This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/WxQxTCoUNPz6w35k1dYCjatMXO0.roa File: WxQxTCoUNPz6w35k1dYCjatMXO0.roa (raw, json) Hash identifier: TJQrmvkiz1hdNP8dksWohyQYKnN+ulN9Llh8342K15M= Subject key identifier: 5B:14:31:4C:2A:14:34:FC:FA:C3:7E:64:D5:D6:02:8D:AB:4C:5C:ED Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Certificate serial: 019B7F859FB4C815C9199EA2448325385CBC Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/WxQxTCoUNPz6w35k1dYCjatMXO0.roa Signing time: Fri 02 Jan 2026 16:23:42 +0000 ROA not before: Fri 02 Jan 2026 16:23:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212001 IP address blocks: 2a0f:b240:f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 02:24:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:9f:b4:c8:15:c9:19:9e:a2:44:83:25:38:5c:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Validity Not Before: Jan 2 16:23:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5b14314c2a1434fcfac37e64d5d6028dab4c5ced Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:d2:ac:83:c6:c1:8d:6c:e8:65:e0:43:bd:0f: 8c:a7:57:88:36:09:0d:87:24:eb:88:38:cf:47:c7: 71:10:9b:39:06:88:d0:2d:ac:48:96:7b:94:48:f3: 53:09:fb:08:d9:15:1f:31:d4:b9:03:31:36:4a:b9: ae:73:2f:c8:6b:17:a2:29:3d:d7:fb:b7:8f:b9:7c: 2a:e3:4c:36:b0:c9:15:1b:17:8a:7f:7a:ab:2b:12: 81:aa:98:40:24:d8:f8:f7:7a:90:50:33:51:ce:09: aa:a7:f7:c7:a2:00:85:bd:e7:d4:b5:e6:bd:00:3a: dc:fe:ed:2c:02:b0:01:36:8f:84:51:99:1e:85:31: e1:71:3c:44:f8:c0:0c:fc:80:29:98:5b:b4:dc:dc: 2f:cb:d6:77:03:cb:88:62:44:3a:e6:be:99:8e:3a: 1f:bf:55:03:43:7d:a6:02:47:15:54:94:63:e7:9e: 31:41:1a:27:78:7d:d5:77:13:1e:83:40:03:38:a5: a5:d7:b9:3a:60:3f:97:8b:22:7d:2e:bd:40:50:33: ed:da:3d:26:69:b4:d2:95:bc:d6:9e:83:77:ea:1a: 90:0e:7f:23:fc:c6:2e:9c:b8:20:b1:b7:4c:71:b9: c5:b5:97:50:d3:6b:9f:cd:17:57:eb:39:fa:ba:d4: 3e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:14:31:4C:2A:14:34:FC:FA:C3:7E:64:D5:D6:02:8D:AB:4C:5C:ED X509v3 Authority Key Identifier: keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/WxQxTCoUNPz6w35k1dYCjatMXO0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:b240:f::/48 Signature Algorithm: sha256WithRSAEncryption 75:cd:e5:2c:0e:21:0c:9d:2f:f0:bd:41:c0:a3:73:2c:37:32: bc:76:c9:61:6c:61:ad:09:48:15:4b:50:64:a3:26:8a:3b:5c: 5f:b3:6f:65:6f:1f:d1:99:88:37:c9:68:a2:e2:07:01:63:0e: 84:a2:e8:bd:69:7b:a7:72:f6:75:7a:89:41:a5:3a:ce:52:44: 60:cd:e8:f7:d1:21:24:c8:b5:3a:a5:8c:28:42:bf:b0:b9:c7: 69:a7:d4:76:1e:0f:c5:45:83:62:65:55:ef:e4:48:c2:51:37: e1:85:b2:64:bc:fb:1e:d8:45:ae:5b:55:d8:9c:f3:af:e5:b2: 86:33:54:4c:6c:fb:0d:a5:6f:d2:11:4c:77:3f:26:c6:09:23: ce:ce:e3:d3:e2:d2:57:e4:a9:36:39:88:71:c3:b6:55:24:7d: 13:20:d1:d1:2b:97:2a:e8:2f:13:c7:af:6f:2c:43:50:48:a9: d2:72:dc:73:31:93:01:a0:48:cb:f9:a4:00:9d:08:6e:a1:94: 56:c6:dc:ce:20:82:eb:35:8b:8d:bb:a7:ad:91:c6:a8:6f:3f: 30:6b:e4:e9:71:8f:da:02:b9:1d:27:7a:98:73:00:02:c3:cf: 14:0f:c9:22:6f:2d:96:50:64:eb:dc:1d:28:30:a5:72:20:e9: 8a:56:7f:9e -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/hZ+0yBXJGZ6iRIMlOFy8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk ZmUyMGYwHhcNMjYwMTAyMTYyMzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YjE0MzE0YzJhMTQzNGZjZmFjMzdlNjRkNWQ2MDI4ZGFiNGM1Y2VkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNKsg8bBjWzoZeBDvQ+Mp1eINgkN hyTriDjPR8dxEJs5BojQLaxIlnuUSPNTCfsI2RUfMdS5AzE2Srmucy/IaxeiKT3X +7ePuXwq40w2sMkVGxeKf3qrKxKBqphAJNj493qQUDNRzgmqp/fHogCFvefUtea9 ADrc/u0sArABNo+EUZkehTHhcTxE+MAM/IApmFu03Nwvy9Z3A8uIYkQ65r6Zjjof v1UDQ32mAkcVVJRj554xQRoneH3VdxMeg0ADOKWl17k6YD+XiyJ9Lr1AUDPt2j0m abTSlbzWnoN36hqQDn8j/MYunLggsbdMcbnFtZdQ02ufzRdX6zn6utQ+iwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFFsUMUwqFDT8+sN+ZNXWAo2rTFztMB8GA1UdIwQY MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct YjcxNzk4MGU0YWQ2LzEvV3hReFRDb1VOUHo2dzM1azFkWUNqYXRNWE8wLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2 LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQAAP MA0GCSqGSIb3DQEBCwUAA4IBAQB1zeUsDiEMnS/wvUHAo3MsNzK8dslhbGGtCUgV S1BkoyaKO1xfs29lbx/RmYg3yWii4gcBYw6Eoui9aXuncvZ1eolBpTrOUkRgzej3 0SEkyLU6pYwoQr+wucdpp9R2Hg/FRYNiZVXv5EjCUTfhhbJkvPse2EWuW1XYnPOv 5bKGM1RMbPsNpW/SEUx3PybGCSPOzuPT4tJX5Kk2OYhxw7ZVJH0TINHRK5cq6C8T x69vLENQSKnSctxzMZMBoEjL+aQAnQhuoZRWxtzOIILrNYuNu6etkcaobz8wa+Tp cY/aArkdJ3qYcwACw88UD8kiby2WUGTr3B0oMKVyIOmKVn+e -----END CERTIFICATE-----Generated at Wed Jan 21 11:59:26 2026 by rpki-client