This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/2fe094-373c-44f6-93e0-d0aecd5d7042/1/X-IMHZO2Sd5gZEJtndneD0fWreY.roa File: X-IMHZO2Sd5gZEJtndneD0fWreY.roa (raw, json) Hash identifier: bfcFN5Xio94TqA5R1A/qDWjqIpl0U94c2LxTtPv9KNE= Subject key identifier: 5F:E2:0C:1D:93:B6:49:DE:60:64:42:6D:9D:D9:DE:0F:47:D6:AD:E6 Certificate issuer: /CN=2e3487da65e85e87bdac4f5f6758dc6c20ef9763 Certificate serial: 019B7BA4B85F61B35735BE0EFD443EF6064B Authority key identifier: 2E:34:87:DA:65:E8:5E:87:BD:AC:4F:5F:67:58:DC:6C:20:EF:97:63 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjSH2mXoXoe9rE9fZ1jcbCDvl2M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/2fe094-373c-44f6-93e0-d0aecd5d7042/1/X-IMHZO2Sd5gZEJtndneD0fWreY.roa Signing time: Thu 01 Jan 2026 22:19:11 +0000 ROA not before: Thu 01 Jan 2026 22:19:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 2a01:f2c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/2fe094-373c-44f6-93e0-d0aecd5d7042/1/LjSH2mXoXoe9rE9fZ1jcbCDvl2M.crl rsync://rpki.ripe.net/repository/DEFAULT/ad/2fe094-373c-44f6-93e0-d0aecd5d7042/1/LjSH2mXoXoe9rE9fZ1jcbCDvl2M.mft rsync://rpki.ripe.net/repository/DEFAULT/LjSH2mXoXoe9rE9fZ1jcbCDvl2M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 16:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:b8:5f:61:b3:57:35:be:0e:fd:44:3e:f6:06:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e3487da65e85e87bdac4f5f6758dc6c20ef9763 Validity Not Before: Jan 1 22:19:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5fe20c1d93b649de6064426d9dd9de0f47d6ade6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:77:6a:15:91:14:66:51:b3:7d:a1:76:f7:eb: e5:27:88:c6:28:6e:3e:f4:2e:17:ab:01:1c:40:ea: 62:41:4a:b1:90:1f:30:96:3d:8e:bb:42:87:bb:be: d5:3c:64:78:18:13:33:22:2b:9b:94:bf:00:2b:a5: 9b:fa:af:4e:d8:8c:88:ce:ec:f9:0f:26:8d:e6:06: b0:b9:fe:11:1d:84:f0:c1:00:c9:6d:d9:48:9a:5f: 7a:01:a1:45:fd:2a:07:d9:8b:99:31:b1:97:83:af: d7:a3:d0:34:08:06:bb:2b:cb:00:99:7c:eb:c4:5e: 10:3c:36:47:e2:f1:9e:a8:19:cd:41:f1:dd:ee:49: ad:99:e5:62:d3:ae:40:d1:c7:b3:87:b1:11:c2:26: dc:0d:67:8a:d1:7a:14:aa:e6:bb:07:02:53:22:b3: 3b:cd:4f:f7:30:a9:82:17:74:6d:1a:33:58:78:be: a7:bd:d2:9c:07:94:42:88:6f:82:ab:e2:b9:e8:97: 74:07:82:84:4f:81:a9:78:71:0a:85:6e:a4:59:46: c7:9b:ea:9f:9d:b2:52:ce:20:ab:91:8b:25:34:4c: b1:76:0a:10:19:6a:8f:ab:f9:79:6b:78:b8:71:cb: 01:35:1b:19:a5:67:e7:5c:46:cf:01:e7:41:64:d8: 4f:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:E2:0C:1D:93:B6:49:DE:60:64:42:6D:9D:D9:DE:0F:47:D6:AD:E6 X509v3 Authority Key Identifier: keyid:2E:34:87:DA:65:E8:5E:87:BD:AC:4F:5F:67:58:DC:6C:20:EF:97:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjSH2mXoXoe9rE9fZ1jcbCDvl2M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/2fe094-373c-44f6-93e0-d0aecd5d7042/1/X-IMHZO2Sd5gZEJtndneD0fWreY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/2fe094-373c-44f6-93e0-d0aecd5d7042/1/LjSH2mXoXoe9rE9fZ1jcbCDvl2M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:f2c0::/29 