This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/caoxE8GRy3H1WJnTEume6bx8K_E.roa File: caoxE8GRy3H1WJnTEume6bx8K_E.roa (raw, json) Hash identifier: GFHfEcWcp9wtzGJ6YJAJCX7/p85/HrGg1s0B7fqjfIY= Subject key identifier: 71:AA:31:13:C1:91:CB:71:F5:58:99:D3:12:E9:9E:E9:BC:7C:2B:F1 Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019B7910B64065CEBEBEE4E134450461FCFF Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/caoxE8GRy3H1WJnTEume6bx8K_E.roa Signing time: Thu 01 Jan 2026 10:18:16 +0000 ROA not before: Thu 01 Jan 2026 10:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214891 IP address blocks: 2a12:bec4:1280::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:b6:40:65:ce:be:be:e4:e1:34:45:04:61:fc:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 1 10:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=71aa3113c191cb71f55899d312e99ee9bc7c2bf1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:10:2a:0d:31:c1:64:18:b1:ca:86:1c:3f:f6: 80:db:03:77:36:cf:42:25:ee:09:24:1e:15:d4:87: cb:01:48:7a:ce:30:e1:9b:44:f9:c9:d6:08:7f:cd: 78:a4:2b:7f:66:64:65:50:cd:73:22:26:c7:ae:7d: f8:67:7e:e5:36:c9:55:00:8e:6b:62:4f:17:ce:b6: cb:10:46:63:47:0b:f8:5c:df:c7:3e:ba:c5:81:6b: 45:73:9d:43:b4:be:4e:78:b5:54:fe:9c:24:65:47: fc:94:ac:ed:7c:8b:ce:7e:9e:3b:d5:53:d2:cc:49: 7e:23:43:01:ec:2c:6d:85:25:25:93:80:3c:17:0c: 4c:f1:b6:b7:a5:b5:f9:2f:c1:ac:ac:01:ec:22:c9: 9b:83:52:cc:ae:fa:56:5d:66:1d:fc:a1:44:23:7b: 73:6e:34:62:5e:9a:c3:9e:e3:13:fb:38:f3:1e:b4: ca:37:b5:d7:65:84:3f:1a:80:c9:8e:01:92:cf:40: 9b:22:bc:1d:43:dd:ce:d2:e0:1e:0b:89:d9:10:a7: cc:39:1a:24:85:88:80:cc:cc:ef:08:da:e1:06:ad: 05:d1:64:1e:3c:20:9a:e9:1a:59:c6:cb:74:88:82: 85:4a:81:67:4e:76:31:f1:41:85:60:6e:89:0f:b8: d4:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:AA:31:13:C1:91:CB:71:F5:58:99:D3:12:E9:9E:E9:BC:7C:2B:F1 X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/caoxE8GRy3H1WJnTEume6bx8K_E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec4:1280::/44 Signature Algorithm: sha256WithRSAEncryption 5f:09:79:99:d9:96:67:1e:c0:63:eb:cd:85:59:66:3f:dc:54: 3b:b0:10:02:64:08:24:12:f3:7c:05:74:f1:27:37:ad:fa:81: 3f:c6:10:99:43:29:fa:e2:68:90:bb:99:8d:6b:90:29:af:2b: c7:3b:f8:35:07:01:cd:90:3c:69:7a:8c:f0:4d:67:03:30:a4: aa:bf:08:59:0f:a5:b4:4e:b3:0f:73:b0:b7:aa:04:cf:0f:a9: c1:d2:d5:47:e2:4e:45:6f:37:5d:97:76:cd:c3:25:d0:c6:d7: 52:0d:ad:0b:8c:7c:fb:a3:03:c0:82:8e:11:1f:b3:66:cb:41: 0a:66:6d:3b:97:21:59:65:c8:cc:d0:74:de:39:49:36:90:ab: 57:02:ff:f5:98:ad:98:77:1c:de:9f:aa:9e:7c:31:fc:70:57: fd:c7:e1:78:10:32:fc:f7:d3:cb:7b:f3:54:bd:b0:10:5e:b9: 03:99:86:a6:e4:5a:a5:ad:ee:78:62:2d:21:1b:90:06:5e:a6: 5d:7f:09:f4:67:1a:39:75:73:cb:98:bd:a8:17:63:b5:d9:99: a3:30:3f:df:07:89:d7:49:44:fd:14:8d:c9:ee:ed:e9:b2:58: be:ed:dc:ec:1e:51:89:e8:98:6a:8d:45:fb:53:9f:b7:74:a3: ce:05:2b:67 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5ELZAZc6+vuThNEUEYfz/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTAxMTAxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MWFhMzExM2MxOTFjYjcxZjU1ODk5ZDMxMmU5OWVlOWJjN2MyYmYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8BAqDTHBZBixyoYcP/aA2wN3Ns9C Je4JJB4V1IfLAUh6zjDhm0T5ydYIf814pCt/ZmRlUM1zIibHrn34Z37lNslVAI5r Yk8XzrbLEEZjRwv4XN/HPrrFgWtFc51DtL5OeLVU/pwkZUf8lKztfIvOfp471VPS zEl+I0MB7CxthSUlk4A8FwxM8ba3pbX5L8GsrAHsIsmbg1LMrvpWXWYd/KFEI3tz bjRiXprDnuMT+zjzHrTKN7XXZYQ/GoDJjgGSz0CbIrwdQ93O0uAeC4nZEKfMORok hYiAzMzvCNrhBq0F0WQePCCa6RpZxst0iIKFSoFnTnYx8UGFYG6JD7jUsQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFHGqMRPBkctx9ViZ0xLpnum8fCvxMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvY2FveEU4R1J5M0gxV0puVEV1bWU2Yng4S19FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBKA MA0GCSqGSIb3DQEBCwUAA4IBAQBfCXmZ2ZZnHsBj682FWWY/3FQ7sBACZAgkEvN8 BXTxJzet+oE/xhCZQyn64miQu5mNa5ApryvHO/g1BwHNkDxpeozwTWcDMKSqvwhZ D6W0TrMPc7C3qgTPD6nB0tVH4k5Fbzddl3bNwyXQxtdSDa0LjHz7owPAgo4RH7Nm y0EKZm07lyFZZcjM0HTeOUk2kKtXAv/1mK2Ydxzen6qefDH8cFf9x+F4EDL899PL e/NUvbAQXrkDmYam5Fqlre54Yi0hG5AGXqZdfwn0Zxo5dXPLmL2oF2O12ZmjMD/f B4nXSUT9FI3J7u3psli+7dzsHlGJ6JhqjUX7U5+3dKPOBStn -----END CERTIFICATE-----Generated at Tue Jan 20 02:49:00 2026 by rpki-client