This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/f1fc7c-4922-491d-a60d-f2d23aae52c6/1/iBXu_AfLungRwDg5PQCY_EZez3c.roa File: iBXu_AfLungRwDg5PQCY_EZez3c.roa (raw, json) Hash identifier: K8zsdZyfr+dDBeWgBkWYLPkuu2q5T19Ve+4SgzTV9fE= Subject key identifier: 88:15:EE:FC:07:CB:BA:78:11:C0:38:39:3D:00:98:FC:46:5E:CF:77 Certificate issuer: /CN=3c0ebfb4cae5669c49f304be035aa457b8d35921 Certificate serial: 019B7A5A93BF1D45D4320B5BE6FBB7CF1E88 Authority key identifier: 3C:0E:BF:B4:CA:E5:66:9C:49:F3:04:BE:03:5A:A4:57:B8:D3:59:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PA6_tMrlZpxJ8wS-A1qkV7jTWSE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/f1fc7c-4922-491d-a60d-f2d23aae52c6/1/iBXu_AfLungRwDg5PQCY_EZez3c.roa Signing time: Thu 01 Jan 2026 16:18:35 +0000 ROA not before: Thu 01 Jan 2026 16:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207214 IP address blocks: 2a09:6f40::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/f1fc7c-4922-491d-a60d-f2d23aae52c6/1/PA6_tMrlZpxJ8wS-A1qkV7jTWSE.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/f1fc7c-4922-491d-a60d-f2d23aae52c6/1/PA6_tMrlZpxJ8wS-A1qkV7jTWSE.mft rsync://rpki.ripe.net/repository/DEFAULT/PA6_tMrlZpxJ8wS-A1qkV7jTWSE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:93:bf:1d:45:d4:32:0b:5b:e6:fb:b7:cf:1e:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c0ebfb4cae5669c49f304be035aa457b8d35921 Validity Not Before: Jan 1 16:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8815eefc07cbba7811c038393d0098fc465ecf77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ee:33:e1:76:6f:e0:f6:80:e5:88:3e:7f:8d: 90:c9:64:f7:dd:e3:94:14:9b:00:bb:f5:32:c9:68: 5a:ab:80:ca:21:2d:bc:12:84:5f:64:cc:15:0a:37: 2d:83:3f:70:94:bb:23:d4:10:a7:c4:4d:1c:cf:6e: d6:cc:65:96:52:b3:d5:9f:58:68:93:7d:a1:30:0d: af:08:15:9a:ea:c9:27:f9:af:9e:a3:f4:3f:c6:92: cc:0f:f8:07:3b:07:ba:ce:11:8a:92:57:bf:e9:46: 43:42:a4:d9:1c:5c:44:10:06:57:59:4b:a0:62:cb: 1e:a0:ef:93:67:b5:25:36:82:fe:4e:2c:6a:c8:ff: 6a:fd:6f:42:3e:3d:46:28:bd:bc:12:c4:b5:75:22: cb:91:7b:48:dd:76:28:d5:ca:a1:71:86:64:c7:b8: 08:9e:dd:26:2e:17:83:84:e5:54:1b:f5:bd:54:c1: 98:4a:48:31:7f:01:55:ef:58:95:47:6a:4a:c4:96: e1:a5:5b:57:fd:15:a4:df:12:b3:10:50:c0:63:36: 7f:0b:41:37:cc:3a:30:33:fc:e6:cb:d9:1a:bc:43: bc:50:b0:0b:4d:00:c9:b5:dd:3a:1e:0d:9b:05:05: 11:00:ff:e2:cb:6d:d7:29:dd:33:5e:08:4c:ef:e8: 91:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:15:EE:FC:07:CB:BA:78:11:C0:38:39:3D:00:98:FC:46:5E:CF:77 X509v3 Authority Key Identifier: keyid:3C:0E:BF:B4:CA:E5:66:9C:49:F3:04:BE:03:5A:A4:57:B8:D3:59:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA6_tMrlZpxJ8wS-A1qkV7jTWSE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f1fc7c-4922-491d-a60d-f2d23aae52c6/1/iBXu_AfLungRwDg5PQCY_EZez3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f1fc7c-4922-491d-a60d-f2d23aae52c6/1/PA6_tMrlZpxJ8wS-A1qkV7jTWSE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:6f40::/29 