This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/U2uOljUf-48wSNUQgF-2wsauE-g.roa File: U2uOljUf-48wSNUQgF-2wsauE-g.roa (raw, json) Hash identifier: 2YVcDn6Ax9cXhQHx8fyaxNd0XJvsq3/OJmSqm70WvIg= Subject key identifier: 53:6B:8E:96:35:1F:FB:8F:30:48:D5:10:80:5F:B6:C2:C6:AE:13:E8 Certificate issuer: /CN=c72a524f9b1b3801dbd7c89a160aec076b57e729 Certificate serial: 019B79ECE7DD8B3E6B464C532C8554388C5F Authority key identifier: C7:2A:52:4F:9B:1B:38:01:DB:D7:C8:9A:16:0A:EC:07:6B:57:E7:29 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xypST5sbOAHb18iaFgrsB2tX5yk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/U2uOljUf-48wSNUQgF-2wsauE-g.roa Signing time: Thu 01 Jan 2026 14:18:47 +0000 ROA not before: Thu 01 Jan 2026 14:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206810 IP address blocks: 2a0c:70c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/xypST5sbOAHb18iaFgrsB2tX5yk.crl rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/xypST5sbOAHb18iaFgrsB2tX5yk.mft rsync://rpki.ripe.net/repository/DEFAULT/xypST5sbOAHb18iaFgrsB2tX5yk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 08:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:e7:dd:8b:3e:6b:46:4c:53:2c:85:54:38:8c:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c72a524f9b1b3801dbd7c89a160aec076b57e729 Validity Not Before: Jan 1 14:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=536b8e96351ffb8f3048d510805fb6c2c6ae13e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:94:d8:13:10:54:84:77:7c:76:e7:ce:cd:26: f4:04:58:69:d9:30:40:da:74:58:d3:f1:96:42:94: df:30:b8:6c:f1:36:fb:75:30:99:87:d9:14:ca:d4: e0:34:56:ec:87:35:29:35:dc:84:21:3c:8c:26:b7: 73:73:89:43:33:36:74:e0:35:a0:b4:76:0d:0e:ab: 56:84:d4:33:c9:1b:54:2a:e5:02:48:64:3c:13:99: f0:23:d9:a1:e6:77:c1:2e:f9:6a:3d:3f:fc:28:e1: 10:a9:a8:a2:51:0e:53:83:fc:6f:27:26:36:56:ff: 9c:11:7b:1f:11:88:c6:aa:0d:cf:ac:2c:a7:a9:7c: 79:b0:80:ea:8d:c5:5e:e6:2b:ff:5d:7a:a2:c1:b6: bc:c2:57:ea:0b:54:67:ae:63:3a:a5:4c:e1:42:50: cf:21:27:57:05:e3:8a:0c:e8:7f:0e:85:0d:8d:f5: 86:b1:79:a0:4b:38:47:14:0c:2d:28:53:45:c1:33: b0:ec:ae:ed:50:8f:b5:63:ea:74:a8:03:68:0c:88: 85:c1:94:44:54:b8:d7:53:f7:d9:9e:ca:26:2b:a2: 6a:4b:26:52:b9:9a:b1:d0:cb:ba:08:a4:9b:79:80: 60:93:b8:f9:a8:4d:4c:e9:26:f7:25:df:c9:9e:ee: 64:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:6B:8E:96:35:1F:FB:8F:30:48:D5:10:80:5F:B6:C2:C6:AE:13:E8 X509v3 Authority Key Identifier: keyid:C7:2A:52:4F:9B:1B:38:01:DB:D7:C8:9A:16:0A:EC:07:6B:57:E7:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xypST5sbOAHb18iaFgrsB2tX5yk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/U2uOljUf-48wSNUQgF-2wsauE-g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/xypST5sbOAHb18iaFgrsB2tX5yk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:70c0::/48 