This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/8qONZL-zarmB_Y1tqZfwTzYcBJo.roa File: 8qONZL-zarmB_Y1tqZfwTzYcBJo.roa (raw, json) Hash identifier: uD7uxv7CcmmCwKrR/rRY/falCkFooXd096XuRKXA53M= Subject key identifier: F2:A3:8D:64:BF:B3:6A:B9:81:FD:8D:6D:A9:97:F0:4F:36:1C:04:9A Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed Certificate serial: 019B7D5CFF1B307CC399B0A64B666C620416 Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/8qONZL-zarmB_Y1tqZfwTzYcBJo.roa Signing time: Fri 02 Jan 2026 06:20:05 +0000 ROA not before: Fri 02 Jan 2026 06:20:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50113 IP address blocks: 2a07:57c0::/32 maxlen: 32 2a07:9b83::/32 maxlen: 32 2a0a:981::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.mft rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:ff:1b:30:7c:c3:99:b0:a6:4b:66:6c:62:04:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed Validity Not Before: Jan 2 06:20:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f2a38d64bfb36ab981fd8d6da997f04f361c049a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:1b:e6:34:73:ce:aa:85:d8:af:f9:66:20:6c: 2f:de:fe:9f:9a:1a:af:2a:2c:ab:d0:d1:94:8a:e2: d0:23:e5:23:6d:61:27:28:a1:f4:55:54:9e:3f:24: 14:79:88:0d:75:e6:31:aa:a6:00:1d:fe:7f:ef:af: 1e:00:a5:a5:32:94:e1:3f:8e:87:c1:ec:a9:b8:46: 5a:6c:fe:d4:c4:35:c3:0c:bc:b2:7f:0f:f7:e0:11: 38:eb:58:7d:41:23:4a:8d:34:57:cd:f2:aa:96:f9: 98:11:50:91:07:ab:e5:b9:11:f1:bb:d8:2f:99:73: ff:3b:47:8e:f8:e3:31:0f:86:63:8a:3a:ef:96:ca: 99:02:17:75:14:b5:5d:eb:64:66:1a:15:a2:4d:09: 6d:05:3b:d0:7d:9d:21:32:e8:bb:4b:8a:ad:22:b9: ee:44:ef:9b:d9:53:c8:2d:c0:7a:39:aa:3b:2f:73: 9a:03:1d:64:fd:68:16:57:70:ad:5a:a6:3e:61:03: 96:6a:5a:b5:6c:b8:f2:a3:1e:b0:56:1f:a4:56:71: 0c:b2:d8:5d:d1:0f:71:db:87:cd:f4:f5:5c:f2:46: 3b:a4:32:10:3f:e2:6f:90:ec:58:3a:7e:45:24:44: 53:9b:72:c7:ca:79:e4:bb:ca:8c:27:ee:cf:c9:e5: d8:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:A3:8D:64:BF:B3:6A:B9:81:FD:8D:6D:A9:97:F0:4F:36:1C:04:9A X509v3 Authority Key Identifier: keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/8qONZL-zarmB_Y1tqZfwTzYcBJo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:57c0::/32 2a07:9b83::/32 2a0a:981::/32 Signature Algorithm: sha256WithRSAEncryption 04:0a:2c:f2:df:7b:88:22:d6:cf:75:5a:85:53:f7:5c:ca:43: ef:bd:51:f6:d8:6c:6b:ec:f7:c8:16:c8:70:3f:bd:10:72:b7: cf:00:03:d6:53:08:ce:8d:76:37:e3:f6:25:7d:d9:22:55:b9: 0d:df:33:69:93:d0:8f:f4:19:7f:4a:bf:bb:35:98:95:9d:48: 7f:79:89:42:67:34:04:ed:72:09:f3:a7:df:cc:14:39:1b:48: 22:c5:19:5c:53:00:29:9f:1d:8f:5f:f3:85:19:32:cc:c4:b5: 82:aa:ee:27:8c:4b:12:16:f4:9a:df:44:1b:e4:7d:99:28:2a: 4b:81:72:fd:1e:9f:fd:47:ea:39:03:34:6b:02:b8:91:48:ce: 74:8f:d4:c2:43:8f:1f:3e:3a:4f:2e:21:9e:2b:8a:a7:ab:6d: 53:51:30:d4:f3:16:b0:e4:e9:99:89:05:f0:6e:dc:8f:3e:5b: be:13:cd:f6:e4:28:ae:74:e1:1f:02:10:9b:f5:3d:14:b9:4d: 46:ca:3a:0d:8e:3a:91:e9:a7:7d:df:79:ee:d7:ee:65:5d:db: f8:91:e5:0a:04:8f:f3:30:c8:e2:b7:ba:0c:25:36:16:78:7b: ab:cb:76:69:41:1d:97:51:cd:b1:98:49:77:1c:5b:35:f9:31: 75:6d:53:00 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9XP8bMHzDmbCmS2ZsYgQWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz N2Y0ZWQwHhcNMjYwMTAyMDYyMDA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMmEzOGQ2NGJmYjM2YWI5ODFmZDhkNmRhOTk3ZjA0ZjM2MWMwNDlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hvmNHPOqoXYr/lmIGwv3v6fmhqv Kiyr0NGUiuLQI+UjbWEnKKH0VVSePyQUeYgNdeYxqqYAHf5/768eAKWlMpThP46H weypuEZabP7UxDXDDLyyfw/34BE461h9QSNKjTRXzfKqlvmYEVCRB6vluRHxu9gv mXP/O0eO+OMxD4ZjijrvlsqZAhd1FLVd62RmGhWiTQltBTvQfZ0hMui7S4qtIrnu RO+b2VPILcB6Oao7L3OaAx1k/WgWV3CtWqY+YQOWalq1bLjyox6wVh+kVnEMsthd 0Q9x24fN9PVc8kY7pDIQP+JvkOxYOn5FJERTm3LHynnku8qMJ+7PyeXYLQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFPKjjWS/s2q5gf2NbamX8E82HASaMB8GA1UdIwQY MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt NTc2MGVmYmNjNjU0LzEvOHFPTlpMLXphcm1CX1kxdHFaZndUelljQkpvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0 LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgdXwAMF ACoHm4MDBQAqCgmBMA0GCSqGSIb3DQEBCwUAA4IBAQAECizy33uIItbPdVqFU/dc ykPvvVH22Gxr7PfIFshwP70QcrfPAAPWUwjOjXY34/YlfdkiVbkN3zNpk9CP9Bl/ Sr+7NZiVnUh/eYlCZzQE7XIJ86ffzBQ5G0gixRlcUwApnx2PX/OFGTLMxLWCqu4n jEsSFvSa30Qb5H2ZKCpLgXL9Hp/9R+o5AzRrAriRSM50j9TCQ48fPjpPLiGeK4qn q21TUTDU8xaw5OmZiQXwbtyPPlu+E8325CiudOEfAhCb9T0UuU1GyjoNjjqR6ad9 33nu1+5lXdv4keUKBI/zMMjit7oMJTYWeHury3ZpQR2XUc2xmEl3HFs1+TF1bVMA -----END CERTIFICATE-----Generated at Tue Jan 20 06:03:48 2026 by rpki-client