This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/_q-CP9vVp7ZOCkbVBtsfOnAJ9FA.roa File: _q-CP9vVp7ZOCkbVBtsfOnAJ9FA.roa (raw, json) Hash identifier: XNxgADpEzkzVftJcT8a6amX7H8EAtDuMWz2MBkIT+/M= Subject key identifier: FE:AF:82:3F:DB:D5:A7:B6:4E:0A:46:D5:06:DB:1F:3A:70:09:F4:50 Certificate issuer: /CN=4fa5cde524f7810d5868bc49ab0bf6621f44dc21 Certificate serial: 019B797F04B55B2E0AB7F13FA5B4D853A9F7 Authority key identifier: 4F:A5:CD:E5:24:F7:81:0D:58:68:BC:49:AB:0B:F6:62:1F:44:DC:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/_q-CP9vVp7ZOCkbVBtsfOnAJ9FA.roa Signing time: Thu 01 Jan 2026 12:18:45 +0000 ROA not before: Thu 01 Jan 2026 12:18:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215495 IP address blocks: 2a12:4447::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.mft rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 00:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:04:b5:5b:2e:0a:b7:f1:3f:a5:b4:d8:53:a9:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fa5cde524f7810d5868bc49ab0bf6621f44dc21 Validity Not Before: Jan 1 12:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=feaf823fdbd5a7b64e0a46d506db1f3a7009f450 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:b1:26:13:90:f8:a7:0b:41:e0:af:f8:5d:53: 61:a3:49:fb:ce:7e:e1:26:76:98:ab:a8:ab:4c:11: a5:23:ba:0a:0a:c1:33:d8:28:f1:32:b5:f5:cb:c6: 1f:3b:11:3b:45:cd:65:d2:a1:c5:5f:31:3c:36:90: 92:b9:27:e5:be:af:8c:a0:da:45:d0:62:81:ec:50: 7d:5e:d6:71:15:64:0e:f7:d4:a1:8c:d1:cb:41:58: ad:3d:f0:3a:42:de:72:3d:95:3a:49:36:f1:81:94: 9c:cb:79:ec:da:fd:0f:0d:98:3e:6e:f1:60:d7:4d: b3:e8:fc:f1:20:c1:7a:56:4d:c9:d6:66:20:a8:64: 66:d2:fa:cd:6b:b0:21:3a:76:e0:43:53:e7:78:59: 60:a9:87:3e:cf:b0:1d:25:0f:02:5a:b3:f9:f5:0e: 14:8b:7c:fc:5b:2b:8f:a3:d6:3a:1d:eb:c5:c3:23: 93:b8:a9:a7:35:d7:ad:b8:9b:73:f0:c8:3d:a3:fe: 9f:a0:af:46:9a:1f:11:0b:7e:df:c2:07:50:b7:5f: 9a:ca:78:8c:51:ea:1d:62:0c:3e:3c:d3:b7:2c:60: 1d:df:53:4f:d1:a9:33:cd:9e:32:39:cf:e5:71:60: 06:51:59:c7:94:5d:04:be:db:65:a5:0d:8e:1f:08: 32:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:AF:82:3F:DB:D5:A7:B6:4E:0A:46:D5:06:DB:1F:3A:70:09:F4:50 X509v3 Authority Key Identifier: keyid:4F:A5:CD:E5:24:F7:81:0D:58:68:BC:49:AB:0B:F6:62:1F:44:DC:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/_q-CP9vVp7ZOCkbVBtsfOnAJ9FA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:4447::/32 Signature Algorithm: sha256WithRSAEncryption 69:7a:3d:9f:cd:f4:05:00:54:a7:87:72:80:4d:d8:50:51:75: 