Signature Algorithm: sha256WithRSAEncryption 0b:1c:df:02:83:c8:5e:0e:22:02:68:b1:80:c3:68:94:b6:30: 6e:88:19:b4:4c:4d:a3:0b:e3:00:d7:33:bb:51:34:96:e0:df: 28:e9:50:39:7a:4c:46:c6:f1:9f:d0:33:e0:45:bf:5d:d9:a5: 99:ab:47:01:62:b2:3d:7f:38:c3:18:34:1f:7e:6a:09:f1:9b: 90:32:3f:32:ae:0e:d1:30:98:2d:9a:3a:3b:48:bf:9d:4a:8c: 72:b9:61:4a:2e:10:57:54:03:2a:86:49:d8:84:38:41:8a:c8: 06:9c:dc:04:f2:b1:68:bc:e4:68:92:12:59:d3:40:67:f7:dc: fa:46:dc:34:6a:56:d7:ef:25:bc:c3:37:3c:ef:c4:8a:91:d3: 64:2e:6a:f1:30:f1:82:c3:21:31:3b:4f:13:3b:0e:51:20:be: c5:18:e4:c1:72:29:ad:c1:10:eb:5f:2a:41:3f:b6:bb:1a:46: 39:43:30:42:8c:00:c7:4a:12:05:77:c9:f1:e7:c7:83:6f:0b: 20:e9:8b:57:b2:de:73:23:7e:ee:ea:93:ea:c2:88:a4:84:1c: 5b:03:d2:3f:17:bf:fb:cf:73:08:26:85:c1:3e:50:71:00:e2: da:41:cc:bd:30:ce:d9:e7:c3:cb:27:97:3e:08:50:04:5c:a3: 5e:2b:5f:54 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt7pLhfYbNXNb4O/UQ+9gZLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlMzQ4N2RhNjVlODVlODdiZGFjNGY1ZjY3NThkYzZjMjBl Zjk3NjMwHhcNMjYwMTAxMjIxOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZmUyMGMxZDkzYjY0OWRlNjA2NDQyNmQ5ZGQ5ZGUwZjQ3ZDZhZGU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHdqFZEUZlGzfaF29+vlJ4jGKG4+ 9C4XqwEcQOpiQUqxkB8wlj2Ou0KHu77VPGR4GBMzIiublL8AK6Wb+q9O2IyIzuz5 DyaN5gawuf4RHYTwwQDJbdlIml96AaFF/SoH2YuZMbGXg6/Xo9A0CAa7K8sAmXzr xF4QPDZH4vGeqBnNQfHd7kmtmeVi065A0cezh7ERwibcDWeK0XoUqua7BwJTIrM7 zU/3MKmCF3RtGjNYeL6nvdKcB5RCiG+Cq+K56Jd0B4KET4GpeHEKhW6kWUbHm+qf nbJSziCrkYslNEyxdgoQGWqPq/l5a3i4ccsBNRsZpWfnXEbPAedBZNhPVwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFF/iDB2TtkneYGRCbZ3Z3g9H1q3mMB8GA1UdIwQY MBaAFC40h9pl6F6HvaxPX2dY3Gwg75djMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGpTSDJtWG9Yb2U5ckU5ZloxamNiQ0R2bDJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8yZmUwOTQtMzczYy00NGY2LTkzZTAt ZDBhZWNkNWQ3MDQyLzEvWC1JTUhaTzJTZDVnWkVKdG5kbmVEMGZXcmVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZC8yZmUwOTQtMzczYy00NGY2LTkzZTAtZDBhZWNkNWQ3MDQy LzEvTGpTSDJtWG9Yb2U5ckU5ZloxamNiQ0R2bDJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHywDAN BgkqhkiG9w0BAQsFAAOCAQEACxzfAoPIXg4iAmixgMNolLYwbogZtExNowvjANcz u1E0luDfKOlQOXpMRsbxn9Az4EW/XdmlmatHAWKyPX84wxg0H35qCfGbkDI/Mq4O 0TCYLZo6O0i/nUqMcrlhSi4QV1QDKoZJ2IQ4QYrIBpzcBPKxaLzkaJISWdNAZ/fc +kbcNGpW1+8lvMM3PO/EipHTZC5q8TDxgsMhMTtPEzsOUSC+xRjkwXIprcEQ618q QT+2uxpGOUMwQowAx0oSBXfJ8efHg28LIOmLV7LecyN+7uqT6sKIpIQcWwPSPxe/ +89zCCaFwT5QcQDi2kHMvTDO2efDyyeXPghQBFyjXitfVA== -----END CERTIFICATE-----Generated at Fri Jan 9 00:58:32 2026 by rpki-client