This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/868VkIZTeEk8g8K-nc-GYk4GNqA.roa File: 868VkIZTeEk8g8K-nc-GYk4GNqA.roa (raw, json) Hash identifier: mAkolD9i09Q2h4MCniDyPs0rmf1iQU6A0FPOG2LgFwE= Subject key identifier: F3:AF:15:90:86:53:78:49:3C:83:C2:BE:9D:CF:86:62:4E:06:36:A0 Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120 Certificate serial: 019B7DCACEA609F9FBCA4341F3611FC8F642 Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/868VkIZTeEk8g8K-nc-GYk4GNqA.roa Signing time: Fri 02 Jan 2026 08:20:01 +0000 ROA not before: Fri 02 Jan 2026 08:20:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199553 IP address blocks: 2a09:2940::/29 maxlen: 48 2a0a:e5c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.mft rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:ce:a6:09:f9:fb:ca:43:41:f3:61:1f:c8:f6:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120 Validity Not Before: Jan 2 08:20:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f3af1590865378493c83c2be9dcf86624e0636a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:3d:98:ee:2a:fe:c1:7a:66:a4:e0:64:f3:83: 18:bc:c9:66:75:96:d9:85:cc:5a:4c:55:c8:76:dd: 73:0a:fc:98:90:b7:8e:30:a4:ab:47:e2:73:bd:fb: b8:47:a0:8a:81:33:d6:31:99:c6:29:ae:b4:46:5d: ff:81:43:ad:39:b8:56:88:f0:fe:59:b5:33:f1:c2: be:e1:e1:8c:d9:e6:e8:82:f4:ea:bc:4c:f5:9b:1f: 7c:8b:b7:1c:63:38:a7:15:dd:58:7b:dd:f9:85:bc: a0:38:17:4b:fc:06:60:15:7e:e4:f8:8d:d9:dc:c0: 18:a9:c8:44:8b:16:ae:77:b3:c0:bf:ba:76:b7:ea: 84:ac:fc:82:ec:eb:ae:ff:91:29:9b:50:5c:47:15: 36:05:4b:ce:53:7c:b4:ff:c7:d8:d4:5b:c5:77:58: 8c:4d:ce:b0:d6:5f:84:88:31:c2:11:92:19:59:a6: b9:19:3a:4a:7a:b4:96:6f:b4:a9:22:ac:fb:53:23: d7:a8:dc:4c:a3:46:aa:1d:f1:e9:af:b6:b5:fc:e0: 5e:d6:e0:4a:6f:75:d5:91:da:0b:03:e4:86:8f:86: 73:c7:de:14:dd:5f:26:18:92:9d:0b:e2:73:b6:54: 9f:83:32:04:ed:4d:47:de:11:a5:0a:f6:4e:08:fa: 92:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:AF:15:90:86:53:78:49:3C:83:C2:BE:9D:CF:86:62:4E:06:36:A0 X509v3 Authority Key Identifier: keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/868VkIZTeEk8g8K-nc-GYk4GNqA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:2940::/29 2a0a:e5c0::/29 Signature Algorithm: sha256WithRSAEncryption 58:ac:76:6a:45:6f:a0:8d:48:c2:35:26:a4:6b:2c:99:ca:4e: f1:a4:0a:8b:ae:66:47:a9:cc:b4:a6:be:d6:c6:2f:e3:97:07: 74:9c:dc:8a:a8:0f:22:97:61:54:cf:d9:f2:3d:67:1b:c6:c0: ff:da:7b:7e:64:63:28:69:02:82:b7:01:3e:0d:44:87:e0:f3: c7:b9:97:bd:45:93:bb:04:2b:2c:b4:d0:6e:b4:ac:46:ab:f7: c7:33:cc:2f:16:09:15:7d:f4:87:03:60:8b:28:c0:f6:b0:8e: 95:0c:91:9e:28:4e:40:a0:79:7a:41:76:77:e0:d7:f7:0d:1b: 1e:6b:88:df:6e:0c:ba:24:84:e0:10:fb:2e:4f:6b:29:b6:e5: a6:2d:bb:d1:54:76:03:d3:95:a1:3e:c7:5b:8f:ae:7f:11:b0: b2:8e:1d:42:4a:2b:a9:ad:9e:7f:25:ec:42:41:70:14:a0:d5: 34:87:9a:4a:1e:88:8d:ef:03:3b:99:45:9f:ae:07:57:f2:d4: 1f:aa:2b:b6:b4:8c:18:d1:69:4d:56:50:c0:78:f2:ac:88:ec: fa:7d:c9:f9:8f:b0:63:8b:84:d9:03:9f:15:45:76:eb:76:6f: ba:49:8a:92:21:78:d1:63:d9:7e:45:ed:ff:13:c1:db:c0:8d: 21:b6:1d:d0 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt9ys6mCfn7ykNB82EfyPZCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy MzQxMjAwHhcNMjYwMTAyMDgyMDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmM2FmMTU5MDg2NTM3ODQ5M2M4M2MyYmU5ZGNmODY2MjRlMDYzNmEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT2Y7ir+wXpmpOBk84MYvMlmdZbZ hcxaTFXIdt1zCvyYkLeOMKSrR+Jzvfu4R6CKgTPWMZnGKa60Rl3/gUOtObhWiPD+ WbUz8cK+4eGM2ebogvTqvEz1mx98i7ccYzinFd1Ye935hbygOBdL/AZgFX7k+I3Z 3MAYqchEixaud7PAv7p2t+qErPyC7Ouu/5Epm1BcRxU2BUvOU3y0/8fY1FvFd1iM Tc6w1l+EiDHCEZIZWaa5GTpKerSWb7SpIqz7UyPXqNxMo0aqHfHpr7a1/OBe1uBK b3XVkdoLA+SGj4Zzx94U3V8mGJKdC+JztlSfgzIE7U1H3hGlCvZOCPqSNwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFPOvFZCGU3hJPIPCvp3PhmJOBjagMB8GA1UdIwQY MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt YmZmYjc1N2MzMTM0LzEvODY4VmtJWlRlRWs4ZzhLLW5jLUdZazRHTnFBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0 LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgkpQAMF AyoK5cAwDQYJKoZIhvcNAQELBQADggEBAFisdmpFb6CNSMI1JqRrLJnKTvGkCouu ZkepzLSmvtbGL+OXB3Sc3IqoDyKXYVTP2fI9ZxvGwP/ae35kYyhpAoK3AT4NRIfg 88e5l71Fk7sEKyy00G60rEar98czzC8WCRV99IcDYIsowPawjpUMkZ4oTkCgeXpB dnfg1/cNGx5riN9uDLokhOAQ+y5Paym25aYtu9FUdgPTlaE+x1uPrn8RsLKOHUJK K6mtnn8l7EJBcBSg1TSHmkoeiI3vAzuZRZ+uB1fy1B+qK7a0jBjRaU1WUMB48qyI 7Pp9yfmPsGOLhNkDnxVFdut2b7pJipIheNFj2X5F7f8TwdvAjSG2HdA= -----END CERTIFICATE-----Generated at Tue Feb 10 00:14:59 2026 by rpki-client