This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/aIdT9TU8Mchvi1KT8xDqqF_aYww.roa File: aIdT9TU8Mchvi1KT8xDqqF_aYww.roa (raw, json) Hash identifier: L0SKCt/IF1f3xCcEQuDLjZD6COmk+1+SlyBXGktU14Q= Subject key identifier: 68:87:53:F5:35:3C:31:C8:6F:8B:52:93:F3:10:EA:A8:5F:DA:63:0C Certificate issuer: /CN=ff597b40c6d4469f9b914a78dc8ec439323b0fb8 Certificate serial: 019B797EEBABB2BA669866CA7EB8D76C41B7 Authority key identifier: FF:59:7B:40:C6:D4:46:9F:9B:91:4A:78:DC:8E:C4:39:32:3B:0F:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_1l7QMbURp-bkUp43I7EOTI7D7g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/aIdT9TU8Mchvi1KT8xDqqF_aYww.roa Signing time: Thu 01 Jan 2026 12:18:39 +0000 ROA not before: Thu 01 Jan 2026 12:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 2a0b:4581::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/_1l7QMbURp-bkUp43I7EOTI7D7g.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/_1l7QMbURp-bkUp43I7EOTI7D7g.mft rsync://rpki.ripe.net/repository/DEFAULT/_1l7QMbURp-bkUp43I7EOTI7D7g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:eb:ab:b2:ba:66:98:66:ca:7e:b8:d7:6c:41:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff597b40c6d4469f9b914a78dc8ec439323b0fb8 Validity Not Before: Jan 1 12:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=688753f5353c31c86f8b5293f310eaa85fda630c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:e2:de:d4:67:8a:17:f7:58:c7:14:32:55:10: 9c:99:26:a8:c7:4d:b7:a3:52:7f:6c:c2:68:e3:af: 86:7e:e3:a0:66:dc:57:bb:5b:74:63:55:80:91:6b: ad:01:7c:c3:f2:26:89:ce:b1:0b:98:65:80:86:25: 8a:bb:a0:f3:af:57:2a:66:9a:81:06:01:87:b9:d3: 45:3f:cd:ab:ea:7f:30:d0:c3:58:13:91:42:8d:47: b7:26:bf:a0:35:d0:49:10:fa:0b:f7:f6:51:09:ac: 4c:f7:ec:d4:a4:7c:c0:62:8f:70:ec:f4:0c:a7:0e: 28:b4:be:54:8d:1d:87:25:fb:24:3c:c5:79:11:9a: 20:1d:44:3d:2b:fd:2d:54:29:4d:15:3d:37:77:12: b5:4c:e0:09:9e:36:94:f8:98:fc:67:06:3d:f3:33: 9d:79:22:83:0d:1e:a1:4d:80:fe:5e:76:f3:fe:ec: e8:e2:26:c7:fc:cf:21:ea:bf:c5:71:ca:22:be:67: 6f:d3:d9:95:1b:76:0e:3b:78:40:a4:7d:c6:e9:31: 34:2a:7e:3b:bb:38:57:d1:69:ec:32:ec:70:cc:25: 92:c5:f3:6b:81:ea:a6:33:b2:79:99:58:29:a0:fa: 0b:02:98:74:e4:2f:4a:da:3e:f3:b8:43:65:62:e1: a9:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:87:53:F5:35:3C:31:C8:6F:8B:52:93:F3:10:EA:A8:5F:DA:63:0C X509v3 Authority Key Identifier: keyid:FF:59:7B:40:C6:D4:46:9F:9B:91:4A:78:DC:8E:C4:39:32:3B:0F:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1l7QMbURp-bkUp43I7EOTI7D7g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/aIdT9TU8Mchvi1KT8xDqqF_aYww.