This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/mf-cVvbKuKj0FCjr0d0a-yrT49s.roa File: mf-cVvbKuKj0FCjr0d0a-yrT49s.roa (raw, json) Hash identifier: Chwv5lPHmvlVlRT+/3aQN7RUvxjhpqVmbJy+Bohup+I= Subject key identifier: 99:FF:9C:56:F6:CA:B8:A8:F4:14:28:EB:D1:DD:1A:FB:2A:D3:E3:DB Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0 Certificate serial: 019B7758E7872C4A8427F4DE1CCFE1D7EAD8 Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/mf-cVvbKuKj0FCjr0d0a-yrT49s.roa Signing time: Thu 01 Jan 2026 02:17:53 +0000 ROA not before: Thu 01 Jan 2026 02:17:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207468 IP address blocks: 2a0f:5707:ffa0::/46 maxlen: 48 2a0f:5707:ffa4::/46 maxlen: 48 2a0f:5707:fff2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.mft rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:e7:87:2c:4a:84:27:f4:de:1c:cf:e1:d7:ea:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0 Validity Not Before: Jan 1 02:17:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=99ff9c56f6cab8a8f41428ebd1dd1afb2ad3e3db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:3b:9f:9c:06:59:a2:e6:30:2a:f1:75:95:9a: da:06:ff:c3:4e:a1:b9:21:78:0c:6c:24:6b:13:84: 9b:f3:27:72:68:b9:1c:b5:3e:b2:8f:9b:05:00:52: ac:c5:3e:91:91:e6:ac:b8:23:d0:3e:05:32:69:1a: 69:37:08:68:f1:e9:82:bb:94:e5:d8:3f:0b:37:45: 83:e7:07:2f:a3:b0:eb:eb:f5:8f:e2:51:4f:81:c3: 25:f6:0a:6d:41:04:69:63:5e:d4:7f:cf:17:03:66: d8:83:e9:df:b6:b3:a9:ec:3c:5d:7d:3e:dd:1e:1b: ce:fa:ef:16:dd:92:4e:a9:cb:54:75:10:06:30:2e: ac:9b:b7:c8:91:86:76:12:18:5e:88:59:97:c0:16: 4e:0d:03:7d:c9:72:c3:0d:7c:70:15:87:2f:a1:91: 9b:13:db:41:41:0c:4e:df:4e:15:ad:f8:f2:4b:41: 24:e6:76:e9:19:84:f5:2a:15:d9:82:fe:bb:83:68: c2:7b:26:72:78:20:5e:82:24:be:f1:94:41:f9:e8: cb:09:37:e0:a5:67:9c:16:28:35:06:35:58:b2:22: 6f:50:41:a8:85:7f:55:ba:7b:16:12:8f:a5:0d:6e: 84:f2:2a:73:2a:86:9d:3c:53:56:f8:be:a4:ac:ae: b4:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:FF:9C:56:F6:CA:B8:A8:F4:14:28:EB:D1:DD:1A:FB:2A:D3:E3:DB X509v3 Authority Key Identifier: keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/mf-cVvbKuKj0FCjr0d0a-yrT49s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:5707:ffa0::/45 2a0f:5707:fff2::/48 Signature Algorithm: sha256WithRSAEncryption 33:c8:2a:77:6d:af:45:91:5e:7f:42:98:e5:3a:fc:01:0a:36: 26:12:06:db:b1:5b:17:84:cd:59:4b:d4:a7:8d:2b:db:80:72: 15:50:64:7a:42:0f:dd:b5:f9:dd:dd:db:0e:5c:68:ea:17:f5: 35:6e:0c:fd:2c:4e:23:b2:54:b7:18:de:a0:73:23:da:a1:dd: 0f:6f:19:0a:8d:04:28:80:b8:1e:6b:9a:14:e5:02:3d:e5:3b: d2:12:7c:75:04:dc:a4:2c:c6:23:d8:fc:a4:95:4b:45:7f:80: 2a:b8:fa:59:0a:8c:c6:75:94:4c:74:2b:1d:f6:c8:98:f6:b3: 87:ae:27:40:67:ef:a5:a4:95:58:49:b2:7e:9c:b6:18:f0:c6: ce:6c:f4:97:8e:e1:71:01:06:63:4e:72:a0:8f:c6:74:e2:84: 92:6c:2c:03:31:f7:62:9d:cb:8e:9c:55:6b:d1:cb:41:de:45: cb:1d:7f:ac:5e:16:b7:65:4e:7b:56:b5:b4:09:89:e9:a9:20: fd:1a:c3:32:7b:7d:50:7b:13:0e:0e:b9:c1:c0:31:10:b1:5e: 47:77:26:73:00:c2:e6:75:fc:12:8e:47:eb:99:19:7a:f7:e8: 4d:63:98:7c:90:66:de:f6:71:ca:35:f3:e9:02:46:6a:db:fa: da:a7:6e:8d -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt3WOeHLEqEJ/TeHM/h1+rYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk NWFlZjAwHhcNMjYwMTAxMDIxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OWZmOWM1NmY2Y2FiOGE4ZjQxNDI4ZWJkMWRkMWFmYjJhZDNlM2RiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDufnAZZouYwKvF1lZraBv/DTqG5 IXgMbCRrE4Sb8ydyaLkctT6yj5sFAFKsxT6RkeasuCPQPgUyaRppNwho8emCu5Tl 2D8LN0WD5wcvo7Dr6/WP4lFPgcMl9gptQQRpY17Uf88XA2bYg+nftrOp7DxdfT7d HhvO+u8W3ZJOqctUdRAGMC6sm7fIkYZ2EhheiFmXwBZODQN9yXLDDXxwFYcvoZGb E9tBQQxO304VrfjyS0Ek5nbpGYT1KhXZgv67g2jCeyZyeCBegiS+8ZRB+ejLCTfg pWecFig1BjVYsiJvUEGohX9VunsWEo+lDW6E8ipzKoadPFNW+L6krK60RwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFJn/nFb2yrio9BQo69HdGvsq0+PbMB8GA1UdIwQY MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt Y2MxYzliNWY2NjQwLzEvbWYtY1Z2Ykt1S2owRkNqcjBkMGEteXJUNDlzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcDKg9XB/+g AwcAKg9XB//yMA0GCSqGSIb3DQEBCwUAA4IBAQAzyCp3ba9FkV5/QpjlOvwBCjYm EgbbsVsXhM1ZS9SnjSvbgHIVUGR6Qg/dtfnd3dsOXGjqF/U1bgz9LE4jslS3GN6g cyPaod0PbxkKjQQogLgea5oU5QI95TvSEnx1BNykLMYj2PyklUtFf4AquPpZCozG dZRMdCsd9siY9rOHridAZ++lpJVYSbJ+nLYY8MbObPSXjuFxAQZjTnKgj8Z04oSS bCwDMfdincuOnFVr0ctB3kXLHX+sXha3ZU57VrW0CYnpqSD9GsMye31QexMODrnB wDEQsV5HdyZzAMLmdfwSjkfrmRl69+hNY5h8kGbe9nHKNfPpAkZq2/rap26N -----END CERTIFICATE-----Generated at Mon Jan 26 12:31:44 2026 by rpki-client