This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/JWQpwGZXnNxYi7ETgVI8sIFKN0Y.roa File: JWQpwGZXnNxYi7ETgVI8sIFKN0Y.roa (raw, json) Hash identifier: 8qb6KYfkKQ5kRaGDildelx2zGUAt0DG0nvHLx28DN1c= Subject key identifier: 25:64:29:C0:66:57:9C:DC:58:8B:B1:13:81:52:3C:B0:81:4A:37:46 Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5 Certificate serial: 019B7C801CD2B4FD8433F23565FC5FCCF3C7 Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/JWQpwGZXnNxYi7ETgVI8sIFKN0Y.roa Signing time: Fri 02 Jan 2026 02:18:49 +0000 ROA not before: Fri 02 Jan 2026 02:18:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 134677 IP address blocks: 2a0f:7802:e2bd::/48 maxlen: 48 2a0f:7802:e2ec::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.mft rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 14:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:1c:d2:b4:fd:84:33:f2:35:65:fc:5f:cc:f3:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfcead390625edba1408108df57cea47160d70e5 Validity Not Before: Jan 2 02:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=256429c066579cdc588bb11381523cb0814a3746 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a1:2e:a5:a2:43:e6:44:17:f4:cf:cf:a8:2d: 95:b2:18:ec:3f:70:78:81:f7:d8:1b:fb:d6:1f:7b: 0b:4f:c0:fe:9d:2b:eb:18:d0:74:3c:55:c6:ac:1a: 5f:45:be:43:3a:31:ca:58:0c:ea:1c:0a:b1:b4:00: 22:5e:12:44:21:b2:68:e3:2e:2c:97:71:b0:0f:d0: dd:a1:38:28:f2:f2:73:5d:65:0f:a4:70:de:3e:36: e2:f9:f8:70:bc:26:16:09:0b:69:2d:82:17:9c:1f: d2:54:40:b9:36:f5:dc:4e:d4:aa:68:8d:fc:8c:32: d6:32:97:cf:0d:29:f8:d3:22:59:c0:ec:7c:c5:1a: eb:e3:2d:76:87:a4:bf:08:8e:68:d7:37:5b:cd:f7: 55:6a:15:b2:25:bb:dd:15:92:b1:06:c5:bc:39:ac: 63:bb:66:01:d5:15:82:4a:54:6e:53:3b:4e:1e:88: 89:b0:f6:05:9c:b8:72:06:fb:9d:2a:38:97:82:40: 46:c8:50:a0:ba:30:18:a5:12:2a:f8:3d:3c:cf:97: d9:4d:04:0d:be:51:ca:72:99:5a:87:6e:af:9b:51: d3:6f:a3:19:ae:18:45:70:ea:ed:ac:12:98:4d:7e: 79:3c:d8:01:1d:f2:7f:2b:17:8a:99:ae:4b:0b:16: 5d:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:64:29:C0:66:57:9C:DC:58:8B:B1:13:81:52:3C:B0:81:4A:37:46 X509v3 Authority Key Identifier: keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/JWQpwGZXnNxYi7ETgVI8sIFKN0Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:7802:e2bd::/48 2a0f:7802:e2ec::/46 Signature Algorithm: sha256WithRSAEncryption 5d:09:eb:c1:01:13:3b:31:56:15:f0:26:c8:61:af:52:cd:03: f1:6c:1f:15:cc:d6:0a:2d:63:17:dd:96:b3:61:85:23:f9:08: c7:85:8e:6c:d2:12:8e:06:37:18:5d:a6:84:06:e8:80:06:50: dc:a9:2c:12:b5:51:11:4a:de:90:66:1c:e0:11:a5:19:34:d3: fb:0b:e1:2c:2b:61:ba:29:e1:9f:27:66:78:87:66:a7:9c:b2: 0c:d0:13:c2:1e:d5:44:de:2d:bf:ca:0f:9d:36:05:7a:af:04: 08:50:b1:2c:61:61:b1:6d:44:30:2d:ac:1b:77:4a:71:0f:0c: d4:13:74:e7:fe:7b:25:67:29:59:1c:90:98:5d:7d:8f:83:c1: 4e:ec:dc:09:e3:a5:c1:ab:86:0f:21:96:69:e3:46:a2:b3:c9: 70:41:ef:d6:60:bf:a2:e9:f5:ec:25:a4:ea:ae:08:af:45:d4: ad:9c:a0:9d:7d:45:04:ca:eb:cf:36:92:50:a3:bb:6b:b3:07: 16:5f:df:3a:19:eb:98:49:5e:73:7d:aa:47:54:39:65:4e:1f: 08:ea:2a:c3:6e:71:df:ba:b0:de:53:a1:7d:da:39:5d:64:21: 3e:23:d4:dd:04:ab:e9:47:0e:25:24:5c:66:3f:1d:4f:2e:d5: a9:44:b5:b1 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt8gBzStP2EM/I1ZfxfzPPHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw ZDcwZTUwHhcNMjYwMTAyMDIxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNTY0MjljMDY2NTc5Y2RjNTg4YmIxMTM4MTUyM2NiMDgxNGEzNzQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaEupaJD5kQX9M/PqC2VshjsP3B4 gffYG/vWH3sLT8D+nSvrGNB0PFXGrBpfRb5DOjHKWAzqHAqxtAAiXhJEIbJo4y4s l3GwD9DdoTgo8vJzXWUPpHDePjbi+fhwvCYWCQtpLYIXnB/SVEC5NvXcTtSqaI38 jDLWMpfPDSn40yJZwOx8xRrr4y12h6S/CI5o1zdbzfdVahWyJbvdFZKxBsW8Oaxj u2YB1RWCSlRuUztOHoiJsPYFnLhyBvudKjiXgkBGyFCgujAYpRIq+D08z5fZTQQN vlHKcplah26vm1HTb6MZrhhFcOrtrBKYTX55PNgBHfJ/KxeKma5LCxZd8wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCVkKcBmV5zcWIuxE4FSPLCBSjdGMB8GA1UdIwQY MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt ZjViNmE3MThmNGI1LzEvSldRcHdHWlhuTnhZaTdFVGdWSThzSUZLTjBZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1 LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg94AuK9 AwcCKg94AuLsMA0GCSqGSIb3DQEBCwUAA4IBAQBdCevBARM7MVYV8CbIYa9SzQPx bB8VzNYKLWMX3ZazYYUj+QjHhY5s0hKOBjcYXaaEBuiABlDcqSwStVERSt6QZhzg EaUZNNP7C+EsK2G6KeGfJ2Z4h2annLIM0BPCHtVE3i2/yg+dNgV6rwQIULEsYWGx bUQwLawbd0pxDwzUE3Tn/nslZylZHJCYXX2Pg8FO7NwJ46XBq4YPIZZp40ais8lw Qe/WYL+i6fXsJaTqrgivRdStnKCdfUUEyuvPNpJQo7trswcWX986GeuYSV5zfapH VDllTh8I6irDbnHfurDeU6F92jldZCE+I9TdBKvpRw4lJFxmPx1PLtWpRLWx -----END CERTIFICATE-----Generated at Wed Jan 21 17:00:56 2026 by rpki-client