29:24:79:75:10:a3:44:2b:2b:2a:e7:f0:f3:38:25:a2:a4:76: 4e:7a:04:28:2d:a4:02:9b:4f:33:e8:c6:9a:c6:0e:48:34:c0: 47:a8:d2:84:6a:66:73:8e:04:df:2b:58:91:9f:8b:b9:7f:f6: f5:df:66:58:69:85:db:07:b0:a6:2a:17:32:3b:3d:a3:8d:e8: af:44:37:13:48:b1:05:82:cc:86:5c:c0:b5:e8:d8:ca:b5:cd: 63:3e:02:6a:5e:ad:06:5d:09:17:28:50:e6:ba:55:64:c7:1e: 1d:a5:7b:b5:7b:39:92:2b:cd:30:7a:89:13:75:d8:63:a6:68: d3:3e:80:de:7b:e8:f7:96:e9:fd:e9:40:f6:af:20:6b:44:18: 96:89:ee:86:8f:93:bd:f2:2e:40:72:f3:55:c0:fb:b0:74:25: 9d:46:36:27:94:21:f8:4f:30:c8:08:6b:df:79:28:b4:6a:4c: 40:7d:bb:53:0f:9a:8d:81:1c:e7:26:20:15:b9:a0:dd:da:b5: 33:27:f8:1c:5e:60:89:a2:72:20:40:e6:0a:8d:d2:cf:ad:a2: 49:6e:49:d3:67:48:fa:0a:ba:05:e5:55:ed:00:8b:43:b1:a2: fd:2f:9d:14 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt5fwS1Wy4Kt/E/pbTYU6n3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmYTVjZGU1MjRmNzgxMGQ1ODY4YmM0OWFiMGJmNjYyMWY0 NGRjMjEwHhcNMjYwMTAxMTIxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZWFmODIzZmRiZDVhN2I2NGUwYTQ2ZDUwNmRiMWYzYTcwMDlmNDUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bEmE5D4pwtB4K/4XVNho0n7zn7h JnaYq6irTBGlI7oKCsEz2CjxMrX1y8YfOxE7Rc1l0qHFXzE8NpCSuSflvq+MoNpF 0GKB7FB9XtZxFWQO99ShjNHLQVitPfA6Qt5yPZU6STbxgZScy3ns2v0PDZg+bvFg 102z6PzxIMF6Vk3J1mYgqGRm0vrNa7AhOnbgQ1PneFlgqYc+z7AdJQ8CWrP59Q4U i3z8WyuPo9Y6HevFwyOTuKmnNdetuJtz8Mg9o/6foK9Gmh8RC37fwgdQt1+ayniM UeodYgw+PNO3LGAd31NP0akzzZ4yOc/lcWAGUVnHlF0EvttlpQ2OHwgy/wIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFP6vgj/b1ae2TgpG1QbbHzpwCfRQMB8GA1UdIwQY MBaAFE+lzeUk94ENWGi8SasL9mIfRNwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDZYTjVTVDNnUTFZYUx4SnF3djJZaDlFM0NFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kNjA4OGMtMzExMC00MWUxLWI5OTYt MzJkNGFkOGY1NmRlLzEvX3EtQ1A5dlZwN1pPQ2tiVkJ0c2ZPbkFKOUZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy9kNjA4OGMtMzExMC00MWUxLWI5OTYtMzJkNGFkOGY1NmRl LzEvVDZYTjVTVDNnUTFZYUx4SnF3djJZaDlFM0NFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhJERzAN BgkqhkiG9w0BAQsFAAOCAQEAaXo9n830BQBUp4dygE3YUFF1KSR5dRCjRCsrKufw 8zgloqR2TnoEKC2kAptPM+jGmsYOSDTAR6jShGpmc44E3ytYkZ+LuX/29d9mWGmF 2wewpioXMjs9o43or0Q3E0ixBYLMhlzAtejYyrXNYz4Cal6tBl0JFyhQ5rpVZMce HaV7tXs5kivNMHqJE3XYY6Zo0z6A3nvo95bp/elA9q8ga0QYlonuho+TvfIuQHLz VcD7sHQlnUY2J5Qh+E8wyAhr33kotGpMQH27Uw+ajYEc5yYgFbmg3dq1Myf4HF5g iaJyIEDmCo3Sz62iSW5J02dI+gq6BeVV7QCLQ7Gi/S+dFA== -----END CERTIFICATE-----Generated at Mon Feb 2 09:53:06 2026 by rpki-client