This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/CFPIJxIfvGv4lreKn_n-BRa6Bxs.roa File: CFPIJxIfvGv4lreKn_n-BRa6Bxs.roa (raw, json) Hash identifier: jZqgr3QXRgZja5lmx0N+rYinWNEF0ZasU+jgjvI6S3s= Subject key identifier: 08:53:C8:27:12:1F:BC:6B:F8:96:B7:8A:9F:F9:FE:05:16:BA:07:1B Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019B7910ADB20CCF352CA9FEF4D781C5B136 Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/CFPIJxIfvGv4lreKn_n-BRa6Bxs.roa Signing time: Thu 01 Jan 2026 10:18:14 +0000 ROA not before: Thu 01 Jan 2026 10:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213801 IP address blocks: 2a12:bec4:15f0::/44 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 12:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:ad:b2:0c:cf:35:2c:a9:fe:f4:d7:81:c5:b1:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 1 10:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0853c827121fbc6bf896b78a9ff9fe0516ba071b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:49:fb:c3:2d:2e:1f:fc:4f:90:80:6e:d4:a8: 9f:1c:4d:f6:cb:35:42:08:02:df:32:0e:86:70:5c: 7a:1e:aa:6b:e2:46:2d:b0:7c:d4:9b:d5:19:5a:e0: 08:b7:27:df:5a:c3:87:1d:21:40:28:29:9f:85:34: 13:75:5f:a1:98:0c:2b:c6:e3:1d:b9:0b:3b:ac:b3: 8e:aa:0c:da:54:ad:6d:4c:e8:15:7a:6c:bd:b2:22: 1a:37:79:b1:0d:d7:e8:c1:90:cd:57:d3:36:2b:7b: e6:c9:4f:05:8f:7b:a9:d7:ca:a3:4b:78:6f:85:d8: 92:83:dc:0c:55:27:67:98:2c:43:47:b1:81:98:78: 42:17:e2:1f:1d:39:dd:bc:27:bd:5f:70:f2:c6:22: 5e:29:a4:57:6f:5a:fe:24:80:93:ef:90:63:9e:bf: 22:dd:7b:22:85:48:a7:67:79:cf:17:46:ae:67:5d: bb:0d:25:ac:c0:42:c0:5b:93:1f:ea:b0:93:11:62: 52:b3:7b:24:6a:08:82:67:d4:bd:15:0f:b8:5b:96: 72:fd:c5:6e:e1:27:0b:53:1a:06:27:d2:ed:7d:60: b5:80:8a:84:e8:62:ff:e6:43:b0:52:e4:85:50:f1: 09:93:cd:96:df:9c:c0:15:a4:6c:f3:99:4f:99:9f: 18:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:53:C8:27:12:1F:BC:6B:F8:96:B7:8A:9F:F9:FE:05:16:BA:07:1B X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/CFPIJxIfvGv4lreKn_n-BRa6Bxs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec4:15f0::/44 Signature Algorithm: sha256WithRSAEncryption 33:4b:2b:67:59:2f:2d:34:ce:7a:4b:70:76:ab:1f:c1:7a:8d: 0c:7f:2f:a4:55:ba:61:d6:b6:3c:cf:5b:0a:c4:6a:9e:34:8b: bd:ce:67:7d:64:08:6d:33:5f:51:f4:a6:f2:7d:dc:75:fb:56: 6b:01:18:d2:b0:9a:cf:3b:30:4f:0a:2c:50:89:0e:56:78:18: 1d:3a:6f:6a:9d:76:1b:5f:e5:b8:ed:d7:80:b3:c6:b8:32:4a: 19:3c:d1:09:74:a2:68:1e:4a:79:4d:74:cb:08:c1:70:0a:ef: 70:b3:09:14:4b:49:58:8d:77:1d:ee:09:5b:f6:27:64:e7:02: 80:97:d2:e0:fa:66:f8:33:37:e0:c8:5b:55:a5:67:87:66:4e: 91:11:f4:bd:9a:bd:ff:63:da:20:3d:71:ee:2e:d0:9d:10:6b: 1c:31:73:80:07:ae:63:7b:c7:78:6f:e9:88:45:da:2e:fb:4b: 9b:ee:a3:e4:d0:98:57:a3:de:04:4c:d1:ad:21:3c:be:fe:ec: 3c:47:fb:b5:59:fc:89:c0:fe:01:0e:5c:54:ee:7e:41:bb:87: 78:76:b1:01:74:ad:58:ce:0c:10:ab:79:64:1d:8c:6c:90:5f: 2c:ed:b7:6b:e0:05:b8:e9:33:87:43:8b:66:39:df:52:34:66: 6a:d5:63:d2 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5EK2yDM81LKn+9NeBxbE2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTAxMTAxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODUzYzgyNzEyMWZiYzZiZjg5NmI3OGE5ZmY5ZmUwNTE2YmEwNzFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkn7wy0uH/xPkIBu1KifHE32yzVC CALfMg6GcFx6Hqpr4kYtsHzUm9UZWuAItyffWsOHHSFAKCmfhTQTdV+hmAwrxuMd uQs7rLOOqgzaVK1tTOgVemy9siIaN3mxDdfowZDNV9M2K3vmyU8Fj3up18qjS3hv hdiSg9wMVSdnmCxDR7GBmHhCF+IfHTndvCe9X3DyxiJeKaRXb1r+JICT75Bjnr8i 3XsihUinZ3nPF0auZ127DSWswELAW5Mf6rCTEWJSs3skagiCZ9S9FQ+4W5Zy/cVu 4ScLUxoGJ9LtfWC1gIqE6GL/5kOwUuSFUPEJk82W35zAFaRs85lPmZ8YGwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAhTyCcSH7xr+Ja3ip/5/gUWugcbMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvQ0ZQSUp4SWZ2R3Y0bHJlS25fbi1CUmE2QnhzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBXw MA0GCSqGSIb3DQEBCwUAA4IBAQAzSytnWS8tNM56S3B2qx/Beo0Mfy+kVbph1rY8 z1sKxGqeNIu9zmd9ZAhtM19R9Kbyfdx1+1ZrARjSsJrPOzBPCixQiQ5WeBgdOm9q nXYbX+W47deAs8a4MkoZPNEJdKJoHkp5TXTLCMFwCu9wswkUS0lYjXcd7glb9idk 5wKAl9Lg+mb4MzfgyFtVpWeHZk6REfS9mr3/Y9ogPXHuLtCdEGscMXOAB65je8d4 b+mIRdou+0ub7qPk0JhXo94ETNGtITy+/uw8R/u1WfyJwP4BDlxU7n5Bu4d4drEB dK1YzgwQq3lkHYxskF8s7bdr4AW46TOHQ4tmOd9SNGZq1WPS -----END CERTIFICATE-----Generated at Sun Jan 11 21:01:51 2026 by rpki-client