Signature Algorithm: sha256WithRSAEncryption 3e:43:fb:39:67:a3:04:9d:90:87:fd:5d:98:60:92:cf:e5:62: 0e:cf:8b:e1:4e:9a:35:b9:86:9a:6d:a2:f6:48:10:3c:14:6f: 35:f1:bf:9a:aa:49:45:0c:aa:d9:8f:b1:bf:71:67:ab:32:10: 91:52:96:23:0a:34:7a:72:6a:3f:1e:54:c8:ed:a2:3e:e1:f1: 94:13:a0:4a:f8:59:b6:8f:df:0d:cf:9e:69:9c:9d:89:12:45: d2:b6:3c:93:50:40:83:bd:3e:e4:c3:c4:7d:fa:3a:82:70:f6: 1e:9a:53:b7:65:b5:12:43:0c:5a:26:eb:f5:a5:34:3c:40:ed: ba:09:a8:c1:1b:d2:4f:29:50:45:80:db:c2:e3:02:ed:81:b2: 20:42:5e:72:f9:24:15:57:c5:47:08:ce:b7:8c:c7:bf:6a:92: d9:1e:ea:40:1d:be:8e:3e:ae:43:57:19:2f:61:2f:71:a4:a3: b6:68:82:38:6b:96:ed:48:01:ec:0c:da:09:4d:6d:85:f9:23: 74:68:aa:e0:5c:da:84:f4:17:25:95:67:6c:2d:a1:9f:4c:06: c5:23:85:2e:5c:ff:9f:5d:6a:14:ff:58:53:fe:51:6e:a9:6c: d0:07:73:16:7f:d9:fe:90:34:31:39:45:c4:aa:e3:e3:e1:56: df:80:b2:ef -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt6WpO/HUXUMgtb5vu3zx6IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjMGViZmI0Y2FlNTY2OWM0OWYzMDRiZTAzNWFhNDU3Yjhk MzU5MjEwHhcNMjYwMTAxMTYxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ODE1ZWVmYzA3Y2JiYTc4MTFjMDM4MzkzZDAwOThmYzQ2NWVjZjc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+4z4XZv4PaA5Yg+f42QyWT33eOU FJsAu/UyyWhaq4DKIS28EoRfZMwVCjctgz9wlLsj1BCnxE0cz27WzGWWUrPVn1ho k32hMA2vCBWa6skn+a+eo/Q/xpLMD/gHOwe6zhGKkle/6UZDQqTZHFxEEAZXWUug YsseoO+TZ7UlNoL+TixqyP9q/W9CPj1GKL28EsS1dSLLkXtI3XYo1cqhcYZkx7gI nt0mLheDhOVUG/W9VMGYSkgxfwFV71iVR2pKxJbhpVtX/RWk3xKzEFDAYzZ/C0E3 zDowM/zmy9kavEO8ULALTQDJtd06Hg2bBQURAP/iy23XKd0zXghM7+iRCwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFIgV7vwHy7p4EcA4OT0AmPxGXs93MB8GA1UdIwQY MBaAFDwOv7TK5WacSfMEvgNapFe401khMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEE2X3RNcmxacHhKOHdTLUExcWtWN2pUV1NFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9mMWZjN2MtNDkyMi00OTFkLWE2MGQt ZjJkMjNhYWU1MmM2LzEvaUJYdV9BZkx1bmdSd0RnNVBRQ1lfRVplejNjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS9mMWZjN2MtNDkyMi00OTFkLWE2MGQtZjJkMjNhYWU1MmM2 LzEvUEE2X3RNcmxacHhKOHdTLUExcWtWN2pUV1NFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKglvQDAN BgkqhkiG9w0BAQsFAAOCAQEAPkP7OWejBJ2Qh/1dmGCSz+ViDs+L4U6aNbmGmm2i 9kgQPBRvNfG/mqpJRQyq2Y+xv3FnqzIQkVKWIwo0enJqPx5UyO2iPuHxlBOgSvhZ to/fDc+eaZydiRJF0rY8k1BAg70+5MPEffo6gnD2HppTt2W1EkMMWibr9aU0PEDt ugmowRvSTylQRYDbwuMC7YGyIEJecvkkFVfFRwjOt4zHv2qS2R7qQB2+jj6uQ1cZ L2EvcaSjtmiCOGuW7UgB7AzaCU1thfkjdGiq4FzahPQXJZVnbC2hn0wGxSOFLlz/ n11qFP9YU/5Rbqls0AdzFn/Z/pA0MTlFxKrj4+FW34Cy7w== -----END CERTIFICATE-----Generated at Mon Feb 9 22:58:08 2026 by rpki-client