This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/SCekfqXy62ACFkQFCImhT3PviGc.roa File: SCekfqXy62ACFkQFCImhT3PviGc.roa (raw, json) Hash identifier: 5kUoHJ53iw+XKHpajNpSvz92ALSJ14W79R2USkSjhPI= Subject key identifier: 48:27:A4:7E:A5:F2:EB:60:02:16:44:05:08:89:A1:4F:73:EF:88:67 Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c Certificate serial: 019B7DCB7F0B1D716EAA7557B5E4F8409526 Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/SCekfqXy62ACFkQFCImhT3PviGc.roa Signing time: Fri 02 Jan 2026 08:20:46 +0000 ROA not before: Fri 02 Jan 2026 08:20:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206306 IP address blocks: 2a0d:e243::/32 maxlen: 32 2a0e:19c3::/32 maxlen: 32 2a11:ec7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:7f:0b:1d:71:6e:aa:75:57:b5:e4:f8:40:95:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c Validity Not Before: Jan 2 08:20:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4827a47ea5f2eb60021644050889a14f73ef8867 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:f3:28:1f:1b:af:32:59:61:bd:f0:bd:c3:87: 20:5e:c1:90:ab:17:a7:de:f2:a4:4b:45:8d:87:50: dd:dd:7d:7a:b1:e8:d9:a9:65:a2:08:7e:9c:aa:42: 3a:2f:7b:65:7a:d5:7c:17:f0:6f:3f:5f:34:8c:dd: fa:d7:b1:e4:45:e5:ee:8a:5f:8d:d0:78:21:72:b4: dd:cb:9f:cc:99:0b:bf:af:14:84:ea:0f:98:d6:09: b3:f0:dc:0f:ee:6d:e8:97:d4:ec:9d:e1:1a:2e:0a: 78:b4:2b:79:96:71:9a:49:94:fc:d8:5e:01:50:81: d4:e3:10:e8:1c:6d:3f:16:f7:ad:e5:29:88:e5:76: 9e:8e:b8:23:c4:0d:13:a1:55:ee:d6:96:63:c6:98: be:63:b1:14:a1:ba:9e:e3:61:00:b4:bb:03:4b:f1: f5:f7:79:ba:ad:20:9c:9c:18:75:2f:03:b4:9d:12: 31:d2:ab:00:9b:15:2c:ca:d3:e3:9c:2f:cf:95:cd: f2:3f:6e:13:be:40:93:90:66:f4:bf:fa:20:ff:8d: 38:a9:01:d0:b1:c0:e8:05:b1:be:1f:69:af:4d:cf: ba:c7:03:d4:2a:df:ea:60:42:78:9b:88:54:1f:d3: 22:02:eb:ef:f8:6f:85:ff:35:03:bf:7f:f1:b9:79: 1d:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:27:A4:7E:A5:F2:EB:60:02:16:44:05:08:89:A1:4F:73:EF:88:67 X509v3 Authority Key Identifier: keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/SCekfqXy62ACFkQFCImhT3PviGc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:e243::/32 2a0e:19c3::/32 2a11:ec7::/32 Signature Algorithm: sha256WithRSAEncryption 38:94:28:c1:03:20:b8:75:45:7b:36:56:e1:15:52:2f:21:ef: 0c:76:14:9d:0e:cb:ab:d1:f3:4c:01:1b:e3:a4:5d:e7:3c:00: a4:f2:6b:7b:b0:0b:ea:e3:0f:ad:01:e3:9a:95:8d:f5:8f:f7: 78:27:39:65:8d:59:6a:25:5f:d3:fb:27:91:b6:a3:c0:b2:98: 7f:69:ed:7c:a1:95:bc:d6:72:ab:de:9e:de:5e:b0:1b:b7:f5: 9e:2b:f1:68:22:24:0d:94:7d:47:ad:87:d9:3b:e6:9e:8b:2c: a2:72:3a:e4:de:4c:51:21:a6:27:30:42:7f:5d:dc:46:c8:cc: 31:18:df:cf:4d:1d:b7:1a:26:55:94:52:1e:7b:9a:68:64:05: 30:e6:0a:e6:63:64:1c:56:0a:b5:6e:02:51:96:d0:f5:cb:64: a8:0f:34:d6:d4:df:ad:81:84:b9:fd:26:0c:d2:db:3f:5c:c0: d4:c3:f6:f8:48:d7:f4:3e:8f:8a:80:d5:29:32:0a:67:f7:ce: 0f:d4:95:e0:7d:15:a2:8c:22:9a:74:30:15:fc:20:72:40:fb: 24:56:18:1e:0e:1e:c7:11:cf:97:6f:cb:42:71:72:6e:56:d8: 6d:e8:6f:2e:f1:bb:e5:a0:bf:25:15:61:42:17:3f:8d:47:48: e5:2c:c1:52 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9y38LHXFuqnVXteT4QJUmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4 ZmNjNGMwHhcNMjYwMTAyMDgyMDQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ODI3YTQ3ZWE1ZjJlYjYwMDIxNjQ0MDUwODg5YTE0ZjczZWY4ODY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPMoHxuvMllhvfC9w4cgXsGQqxen 3vKkS0WNh1Dd3X16sejZqWWiCH6cqkI6L3tletV8F/BvP180jN3617HkReXuil+N 0HghcrTdy5/MmQu/rxSE6g+Y1gmz8NwP7m3ol9TsneEaLgp4tCt5lnGaSZT82F4B UIHU4xDoHG0/Fvet5SmI5XaejrgjxA0ToVXu1pZjxpi+Y7EUobqe42EAtLsDS/H1 93m6rSCcnBh1LwO0nRIx0qsAmxUsytPjnC/Plc3yP24TvkCTkGb0v/og/404qQHQ scDoBbG+H2mvTc+6xwPUKt/qYEJ4m4hUH9MiAuvv+G+F/zUDv3/xuXkdRwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFEgnpH6l8utgAhZEBQiJoU9z74hnMB8GA1UdIwQY MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt MjM5ZDJmZTM5OGIxLzEvU0Nla2ZxWHk2MkFDRmtRRkNJbWhUM1B2aUdjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKg3iQwMF ACoOGcMDBQAqEQ7HMA0GCSqGSIb3DQEBCwUAA4IBAQA4lCjBAyC4dUV7NlbhFVIv Ie8MdhSdDsur0fNMARvjpF3nPACk8mt7sAvq4w+tAeOalY31j/d4JzlljVlqJV/T +yeRtqPAsph/ae18oZW81nKr3p7eXrAbt/WeK/FoIiQNlH1HrYfZO+aeiyyicjrk 3kxRIaYnMEJ/XdxGyMwxGN/PTR23GiZVlFIee5poZAUw5grmY2QcVgq1bgJRltD1 y2SoDzTW1N+tgYS5/SYM0ts/XMDUw/b4SNf0Po+KgNUpMgpn984P1JXgfRWijCKa dDAV/CByQPskVhgeDh7HEc+Xb8tCcXJuVtht6G8u8bvloL8lFWFCFz+NR0jlLMFS -----END CERTIFICATE-----Generated at Tue Jan 20 02:44:58 2026 by rpki-client