This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/1-U8KRsi-TuAD2xoIIxoyJV6dpso.roa File: 1-U8KRsi-TuAD2xoIIxoyJV6dpso.roa (raw, json) Hash identifier: ZKv2xVLpyXPBTDxMFnYyarMllai6yUOAI6mouf4Jb3Y= Subject key identifier: F9:4F:0A:46:C8:BE:4E:E0:03:DB:1A:08:23:1A:32:25:5E:9D:A6:CA Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa Certificate serial: 019B797E99EE81CE420BC515228225B5E40B Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/1-U8KRsi-TuAD2xoIIxoyJV6dpso.roa Signing time: Thu 01 Jan 2026 12:18:18 +0000 ROA not before: Thu 01 Jan 2026 12:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7480 IP address blocks: 2a0e:aa02::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 Jan 2026 14:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:99:ee:81:ce:42:0b:c5:15:22:82:25:b5:e4:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa Validity Not Before: Jan 1 12:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f94f0a46c8be4ee003db1a08231a32255e9da6ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:c0:62:f1:8e:be:65:a7:ae:7b:41:6b:59:24: f0:5a:36:4f:df:dd:b4:79:a6:0a:f5:a4:f1:14:2f: 2a:2f:66:db:4a:63:bb:2d:35:6c:6d:db:ac:2e:b5: 9f:d1:13:83:48:ee:9e:93:c3:42:19:0b:c9:b6:d4: 21:6d:c1:a7:0d:e6:94:58:b6:77:80:85:49:6e:48: 01:34:b3:ea:10:ee:c1:cf:b2:46:c5:6c:3c:4f:74: a2:d5:d3:d9:5b:34:06:db:da:81:6a:27:37:66:b7: 5d:ea:a3:15:30:e8:94:a9:0a:a9:3a:e2:df:f3:c4: f5:aa:77:f8:04:71:1d:89:8e:a4:e4:7f:b3:e7:2b: 28:da:8e:dd:a5:29:e8:e5:f5:93:38:78:90:a7:4b: e5:0b:a2:40:89:6a:e6:05:8b:59:09:af:25:d1:ca: b2:ba:6e:17:eb:5a:57:81:04:68:bd:53:ec:9a:01: 2f:f7:a3:13:85:e8:8e:a6:c8:b4:45:32:d5:14:bc: 8e:c3:31:9a:3f:1d:35:fb:f3:ce:56:f2:64:6a:8b: 11:51:9e:62:65:2b:14:f3:78:7f:24:d6:04:af:e6: c3:e6:64:4b:61:73:43:07:e7:d2:85:25:95:8f:58: 21:52:a8:61:ea:42:04:58:a2:f3:bd:1a:8b:67:52: c4:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:4F:0A:46:C8:BE:4E:E0:03:DB:1A:08:23:1A:32:25:5E:9D:A6:CA X509v3 Authority Key Identifier: keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/1-U8KRsi-TuAD2xoIIxoyJV6dpso.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:aa02::/32 Signature Algorithm: sha256WithRSAEncryption 6d:8d:1f:1a:03:44:91:02:74:c2:46:7e:f3:4a:dc:72:01:c4: fc:ca:19:08:9a:85:34:ee:d0:61:ba:0c:4f:cb:ce:81:5c:3d: 59:f4:1f:a5:37:31:28:9d:8f:8e:a4:02:cd:1e:ea:31:7b:76: 7d:6b:c7:2f:80:e3:58:71:f4:e2:fc:5e:14:56:d9:43:bc:21: 53:fb:f6:43:26:d0:fa:b6:27:18:2d:79:52:c0:6f:69:61:ca: b8:a3:7f:5d:44:c2:33:52:54:c2:64:bb:9d:c4:09:3d:d2:0d: 42:62:22:63:9c:0f:34:51:bb:46:60:33:da:ce:9c:a5:f4:34: 85:df:d1:33:e8:82:81:5d:05:d4:03:c1:21:b1:79:0d:a1:d2: 72:3b:c0:f7:f7:4c:b8:d0:c6:82:ba:10:17:70:46:a5:2f:7f: 5b:19:fa:e9:bf:71:10:01:e2:dd:04:da:d9:9f:42:bc:0d:f3: d1:b1:d1:1e:58:e2:60:cc:a0:f1:bf:2d:77:ce:95:06:a1:a3: 13:62:7f:ae:07:b8:5c:af:72:54:7a:0a:41:0c:d0:2f:14:95: 4f:92:78:7a:c0:78:bd:be:16:6b:e6:b7:da:3a:c6:47:87:e1: 19:dd:29:98:49:e7:bb:14:21:51:c6:73:03:61:77:99:df:31: dd:6e:4f:6b -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt5fpnugc5CC8UVIoIlteQLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0 ZWYzYWEwHhcNMjYwMTAxMTIxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOTRmMGE0NmM4YmU0ZWUwMDNkYjFhMDgyMzFhMzIyNTVlOWRhNmNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocBi8Y6+Zaeue0FrWSTwWjZP3920 eaYK9aTxFC8qL2bbSmO7LTVsbdusLrWf0RODSO6ek8NCGQvJttQhbcGnDeaUWLZ3 gIVJbkgBNLPqEO7Bz7JGxWw8T3Si1dPZWzQG29qBaic3Zrdd6qMVMOiUqQqpOuLf 88T1qnf4BHEdiY6k5H+z5yso2o7dpSno5fWTOHiQp0vlC6JAiWrmBYtZCa8l0cqy um4X61pXgQRovVPsmgEv96MTheiOpsi0RTLVFLyOwzGaPx01+/POVvJkaosRUZ5i ZSsU83h/JNYEr+bD5mRLYXNDB+fShSWVj1ghUqhh6kIEWKLzvRqLZ1LE5QIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFPlPCkbIvk7gA9saCCMaMiVenabKMB8GA1UdIwQY MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt YTU0MWQxYmNlZTE5LzEvMS1VOEtSc2ktVHVBRDJ4b0lJeG95SlY2ZHBzby5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUx OS8xL2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoOqgIw DQYJKoZIhvcNAQELBQADggEBAG2NHxoDRJECdMJGfvNK3HIBxPzKGQiahTTu0GG6 DE/LzoFcPVn0H6U3MSidj46kAs0e6jF7dn1rxy+A41hx9OL8XhRW2UO8IVP79kMm 0Pq2JxgteVLAb2lhyrijf11EwjNSVMJku53ECT3SDUJiImOcDzRRu0ZgM9rOnKX0 NIXf0TPogoFdBdQDwSGxeQ2h0nI7wPf3TLjQxoK6EBdwRqUvf1sZ+um/cRAB4t0E 2tmfQrwN89Gx0R5Y4mDMoPG/LXfOlQahoxNif64HuFyvclR6CkEM0C8UlU+SeHrA eL2+Fmvmt9o6xkeH4RndKZhJ57sUIVHGcwNhd5nfMd1uT2s= -----END CERTIFICATE-----Generated at Tue Jan 6 21:31:20 2026 by rpki-client