Signature Algorithm: sha256WithRSAEncryption 15:11:f7:d7:e5:80:17:8f:2a:1c:4c:25:1d:ca:f7:8b:1a:0b: a7:c3:90:38:51:ed:e3:14:48:13:4a:eb:86:4e:9d:68:17:d1: a2:38:18:93:9a:f3:96:90:55:6d:96:ce:94:a3:05:e6:cf:83: 3c:cd:47:00:d4:b5:0a:3d:1d:28:4f:79:4c:a8:21:65:96:cc: 0e:1c:3e:b8:b3:4e:f2:e7:ff:11:b7:df:65:6f:0f:ea:7e:5e: 5b:94:b6:d7:09:03:31:d0:5f:35:90:d3:bc:72:74:32:5f:60: 81:40:7e:c3:ac:8b:41:0e:8a:69:49:3e:14:a9:5d:c7:3e:f1: 9a:35:2c:70:a2:67:ea:bf:88:7d:e9:6f:22:0d:cf:79:31:df: c3:9e:58:da:40:39:12:f3:bd:67:4b:e9:e9:26:f6:00:1c:ac: ca:7c:68:ff:10:af:0d:bf:dd:56:7f:b4:c5:64:f1:f7:cc:c5: de:f1:cd:e3:a6:f8:76:31:de:89:d3:56:35:30:57:53:bc:5b: c0:19:84:f7:d1:27:8f:be:53:c4:f6:c2:47:4d:fd:47:ec:46: 18:da:bb:65:62:45:e4:cd:de:de:e3:de:95:53:b5:04:4e:6d: 28:a5:cc:ae:53:18:84:12:ed:88:76:e4:99:7b:3b:ff:ba:8f: 5a:20:e8:6b -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt57Ofdiz5rRkxTLIVUOIxfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM3MmE1MjRmOWIxYjM4MDFkYmQ3Yzg5YTE2MGFlYzA3NmI1 N2U3MjkwHhcNMjYwMTAxMTQxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MzZiOGU5NjM1MWZmYjhmMzA0OGQ1MTA4MDVmYjZjMmM2YWUxM2U4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJTYExBUhHd8dufOzSb0BFhp2TBA 2nRY0/GWQpTfMLhs8Tb7dTCZh9kUytTgNFbshzUpNdyEITyMJrdzc4lDMzZ04DWg tHYNDqtWhNQzyRtUKuUCSGQ8E5nwI9mh5nfBLvlqPT/8KOEQqaiiUQ5Tg/xvJyY2 Vv+cEXsfEYjGqg3PrCynqXx5sIDqjcVe5iv/XXqiwba8wlfqC1RnrmM6pUzhQlDP ISdXBeOKDOh/DoUNjfWGsXmgSzhHFAwtKFNFwTOw7K7tUI+1Y+p0qANoDIiFwZRE VLjXU/fZnsomK6JqSyZSuZqx0Mu6CKSbeYBgk7j5qE1M6Sb3Jd/Jnu5krQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFFNrjpY1H/uPMEjVEIBftsLGrhPoMB8GA1UdIwQY MBaAFMcqUk+bGzgB29fImhYK7AdrV+cpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHlwU1Q1c2JPQUhiMThpYUZncnNCMnRYNXlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80ZTNjYzItMWEzMy00OTVhLTk5OWYt ZDdhNjg0YTU3YjE5LzEvVTJ1T2xqVWYtNDh3U05VUWdGLTJ3c2F1RS1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My80ZTNjYzItMWEzMy00OTVhLTk5OWYtZDdhNjg0YTU3YjE5 LzEveHlwU1Q1c2JPQUhiMThpYUZncnNCMnRYNXlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgxwwAAA MA0GCSqGSIb3DQEBCwUAA4IBAQAVEffX5YAXjyocTCUdyveLGgunw5A4Ue3jFEgT SuuGTp1oF9GiOBiTmvOWkFVtls6UowXmz4M8zUcA1LUKPR0oT3lMqCFllswOHD64 s07y5/8Rt99lbw/qfl5blLbXCQMx0F81kNO8cnQyX2CBQH7DrItBDoppST4UqV3H PvGaNSxwomfqv4h96W8iDc95Md/DnljaQDkS871nS+npJvYAHKzKfGj/EK8Nv91W f7TFZPH3zMXe8c3jpvh2Md6J01Y1MFdTvFvAGYT30SePvlPE9sJHTf1H7EYY2rtl YkXkzd7e496VU7UETm0opcyuUxiEEu2IduSZezv/uo9aIOhr -----END CERTIFICATE-----Generated at Mon Jan 26 14:45:22 2026 by rpki-client