This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/enG-2O37l0tfCXPe5qxDHqmhfBM.roa File: enG-2O37l0tfCXPe5qxDHqmhfBM.roa (raw, json) Hash identifier: jGTKcu+lOiEokM/DOq/06iw1cNeM5/tsRl9yOxD8O+Y= Subject key identifier: 7A:71:BE:D8:ED:FB:97:4B:5F:09:73:DE:E6:AC:43:1E:A9:A1:7C:13 Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0 Certificate serial: 019B7758D94E0B505F1A8E4C20BE41860EFF Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/enG-2O37l0tfCXPe5qxDHqmhfBM.roa Signing time: Thu 01 Jan 2026 02:17:50 +0000 ROA not before: Thu 01 Jan 2026 02:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 2a0f:5707:ba0e::/48 maxlen: 48 2a0f:5707:ba0f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.mft rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:d9:4e:0b:50:5f:1a:8e:4c:20:be:41:86:0e:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0 Validity Not Before: Jan 1 02:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7a71bed8edfb974b5f0973dee6ac431ea9a17c13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:32:33:f9:1a:f7:a0:bd:88:9d:0e:f2:65:48: 4f:40:2b:cf:d9:ec:e4:9b:04:ca:65:17:69:a5:77: 0f:48:76:b0:c9:53:75:5b:a2:d2:b3:0c:1e:f4:31: 26:45:de:c7:ce:31:1e:91:11:14:7a:0f:4f:a9:dc: 0d:e2:e3:75:6b:21:04:f4:1b:57:db:fa:d8:9e:f1: b7:c0:be:c2:61:9c:c2:cb:c6:f2:b8:06:63:d7:1b: 0e:07:9c:78:d4:23:d7:0e:cb:47:b6:68:11:e9:2e: 1a:5a:a7:a0:b5:31:39:95:1f:f9:55:4a:cd:60:0a: 76:dd:f4:8d:09:62:12:24:e1:4a:ed:b7:01:6c:ff: e7:34:02:d7:59:be:6a:d7:e4:6c:a5:9d:d3:c0:72: f6:84:0f:2f:ba:17:3f:0e:8d:c3:33:1d:46:33:86: 30:56:a4:e4:84:b5:31:00:83:b0:bb:a7:b6:8b:ff: 82:8a:94:98:fe:88:0d:43:59:c6:49:54:6f:09:57: cf:46:23:b0:00:c6:b3:31:e8:62:0f:0f:1c:45:5e: 75:43:04:f7:42:59:c3:1d:32:51:85:af:d4:2e:a9: 30:04:8c:10:a8:1c:ab:41:1e:6a:8d:b5:f0:80:9a: 77:98:e6:d0:ba:a5:91:b5:3c:d9:b4:54:4c:e4:dd: b9:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:71:BE:D8:ED:FB:97:4B:5F:09:73:DE:E6:AC:43:1E:A9:A1:7C:13 X509v3 Authority Key Identifier: keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/enG-2O37l0tfCXPe5qxDHqmhfBM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:5707:ba0e::/47 Signature Algorithm: sha256WithRSAEncryption 1b:ed:12:26:52:0e:00:3e:be:50:4c:e1:b9:77:1b:2c:b2:0e: 2c:0c:b2:f6:c2:6f:fe:d8:9b:66:35:34:88:7f:86:92:0b:d4: c1:13:89:6c:35:25:bf:fe:fc:4e:ef:9f:d0:a2:2a:12:e8:78: a3:cf:14:27:e9:a7:73:8e:42:b1:b5:ff:a3:8d:6f:6d:54:95: c2:0d:39:08:c7:a2:d4:28:a0:4f:65:3d:b3:f0:60:da:ce:49: d0:de:ed:ff:1d:3a:8e:04:1a:a4:f7:cb:36:79:14:94:d9:d3: a2:29:b4:f4:70:9a:9f:9f:c4:2b:d9:ac:7b:7a:3e:85:58:86: dd:80:6b:d2:01:89:43:ad:5e:f9:5e:02:30:53:b2:de:f5:17: 8f:ab:a6:19:0d:e3:a3:b1:55:98:c4:8f:07:39:6e:8f:85:82: e1:6f:72:13:a5:4a:37:13:64:d7:1c:26:f5:c0:f3:c9:ac:ab: 74:34:1e:e7:91:c5:66:81:b8:b5:89:be:8c:ca:f0:bf:19:15: 67:de:e7:c9:af:e9:b5:4f:3c:5f:b8:07:b8:56:5e:8c:31:76: 3f:00:c4:db:65:26:7f:71:00:95:8e:fb:f6:23:a6:bc:5d:cb: 56:f9:ca:d0:04:f1:48:58:aa:a6:1a:be:80:62:c2:cf:b3:c5: 0e:eb:9c:ab -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt3WNlOC1BfGo5MIL5Bhg7/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk NWFlZjAwHhcNMjYwMTAxMDIxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YTcxYmVkOGVkZmI5NzRiNWYwOTczZGVlNmFjNDMxZWE5YTE3YzEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDIz+Rr3oL2InQ7yZUhPQCvP2ezk mwTKZRdppXcPSHawyVN1W6LSswwe9DEmRd7HzjEekREUeg9PqdwN4uN1ayEE9BtX 2/rYnvG3wL7CYZzCy8byuAZj1xsOB5x41CPXDstHtmgR6S4aWqegtTE5lR/5VUrN YAp23fSNCWISJOFK7bcBbP/nNALXWb5q1+RspZ3TwHL2hA8vuhc/Do3DMx1GM4Yw VqTkhLUxAIOwu6e2i/+CipSY/ogNQ1nGSVRvCVfPRiOwAMazMehiDw8cRV51QwT3 QlnDHTJRha/ULqkwBIwQqByrQR5qjbXwgJp3mObQuqWRtTzZtFRM5N25CwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFHpxvtjt+5dLXwlz3uasQx6poXwTMB8GA1UdIwQY MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt Y2MxYzliNWY2NjQwLzEvZW5HLTJPMzdsMHRmQ1hQZTVxeERIcW1oZkJNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg9XB7oO MA0GCSqGSIb3DQEBCwUAA4IBAQAb7RImUg4APr5QTOG5dxsssg4sDLL2wm/+2Jtm NTSIf4aSC9TBE4lsNSW//vxO75/QoioS6HijzxQn6adzjkKxtf+jjW9tVJXCDTkI x6LUKKBPZT2z8GDazknQ3u3/HTqOBBqk98s2eRSU2dOiKbT0cJqfn8Qr2ax7ej6F WIbdgGvSAYlDrV75XgIwU7Le9RePq6YZDeOjsVWYxI8HOW6PhYLhb3ITpUo3E2TX HCb1wPPJrKt0NB7nkcVmgbi1ib6MyvC/GRVn3ufJr+m1TzxfuAe4Vl6MMXY/AMTb ZSZ/cQCVjvv2I6a8XctW+crQBPFIWKqmGr6AYsLPs8UO65yr -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:07 2026 by rpki-client