This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/L_gZ3-4mXb8uUaK9zYcQdqgzuVQ.roa File: L_gZ3-4mXb8uUaK9zYcQdqgzuVQ.roa (raw, json) Hash identifier: 9aEve+g3mjxfAsC8OwBnmK6emti3IKityLVemz6JL0c= Subject key identifier: 2F:F8:19:DF:EE:26:5D:BF:2E:51:A2:BD:CD:87:10:76:A8:33:B9:54 Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c Certificate serial: 019B7DCB7E7C551ECE525DBD71AF1CC2D8F0 Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/L_gZ3-4mXb8uUaK9zYcQdqgzuVQ.roa Signing time: Fri 02 Jan 2026 08:20:46 +0000 ROA not before: Fri 02 Jan 2026 08:20:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206174 IP address blocks: 2a0d:d3c0::/29 maxlen: 29 2a0d:e246::/32 maxlen: 32 2a0d:f5c0::/29 maxlen: 29 2a0e:8c0::/29 maxlen: 29 2a11:ec1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:7e:7c:55:1e:ce:52:5d:bd:71:af:1c:c2:d8:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c Validity Not Before: Jan 2 08:20:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2ff819dfee265dbf2e51a2bdcd871076a833b954 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f9:19:22:8a:45:0a:40:2a:a7:ab:e7:af:f4: 99:39:25:ab:56:69:f1:a6:2c:d7:aa:d2:a6:4f:d7: 97:d8:ee:19:20:d0:d6:98:ad:ee:06:eb:48:ac:31: 4e:42:7d:b8:09:89:2f:46:29:c7:d4:aa:78:e4:df: f8:ec:84:3d:62:07:96:ad:aa:98:78:42:e9:ff:56: 9a:47:56:46:dc:ef:a4:16:61:7f:43:62:51:ca:df: 58:39:b1:98:fd:59:56:ce:82:1a:d6:42:3a:34:6a: f9:c4:3e:c1:05:0d:ae:9e:40:79:70:02:b7:90:ee: be:b0:e1:ef:f4:52:46:48:cf:7b:2e:f6:ed:b8:27: 3f:0c:32:27:cc:f5:b6:0f:9b:db:63:e0:fb:ad:a1: a1:6a:24:bc:4c:0d:46:d3:6f:86:db:5a:7f:e0:97: 46:6c:49:af:9b:40:7d:02:8b:53:84:6e:dd:54:f0: 37:45:58:57:41:f7:02:c6:6a:13:50:b4:f2:48:02: 36:13:3e:6c:3f:d9:20:e5:d7:72:94:ca:29:98:52: 57:e0:7a:f3:1b:6a:3b:22:ed:06:a1:64:32:f7:22: 5b:39:c5:93:8f:18:eb:78:94:05:be:c0:6d:6d:78: 63:98:b6:95:73:10:27:a6:4c:a6:e4:13:f3:a0:f6: dc:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:F8:19:DF:EE:26:5D:BF:2E:51:A2:BD:CD:87:10:76:A8:33:B9:54 X509v3 Authority Key Identifier: keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/L_gZ3-4mXb8uUaK9zYcQdqgzuVQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:d3c0::/29 2a0d:e246::/32 2a0d:f5c0::/29 2a0e:8c0::/29 2a11:ec1::/32 Signature Algorithm: sha256WithRSAEncryption 91:c3:80:bf:7c:1a:66:bb:3a:1e:ae:28:cd:d0:68:b9:f8:a3: 29:0d:f7:03:51:c9:a4:33:d8:4f:31:4b:03:c6:76:df:0a:82: fb:f7:14:4a:05:2a:c0:ad:f0:e8:2f:07:aa:ff:7b:8c:63:a0: 8e:88:ba:15:68:9d:47:09:a2:4f:3f:aa:ef:b5:7b:ff:38:47: 85:81:3f:5f:fb:85:0c:3c:a5:c7:d9:66:19:7e:1b:6c:cc:0c: a2:c9:9a:7c:1d:6e:90:94:0c:b0:ae:04:d6:fa:34:50:d6:0b: 20:e4:ed:57:e0:7c:19:16:b5:a6:d6:47:7f:33:e1:ff:8b:63: 71:14:7d:2d:19:5e:b4:cb:3b:32:4f:6a:28:d9:2b:c3:b7:b8: 8d:e3:c9:03:65:13:bb:39:3b:3b:59:7c:eb:d5:42:66:44:e1: 83:f4:02:c4:33:80:93:37:3e:5d:ec:07:2c:af:89:e0:89:d0: df:90:c5:b2:77:b5:d2:bc:c9:86:a4:83:25:7b:1e:f7:77:ce: fb:fd:6c:62:17:a8:2f:e3:ff:ab:b6:c7:c8:3a:66:d6:ef:5c: eb:39:1b:52:d2:51:22:6c:f7:0d:c3:92:67:dc:f3:3c:8d:ee: a0:68:d2:40:13:10:4a:ed:1d:97:27:22:a2:76:8a:1d:00:0d: 0d:20:b8:ad -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt9y358VR7OUl29ca8cwtjwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4 ZmNjNGMwHhcNMjYwMTAyMDgyMDQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZmY4MTlkZmVlMjY1ZGJmMmU1MWEyYmRjZDg3MTA3NmE4MzNiOTU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvkZIopFCkAqp6vnr/SZOSWrVmnx pizXqtKmT9eX2O4ZINDWmK3uButIrDFOQn24CYkvRinH1Kp45N/47IQ9YgeWraqY eELp/1aaR1ZG3O+kFmF/Q2JRyt9YObGY/VlWzoIa1kI6NGr5xD7BBQ2unkB5cAK3 kO6+sOHv9FJGSM97LvbtuCc/DDInzPW2D5vbY+D7raGhaiS8TA1G02+G21p/4JdG bEmvm0B9AotThG7dVPA3RVhXQfcCxmoTULTySAI2Ez5sP9kg5ddylMopmFJX4Hrz G2o7Iu0GoWQy9yJbOcWTjxjreJQFvsBtbXhjmLaVcxAnpkym5BPzoPbcnQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFC/4Gd/uJl2/LlGivc2HEHaoM7lUMB8GA1UdIwQY MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt MjM5ZDJmZTM5OGIxLzEvTF9nWjMtNG1YYjh1VWFLOXpZY1FkcWd6dVZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg3TwAMF ACoN4kYDBQMqDfXAAwUDKg4IwAMFACoRDsEwDQYJKoZIhvcNAQELBQADggEBAJHD gL98Gma7Oh6uKM3QaLn4oykN9wNRyaQz2E8xSwPGdt8Kgvv3FEoFKsCt8OgvB6r/ e4xjoI6IuhVonUcJok8/qu+1e/84R4WBP1/7hQw8pcfZZhl+G2zMDKLJmnwdbpCU DLCuBNb6NFDWCyDk7VfgfBkWtabWR38z4f+LY3EUfS0ZXrTLOzJPaijZK8O3uI3j yQNlE7s5OztZfOvVQmZE4YP0AsQzgJM3Pl3sByyvieCJ0N+QxbJ3tdK8yYakgyV7 Hvd3zvv9bGIXqC/j/6u2x8g6ZtbvXOs5G1LSUSJs9w3Dkmfc8zyN7qBo0kATEErt HZcnIqJ2ih0ADQ0guK0= -----END CERTIFICATE-----Generated at Tue Jan 20 02:46:52 2026 by rpki-client