This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/cjcrwUR9cOViEeTeD6CkQ1Oxg-8.roa File: cjcrwUR9cOViEeTeD6CkQ1Oxg-8.roa (raw, json) Hash identifier: baKzNTEyrVEeukgFUaF5YXuq3MR7DZq0UgoZTBymKqU= Subject key identifier: 72:37:2B:C1:44:7D:70:E5:62:11:E4:DE:0F:A0:A4:43:53:B1:83:EF Certificate issuer: /CN=4fa5cde524f7810d5868bc49ab0bf6621f44dc21 Certificate serial: 019B797F03AA80D4794BA359AD33D1E3AA13 Authority key identifier: 4F:A5:CD:E5:24:F7:81:0D:58:68:BC:49:AB:0B:F6:62:1F:44:DC:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/cjcrwUR9cOViEeTeD6CkQ1Oxg-8.roa Signing time: Thu 01 Jan 2026 12:18:45 +0000 ROA not before: Thu 01 Jan 2026 12:18:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200132 IP address blocks: 2a12:4447::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.mft rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 00:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:03:aa:80:d4:79:4b:a3:59:ad:33:d1:e3:aa:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fa5cde524f7810d5868bc49ab0bf6621f44dc21 Validity Not Before: Jan 1 12:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=72372bc1447d70e56211e4de0fa0a44353b183ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:2e:b9:55:aa:b0:52:b4:0d:33:a6:c2:c7:ca: 73:77:c7:9c:11:ff:ae:06:cc:b9:16:72:05:3c:85: 83:af:b3:a9:ab:8a:cb:af:7f:ee:d3:e6:95:6e:65: 39:4c:52:cd:b9:fb:b2:b1:23:51:0e:06:b3:fd:d1: c8:0f:f4:df:25:8a:fb:8e:45:b5:58:ae:fc:8d:e1: 5b:ff:e9:77:69:7c:7a:6a:14:5d:0b:1c:5b:9c:93: 68:e8:75:ef:cc:cd:ce:2b:6d:97:88:c7:2b:62:a2: 75:b2:6b:e1:b8:02:9c:54:e2:1f:81:c4:bd:ec:5a: 9f:ea:eb:90:ab:c7:c0:69:19:05:08:e3:8f:7b:91: 33:72:f6:53:a2:b5:3b:17:f1:e5:b1:12:ba:cc:b7: 8c:45:48:20:03:57:db:e9:95:ec:67:8d:bd:c0:1b: 6f:d5:95:e3:d9:97:2e:12:d3:5e:1b:3d:fb:45:00: a3:28:c0:f6:a2:0c:c6:c3:d9:e5:41:f2:83:2b:01: ed:af:7e:3a:1c:c3:ed:bd:e8:85:af:dc:6d:2e:88: b2:88:06:16:93:aa:3f:f1:35:5a:99:74:00:5f:0b: d2:02:41:73:b6:7e:65:2b:c2:36:b2:9d:4e:90:5e: cc:28:f3:5f:3f:d3:1b:35:7b:62:82:75:a9:3e:cf: 33:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:37:2B:C1:44:7D:70:E5:62:11:E4:DE:0F:A0:A4:43:53:B1:83:EF X509v3 Authority Key Identifier: keyid:4F:A5:CD:E5:24:F7:81:0D:58:68:BC:49:AB:0B:F6:62:1F:44:DC:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/cjcrwUR9cOViEeTeD6CkQ1Oxg-8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:4447::/32 Signature Algorithm: sha256WithRSAEncryption 7a:ee:ca:ba:ef:5d:dd:e8:23:5c:43:50:d7:94:4d:3a:d2:41: 