This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xm1GQjgoUMlvJ2-dphxvm_WO8g8.roa File: xm1GQjgoUMlvJ2-dphxvm_WO8g8.roa (raw, json) Hash identifier: kJW/Eq3qzrrKZkGYCLdmqbbaErxCgveBVW7j/m5AkN4= Subject key identifier: C6:6D:46:42:38:28:50:C9:6F:27:6F:9D:A6:1C:6F:9B:F5:8E:F2:0F Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5CA8685FEE7E4600FD907EEA1F05B2 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xm1GQjgoUMlvJ2-dphxvm_WO8g8.roa Signing time: Fri 02 Jan 2026 06:19:42 +0000 ROA not before: Fri 02 Jan 2026 06:19:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35708 IP address blocks: 2a10:2f00:173::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:a8:68:5f:ee:7e:46:00:fd:90:7e:ea:1f:05:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:19:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c66d4642382850c96f276f9da61c6f9bf58ef20f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a1:16:75:eb:fc:3e:91:f5:30:08:54:03:ea: 0a:20:d7:09:dc:c5:22:ce:df:68:fb:f2:f1:08:b1: a4:a8:49:8a:09:1d:b3:aa:3a:7f:63:19:49:9b:dd: ce:1e:08:4a:5c:06:3b:ee:09:df:db:d1:30:31:fb: 1e:ca:74:54:b2:37:41:84:40:66:6a:46:bb:70:cb: e4:56:99:a3:23:60:b2:e4:6e:ae:81:af:15:9e:40: 0f:a8:8e:39:00:60:80:ec:f0:bf:c1:75:28:39:94: d3:53:4c:49:54:bb:2a:bc:ab:20:85:bf:98:df:80: f8:6b:09:22:6f:c8:b0:2e:8b:48:7d:9c:bc:81:8e: bf:2a:92:42:b8:5a:5c:11:13:d7:79:32:a9:f9:e5: be:75:74:79:d7:51:a7:19:a1:82:95:59:6b:72:d2: 08:14:40:65:ad:ef:e4:26:5d:e1:d5:be:4a:b3:77: cb:28:48:1b:6f:fe:75:26:b4:87:f9:32:76:b2:46: 0b:b3:06:67:67:2b:48:16:00:c6:e8:7c:42:b4:5b: 67:06:1b:d0:02:8e:23:d4:7d:31:0c:5e:f9:37:a7: 0e:d7:14:23:08:2e:ba:03:60:b1:77:6b:cb:44:f2: cc:77:2f:3d:ce:23:63:ed:88:56:02:fb:17:81:8b: c9:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:6D:46:42:38:28:50:C9:6F:27:6F:9D:A6:1C:6F:9B:F5:8E:F2:0F X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xm1GQjgoUMlvJ2-dphxvm_WO8g8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:2f00:173::/48 Signature Algorithm: sha256WithRSAEncryption 4e:ce:36:07:fb:70:76:9d:24:32:f9:41:0e:09:ee:d0:8b:e4: a1:d2:7a:17:25:de:d8:38:f8:40:a7:63:57:79:b7:14:5a:05: 81:10:05:de:73:7a:fc:a9:13:e3:db:bd:95:c5:0d:38:6d:cf: 52:9f:a2:9d:1a:cb:a5:6d:08:6c:b5:9e:63:13:0a:38:d8:27: 7c:97:00:35:2f:4e:88:bb:dd:c5:87:e9:f3:25:c3:aa:17:25: 46:c1:b6:b0:b5:a2:f7:b0:73:71:c3:43:7d:f1:a8:b6:ec:7e: e9:07:fb:8a:87:64:99:f4:28:7f:a5:67:57:cb:dc:1b:a9:1a: ed:5d:1c:3e:59:0c:e4:21:9c:8d:59:96:bb:fc:13:e3:d6:97: 92:95:69:25:af:bb:32:40:97:8c:7f:97:97:77:5a:7d:2f:a7: 0a:7d:71:64:d0:0f:23:11:54:63:2a:49:44:30:20:47:37:19: 30:ee:6a:05:1b:86:59:ef:07:e8:69:90:a4:21:13:c6:10:92: f6:a5:27:cd:a1:bf:5d:b5:94:b8:58:14:28:07:cb:c6:0e:ac: bc:9a:3c:f6:e0:2f:b3:9d:c0:7c:95:2d:cf:57:03:e6:5f:24: 74:3c:9f:cb:82:13:84:0b:a3:09:e0:ec:87:72:25:00:76:68: f4:d5:b8:f8 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9XKhoX+5+RgD9kH7qHwWyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjZkNDY0MjM4Mjg1MGM5NmYyNzZmOWRhNjFjNmY5YmY1OGVmMjBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKEWdev8PpH1MAhUA+oKINcJ3MUi zt9o+/LxCLGkqEmKCR2zqjp/YxlJm93OHghKXAY77gnf29EwMfseynRUsjdBhEBm aka7cMvkVpmjI2Cy5G6uga8VnkAPqI45AGCA7PC/wXUoOZTTU0xJVLsqvKsghb+Y 34D4awkib8iwLotIfZy8gY6/KpJCuFpcERPXeTKp+eW+dXR511GnGaGClVlrctII FEBlre/kJl3h1b5Ks3fLKEgbb/51JrSH+TJ2skYLswZnZytIFgDG6HxCtFtnBhvQ Ao4j1H0xDF75N6cO1xQjCC66A2Cxd2vLRPLMdy89ziNj7YhWAvsXgYvJywIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFMZtRkI4KFDJbydvnaYcb5v1jvIPMB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEveG0xR1FqZ29VTWx2SjItZHBoeHZtX1dPOGc4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAFz MA0GCSqGSIb3DQEBCwUAA4IBAQBOzjYH+3B2nSQy+UEOCe7Qi+Sh0noXJd7YOPhA p2NXebcUWgWBEAXec3r8qRPj272VxQ04bc9Sn6KdGsulbQhstZ5jEwo42Cd8lwA1 L06Iu93Fh+nzJcOqFyVGwbawtaL3sHNxw0N98ai27H7pB/uKh2SZ9Ch/pWdXy9wb qRrtXRw+WQzkIZyNWZa7/BPj1peSlWklr7syQJeMf5eXd1p9L6cKfXFk0A8jEVRj KklEMCBHNxkw7moFG4ZZ7wfoaZCkIRPGEJL2pSfNob9dtZS4WBQoB8vGDqy8mjz2 4C+zncB8lS3PVwPmXyR0PJ/LghOEC6MJ4OyHciUAdmj01bj4 -----END CERTIFICATE-----Generated at Fri Jan 9 13:13:08 2026 by rpki-client