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/_1l7QMbURp-bkUp43I7EOTI7D7g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:4581::/48 Signature Algorithm: sha256WithRSAEncryption 72:96:89:40:9e:14:aa:06:44:6d:93:e2:d5:d3:20:1a:5b:0c: 62:d2:7b:52:f9:7b:f7:11:52:5a:5c:b3:a3:7d:68:4d:aa:35: 1d:7a:dd:df:22:54:4a:1a:e8:79:60:73:0b:b0:c2:1e:db:c5: b4:97:48:c6:8e:71:cf:0c:d2:e1:d0:d3:b4:fa:fe:a6:6f:ce: 3c:49:5e:e2:87:40:bd:31:df:8b:0f:b8:a0:7a:5a:c6:4c:58: 7e:61:e2:be:e3:cc:f4:36:5e:46:56:a6:b3:28:a0:2c:15:df: 57:cf:a2:66:b6:d5:8b:9c:30:0e:c1:02:33:9f:44:b0:51:f1: 0a:90:ca:69:a2:92:e2:b0:94:dc:c8:be:31:11:04:c9:06:26: 79:bf:ca:29:4a:ae:45:75:af:05:c6:56:9b:2d:25:36:77:e4: 62:28:41:f7:a3:ab:64:fc:44:4e:d9:e8:74:9a:3a:5e:2a:8c: b7:26:73:c5:eb:96:1a:8f:85:bc:3e:f9:53:c9:eb:2a:0f:e7: d6:6d:60:2d:5d:0e:ee:9f:29:dc:fc:90:be:13:8b:a5:1f:ef: 8a:3d:b6:09:36:70:49:81:59:69:5a:88:2e:29:a4:05:07:62: 95:38:42:c7:6e:00:f7:14:4e:07:38:d1:01:b6:58:a4:c2:0b: 85:df:33:71 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5fuursrpmmGbKfrjXbEG3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmNTk3YjQwYzZkNDQ2OWY5YjkxNGE3OGRjOGVjNDM5MzIz YjBmYjgwHhcNMjYwMTAxMTIxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODg3NTNmNTM1M2MzMWM4NmY4YjUyOTNmMzEwZWFhODVmZGE2MzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+Le1GeKF/dYxxQyVRCcmSaox023 o1J/bMJo46+GfuOgZtxXu1t0Y1WAkWutAXzD8iaJzrELmGWAhiWKu6Dzr1cqZpqB BgGHudNFP82r6n8w0MNYE5FCjUe3Jr+gNdBJEPoL9/ZRCaxM9+zUpHzAYo9w7PQM pw4otL5UjR2HJfskPMV5EZogHUQ9K/0tVClNFT03dxK1TOAJnjaU+Jj8ZwY98zOd eSKDDR6hTYD+Xnbz/uzo4ibH/M8h6r/Fccoivmdv09mVG3YOO3hApH3G6TE0Kn47 uzhX0WnsMuxwzCWSxfNrgeqmM7J5mVgpoPoLAph05C9K2j7zuENlYuGpzQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFGiHU/U1PDHIb4tSk/MQ6qhf2mMMMB8GA1UdIwQY MBaAFP9Ze0DG1Eafm5FKeNyOxDkyOw+4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzFsN1FNYlVScC1ia1VwNDNJN0VPVEk3RDdnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iZmIyN2EtZjAwNS00OGNiLTk0NzMt ZmZiMmVmNGJmZTI1LzEvYUlkVDlUVThNY2h2aTFLVDh4RHFxRl9hWXd3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9iZmIyN2EtZjAwNS00OGNiLTk0NzMtZmZiMmVmNGJmZTI1 LzEvXzFsN1FNYlVScC1ia1VwNDNJN0VPVEk3RDdnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgtFgQAA MA0GCSqGSIb3DQEBCwUAA4IBAQBylolAnhSqBkRtk+LV0yAaWwxi0ntS+Xv3EVJa XLOjfWhNqjUdet3fIlRKGuh5YHMLsMIe28W0l0jGjnHPDNLh0NO0+v6mb848SV7i h0C9Md+LD7igelrGTFh+YeK+48z0Nl5GVqazKKAsFd9Xz6JmttWLnDAOwQIzn0Sw UfEKkMppopLisJTcyL4xEQTJBiZ5v8opSq5Fda8FxlabLSU2d+RiKEH3o6tk/ERO 2eh0mjpeKoy3JnPF65Yaj4W8PvlTyesqD+fWbWAtXQ7unync/JC+E4ulH++KPbYJ NnBJgVlpWoguKaQFB2KVOELHbgD3FE4HONEBtlikwguF3zNx -----END CERTIFICATE-----Generated at Wed Jan 7 23:48:10 2026 by rpki-client