This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/XFHhCq_0ceUZovsziGdQXxtHjEU.roa File: XFHhCq_0ceUZovsziGdQXxtHjEU.roa (raw, json) Hash identifier: z2krj8olOchm/FJESaprlfSfGFwPHtTYhXgJYsdC5HI= Subject key identifier: 5C:51:E1:0A:AF:F4:71:E5:19:A2:FB:33:88:67:50:5F:1B:47:8C:45 Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa Certificate serial: 019B797EB91243173D15B69F55EECA849813 Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/XFHhCq_0ceUZovsziGdQXxtHjEU.roa Signing time: Thu 01 Jan 2026 12:18:26 +0000 ROA not before: Thu 01 Jan 2026 12:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212371 IP address blocks: 2a0e:aa07:e047::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 Jan 2026 14:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:b9:12:43:17:3d:15:b6:9f:55:ee:ca:84:98:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa Validity Not Before: Jan 1 12:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c51e10aaff471e519a2fb338867505f1b478c45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ef:5c:7e:ac:35:f2:40:72:bf:25:94:13:3b: df:e0:90:c5:bf:be:d3:c5:21:74:c0:3d:c5:77:65: 50:4e:77:a4:47:22:f0:5a:c9:35:9c:66:29:fd:be: 52:61:2a:84:3d:c0:ba:7b:10:f2:e9:e2:de:90:31: a8:d7:bc:8a:d1:62:59:d9:0a:5e:77:53:2b:3d:0c: 5d:0c:12:6d:6c:99:75:fb:34:9c:31:cc:76:f3:eb: 1a:45:db:65:35:07:f3:a1:25:ed:fa:92:58:74:b7: ef:cf:86:53:41:b0:b4:62:48:b1:bb:e6:7e:f8:c6: 5d:28:10:36:bb:7e:da:4c:4c:cf:71:b7:39:8b:9d: 6d:d9:5b:06:23:0b:9b:59:92:6e:75:02:af:02:e9: af:7d:e7:c7:03:cf:ba:8a:92:fa:ae:25:8f:db:76: 52:a2:7b:42:d4:2c:d8:eb:4d:9e:81:7c:34:ba:34: 4f:b8:f3:e3:3c:27:e1:67:1c:d8:f6:f4:d4:c1:9d: 71:07:3e:05:8e:d9:3e:bc:91:26:b3:d5:81:f6:96: 5e:d0:59:12:aa:cf:64:0d:8a:46:5e:2e:28:68:ed: 29:1d:3c:14:6d:dd:f6:ec:b0:cd:6f:aa:6c:c7:73: 62:eb:fb:da:f0:01:1e:5e:8c:6b:42:a8:73:51:c3: 67:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:51:E1:0A:AF:F4:71:E5:19:A2:FB:33:88:67:50:5F:1B:47:8C:45 X509v3 Authority Key Identifier: keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/XFHhCq_0ceUZovsziGdQXxtHjEU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:aa07:e047::/48 Signature Algorithm: sha256WithRSAEncryption 2a:44:bc:84:69:d4:09:7c:9b:e1:ff:e0:f1:35:36:02:a7:de: 65:99:cc:f9:9a:2f:3e:9c:b5:4e:bb:bf:13:6e:d6:85:d0:18: 20:be:e2:23:c5:ed:fe:98:34:f2:7d:30:12:c6:d7:98:55:76: 46:2b:01:4b:ee:8a:59:60:e9:a1:89:de:f6:82:ac:c1:cc:3e: a9:3c:49:ba:a8:b1:01:1f:50:38:35:86:c6:a5:1a:e3:53:65: 53:36:b2:9c:30:e2:b7:dc:0b:57:2d:c6:0f:c1:12:84:95:07: 2e:f3:21:22:36:91:37:49:4e:13:45:4c:c1:14:70:0f:7d:1b: 04:de:d8:95:21:f5:4f:c9:a3:27:2e:7b:7c:d6:1a:78:43:c5: e2:5e:0b:78:cc:9a:69:c5:8f:cb:54:0d:bd:9c:a0:1c:d1:1d: 63:27:89:be:35:a7:23:ea:dc:fd:96:2d:db:54:7e:49:8b:51: 69:8c:8b:ab:04:82:27:74:65:78:4c:50:e0:0f:26:78:92:29: a6:82:a1:53:94:7b:94:77:f9:e5:b8:44:52:31:60:6f:48:8a: 14:09:6d:ad:61:cf:c2:d4:42:b4:7d:63:6f:3f:0b:19:fd:71: f2:96:dd:1e:4a:e9:3c:45:f9:8a:e0:91:b9:e1:f0:c1:fb:50: 39:a3:c5:cd -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5frkSQxc9FbafVe7KhJgTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0 ZWYzYWEwHhcNMjYwMTAxMTIxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzUxZTEwYWFmZjQ3MWU1MTlhMmZiMzM4ODY3NTA1ZjFiNDc4YzQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0e9cfqw18kByvyWUEzvf4JDFv77T xSF0wD3Fd2VQTnekRyLwWsk1nGYp/b5SYSqEPcC6exDy6eLekDGo17yK0WJZ2Qpe d1MrPQxdDBJtbJl1+zScMcx28+saRdtlNQfzoSXt+pJYdLfvz4ZTQbC0Ykixu+Z+ +MZdKBA2u37aTEzPcbc5i51t2VsGIwubWZJudQKvAumvfefHA8+6ipL6riWP23ZS ontC1CzY602egXw0ujRPuPPjPCfhZxzY9vTUwZ1xBz4Fjtk+vJEms9WB9pZe0FkS qs9kDYpGXi4oaO0pHTwUbd327LDNb6psx3Ni6/va8AEeXoxrQqhzUcNnPwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFFxR4Qqv9HHlGaL7M4hnUF8bR4xFMB8GA1UdIwQY MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt YTU0MWQxYmNlZTE5LzEvWEZIaENxXzBjZVVab3ZzemlHZFFYeHRIakVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5 LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+BH MA0GCSqGSIb3DQEBCwUAA4IBAQAqRLyEadQJfJvh/+DxNTYCp95lmcz5mi8+nLVO u78TbtaF0BggvuIjxe3+mDTyfTASxteYVXZGKwFL7opZYOmhid72gqzBzD6pPEm6 qLEBH1A4NYbGpRrjU2VTNrKcMOK33AtXLcYPwRKElQcu8yEiNpE3SU4TRUzBFHAP fRsE3tiVIfVPyaMnLnt81hp4Q8XiXgt4zJppxY/LVA29nKAc0R1jJ4m+Nacj6tz9 li3bVH5Ji1FpjIurBIIndGV4TFDgDyZ4kimmgqFTlHuUd/nluERSMWBvSIoUCW2t Yc/C1EK0fWNvPwsZ/XHylt0eSuk8RfmK4JG54fDB+1A5o8XN -----END CERTIFICATE-----Generated at Tue Jan 6 21:31:58 2026 by rpki-client