This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/xdut8wYyvx2d6v8QKSAQ3CT7I4E.roa File: xdut8wYyvx2d6v8QKSAQ3CT7I4E.roa (raw, json) Hash identifier: ItTTuXABglqMCY3jvpxSWsqsCY3wf7S0oi13Zr27CZk= Subject key identifier: C5:DB:AD:F3:06:32:BF:1D:9D:EA:FF:10:29:20:10:DC:24:FB:23:81 Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019B7910B8C36EAFFC6A9E8198645D45C130 Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/xdut8wYyvx2d6v8QKSAQ3CT7I4E.roa Signing time: Thu 01 Jan 2026 10:18:17 +0000 ROA not before: Thu 01 Jan 2026 10:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215228 IP address blocks: 2a12:bec4:1110::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:b8:c3:6e:af:fc:6a:9e:81:98:64:5d:45:c1:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 1 10:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c5dbadf30632bf1d9deaff10292010dc24fb2381 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:63:9c:3e:aa:fb:9f:f6:72:1a:3c:5c:f3:e2: 4c:5a:6e:07:19:a2:3b:90:ec:f7:e3:60:a7:a8:0e: b7:94:70:35:7c:fe:cd:5e:7f:4e:c2:e0:77:39:a3: ab:74:db:e1:41:cf:e7:c7:79:f6:54:1f:39:3b:24: 64:09:38:9b:67:00:11:37:01:93:4d:68:e2:ed:e1: 29:76:ce:09:c0:f8:76:60:64:80:34:3d:a9:41:a9: 5f:a2:1d:da:45:7b:2e:8f:e4:20:a3:ba:e4:61:88: 5a:17:5d:a3:c9:4e:fc:50:3c:cf:ec:97:a4:be:24: aa:f1:c3:06:61:dd:67:bd:8d:26:f6:7a:9b:ae:51: f0:1f:eb:69:ef:cb:74:68:f5:e5:7d:f5:3d:21:44: ca:e5:a8:e5:ca:ca:20:ae:9d:c5:b2:2b:66:e9:4b: c5:78:bb:97:7a:15:48:46:5a:e0:23:72:d2:e3:ee: bd:33:37:42:5f:ee:70:12:20:29:d3:ee:3f:37:2c: fb:4f:d5:2a:49:56:0f:c5:ba:e3:4d:a9:62:00:bd: cb:90:95:db:48:c3:1b:c5:8f:9f:38:18:f1:6b:2d: 8c:d4:4e:a0:74:02:6f:26:b3:bd:a1:24:04:aa:a3: 2d:e4:58:76:71:84:1a:75:55:dd:48:12:85:41:ae: c6:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:DB:AD:F3:06:32:BF:1D:9D:EA:FF:10:29:20:10:DC:24:FB:23:81 X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/xdut8wYyvx2d6v8QKSAQ3CT7I4E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec4:1110::/44 Signature Algorithm: sha256WithRSAEncryption 55:4b:af:6f:8d:83:7c:b9:d4:c1:55:92:d9:e4:0b:bf:8b:cb: ee:25:e2:e1:43:7a:aa:5f:63:cf:eb:d5:0c:a4:84:8a:4e:a8: f1:20:80:9b:3e:1f:a4:5d:7d:68:ce:fe:a7:a1:dc:08:b6:f9: 51:7e:35:82:15:a2:e0:ef:57:c6:be:9b:22:c6:31:9a:e1:81: 3f:71:94:8f:1a:59:c9:d2:1c:d0:a3:62:d9:30:5c:f3:a3:ef: c3:01:74:6d:df:bc:b3:27:1f:cd:e7:99:a1:86:8a:e1:00:f1: 99:f9:57:d2:a2:23:54:f7:b0:0a:45:02:10:18:e5:6d:4e:ab: e3:24:e5:ee:da:ef:ff:c8:70:9d:ff:c9:08:54:53:f7:35:e9: b6:aa:60:62:cf:92:5d:7d:07:f7:9f:5e:c8:2b:ba:23:37:ae: 12:8a:ff:1f:c8:b5:90:60:2b:25:32:5f:53:c1:b0:1d:ac:0d: 53:12:a1:5e:cf:b5:93:8c:21:38:89:a7:7a:e0:d5:35:bf:28: 15:8d:ad:97:c6:50:85:ac:b4:11:10:79:09:91:5d:69:4e:69: df:34:13:42:a7:0c:1b:7e:ff:90:cb:fd:10:13:a8:85:80:4c: 95:95:a8:75:45:86:b7:04:b4:2d:bd:7a:4a:8b:bb:29:be:a0: b7:c4:d9:cb -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5ELjDbq/8ap6BmGRdRcEwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTAxMTAxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNWRiYWRmMzA2MzJiZjFkOWRlYWZmMTAyOTIwMTBkYzI0ZmIyMzgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2OcPqr7n/ZyGjxc8+JMWm4HGaI7 kOz342CnqA63lHA1fP7NXn9OwuB3OaOrdNvhQc/nx3n2VB85OyRkCTibZwARNwGT TWji7eEpds4JwPh2YGSAND2pQalfoh3aRXsuj+Qgo7rkYYhaF12jyU78UDzP7Jek viSq8cMGYd1nvY0m9nqbrlHwH+tp78t0aPXlffU9IUTK5ajlysogrp3Fsitm6UvF eLuXehVIRlrgI3LS4+69MzdCX+5wEiAp0+4/Nyz7T9UqSVYPxbrjTaliAL3LkJXb SMMbxY+fOBjxay2M1E6gdAJvJrO9oSQEqqMt5Fh2cYQadVXdSBKFQa7G8wIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFMXbrfMGMr8dner/ECkgENwk+yOBMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEveGR1dDh3WXl2eDJkNnY4UUtTQVEzQ1Q3STRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBEQ MA0GCSqGSIb3DQEBCwUAA4IBAQBVS69vjYN8udTBVZLZ5Au/i8vuJeLhQ3qqX2PP 69UMpISKTqjxIICbPh+kXX1ozv6nodwItvlRfjWCFaLg71fGvpsixjGa4YE/cZSP GlnJ0hzQo2LZMFzzo+/DAXRt37yzJx/N55mhhorhAPGZ+VfSoiNU97AKRQIQGOVt TqvjJOXu2u//yHCd/8kIVFP3Nem2qmBiz5JdfQf3n17IK7ojN64Siv8fyLWQYCsl Ml9TwbAdrA1TEqFez7WTjCE4iad64NU1vygVja2XxlCFrLQREHkJkV1pTmnfNBNC pwwbfv+Qy/0QE6iFgEyVlah1RYa3BLQtvXpKi7spvqC3xNnL -----END CERTIFICATE-----Generated at Tue Jan 20 02:47:44 2026 by rpki-client