Signature Algorithm: sha256WithRSAEncryption 3a:90:13:c2:16:23:81:1e:2b:4e:b7:65:2c:09:28:89:42:b0: 17:e7:47:e1:34:35:39:48:ee:00:de:6a:9f:fc:51:c4:ed:27: 2e:6c:55:08:db:8b:46:35:7f:d9:c7:e4:13:a7:2a:96:7c:10: 2d:d7:e2:05:98:4d:12:f3:76:9d:6f:64:33:21:dc:b3:76:aa: 77:6a:86:40:77:ec:53:5d:3d:d1:b6:be:99:07:2a:d1:93:97: 52:1e:a6:43:05:3d:d6:8b:60:c6:86:3b:72:ce:1c:e8:09:68: a4:e6:b1:e0:73:c2:b8:51:03:7f:45:26:09:3a:63:9c:1b:0a: 30:4c:b1:15:34:a3:e4:97:8d:f1:87:7f:91:50:fe:bd:af:7e: 4d:ff:3c:98:aa:98:35:3a:40:06:fb:f5:62:37:f5:66:9e:05: 7c:4e:63:a0:82:3e:9d:f6:2d:fd:24:01:71:60:54:85:0d:eb: 6c:2d:26:86:25:4b:89:68:4e:75:7f:9f:4f:b2:aa:11:63:d0: e9:71:25:4b:7c:4f:45:ea:00:92:a9:c1:93:50:fa:b9:ee:9c: 35:a2:77:13:b5:66:97:8a:9b:63:fe:6a:55:d6:a6:d8:88:d1: 7b:85:dc:a3:44:9d:ce:96:ac:30:c9:89:81:75:a3:6d:6b:66: 17:51:50:b1 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9XU1pGxty3BcEpr3qA+apMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjN2U2MTk4Njg1NDMxMGFlM2U0OTA0OGRlOGYyZDg5NTc3YmJkZjgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ9cvLpmXlxOM49clk0RNCMrWW5a gA5aEcEXnHAXXsB2DdUGhE9YQwvNL9BZbZMU+Nyt1W2t3B5vbEvo3xPbsapuph/R 6euXfp+4NMMTB0izB8mGZtsWkAuaPNFPC6Q2MQRFFBG0ii5pNiDVy7qqbpLYk7gh UeY6jUU0J0qFiWMJ4i7bBtrYvHXosVFPMh/p+cKP39/f1n/wV6U2u41knoS+rfFi qkxPv3/Ayv9t0ul/npeK0bFycxTmyUadQSa229o9pmT4tVFh0t6v8u9P4dZEAuRr b4WVjOZcYD79xXTRXSvTinS69wUNvRiorzVbslORNfiSgY47zPjU9a34FwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFMfmGYaFQxCuPkkEjejy2JV3u9+BMB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEveC1ZWmhvVkRFSzQtU1FTTjZQTFlsWGU3MzRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBwE5 AwcAKhAvAAFeMA0GCSqGSIb3DQEBCwUAA4IBAQA6kBPCFiOBHitOt2UsCSiJQrAX 50fhNDU5SO4A3mqf/FHE7ScubFUI24tGNX/Zx+QTpyqWfBAt1+IFmE0S83adb2Qz Idyzdqp3aoZAd+xTXT3Rtr6ZByrRk5dSHqZDBT3Wi2DGhjtyzhzoCWik5rHgc8K4 UQN/RSYJOmOcGwowTLEVNKPkl43xh3+RUP69r35N/zyYqpg1OkAG+/ViN/VmngV8 TmOggj6d9i39JAFxYFSFDetsLSaGJUuJaE51f59PsqoRY9DpcSVLfE9F6gCSqcGT UPq57pw1oncTtWaXiptj/mpV1qbYiNF7hdyjRJ3OlqwwyYmBdaNta2YXUVCx -----END CERTIFICATE-----Generated at Fri Jan 9 13:13:06 2026 by rpki-client