This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/52hDP3-ByQHgxfz5k5nyAXlJACs.roa File: 52hDP3-ByQHgxfz5k5nyAXlJACs.roa (raw, json) Hash identifier: CRx9eNE+otK+xDf1eK31D30RGTui93OxIqmdpwAHeSI= Subject key identifier: E7:68:43:3F:7F:81:C9:01:E0:C5:FC:F9:93:99:F2:01:79:49:00:2B Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6 Certificate serial: 019B79ED4967F22FC44D25151272418D6808 Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/52hDP3-ByQHgxfz5k5nyAXlJACs.roa Signing time: Thu 01 Jan 2026 14:19:12 +0000 ROA not before: Thu 01 Jan 2026 14:19:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60614 IP address blocks: 2a0f:607:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.mft rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:49:67:f2:2f:c4:4d:25:15:12:72:41:8d:68:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6 Validity Not Before: Jan 1 14:19:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e768433f7f81c901e0c5fcf99399f2017949002b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:5e:05:0b:f4:8a:af:37:6f:4c:ae:19:cf:bf: 04:88:a3:d1:b2:6b:4b:64:52:29:00:a0:cc:e8:40: 3d:e8:76:0e:f9:14:6b:13:4f:77:72:5d:bd:02:da: 5f:7b:7d:6d:da:6a:5e:14:14:fe:3c:60:53:9b:52: f0:57:b7:81:af:e6:36:ae:b1:c2:6a:30:80:b4:50: 02:28:ec:eb:6d:33:da:e5:cf:1e:7d:75:d1:af:84: dd:be:b3:6c:0f:66:23:a1:03:67:80:05:13:6e:4a: a5:d9:a0:1e:fc:c0:c3:c2:3c:b8:40:cc:72:d9:5e: 54:ae:34:12:1f:6d:76:2a:eb:8c:52:e5:79:54:21: c9:e7:0b:26:23:3b:ce:47:4d:91:25:8d:65:89:11: cb:24:73:c0:48:d0:13:4c:ff:ed:fe:50:65:4f:cf: b1:ca:bd:55:d0:31:b4:2e:f6:1e:71:87:ea:7f:d0: 67:b7:16:73:6a:a5:5e:9d:f2:0c:64:d5:59:11:42: 07:c5:d0:11:a4:16:38:86:92:ac:5e:d7:e8:57:0d: a0:91:03:51:cd:dd:cf:55:f7:92:37:cc:83:e7:b7: 81:8b:db:47:a8:2e:5f:01:20:03:1b:9e:90:16:52: 39:d5:81:9d:90:16:9f:74:3f:0e:84:f7:c6:2b:e2: ba:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:68:43:3F:7F:81:C9:01:E0:C5:FC:F9:93:99:F2:01:79:49:00:2B X509v3 Authority Key Identifier: keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/52hDP3-ByQHgxfz5k5nyAXlJACs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:607:1000::/40 Signature Algorithm: sha256WithRSAEncryption 46:bb:97:08:e4:66:c1:f6:ea:f6:b8:c7:96:6c:c6:ef:0b:72: 65:a5:70:08:ca:0a:dd:9d:ed:c1:f4:a7:f1:ed:9d:55:ef:5d: 78:a7:b2:9c:a3:8f:df:43:61:04:eb:79:68:2c:4b:cd:4e:34: 5a:e0:a8:8d:62:84:bc:a1:30:56:a1:37:08:b2:e9:72:bc:4e: 46:f3:6a:b8:f5:9f:b1:95:d6:02:e9:65:d1:25:24:b4:8f:0a: 71:6f:72:91:27:7b:af:c8:e8:71:3e:26:1f:7d:8a:22:4d:76: 08:f5:17:3b:f2:8c:da:29:d9:5c:fc:1e:d3:b7:b5:80:31:fa: a8:47:1c:7b:44:b7:2c:6e:84:5a:5f:ea:97:b9:07:88:fc:3c: 9d:ce:b1:89:6b:27:52:16:3c:05:a0:f7:7b:29:9f:06:c9:8c: d1:84:cf:6b:10:7b:9f:ca:15:e9:18:6c:66:70:32:e9:30:f3: 54:42:10:6c:3a:f9:1f:85:b9:b4:ec:db:cd:5e:0a:06:24:20: 84:62:5b:19:8d:69:38:fa:8f:79:5c:48:28:ae:b9:32:bf:81: 4c:71:06:7e:86:4c:a1:fd:5e:85:55:8a:24:14:f7:32:33:a8: e6:04:e8:77:4e:b7:0c:15:cb:13:ea:f2:69:36:02:02:dd:b8: 06:7c:b0:ad -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt57Uln8i/ETSUVEnJBjWgIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5 NWRmYzYwHhcNMjYwMTAxMTQxOTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNzY4NDMzZjdmODFjOTAxZTBjNWZjZjk5Mzk5ZjIwMTc5NDkwMDJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsV4FC/SKrzdvTK4Zz78EiKPRsmtL ZFIpAKDM6EA96HYO+RRrE093cl29Atpfe31t2mpeFBT+PGBTm1LwV7eBr+Y2rrHC ajCAtFACKOzrbTPa5c8efXXRr4TdvrNsD2YjoQNngAUTbkql2aAe/MDDwjy4QMxy 2V5UrjQSH212KuuMUuV5VCHJ5wsmIzvOR02RJY1liRHLJHPASNATTP/t/lBlT8+x yr1V0DG0LvYecYfqf9BntxZzaqVenfIMZNVZEUIHxdARpBY4hpKsXtfoVw2gkQNR zd3PVfeSN8yD57eBi9tHqC5fASADG56QFlI51YGdkBafdD8OhPfGK+K63wIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFOdoQz9/gckB4MX8+ZOZ8gF5SQArMB8GA1UdIwQY MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut YTM0NzU2NDE1OGY4LzEvNTJoRFAzLUJ5UUhneGZ6NWs1bnlBWGxKQUNzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4 LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg8GBxAw DQYJKoZIhvcNAQELBQADggEBAEa7lwjkZsH26va4x5Zsxu8LcmWlcAjKCt2d7cH0 p/HtnVXvXXinspyjj99DYQTreWgsS81ONFrgqI1ihLyhMFahNwiy6XK8Tkbzarj1 n7GV1gLpZdElJLSPCnFvcpEne6/I6HE+Jh99iiJNdgj1FzvyjNop2Vz8HtO3tYAx +qhHHHtEtyxuhFpf6pe5B4j8PJ3OsYlrJ1IWPAWg93spnwbJjNGEz2sQe5/KFekY bGZwMukw81RCEGw6+R+FubTs281eCgYkIIRiWxmNaTj6j3lcSCiuuTK/gUxxBn6G TKH9XoVViiQU9zIzqOYE6HdOtwwVyxPq8mk2AgLduAZ8sK0= -----END CERTIFICATE-----Generated at Thu Jan 8 00:39:56 2026 by rpki-client