This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/jtZzVNfgkv6O64KSDJRhp5x3Oak.roa File: jtZzVNfgkv6O64KSDJRhp5x3Oak.roa (raw, json) Hash identifier: E3E7x7uNNHcpFaFkOaw9Dbo4xIewCp3qY95ojh1RGaQ= Subject key identifier: 8E:D6:73:54:D7:E0:92:FE:8E:EB:82:92:0C:94:61:A7:9C:77:39:A9 Certificate issuer: /CN=9f3ec21e10f3646e4dc0e23f5f7ec44501560de3 Certificate serial: 019B79ED1D6F07E6DBB991546D845A422785 Authority key identifier: 9F:3E:C2:1E:10:F3:64:6E:4D:C0:E2:3F:5F:7E:C4:45:01:56:0D:E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/jtZzVNfgkv6O64KSDJRhp5x3Oak.roa Signing time: Thu 01 Jan 2026 14:19:01 +0000 ROA not before: Thu 01 Jan 2026 14:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 2a01:efc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/nz7CHhDzZG5NwOI_X37ERQFWDeM.crl rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/nz7CHhDzZG5NwOI_X37ERQFWDeM.mft rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 14:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:1d:6f:07:e6:db:b9:91:54:6d:84:5a:42:27:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f3ec21e10f3646e4dc0e23f5f7ec44501560de3 Validity Not Before: Jan 1 14:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8ed67354d7e092fe8eeb82920c9461a79c7739a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:66:91:2a:f3:c1:52:79:52:19:49:da:1e:ce: 93:1e:f0:5f:8a:cb:d3:72:09:84:92:01:8a:60:be: 6a:96:73:f6:c7:94:94:9e:cc:db:73:f9:f9:a3:ab: 1b:ff:44:bf:4a:03:d7:3a:3c:84:99:84:89:f2:bb: 90:42:9c:cf:79:77:06:60:a9:71:9c:b7:ca:4e:89: cb:ea:4a:ce:60:b7:38:0e:32:5f:49:40:3b:bd:a2: 30:95:c4:5a:52:8f:06:28:6d:e6:77:77:93:00:8c: d7:3f:cc:2a:51:d1:64:9b:3b:91:3d:11:70:63:31: a5:f1:44:f3:2c:0e:80:5a:45:3a:b8:23:07:97:6d: 68:13:af:7c:27:56:e1:76:3b:06:31:d8:38:e4:5a: 6f:67:d3:99:9b:b1:7a:92:99:2e:e0:d8:7c:b6:8e: dc:5d:50:b9:bd:78:df:4f:1a:9a:86:fc:91:66:c7: fd:9d:8c:54:d4:2e:03:da:aa:a0:2f:9a:ef:1f:fd: 26:df:03:94:e3:b0:92:4e:01:20:ae:ec:22:09:88: 9c:25:9f:75:c5:0c:f6:99:44:76:b4:4f:0b:dd:66: 83:cf:57:15:57:81:fa:bd:47:42:46:bc:d0:f9:a9: 6f:fd:ec:ec:29:ed:ca:83:0e:8f:02:3f:fa:1c:a3: ad:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:D6:73:54:D7:E0:92:FE:8E:EB:82:92:0C:94:61:A7:9C:77:39:A9 X509v3 Authority Key Identifier: keyid:9F:3E:C2:1E:10:F3:64:6E:4D:C0:E2:3F:5F:7E:C4:45:01:56:0D:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/jtZzVNfgkv6O64KSDJRhp5x3Oak.