This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/lN4-DHRIzePvaAlUx-G8m9WU1Yc.roa File: lN4-DHRIzePvaAlUx-G8m9WU1Yc.roa (raw, json) Hash identifier: 0H44nitsqtD09E43wUKTwpu5uxvURYIo4SfJ0gjjYAw= Subject key identifier: 94:DE:3E:0C:74:48:CD:E3:EF:68:09:54:C7:E1:BC:9B:D5:94:D5:87 Certificate issuer: /CN=d68971ea1d22b5ecda1a9759f05c26c8c56a468c Certificate serial: 019B7D5C217DCF76EFE72EC43959954A11AB Authority key identifier: D6:89:71:EA:1D:22:B5:EC:DA:1A:97:59:F0:5C:26:C8:C5:6A:46:8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1olx6h0itezaGpdZ8FwmyMVqRow.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/lN4-DHRIzePvaAlUx-G8m9WU1Yc.roa Signing time: Fri 02 Jan 2026 06:19:08 +0000 ROA not before: Fri 02 Jan 2026 06:19:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208614 IP address blocks: 2001:678:aa0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/1olx6h0itezaGpdZ8FwmyMVqRow.crl rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/1olx6h0itezaGpdZ8FwmyMVqRow.mft rsync://rpki.ripe.net/repository/DEFAULT/1olx6h0itezaGpdZ8FwmyMVqRow.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:21:7d:cf:76:ef:e7:2e:c4:39:59:95:4a:11:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d68971ea1d22b5ecda1a9759f05c26c8c56a468c Validity Not Before: Jan 2 06:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=94de3e0c7448cde3ef680954c7e1bc9bd594d587 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:9a:9e:b6:07:b3:5b:74:68:5b:2b:6e:eb:0a: 8d:ed:05:51:a6:e2:07:27:22:f6:82:dd:57:52:cd: 36:f4:3c:26:6d:13:d5:dc:f8:5c:ef:73:8b:c2:50: 1a:45:84:a1:98:66:ec:71:50:93:d3:79:1e:16:06: 7a:9b:6d:b0:5b:0b:04:5c:9b:d9:14:9c:1e:62:68: d7:69:32:83:60:82:59:91:1e:9e:4c:f0:f6:0d:cd: e3:d3:05:17:4f:0a:3b:fc:03:8c:9a:e1:17:45:a9: 5b:7d:a3:80:ff:e7:08:b1:e3:ad:6f:40:87:88:90: 9b:06:49:28:87:87:58:7e:f5:33:4b:46:7f:9a:86: 10:dc:76:e2:91:e3:db:00:99:46:fa:e9:64:e8:27: ad:00:13:97:8c:3d:92:5e:e9:3a:fa:47:0a:08:8a: 14:06:8c:21:6e:f6:8c:a2:a6:30:c8:0d:a4:16:05: a6:b3:c1:06:dc:f4:45:eb:6a:ab:57:a6:ca:cb:f6: 9f:4b:28:30:9d:61:87:86:e2:1d:8b:10:a4:67:b1: bd:f7:37:65:9e:83:db:5f:17:64:0f:8a:7a:86:c4: eb:ab:f1:e6:a3:b9:4a:6e:97:94:69:db:42:b3:ae: 98:d4:62:0e:91:fb:f9:1e:83:ba:c4:af:02:7d:c7: e2:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:DE:3E:0C:74:48:CD:E3:EF:68:09:54:C7:E1:BC:9B:D5:94:D5:87 X509v3 Authority Key Identifier: keyid:D6:89:71:EA:1D:22:B5:EC:DA:1A:97:59:F0:5C:26:C8:C5:6A:46:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1olx6h0itezaGpdZ8FwmyMVqRow.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/lN4-DHRIzePvaAlUx-G8m9WU1Yc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/1olx6h0itezaGpdZ8FwmyMVqRow.