This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/T8fKRbTv6LVvO8gYb_qV9S7Ftg8.roa File: T8fKRbTv6LVvO8gYb_qV9S7Ftg8.roa (raw, json) Hash identifier: AGBkafmO5h/oFycH9WFuWDbvQPJyxA0f8wNOgYZVAUo= Subject key identifier: 4F:C7:CA:45:B4:EF:E8:B5:6F:3B:C8:18:6F:FA:95:F5:2E:C5:B6:0F Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019B7910B8251534573FE1790399F6F4411A Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/T8fKRbTv6LVvO8gYb_qV9S7Ftg8.roa Signing time: Thu 01 Jan 2026 10:18:17 +0000 ROA not before: Thu 01 Jan 2026 10:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215225 IP address blocks: 2a12:bec4:1120::/48 maxlen: 48 2a12:bec4:1121::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:b8:25:15:34:57:3f:e1:79:03:99:f6:f4:41:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 1 10:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4fc7ca45b4efe8b56f3bc8186ffa95f52ec5b60f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:0e:ff:05:0d:c7:aa:3f:ec:82:2b:d9:85:1b: 31:25:e9:e2:e8:04:8b:67:8e:5f:2e:bf:41:d2:f3: 46:6e:a6:a7:df:2e:91:b8:ef:5c:08:ed:3c:34:9e: 83:9e:2b:f3:8c:c6:28:4a:be:2e:00:4e:ef:37:59: af:20:eb:4e:30:5a:95:67:4d:fe:bd:f8:76:d0:be: 1b:25:f7:de:05:e7:40:b8:79:a1:30:a4:45:64:fb: 47:3a:60:dd:d5:3f:21:81:3f:e0:75:b6:0f:d6:19: 75:98:cd:f9:f4:3d:e0:cf:5e:23:91:79:55:c8:17: 38:30:cc:3d:f0:73:21:ad:f1:3a:75:53:77:de:d9: 79:01:a2:65:06:e5:25:89:eb:72:b5:2f:c5:c3:90: e0:ce:de:71:bb:e1:1c:f5:5c:f4:52:f3:94:f0:dc: e4:ef:4d:1b:9e:ae:3c:ea:97:05:23:bf:29:be:23: e0:18:dd:78:34:9e:4a:18:3b:87:fd:59:72:db:ef: d0:fc:a1:53:ba:30:fd:e0:d1:28:bc:8b:94:f8:f2: b7:74:84:09:0a:6e:c3:1e:75:b4:8a:05:8c:c0:50: fc:53:15:66:33:04:09:a8:68:41:0f:54:9e:4d:78: ec:b3:7d:37:9d:2b:7b:83:1d:a4:e8:38:36:8e:83: cd:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:C7:CA:45:B4:EF:E8:B5:6F:3B:C8:18:6F:FA:95:F5:2E:C5:B6:0F X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/T8fKRbTv6LVvO8gYb_qV9S7Ftg8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec4:1120::/47 Signature Algorithm: sha256WithRSAEncryption 25:c2:0c:48:8b:cd:7e:6e:3c:8c:c4:12:e0:f8:52:55:72:e3: ab:03:0c:c2:c7:d0:1a:6d:a9:a5:e1:95:55:be:3c:da:56:9c: c2:c7:b9:d2:a6:6c:24:a0:fa:36:96:61:8f:1f:2b:bd:32:2a: 52:f6:9b:22:50:a6:16:e7:3c:88:6c:ea:07:28:27:7a:fe:96: 63:68:33:cb:03:1d:0a:2b:d8:de:1e:8d:56:4c:46:4d:92:10: 87:8a:c4:32:96:33:3d:7e:d3:aa:d2:35:cc:51:cb:d6:48:eb: 15:b5:93:4c:00:3e:bb:fb:cd:f2:40:be:99:6e:78:be:9f:80: 2a:c8:cc:13:0b:98:7f:0d:1b:28:11:54:0a:0e:f6:d9:66:71: a3:76:73:b2:cb:47:14:21:fc:e6:52:ed:70:e0:37:2e:7b:d4: 25:6d:86:f0:67:a9:73:c1:72:db:97:91:20:be:20:d6:10:5c: 0a:9a:02:64:22:9f:c7:be:dd:ce:f0:66:99:a6:70:ac:c9:04: fb:d5:e5:8b:de:df:3d:05:15:b0:02:b3:fc:d6:02:e6:a8:3b: 00:17:3c:be:e3:17:50:a1:64:57:17:4e:d0:50:5d:56:b8:d3: 90:36:15:73:05:88:fc:46:d5:0c:38:49:70:c2:d2:b1:c2:01: 27:94:85:56 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5ELglFTRXP+F5A5n29EEaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTAxMTAxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZmM3Y2E0NWI0ZWZlOGI1NmYzYmM4MTg2ZmZhOTVmNTJlYzViNjBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw7/BQ3Hqj/sgivZhRsxJeni6ASL Z45fLr9B0vNGbqan3y6RuO9cCO08NJ6DnivzjMYoSr4uAE7vN1mvIOtOMFqVZ03+ vfh20L4bJffeBedAuHmhMKRFZPtHOmDd1T8hgT/gdbYP1hl1mM359D3gz14jkXlV yBc4MMw98HMhrfE6dVN33tl5AaJlBuUlietytS/Fw5Dgzt5xu+Ec9Vz0UvOU8Nzk 700bnq486pcFI78pviPgGN14NJ5KGDuH/Vly2+/Q/KFTujD94NEovIuU+PK3dIQJ Cm7DHnW0igWMwFD8UxVmMwQJqGhBD1SeTXjss303nSt7gx2k6Dg2joPNNQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFE/HykW07+i1bzvIGG/6lfUuxbYPMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvVDhmS1JiVHY2TFZ2TzhnWWJfcVY5UzdGdGc4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKhK+xBEg MA0GCSqGSIb3DQEBCwUAA4IBAQAlwgxIi81+bjyMxBLg+FJVcuOrAwzCx9Aabaml 4ZVVvjzaVpzCx7nSpmwkoPo2lmGPHyu9MipS9psiUKYW5zyIbOoHKCd6/pZjaDPL Ax0KK9jeHo1WTEZNkhCHisQyljM9ftOq0jXMUcvWSOsVtZNMAD67+83yQL6Zbni+ n4AqyMwTC5h/DRsoEVQKDvbZZnGjdnOyy0cUIfzmUu1w4Dcue9QlbYbwZ6lzwXLb l5EgviDWEFwKmgJkIp/Hvt3O8GaZpnCsyQT71eWL3t89BRWwArP81gLmqDsAFzy+ 4xdQoWRXF07QUF1WuNOQNhVzBYj8RtUMOElwwtKxwgEnlIVW -----END CERTIFICATE-----Generated at Tue Jan 20 02:49:19 2026 by rpki-client