This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-gzuDRDwGtSYaSrmrMDc4LSqC2k.roa File: 1-gzuDRDwGtSYaSrmrMDc4LSqC2k.roa (raw, json) Hash identifier: JJ4kKJY9Nhkb6MwAYNXBWrGMge96BOzLdCtC/fcMDnc= Subject key identifier: FA:0C:EE:0D:10:F0:1A:D4:98:69:2A:E6:AC:C0:DC:E0:B4:AA:0B:69 Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Certificate serial: 019B7F858C0E42D3F61643CC2683B5DB81A8 Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-gzuDRDwGtSYaSrmrMDc4LSqC2k.roa Signing time: Fri 02 Jan 2026 16:23:37 +0000 ROA not before: Fri 02 Jan 2026 16:23:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 40776 IP address blocks: 2a0f:b240:400::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 02:24:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:8c:0e:42:d3:f6:16:43:cc:26:83:b5:db:81:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Validity Not Before: Jan 2 16:23:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fa0cee0d10f01ad498692ae6acc0dce0b4aa0b69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:70:3b:12:1f:f1:9d:a4:15:80:99:be:86:24: c7:e3:f0:fe:d4:7b:28:a7:1a:c3:c5:1f:ec:e9:49: 96:76:cb:b4:09:df:8e:e8:64:ff:d9:87:0f:00:41: ae:97:6a:22:dc:f5:aa:47:b9:1a:0b:75:f8:c9:6f: f5:5a:cc:5e:39:8f:6a:22:01:d1:46:ee:41:8b:21: 8a:6d:a5:d5:0d:c2:a5:6e:73:ea:58:fc:a7:fc:b4: 9e:8f:3d:08:40:35:63:da:42:44:60:9d:67:af:12: 55:62:a1:34:d6:92:8a:d7:f0:d6:f7:7f:58:61:90: 54:b1:24:c9:37:70:7d:63:d3:df:7f:9e:bc:d9:a8: 0c:6d:94:5c:15:af:cf:07:98:9a:2f:5e:0f:da:bf: 27:e9:b3:0c:88:df:73:f7:61:e8:63:91:e7:05:19: 7a:25:84:c8:2b:ce:6b:2f:8f:1a:0f:9d:53:f9:40: 52:f4:c3:8e:3d:d2:c5:28:8d:27:79:aa:ab:09:f3: 6b:9b:30:2b:67:18:92:74:02:a9:9f:9c:f1:8d:25: 0c:72:a4:9e:28:aa:19:d5:f3:6f:d6:b4:e7:4b:05: ca:02:51:cc:7e:2a:b3:36:f7:7c:74:d8:23:1b:2c: 67:3b:f4:dd:6b:a1:ae:2c:e2:2d:e3:3c:89:15:d5: b1:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:0C:EE:0D:10:F0:1A:D4:98:69:2A:E6:AC:C0:DC:E0:B4:AA:0B:69 X509v3 Authority Key Identifier: keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-gzuDRDwGtSYaSrmrMDc4LSqC2k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:b240:400::/40 Signature Algorithm: sha256WithRSAEncryption 3e:d8:0c:70:0f:55:b8:cc:56:6e:82:8f:dd:48:c5:9c:3e:af: 0c:6f:8c:50:b1:d2:a4:e9:49:23:49:78:f8:9a:f1:71:1f:5c: 03:5a:bc:f7:f5:38:a9:b4:72:61:25:a9:d4:7e:5a:91:7c:71: af:68:38:42:85:cd:e3:38:65:7c:95:1a:9f:00:a2:9d:37:e5: 99:fc:77:0f:15:a2:0b:3d:55:8f:8d:fe:02:6f:67:3e:71:07: 50:ad:f3:83:08:45:7f:75:09:32:3c:01:31:40:7f:34:df:c3: 1c:73:8b:e7:61:d5:c9:7b:82:5e:0a:13:00:df:cc:5d:4b:39: 6a:57:e2:f4:64:71:3d:e5:d4:19:5c:0a:c5:10:ec:74:cb:03: 65:6b:6c:3a:6e:e8:75:13:6a:e1:72:ca:89:5a:e3:1a:a5:00: 5d:de:d0:8d:2e:2c:7d:e8:fb:49:da:24:4d:2a:55:83:68:ca: 20:eb:1a:60:6d:95:24:ea:8c:c1:82:0c:43:78:41:1f:ed:d4: e4:29:d9:83:a9:38:6e:b5:b0:b2:58:f4:7c:90:a6:6d:1e:e1: 7b:2e:8b:c7:7e:ea:1d:e7:fc:7b:66:22:97:6f:c4:3f:73:f3: 48:9c:31:6e:fb:85:87:59:ec:8b:c1:fa:0c:38:e2:f5:1e:16: 22:4c:71:9c -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/hYwOQtP2FkPMJoO124GoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk ZmUyMGYwHhcNMjYwMTAyMTYyMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYTBjZWUwZDEwZjAxYWQ0OTg2OTJhZTZhY2MwZGNlMGI0YWEwYjY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXA7Eh/xnaQVgJm+hiTH4/D+1Hso pxrDxR/s6UmWdsu0Cd+O6GT/2YcPAEGul2oi3PWqR7kaC3X4yW/1WsxeOY9qIgHR Ru5BiyGKbaXVDcKlbnPqWPyn/LSejz0IQDVj2kJEYJ1nrxJVYqE01pKK1/DW939Y YZBUsSTJN3B9Y9Pff5682agMbZRcFa/PB5iaL14P2r8n6bMMiN9z92HoY5HnBRl6 JYTIK85rL48aD51T+UBS9MOOPdLFKI0neaqrCfNrmzArZxiSdAKpn5zxjSUMcqSe KKoZ1fNv1rTnSwXKAlHMfiqzNvd8dNgjGyxnO/Tda6GuLOIt4zyJFdWxdQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFPoM7g0Q8BrUmGkq5qzA3OC0qgtpMB8GA1UdIwQY MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct YjcxNzk4MGU0YWQ2LzEvMS1nenVEUkR3R3RTWWFTcm1yTURjNExTcUMyay5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvZDMvYjg3ZWMwLWY3NWEtNGJiZS1iMDY3LWI3MTc5ODBlNGFk Ni8xL2JvY1FTazIweEdOeHBfaTJwRUg4TU96ZjRnOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoPskAE MA0GCSqGSIb3DQEBCwUAA4IBAQA+2AxwD1W4zFZugo/dSMWcPq8Mb4xQsdKk6Ukj SXj4mvFxH1wDWrz39TiptHJhJanUflqRfHGvaDhChc3jOGV8lRqfAKKdN+WZ/HcP FaILPVWPjf4Cb2c+cQdQrfODCEV/dQkyPAExQH8038Mcc4vnYdXJe4JeChMA38xd SzlqV+L0ZHE95dQZXArFEOx0ywNla2w6buh1E2rhcsqJWuMapQBd3tCNLix96PtJ 2iRNKlWDaMog6xpgbZUk6ozBggxDeEEf7dTkKdmDqThutbCyWPR8kKZtHuF7LovH fuod5/x7ZiKXb8Q/c/NInDFu+4WHWeyLwfoMOOL1HhYiTHGc -----END CERTIFICATE-----Generated at Wed Jan 21 11:57:36 2026 by rpki-client