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:aa0::/48 Signature Algorithm: sha256WithRSAEncryption 53:c3:ca:32:f4:af:b2:b7:8c:b3:35:5e:3e:a8:91:cb:d7:e2: 34:b5:43:a7:b1:ed:5a:a7:00:d4:61:ee:22:2d:6b:91:5f:c0: 37:6a:2c:64:4b:aa:03:59:fc:94:ea:0e:64:92:82:e1:22:3e: a0:44:52:d4:b5:6f:1b:23:7c:43:f3:1b:3c:3d:12:87:a7:26: 84:19:54:91:fc:13:c8:59:9d:38:3a:8c:1b:3b:b4:17:18:4b: 0e:65:a3:84:dd:db:d4:1d:62:a2:be:29:fe:9b:e7:b6:59:42: f5:47:73:53:b6:12:69:32:1c:ad:86:32:c8:99:3a:32:1a:a4: e3:d4:09:fb:a2:eb:74:70:3c:5a:3d:e1:3a:6b:c3:5f:23:76: ee:fb:99:12:4e:29:49:c5:11:f6:e3:71:74:74:4a:5c:ca:bf: 58:c0:36:8a:b7:c8:4c:37:61:f4:3b:e2:50:58:21:11:1e:c4: 11:fb:16:bb:be:9c:1b:f0:51:b5:59:5d:41:ac:56:b7:3b:a9: 83:38:4b:a7:64:95:a2:e5:3c:60:5a:26:65:25:e3:0d:a4:41: 19:85:3d:7d:fc:1c:14:4d:61:9b:85:0b:11:fc:19:62:9b:9c: 13:fa:47:33:11:c9:95:23:2e:7f:b8:f9:41:59:d2:66:54:55: c1:4c:1e:fd -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9XCF9z3bv5y7EOVmVShGrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2ODk3MWVhMWQyMmI1ZWNkYTFhOTc1OWYwNWMyNmM4YzU2 YTQ2OGMwHhcNMjYwMTAyMDYxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NGRlM2UwYzc0NDhjZGUzZWY2ODA5NTRjN2UxYmM5YmQ1OTRkNTg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7pqetgezW3RoWytu6wqN7QVRpuIH JyL2gt1XUs029DwmbRPV3Phc73OLwlAaRYShmGbscVCT03keFgZ6m22wWwsEXJvZ FJweYmjXaTKDYIJZkR6eTPD2Dc3j0wUXTwo7/AOMmuEXRalbfaOA/+cIseOtb0CH iJCbBkkoh4dYfvUzS0Z/moYQ3HbikePbAJlG+ulk6CetABOXjD2SXuk6+kcKCIoU BowhbvaMoqYwyA2kFgWms8EG3PRF62qrV6bKy/afSygwnWGHhuIdixCkZ7G99zdl noPbXxdkD4p6hsTrq/Hmo7lKbpeUadtCs66Y1GIOkfv5HoO6xK8CfcfiCQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJTePgx0SM3j72gJVMfhvJvVlNWHMB8GA1UdIwQY MBaAFNaJceodIrXs2hqXWfBcJsjFakaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMW9seDZoMGl0ZXphR3BkWjhGd215TVZxUm93LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80MmMzNTUtNTg1YS00OGJiLTllNGEt YTQ3NTQwZmVkNGI5LzEvbE40LURIUkl6ZVB2YUFsVXgtRzhtOVdVMVljLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My80MmMzNTUtNTg1YS00OGJiLTllNGEtYTQ3NTQwZmVkNGI5 LzEvMW9seDZoMGl0ZXphR3BkWjhGd215TVZxUm93LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqg MA0GCSqGSIb3DQEBCwUAA4IBAQBTw8oy9K+yt4yzNV4+qJHL1+I0tUOnse1apwDU Ye4iLWuRX8A3aixkS6oDWfyU6g5kkoLhIj6gRFLUtW8bI3xD8xs8PRKHpyaEGVSR /BPIWZ04OowbO7QXGEsOZaOE3dvUHWKivin+m+e2WUL1R3NTthJpMhythjLImToy GqTj1An7out0cDxaPeE6a8NfI3bu+5kSTilJxRH243F0dEpcyr9YwDaKt8hMN2H0 O+JQWCERHsQR+xa7vpwb8FG1WV1BrFa3O6mDOEunZJWi5TxgWiZlJeMNpEEZhT19 /BwUTWGbhQsR/Blim5wT+kczEcmVIy5/uPlBWdJmVFXBTB79 -----END CERTIFICATE-----Generated at Tue Feb 10 01:44:17 2026 by rpki-client