This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/DB2WtvMT6TxXIgEHXGIAtXj5H0k.roa File: DB2WtvMT6TxXIgEHXGIAtXj5H0k.roa (raw, json) Hash identifier: Dnxb8mZ2R2y2UMXQPUm34dqJpzSVn8nnfGQsSFiCrQc= Subject key identifier: 0C:1D:96:B6:F3:13:E9:3C:57:22:01:07:5C:62:00:B5:78:F9:1F:49 Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045 Certificate serial: 019B76EB80AD5D0CF9F1089CA6A8D91F24C2 Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/DB2WtvMT6TxXIgEHXGIAtXj5H0k.roa Signing time: Thu 01 Jan 2026 00:18:23 +0000 ROA not before: Thu 01 Jan 2026 00:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 11831 IP address blocks: 2a11:840:31::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.mft rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:80:ad:5d:0c:f9:f1:08:9c:a6:a8:d9:1f:24:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045 Validity Not Before: Jan 1 00:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0c1d96b6f313e93c572201075c6200b578f91f49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:90:8a:f4:9d:a1:77:7d:98:a6:f7:05:81:d1: 05:d7:f5:04:02:3a:f6:c5:b1:e7:71:89:47:b4:61: 4c:77:a1:dc:ba:0b:d0:24:03:12:ab:f5:a3:85:73: 40:51:2e:37:c7:27:dc:72:6e:60:34:6c:e0:db:ba: 24:80:4d:ef:26:83:ab:2b:d7:56:de:41:ba:fe:52: ff:72:99:9f:c2:2a:0c:0a:b1:27:38:74:0b:c7:dd: 7a:03:5a:d4:01:0c:91:01:5d:fd:25:19:15:c3:3f: ba:4e:71:cf:58:1f:5b:75:f4:21:28:90:46:8e:2b: 85:4f:48:9c:3f:46:7c:5c:fc:92:24:66:9b:c1:80: 1c:06:23:d0:1f:b7:01:e2:c1:26:38:21:19:43:6d: bf:ea:8b:f6:c6:43:fb:75:95:0d:ec:01:55:97:4e: 17:96:2b:10:2a:5a:95:b2:eb:9a:6e:b3:a1:e2:43: 85:70:c5:ce:d8:99:10:e1:cc:82:e1:8d:33:a0:90: b7:1f:36:d8:e4:78:84:97:01:05:2e:d7:60:87:15: 9c:b2:50:e6:5c:cb:92:44:c8:38:3f:d5:ef:4f:24: 7d:3b:77:60:70:18:8e:e4:cc:73:4b:0e:47:f9:db: 18:19:68:8c:97:a2:f6:8a:41:a4:57:0d:bb:29:ad: 76:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:1D:96:B6:F3:13:E9:3C:57:22:01:07:5C:62:00:B5:78:F9:1F:49 X509v3 Authority Key Identifier: keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/DB2WtvMT6TxXIgEHXGIAtXj5H0k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:840:31::/48 Signature Algorithm: sha256WithRSAEncryption 76:24:89:0d:db:84:ef:bd:76:43:b4:9a:c5:06:ec:74:90:f8: 3f:8d:b7:d5:32:f6:a4:42:a5:54:f8:a0:b4:b3:39:ba:df:d1: 42:f2:f2:98:b7:43:30:35:f4:d0:f5:86:24:73:67:76:55:45: 96:c4:2f:3c:a9:ef:86:7a:b1:0d:ff:26:02:8a:aa:f5:91:ea: e7:68:31:68:1a:b3:81:f6:86:cf:4e:cc:97:db:ad:b8:07:35: c9:63:db:61:03:d1:dc:e3:7f:c7:74:6a:4a:00:78:e7:62:2c: 02:0d:6c:a9:d5:c5:c8:bc:3b:43:d4:24:d4:1f:fc:5f:38:d0: bf:2d:8b:e6:90:b8:45:49:a9:91:17:40:19:81:28:ae:b5:5e: f2:ef:58:3e:54:b9:f7:51:84:17:6e:23:c3:a5:6d:98:47:ca: ec:58:27:f4:ea:6c:1c:22:95:a7:e2:d5:9d:af:66:1f:d6:67: ed:d6:c8:54:f7:dd:28:29:27:a8:7f:87:90:90:60:78:c4:82: b1:bf:53:28:17:54:22:22:ab:3e:0a:af:fd:eb:be:6b:cf:a1: c5:cd:40:4a:e6:0a:5e:ee:50:53:e0:97:90:05:25:96:64:4c: 9d:88:e2:59:40:db:a2:f0:29:92:e3:8f:01:18:58:ae:03:70: fd:67:9c:3d -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt264CtXQz58QicpqjZHyTCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx NjAwNDUwHhcNMjYwMTAxMDAxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYzFkOTZiNmYzMTNlOTNjNTcyMjAxMDc1YzYyMDBiNTc4ZjkxZjQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZCK9J2hd32YpvcFgdEF1/UEAjr2 xbHncYlHtGFMd6HcugvQJAMSq/WjhXNAUS43xyfccm5gNGzg27okgE3vJoOrK9dW 3kG6/lL/cpmfwioMCrEnOHQLx916A1rUAQyRAV39JRkVwz+6TnHPWB9bdfQhKJBG jiuFT0icP0Z8XPySJGabwYAcBiPQH7cB4sEmOCEZQ22/6ov2xkP7dZUN7AFVl04X lisQKlqVsuuabrOh4kOFcMXO2JkQ4cyC4Y0zoJC3HzbY5HiElwEFLtdghxWcslDm XMuSRMg4P9XvTyR9O3dgcBiO5MxzSw5H+dsYGWiMl6L2ikGkVw27Ka12KQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAwdlrbzE+k8VyIBB1xiALV4+R9JMB8GA1UdIwQY MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt NTE5MjAzNzMzNTNjLzEvREIyV3R2TVQ2VHhYSWdFSFhHSUF0WGo1SDBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEIQAAx MA0GCSqGSIb3DQEBCwUAA4IBAQB2JIkN24TvvXZDtJrFBux0kPg/jbfVMvakQqVU +KC0szm639FC8vKYt0MwNfTQ9YYkc2d2VUWWxC88qe+GerEN/yYCiqr1kernaDFo GrOB9obPTsyX2624BzXJY9thA9Hc43/HdGpKAHjnYiwCDWyp1cXIvDtD1CTUH/xf ONC/LYvmkLhFSamRF0AZgSiutV7y71g+VLn3UYQXbiPDpW2YR8rsWCf06mwcIpWn 4tWdr2Yf1mft1shU990oKSeof4eQkGB4xIKxv1MoF1QiIqs+Cq/9675rz6HFzUBK 5gpe7lBT4JeQBSWWZEydiOJZQNui8CmS448BGFiuA3D9Z5w9 -----END CERTIFICATE-----Generated at Sun Jan 11 23:54:07 2026 by rpki-client