This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/CvjKye9QoYot8ER41kU6pPcB3mQ.roa File: CvjKye9QoYot8ER41kU6pPcB3mQ.roa (raw, json) Hash identifier: Og/70Ea5OciFlJJWqDbYc5NckE7t8Qijn42JYoURBjI= Subject key identifier: 0A:F8:CA:C9:EF:50:A1:8A:2D:F0:44:78:D6:45:3A:A4:F7:01:DE:64 Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2 Certificate serial: 019B78344BC43E81D9BF40656F10F9539450 Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/CvjKye9QoYot8ER41kU6pPcB3mQ.roa Signing time: Thu 01 Jan 2026 06:17:31 +0000 ROA not before: Thu 01 Jan 2026 06:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39220 IP address blocks: 2a09:7:2000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 09:01:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:4b:c4:3e:81:d9:bf:40:65:6f:10:f9:53:94:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2 Validity Not Before: Jan 1 06:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0af8cac9ef50a18a2df04478d6453aa4f701de64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:db:34:da:15:55:19:84:74:bd:64:05:d5:ea: 35:7d:ff:b1:2a:a8:32:17:c2:be:6d:20:19:a2:ed: b4:71:6e:3d:86:b7:97:fb:fb:dd:f0:de:b2:5e:2c: cb:56:42:41:4d:9a:91:d5:6f:e9:4d:62:6c:44:5a: 23:61:3b:c8:9a:77:be:05:4e:0a:9d:7a:2d:d3:3c: d7:55:af:1e:a6:68:2c:44:62:05:dc:a1:f0:cc:99: 9d:65:a1:ee:2a:f1:77:79:17:10:0e:c2:b1:72:60: 5f:91:bb:83:36:43:af:1e:a1:ba:bd:35:8d:3a:12: e2:d7:23:c3:e9:b5:60:d2:3b:22:68:3d:8a:66:28: 34:05:21:22:e5:9d:8d:46:26:ba:cc:71:1e:a0:4b: 1f:92:7d:b4:45:49:79:d1:d8:c8:66:be:0d:2b:d3: 26:d0:61:91:e3:5e:e3:88:a7:af:f1:b9:b9:3e:9e: 59:9b:69:f2:35:a9:fc:6f:24:2f:f3:fd:80:aa:09: c2:32:4a:59:68:b7:f4:ee:ea:30:02:5a:8b:89:e2: af:2d:aa:73:71:9a:6b:29:2e:c9:52:56:86:13:4d: 2f:1b:99:c1:d1:5a:b8:8d:d8:fa:11:82:20:4b:e8: 5f:5e:48:53:07:af:c7:8c:bc:d9:67:7c:c3:69:5d: 50:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:F8:CA:C9:EF:50:A1:8A:2D:F0:44:78:D6:45:3A:A4:F7:01:DE:64 X509v3 Authority Key Identifier: keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/CvjKye9QoYot8ER41kU6pPcB3mQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:7:2000::/48 Signature Algorithm: sha256WithRSAEncryption 87:12:3a:a4:42:8d:d0:cd:ad:45:80:75:3e:11:e6:21:0d:7e: c3:fd:cc:6f:3a:43:88:9f:cf:5a:3c:0c:41:0e:5c:70:fa:4e: 91:f6:d3:25:48:96:de:91:be:a6:c6:24:c8:2d:d1:a8:d5:03: 03:fb:34:60:e8:d7:3b:b2:d2:a4:c4:0f:09:f4:5a:17:6f:db: 0c:22:eb:1a:c0:cb:b0:c4:39:aa:e4:17:e2:d5:31:10:4c:e2: 5d:28:97:1a:ad:6d:32:59:50:43:8e:b0:5d:fb:e6:bc:7f:99: c3:04:20:02:13:d7:98:fe:b5:21:f5:eb:8b:ae:71:b2:ae:34: 12:e3:e1:2e:8b:2f:dc:1b:bb:27:8e:f2:a3:eb:58:a7:11:3e: 38:2b:2f:24:81:ab:8c:c5:10:a9:8d:ee:c8:43:94:03:82:88: 8d:a8:3a:35:fd:f9:95:ee:36:23:d7:80:ef:28:f5:46:e4:fe: 98:9d:bf:ae:fc:da:59:b3:19:08:86:00:27:0d:96:20:32:4e: 68:09:d4:0a:74:28:c1:16:f5:ee:cf:ca:71:6e:02:bc:ba:b2: a4:f4:93:c8:37:77:83:6e:5e:5a:e6:08:3c:53:45:1b:df:e4: 0b:b4:c2:6b:a2:9c:1b:36:2f:eb:92:56:87:c3:7a:06:30:86: 7e:e3:57:12 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt4NEvEPoHZv0BlbxD5U5RQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi YmFhZTIwHhcNMjYwMTAxMDYxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYWY4Y2FjOWVmNTBhMThhMmRmMDQ0NzhkNjQ1M2FhNGY3MDFkZTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9s02hVVGYR0vWQF1eo1ff+xKqgy F8K+bSAZou20cW49hreX+/vd8N6yXizLVkJBTZqR1W/pTWJsRFojYTvImne+BU4K nXot0zzXVa8epmgsRGIF3KHwzJmdZaHuKvF3eRcQDsKxcmBfkbuDNkOvHqG6vTWN OhLi1yPD6bVg0jsiaD2KZig0BSEi5Z2NRia6zHEeoEsfkn20RUl50djIZr4NK9Mm 0GGR417jiKev8bm5Pp5Zm2nyNan8byQv8/2AqgnCMkpZaLf07uowAlqLieKvLapz cZprKS7JUlaGE00vG5nB0Vq4jdj6EYIgS+hfXkhTB6/HjLzZZ3zDaV1QnwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAr4ysnvUKGKLfBEeNZFOqT3Ad5kMB8GA1UdIwQY MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt MjU0YWNkOTJiNGUxLzEvQ3ZqS3llOVFvWW90OEVSNDFrVTZwUGNCM21RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkAByAA MA0GCSqGSIb3DQEBCwUAA4IBAQCHEjqkQo3Qza1FgHU+EeYhDX7D/cxvOkOIn89a PAxBDlxw+k6R9tMlSJbekb6mxiTILdGo1QMD+zRg6Nc7stKkxA8J9FoXb9sMIusa wMuwxDmq5Bfi1TEQTOJdKJcarW0yWVBDjrBd++a8f5nDBCACE9eY/rUh9euLrnGy rjQS4+Euiy/cG7snjvKj61inET44Ky8kgauMxRCpje7IQ5QDgoiNqDo1/fmV7jYj 14DvKPVG5P6Ynb+u/NpZsxkIhgAnDZYgMk5oCdQKdCjBFvXuz8pxbgK8urKk9JPI N3eDbl5a5gg8U0Ub3+QLtMJropwbNi/rklaHw3oGMIZ+41cS -----END CERTIFICATE-----Generated at Tue Jan 20 14:14:19 2026 by rpki-client