This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/Cyd9epktZUP2NzDWt7kuBmj63qY.roa File: Cyd9epktZUP2NzDWt7kuBmj63qY.roa (raw, json) Hash identifier: 4Hn7SVvllIET4/FJbhg9Vi4tqF9x0RkLIB5CUH+jolo= Subject key identifier: 0B:27:7D:7A:99:2D:65:43:F6:37:30:D6:B7:B9:2E:06:68:FA:DE:A6 Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b Certificate serial: 019B7AC8D1073BDDDE867A194F7834D50535 Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/Cyd9epktZUP2NzDWt7kuBmj63qY.roa Signing time: Thu 01 Jan 2026 18:18:59 +0000 ROA not before: Thu 01 Jan 2026 18:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20292 IP address blocks: 2a06:6fc1::/32 maxlen: 32 2a06:6fc1:400::/38 maxlen: 38 2a06:6fc2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 06:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:d1:07:3b:dd:de:86:7a:19:4f:78:34:d5:05:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b Validity Not Before: Jan 1 18:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0b277d7a992d6543f63730d6b7b92e0668fadea6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:df:b5:29:bb:df:df:2c:1f:47:eb:17:68:b5: 0a:45:01:07:91:6a:dd:02:04:1a:a9:8b:d0:aa:39: 41:02:6c:32:b6:35:2b:ab:d9:fa:71:a2:85:d7:4e: 31:8b:58:24:6b:9a:61:33:3d:91:e7:0c:ba:b3:99: fc:cf:3b:c1:e5:7f:87:70:13:ef:91:ad:69:ee:c2: 35:95:24:12:aa:98:5a:3a:d4:f7:a0:47:75:16:6b: f1:ff:09:7d:fe:8a:46:79:7e:5c:6b:23:fa:7e:4d: 81:18:ad:69:2a:56:c7:43:e3:c3:83:d0:5b:ef:4e: 59:b0:ce:22:c0:9c:77:e4:75:c0:af:4a:41:a1:80: 36:5d:1b:4a:dc:96:b8:1b:53:0e:b3:d6:df:5f:3d: bd:a6:e8:d6:e0:61:f5:07:63:b1:50:5e:1d:db:54: 60:a6:f3:31:36:08:b8:3a:74:a7:12:38:b6:76:09: b4:ba:ff:d1:14:dd:52:04:ad:85:d6:02:d5:6a:63: 2a:ab:1a:82:6c:30:e3:86:a3:cf:fb:bb:b8:a1:43: 4e:dc:b9:3b:7d:c1:2a:47:d4:91:da:fa:67:ed:7e: 7e:5e:7a:a7:3a:61:1b:75:48:0a:55:5e:f9:1b:fb: 8c:2d:ff:f7:a5:ab:9d:44:67:fb:0e:9e:d5:1e:5f: a6:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:27:7D:7A:99:2D:65:43:F6:37:30:D6:B7:B9:2E:06:68:FA:DE:A6 X509v3 Authority Key Identifier: keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/Cyd9epktZUP2NzDWt7kuBmj63qY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:6fc1::-2a06:6fc2:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 5d:0b:28:7f:b3:b4:97:be:44:9c:65:b7:df:dc:d7:0a:e7:0c: 27:c3:34:74:fe:47:4e:70:da:7e:0e:2a:8f:a7:62:46:24:94: f6:91:17:c3:5b:b3:b8:7f:1e:00:b8:e8:13:44:51:f6:73:00: fd:45:3e:d9:e4:16:f1:33:c5:df:d1:16:8c:c1:0d:30:b7:29: 8d:8c:75:74:47:16:b0:17:f1:f5:34:ee:9e:aa:95:cc:31:50: e0:bd:93:c3:c6:92:b8:f8:4b:ff:bd:5c:dd:26:3f:6f:e9:e9: 63:b9:bb:f5:5a:a5:aa:13:b7:ea:54:12:1e:0f:96:69:37:e3: 33:07:3f:88:f8:62:9c:5e:ad:9a:71:15:9d:8d:26:a5:c8:6d: 19:e4:e7:fa:57:d9:3e:32:19:03:9a:5e:37:ae:02:f5:1b:df: 8b:b0:bf:15:fb:fa:d9:e6:e0:1d:8d:de:11:dc:62:da:d7:7d: 4a:eb:ae:f9:f5:4e:09:ea:f8:17:e5:92:a5:d8:43:51:20:b7: 3d:82:47:35:3f:3e:75:d8:d9:ad:75:d1:8a:e0:0e:a4:d1:f6: 06:36:75:5e:3a:00:4a:fa:c1:b7:d6:65:0c:f5:6c:bb:67:91: 43:6a:e4:5d:3e:c1:26:28:cb:9d:12:f8:f0:76:c7:c9:21:2e: 0d:57:be:aa -----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgISAZt6yNEHO93ehnoZT3g01QU1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl OGZkMmIwHhcNMjYwMTAxMTgxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYjI3N2Q3YTk5MmQ2NTQzZjYzNzMwZDZiN2I5MmUwNjY4ZmFkZWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3N+1Kbvf3ywfR+sXaLUKRQEHkWrd AgQaqYvQqjlBAmwytjUrq9n6caKF104xi1gka5phMz2R5wy6s5n8zzvB5X+HcBPv ka1p7sI1lSQSqphaOtT3oEd1Fmvx/wl9/opGeX5cayP6fk2BGK1pKlbHQ+PDg9Bb 705ZsM4iwJx35HXAr0pBoYA2XRtK3Ja4G1MOs9bfXz29pujW4GH1B2OxUF4d21Rg pvMxNgi4OnSnEji2dgm0uv/RFN1SBK2F1gLVamMqqxqCbDDjhqPP+7u4oUNO3Lk7 fcEqR9SR2vpn7X5+XnqnOmEbdUgKVV75G/uMLf/3paudRGf7Dp7VHl+m2QIDAQAB o4ICEzCCAg8wHQYDVR0OBBYEFAsnfXqZLWVD9jcw1re5LgZo+t6mMB8GA1UdIwQY MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt M2YzY2MxZTU3M2ZkLzEvQ3lkOWVwa3RaVVAyTnpEV3Q3a3VCbWo2M3FZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqBm/B AwUAKgZvwjANBgkqhkiG9w0BAQsFAAOCAQEAXQsof7O0l75EnGW339zXCucMJ8M0 dP5HTnDafg4qj6diRiSU9pEXw1uzuH8eALjoE0RR9nMA/UU+2eQW8TPF39EWjMEN MLcpjYx1dEcWsBfx9TTunqqVzDFQ4L2Tw8aSuPhL/71c3SY/b+npY7m79VqlqhO3 6lQSHg+WaTfjMwc/iPhinF6tmnEVnY0mpchtGeTn+lfZPjIZA5peN64C9Rvfi7C/ Ffv62ebgHY3eEdxi2td9Suuu+fVOCer4F+WSpdhDUSC3PYJHNT8+ddjZrXXRiuAO pNH2BjZ1XjoASvrBt9ZlDPVsu2eRQ2rkXT7BJijLnRL48HbHySEuDVe+qg== -----END CERTIFICATE-----Generated at Tue Jan 27 16:27:37 2026 by rpki-client