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/nz7CHhDzZG5NwOI_X37ERQFWDeM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:efc0::/29 Signature Algorithm: sha256WithRSAEncryption 6f:b7:70:fe:2c:71:1e:d6:28:ed:1a:7c:a8:44:93:a5:0d:fc: 7d:92:ab:77:05:91:07:d0:f2:c6:8c:79:f1:c9:1b:62:d6:79: 46:5c:75:1f:6e:8c:b0:c6:d1:89:07:0a:61:c5:9b:a2:d1:89: cd:4f:56:02:56:4b:ab:fa:7f:8c:a5:35:38:4e:74:69:81:d4: c5:18:ff:ab:fd:43:55:b9:9f:b1:b4:97:3d:55:c4:eb:20:46: 4e:e2:f5:5d:05:2f:ff:85:46:f8:9e:11:e8:6d:55:9c:03:7c: 60:6a:f3:ef:ed:8b:38:7e:a0:f9:bd:44:e9:07:57:ee:85:a6: bb:ac:4a:c2:cf:33:47:88:50:6f:a7:dc:b3:f9:ee:ff:49:68: be:89:5b:4c:c3:27:24:fc:0a:be:68:c9:53:35:ee:f5:e2:86: 97:c4:06:d3:ff:d2:b1:16:9c:26:93:d6:61:a8:37:42:7e:24: a9:0e:af:ef:c6:1c:8d:9e:00:cb:13:63:c2:e1:ea:4d:50:c4: 5a:dd:48:f2:8d:6f:c8:d7:15:96:01:ee:a0:af:7e:fb:dc:69: 30:34:60:89:ec:f5:dd:9b:75:12:0e:7f:ac:90:d3:6f:db:ac: 1d:03:c5:66:ee:8f:e3:76:7b:df:c9:b8:2f:e0:40:c3:27:8f: ef:3e:bb:cf -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt57R1vB+bbuZFUbYRaQieFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmM2VjMjFlMTBmMzY0NmU0ZGMwZTIzZjVmN2VjNDQ1MDE1 NjBkZTMwHhcNMjYwMTAxMTQxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZWQ2NzM1NGQ3ZTA5MmZlOGVlYjgyOTIwYzk0NjFhNzljNzczOWE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGaRKvPBUnlSGUnaHs6THvBfisvT cgmEkgGKYL5qlnP2x5SUnszbc/n5o6sb/0S/SgPXOjyEmYSJ8ruQQpzPeXcGYKlx nLfKTonL6krOYLc4DjJfSUA7vaIwlcRaUo8GKG3md3eTAIzXP8wqUdFkmzuRPRFw YzGl8UTzLA6AWkU6uCMHl21oE698J1bhdjsGMdg45FpvZ9OZm7F6kpku4Nh8to7c XVC5vXjfTxqahvyRZsf9nYxU1C4D2qqgL5rvH/0m3wOU47CSTgEgruwiCYicJZ91 xQz2mUR2tE8L3WaDz1cVV4H6vUdCRrzQ+alv/ezsKe3Kgw6PAj/6HKOtLwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFI7Wc1TX4JL+juuCkgyUYaecdzmpMB8GA1UdIwQY MBaAFJ8+wh4Q82RuTcDiP19+xEUBVg3jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbno3Q0hoRHpaRzVOd09JX1gzN0VSUUZXRGVNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82YmFmZTktODc4Yi00NmZkLWEzMDUt N2JhMjVkNTU5NWZhLzEvanRaelZOZmdrdjZPNjRLU0RKUmhwNXgzT2FrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS82YmFmZTktODc4Yi00NmZkLWEzMDUtN2JhMjVkNTU5NWZh LzEvbno3Q0hoRHpaRzVOd09JX1gzN0VSUUZXRGVNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHvwDAN BgkqhkiG9w0BAQsFAAOCAQEAb7dw/ixxHtYo7Rp8qESTpQ38fZKrdwWRB9Dyxox5 8ckbYtZ5Rlx1H26MsMbRiQcKYcWbotGJzU9WAlZLq/p/jKU1OE50aYHUxRj/q/1D VbmfsbSXPVXE6yBGTuL1XQUv/4VG+J4R6G1VnAN8YGrz7+2LOH6g+b1E6QdX7oWm u6xKws8zR4hQb6fcs/nu/0lovolbTMMnJPwKvmjJUzXu9eKGl8QG0//SsRacJpPW Yag3Qn4kqQ6v78YcjZ4AyxNjwuHqTVDEWt1I8o1vyNcVlgHuoK9++9xpMDRgiez1 3Zt1Eg5/rJDTb9usHQPFZu6P43Z738m4L+BAwyeP7z67zw== -----END CERTIFICATE-----Generated at Wed Jan 7 23:51:45 2026 by rpki-client