This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/7GfgZxujWUcZnzuCFPQldbD1y6M.roa File: 7GfgZxujWUcZnzuCFPQldbD1y6M.roa (raw, json) Hash identifier: CyadJFfK+47oqhnggEk1m0zDviLh8HkKDT4nKtqd5rQ= Subject key identifier: EC:67:E0:67:1B:A3:59:47:19:9F:3B:82:14:F4:25:75:B0:F5:CB:A3 Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019B7910C92FC8A29FECD5FA0CCE3B0D76FA Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/7GfgZxujWUcZnzuCFPQldbD1y6M.roa Signing time: Thu 01 Jan 2026 10:18:21 +0000 ROA not before: Thu 01 Jan 2026 10:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216253 IP address blocks: 2a12:bec0:480::/44 maxlen: 48 2a12:bec4:1140::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:c9:2f:c8:a2:9f:ec:d5:fa:0c:ce:3b:0d:76:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 1 10:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ec67e0671ba35947199f3b8214f42575b0f5cba3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:e6:7e:2f:26:85:c8:38:1c:7c:0e:d5:c0:0e: 08:71:8a:d9:fe:ea:aa:61:62:3f:3e:78:b0:da:4e: 3f:64:7b:77:32:51:05:11:b2:94:1f:a1:94:77:5a: 1f:e1:9c:2f:33:68:25:6c:1e:b7:4c:51:5a:85:6d: 09:06:81:c3:45:39:23:87:94:03:37:cb:e2:7a:60: 55:32:78:92:89:7a:7c:17:a1:95:c1:7b:d3:08:47: 51:88:d7:48:7b:f6:4c:35:fe:be:7f:e6:76:f8:e1: cd:66:e9:e8:40:50:9d:48:42:56:bf:e1:67:ce:1c: 3b:77:82:0c:84:fe:ab:3b:fc:5d:ec:1f:2f:54:17: 59:06:9e:3e:cc:6b:ed:9c:02:cc:dc:1e:de:d5:37: db:d9:89:b2:2d:ff:98:aa:55:02:c8:f3:11:12:a6: fa:d0:38:5b:80:9f:c9:a1:40:d4:5e:61:14:71:31: c8:e8:a2:43:17:74:8f:b7:fa:17:37:d6:3e:56:78: d4:58:01:a0:d7:35:03:20:35:06:dc:34:30:e8:db: 5f:e7:33:9b:ec:50:dd:c6:bd:63:91:03:c8:ab:ec: 64:f7:e6:d4:28:7c:39:69:6f:db:6b:ab:92:55:f0: 46:f3:0c:c7:2b:6e:f9:38:85:8c:20:62:ae:0e:07: fa:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:67:E0:67:1B:A3:59:47:19:9F:3B:82:14:F4:25:75:B0:F5:CB:A3 X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/7GfgZxujWUcZnzuCFPQldbD1y6M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec0:480::/44 2a12:bec4:1140::/44 Signature Algorithm: sha256WithRSAEncryption bb:64:12:ac:18:fa:cd:b6:e0:c2:5d:aa:55:04:ef:99:72:d3: 0d:2a:b5:ad:57:c2:f3:04:cc:f4:9f:ee:9c:52:29:55:a6:73: 92:1d:c5:65:3b:8b:e1:dd:38:e9:37:90:57:c1:9b:4c:1b:4e: 64:f9:fb:a2:4e:f9:69:d8:2b:99:c8:44:e0:36:6c:fe:66:d6: 28:86:57:39:5a:ae:ee:5a:ad:67:66:e4:1c:89:61:a0:7a:8d: bb:0e:45:30:e2:88:39:23:20:67:64:fe:07:21:6b:d4:ee:4d: 4d:ea:b0:34:98:18:77:5c:46:bc:db:3c:cc:6e:30:68:93:2c: 5e:ae:59:a6:46:75:e9:ed:39:d5:78:e5:8d:8d:24:e7:d1:2c: a8:88:5d:4f:d9:2f:13:03:07:7b:ee:40:73:cc:5e:e0:c9:e1: 3e:19:f4:f4:ab:37:76:cc:7d:36:e3:6f:9b:c6:15:e8:8e:0f: b1:93:8f:c4:78:c1:f9:44:31:41:da:67:f4:4b:ff:94:74:96: 88:b4:4d:16:6e:88:45:6b:74:06:e2:c1:20:bb:ef:17:d1:82: d3:10:dc:21:8c:cd:3a:ac:b6:5c:33:8c:3b:ca:4f:e5:58:c0: 8e:cc:db:8c:bd:0b:21:61:86:bf:a8:14:4b:d7:4f:84:2e:b1: 4c:d9:7a:8c -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5EMkvyKKf7NX6DM47DXb6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTAxMTAxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlYzY3ZTA2NzFiYTM1OTQ3MTk5ZjNiODIxNGY0MjU3NWIwZjVjYmEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOZ+LyaFyDgcfA7VwA4IcYrZ/uqq YWI/Pniw2k4/ZHt3MlEFEbKUH6GUd1of4ZwvM2glbB63TFFahW0JBoHDRTkjh5QD N8viemBVMniSiXp8F6GVwXvTCEdRiNdIe/ZMNf6+f+Z2+OHNZunoQFCdSEJWv+Fn zhw7d4IMhP6rO/xd7B8vVBdZBp4+zGvtnALM3B7e1Tfb2YmyLf+YqlUCyPMREqb6 0DhbgJ/JoUDUXmEUcTHI6KJDF3SPt/oXN9Y+VnjUWAGg1zUDIDUG3DQw6Ntf5zOb 7FDdxr1jkQPIq+xk9+bUKHw5aW/ba6uSVfBG8wzHK275OIWMIGKuDgf6+QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFOxn4Gcbo1lHGZ87ghT0JXWw9cujMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvN0dmZ1p4dWpXVWNabnp1Q0ZQUWxkYkQxeTZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhK+wASA AwcEKhK+xBFAMA0GCSqGSIb3DQEBCwUAA4IBAQC7ZBKsGPrNtuDCXapVBO+ZctMN KrWtV8LzBMz0n+6cUilVpnOSHcVlO4vh3TjpN5BXwZtMG05k+fuiTvlp2CuZyETg Nmz+ZtYohlc5Wq7uWq1nZuQciWGgeo27DkUw4og5IyBnZP4HIWvU7k1N6rA0mBh3 XEa82zzMbjBokyxerlmmRnXp7TnVeOWNjSTn0SyoiF1P2S8TAwd77kBzzF7gyeE+ GfT0qzd2zH0242+bxhXojg+xk4/EeMH5RDFB2mf0S/+UdJaItE0WbohFa3QG4sEg u+8X0YLTENwhjM06rLZcM4w7yk/lWMCOzNuMvQshYYa/qBRL10+ELrFM2XqM -----END CERTIFICATE-----Generated at Tue Jan 20 02:48:02 2026 by rpki-client