This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/rYFpWuZruIrOhwpWXMP_IZ4tVUw.roa File: rYFpWuZruIrOhwpWXMP_IZ4tVUw.roa (raw, json) Hash identifier: /VBan9NMmf+zcxvPCNJlk8CtUTHsxz+gzK37fTWPJe4= Subject key identifier: AD:81:69:5A:E6:6B:B8:8A:CE:87:0A:56:5C:C3:FF:21:9E:2D:55:4C Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6 Certificate serial: 019B79ED42E56955F34A80ABFBC546E5302C Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/rYFpWuZruIrOhwpWXMP_IZ4tVUw.roa Signing time: Thu 01 Jan 2026 14:19:10 +0000 ROA not before: Thu 01 Jan 2026 14:19:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 2a0f:607:1070::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.mft rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 11:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:42:e5:69:55:f3:4a:80:ab:fb:c5:46:e5:30:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6 Validity Not Before: Jan 1 14:19:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ad81695ae66bb88ace870a565cc3ff219e2d554c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:91:49:de:51:b4:75:b2:a5:f6:26:73:7c:fb: 04:2a:f7:61:34:db:8a:ed:58:6f:e7:19:21:ce:7d: 50:b5:e2:80:7d:2a:79:26:ef:e2:70:59:98:7b:1c: 1b:b3:c1:22:ae:ef:10:85:91:3d:bc:43:a1:60:db: 03:0e:81:41:ce:07:e3:23:f2:00:59:bb:dc:99:ba: 4b:b5:a4:1a:59:b6:42:5f:67:9c:d6:1e:a9:7c:b6: 9f:36:21:ba:fa:52:e2:34:f3:8e:7c:5d:b4:5e:60: 58:72:07:93:a7:9e:02:9f:c9:9b:66:d3:ea:78:db: bf:4a:f7:50:96:0d:05:30:a7:b1:6a:b1:e4:7f:fc: cc:24:cc:5c:9c:6b:e8:30:dd:98:9b:4d:b3:ea:0b: 84:56:ba:f2:ab:9f:56:64:93:c9:b8:72:0e:ff:4c: b3:fa:29:f2:0f:e3:d5:cc:fe:bd:15:ee:aa:f5:a0: 20:4f:24:90:e7:e9:49:0e:9d:dd:30:8e:20:4c:09: 2c:3f:24:31:f9:c5:2f:67:6e:4d:4f:8e:d1:fd:40: ce:98:73:87:37:2e:a5:cb:7b:a2:ed:7b:2c:3e:90: 17:9e:7f:5b:aa:24:9c:b5:d3:ef:0c:cb:5b:50:f1: 13:fe:c9:a7:33:23:00:0f:8f:6a:14:89:ca:ba:d7: 20:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:81:69:5A:E6:6B:B8:8A:CE:87:0A:56:5C:C3:FF:21:9E:2D:55:4C X509v3 Authority Key Identifier: keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/rYFpWuZruIrOhwpWXMP_IZ4tVUw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:607:1070::/48 Signature Algorithm: sha256WithRSAEncryption a9:c0:d9:1b:1c:e9:a6:ea:5b:a7:0b:db:32:e5:71:77:2d:5d: af:71:f2:c1:7e:e1:8f:9e:2a:dc:b7:3a:b7:7a:5b:48:b9:7d: 3c:af:f1:c5:76:fc:7e:44:10:22:14:ee:90:98:99:0d:35:be: f7:fb:ed:e1:0a:6b:aa:21:c2:8b:78:b9:4e:4d:50:65:c9:c5: a1:94:f5:24:ca:f0:6d:28:1a:d0:76:19:51:af:56:b7:40:f5: 5b:0c:b0:d4:1e:a1:10:ac:12:7d:ad:ce:f6:52:13:5e:0b:79: e7:a5:55:06:cb:c3:06:11:3c:2f:d9:a3:6d:f1:cf:6c:39:f0: 58:75:33:a8:a7:e5:8b:14:d8:55:cb:44:48:13:9c:7a:49:b6: 78:1d:66:f7:6b:73:6f:f0:72:ca:e2:0b:79:e8:4e:fa:28:9b: dd:22:3b:e3:16:90:7e:4c:e5:c7:23:27:5d:d0:61:e6:6a:41: 2c:b6:a7:64:16:5d:d2:1a:b0:98:e9:80:7a:49:02:e8:98:2d: 00:78:0d:0a:4c:f4:a8:b5:e4:19:ba:58:00:41:6a:fb:da:6d: 66:8e:8f:8f:bf:e3:0d:9f:c0:4c:30:d1:89:d1:2b:3b:81:a1: 77:62:e9:ce:ae:0b:14:7e:cf:b7:98:9d:c0:fb:a9:72:e2:5c: 33:c8:35:fb -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt57ULlaVXzSoCr+8VG5TAsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5 NWRmYzYwHhcNMjYwMTAxMTQxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZDgxNjk1YWU2NmJiODhhY2U4NzBhNTY1Y2MzZmYyMTllMmQ1NTRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJFJ3lG0dbKl9iZzfPsEKvdhNNuK 7Vhv5xkhzn1QteKAfSp5Ju/icFmYexwbs8Eiru8QhZE9vEOhYNsDDoFBzgfjI/IA WbvcmbpLtaQaWbZCX2ec1h6pfLafNiG6+lLiNPOOfF20XmBYcgeTp54Cn8mbZtPq eNu/SvdQlg0FMKexarHkf/zMJMxcnGvoMN2Ym02z6guEVrryq59WZJPJuHIO/0yz +inyD+PVzP69Fe6q9aAgTySQ5+lJDp3dMI4gTAksPyQx+cUvZ25NT47R/UDOmHOH Ny6ly3ui7XssPpAXnn9bqiSctdPvDMtbUPET/smnMyMAD49qFInKutcgVwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFK2BaVrma7iKzocKVlzD/yGeLVVMMB8GA1UdIwQY MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut YTM0NzU2NDE1OGY4LzEvcllGcFd1WnJ1SXJPaHdwV1hNUF9JWjR0VlV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4 LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg8GBxBw MA0GCSqGSIb3DQEBCwUAA4IBAQCpwNkbHOmm6lunC9sy5XF3LV2vcfLBfuGPnirc tzq3eltIuX08r/HFdvx+RBAiFO6QmJkNNb73++3hCmuqIcKLeLlOTVBlycWhlPUk yvBtKBrQdhlRr1a3QPVbDLDUHqEQrBJ9rc72UhNeC3nnpVUGy8MGETwv2aNt8c9s OfBYdTOop+WLFNhVy0RIE5x6SbZ4HWb3a3Nv8HLK4gt56E76KJvdIjvjFpB+TOXH Iydd0GHmakEstqdkFl3SGrCY6YB6SQLomC0AeA0KTPSoteQZulgAQWr72m1mjo+P v+MNn8BMMNGJ0Ss7gaF3YunOrgsUfs+3mJ3A+6ly4lwzyDX7 -----END CERTIFICATE-----Generated at Fri Jan 9 17:05:25 2026 by rpki-client