3f:ce:61:97:1e:0c:0b:51:df:02:46:a1:ed:0b:d2:b9:7f:e8: 9c:4a:e1:97:8f:41:15:82:f4:55:97:09:65:f5:b2:a1:e1:1e: 4d:cd:17:fd:ed:eb:db:93:21:6d:aa:f6:e3:e3:2e:c5:7c:f2: 34:cc:95:3f:87:fe:5b:1a:77:06:d9:53:ed:79:4e:39:09:04: 83:f6:1d:e9:de:9e:db:b1:61:2b:95:84:05:bb:ef:7a:d4:bc: 9d:9c:82:3d:0c:37:f8:dc:04:64:51:32:fc:1f:36:20:06:18: c2:07:25:d7:89:61:c4:69:98:b5:df:8f:6e:9e:d0:a5:37:57: 0b:f2:cf:9f:a5:c8:5e:59:b3:a2:be:67:ed:e3:7d:30:17:fc: f7:d1:1f:fa:a7:36:67:d4:c2:f7:34:64:9a:83:f7:7f:eb:1d: 5b:1e:a9:b5:5c:36:21:82:fa:b1:25:52:07:ad:1b:28:50:0d: d1:c5:a1:9a:6b:2e:b6:6f:67:cc:a6:d1:63:22:53:b7:af:7d: 88:9f:a6:37:c3:e1:06:8e:ea:a8:fa:58:3f:60:0d:41:b2:56: 27:21:25:8b:8c:43:9e:ae:49:85:96:59:20:ca:a4:fd:53:fe: 97:90:d9:e4 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt5fwOqgNR5S6NZrTPR46oTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmYTVjZGU1MjRmNzgxMGQ1ODY4YmM0OWFiMGJmNjYyMWY0 NGRjMjEwHhcNMjYwMTAxMTIxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjM3MmJjMTQ0N2Q3MGU1NjIxMWU0ZGUwZmEwYTQ0MzUzYjE4M2VmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS65VaqwUrQNM6bCx8pzd8ecEf+u Bsy5FnIFPIWDr7Opq4rLr3/u0+aVbmU5TFLNufuysSNRDgaz/dHID/TfJYr7jkW1 WK78jeFb/+l3aXx6ahRdCxxbnJNo6HXvzM3OK22XiMcrYqJ1smvhuAKcVOIfgcS9 7Fqf6uuQq8fAaRkFCOOPe5EzcvZTorU7F/HlsRK6zLeMRUggA1fb6ZXsZ429wBtv 1ZXj2ZcuEtNeGz37RQCjKMD2ogzGw9nlQfKDKwHtr346HMPtveiFr9xtLoiyiAYW k6o/8TVamXQAXwvSAkFztn5lK8I2sp1OkF7MKPNfP9MbNXtignWpPs8zwQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFHI3K8FEfXDlYhHk3g+gpENTsYPvMB8GA1UdIwQY MBaAFE+lzeUk94ENWGi8SasL9mIfRNwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDZYTjVTVDNnUTFZYUx4SnF3djJZaDlFM0NFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kNjA4OGMtMzExMC00MWUxLWI5OTYt MzJkNGFkOGY1NmRlLzEvY2pjcndVUjljT1ZpRWVUZUQ2Q2tRMU94Zy04LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy9kNjA4OGMtMzExMC00MWUxLWI5OTYtMzJkNGFkOGY1NmRl LzEvVDZYTjVTVDNnUTFZYUx4SnF3djJZaDlFM0NFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhJERzAN BgkqhkiG9w0BAQsFAAOCAQEAeu7Kuu9d3egjXENQ15RNOtJBP85hlx4MC1HfAkah 7QvSuX/onErhl49BFYL0VZcJZfWyoeEeTc0X/e3r25Mhbar24+MuxXzyNMyVP4f+ Wxp3BtlT7XlOOQkEg/Yd6d6e27FhK5WEBbvvetS8nZyCPQw3+NwEZFEy/B82IAYY wgcl14lhxGmYtd+Pbp7QpTdXC/LPn6XIXlmzor5n7eN9MBf899Ef+qc2Z9TC9zRk moP3f+sdWx6ptVw2IYL6sSVSB60bKFAN0cWhmmsutm9nzKbRYyJTt699iJ+mN8Ph Bo7qqPpYP2ANQbJWJyEli4xDnq5JhZZZIMqk/VP+l5DZ5A== -----END CERTIFICATE-----Generated at Mon Feb 2 09:59:43 2026 by rpki-client