This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/A2YlCinleeN1Dqlg8GMqml7GL40.roa File: A2YlCinleeN1Dqlg8GMqml7GL40.roa (raw, json) Hash identifier: XJrU9FQnGOBxizXh3IlqtZl79duya5BMTsLwJKGkMcM= Subject key identifier: 03:66:25:0A:29:E5:79:E3:75:0E:A9:60:F0:63:2A:9A:5E:C6:2F:8D Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839 Certificate serial: 019B7C8083540A86AD0614D3EE959446CAED Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/A2YlCinleeN1Dqlg8GMqml7GL40.roa Signing time: Fri 02 Jan 2026 02:19:15 +0000 ROA not before: Fri 02 Jan 2026 02:19:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197537 IP address blocks: 2a00:e460::/29 maxlen: 48 2a0b:d900::/29 maxlen: 48 2a0c:65c0::/29 maxlen: 48 2a0c:6980::/29 maxlen: 48 2a13:97c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 04:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:83:54:0a:86:ad:06:14:d3:ee:95:94:46:ca:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839 Validity Not Before: Jan 2 02:19:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0366250a29e579e3750ea960f0632a9a5ec62f8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:10:0c:84:58:54:d7:81:97:1f:1a:dd:4b:cf: 54:37:0c:e9:ba:71:4d:66:d2:f3:f4:f4:68:83:93: c2:22:27:aa:30:f3:69:4e:54:d8:3e:f6:f2:cb:94: 75:e5:f4:93:b4:57:29:37:f5:21:fc:ae:e3:9a:67: 2a:90:72:e9:79:49:32:76:da:c6:44:be:70:60:a3: 80:54:1d:df:43:1d:88:18:ea:e1:5a:86:03:21:1a: a7:d2:d7:df:f4:ac:60:69:fa:ff:b0:d1:73:c9:18: dc:f2:e8:1f:cd:95:72:97:1b:b3:82:34:94:d6:e1: 60:63:0c:a7:51:70:6c:ce:3b:95:9d:e7:ac:51:c5: 39:c4:4b:61:ad:c1:20:87:8a:a8:15:e9:03:76:27: 90:b3:69:68:f7:fc:ca:e2:18:72:2b:69:92:76:24: c0:dc:bc:89:46:70:7a:50:6f:a1:9a:92:ce:ed:0b: 8a:f6:4a:6f:b9:a1:11:de:a0:85:91:05:c1:21:20: c8:a6:10:f8:90:21:5d:3c:9b:9a:f6:13:ee:77:f2: 6f:f8:f0:57:63:93:4b:1d:9c:d9:76:4b:58:ee:df: 05:02:f0:3c:d8:6d:ec:27:46:75:26:ac:ed:17:34: 52:b1:c4:2e:90:df:74:54:2a:35:20:93:94:08:7c: 9a:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:66:25:0A:29:E5:79:E3:75:0E:A9:60:F0:63:2A:9A:5E:C6:2F:8D X509v3 Authority Key Identifier: keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/A2YlCinleeN1Dqlg8GMqml7GL40.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:e460::/29 2a0b:d900::/29 2a0c:65c0::/29 2a0c:6980::/29 2a13:97c0::/29 Signature Algorithm: sha256WithRSAEncryption 08:07:1a:0e:90:d8:d7:20:a2:1b:bc:75:bb:e3:36:22:09:21: 5d:b7:08:ad:70:e9:1a:16:a5:fc:a6:b8:14:b1:c9:1c:51:23: e8:7e:34:06:7a:d0:d6:5e:09:bf:2c:f7:5e:cb:d9:19:a0:96: 10:8a:d4:50:6d:38:4e:a7:e0:4d:2d:a3:54:cd:cf:99:b0:01: ab:84:f3:6f:12:79:26:d4:c5:67:1c:6c:b3:29:7e:1f:7e:8a: 95:00:58:37:15:0e:89:03:02:0a:fa:cd:6d:22:34:b4:2e:97: 91:df:c2:a9:a9:84:3a:47:0e:89:dd:a5:25:68:ea:10:19:b2: fa:5a:76:1d:ea:b0:e5:53:fc:f4:64:6b:bd:b4:b6:15:d6:19: 52:82:7d:8d:8a:4b:0f:3e:48:e0:58:60:96:19:6c:b5:ca:37: c4:1e:40:99:e8:37:c1:f2:96:65:cd:e9:3c:cc:7b:7a:ea:ad: f9:dc:43:98:c1:10:f8:68:6c:ec:ff:b4:76:ff:4f:cc:fb:41: dd:16:3a:4b:60:30:d1:71:20:ce:f4:ef:e0:cc:89:4d:09:b0: a8:a8:69:21:a0:72:7a:05:f6:91:43:a0:f1:61:57:fb:cd:4f: e2:7f:c6:f5:66:3c:07:15:25:32:ab:fc:6b:4b:a1:55:bb:88: 29:f9:ff:8c -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt8gINUCoatBhTT7pWURsrtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx ZmE4MzkwHhcNMjYwMTAyMDIxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMzY2MjUwYTI5ZTU3OWUzNzUwZWE5NjBmMDYzMmE5YTVlYzYyZjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBAMhFhU14GXHxrdS89UNwzpunFN ZtLz9PRog5PCIieqMPNpTlTYPvbyy5R15fSTtFcpN/Uh/K7jmmcqkHLpeUkydtrG RL5wYKOAVB3fQx2IGOrhWoYDIRqn0tff9Kxgafr/sNFzyRjc8ugfzZVylxuzgjSU 1uFgYwynUXBszjuVneesUcU5xEthrcEgh4qoFekDdieQs2lo9/zK4hhyK2mSdiTA 3LyJRnB6UG+hmpLO7QuK9kpvuaER3qCFkQXBISDIphD4kCFdPJua9hPud/Jv+PBX Y5NLHZzZdktY7t8FAvA82G3sJ0Z1JqztFzRSscQukN90VCo1IJOUCHyauwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFANmJQop5XnjdQ6pYPBjKppexi+NMB8GA1UdIwQY MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt MzA0OTVmNDAzNzg0LzEvQTJZbENpbmxlZU4xRHFsZzhHTXFtbDdHTDQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0 LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgDkYAMF AyoL2QADBQMqDGXAAwUDKgxpgAMFAyoTl8AwDQYJKoZIhvcNAQELBQADggEBAAgH Gg6Q2Ncgohu8dbvjNiIJIV23CK1w6RoWpfymuBSxyRxRI+h+NAZ60NZeCb8s917L 2RmglhCK1FBtOE6n4E0to1TNz5mwAauE828SeSbUxWccbLMpfh9+ipUAWDcVDokD Agr6zW0iNLQul5HfwqmphDpHDondpSVo6hAZsvpadh3qsOVT/PRka720thXWGVKC fY2KSw8+SOBYYJYZbLXKN8QeQJnoN8HylmXN6TzMe3rqrfncQ5jBEPhobOz/tHb/ T8z7Qd0WOktgMNFxIM707+DMiU0JsKioaSGgcnoF9pFDoPFhV/vNT+J/xvVmPAcV JTKr/GtLoVW7iCn5/4w= -----END CERTIFICATE-----Generated at Sun Jan 18 08:53:31 2026 by rpki-client