This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/caT7i0Ho-ce70M9ACVatVgOV6EE.roa File: caT7i0Ho-ce70M9ACVatVgOV6EE.roa (raw, json) Hash identifier: OVGWsWiY+37CUfHQZ+flCcNGvE7DfMZs+E/YKFAYsXI= Subject key identifier: 71:A4:FB:8B:41:E8:F9:C7:BB:D0:CF:40:09:56:AD:56:03:95:E8:41 Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e Certificate serial: 019B7910D462C3539EA7CD8AFA60D86A441F Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/caT7i0Ho-ce70M9ACVatVgOV6EE.roa Signing time: Thu 01 Jan 2026 10:18:24 +0000 ROA not before: Thu 01 Jan 2026 10:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 2a03:5000:431::/48 maxlen: 48 2a03:5000:432::/48 maxlen: 48 2a03:5000:471::/48 maxlen: 48 2a03:5000:481::/48 maxlen: 48 2a03:5000:501::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 07:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:d4:62:c3:53:9e:a7:cd:8a:fa:60:d8:6a:44:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e Validity Not Before: Jan 1 10:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=71a4fb8b41e8f9c7bbd0cf400956ad560395e841 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:67:51:b5:8a:71:a7:64:9f:e4:9a:89:3f:82: 74:89:c4:da:0a:86:38:be:e0:11:40:69:cc:75:6b: ee:ed:b2:c8:68:e1:c5:52:b9:f0:73:47:db:ba:2b: 82:9c:24:fe:d3:43:09:3c:a3:cb:08:52:a8:f1:7f: 78:f0:c9:6d:c3:28:63:7a:f2:39:e8:eb:a7:86:48: 37:0c:65:7a:67:d0:aa:4e:15:92:6d:67:8f:86:78: 72:07:ad:69:70:10:59:91:44:e1:4c:31:3a:80:83: 04:6d:17:17:9c:19:5b:9b:14:6f:cc:88:9d:9e:42: d8:26:ec:03:d8:d4:0d:47:d6:47:05:6f:46:0a:36: d8:75:c9:e7:dd:c4:c7:6d:d9:68:67:48:20:b7:93: c4:1c:89:0a:86:7f:57:ff:44:d1:e3:6c:e4:46:b1: 87:69:de:d9:4e:c9:c7:29:96:03:5c:9e:40:5f:b2: 75:00:40:67:5b:3e:29:89:dc:59:2d:17:cb:40:0e: dd:08:df:ad:f8:16:bf:ca:2f:36:7b:14:db:af:fa: 7a:24:da:3b:a0:71:d0:e2:91:e3:1a:5c:7c:38:38: f2:07:31:90:ff:a1:a6:f0:02:c2:5c:b7:8e:b3:ad: 9d:83:b5:3f:e9:30:ef:a4:bf:3b:a4:3f:da:12:41: 23:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:A4:FB:8B:41:E8:F9:C7:BB:D0:CF:40:09:56:AD:56:03:95:E8:41 X509v3 Authority Key Identifier: keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/caT7i0Ho-ce70M9ACVatVgOV6EE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:5000:431::-2a03:5000:432:ffff:ffff:ffff:ffff:ffff 2a03:5000:471::/48 2a03:5000:481::/48 2a03:5000:501::/48 Signature Algorithm: sha256WithRSAEncryption 9d:36:8c:42:18:35:d7:ee:3e:54:01:45:00:3c:87:d6:cc:e0: 32:99:1e:21:36:a8:71:d3:c0:41:ea:e1:3e:92:0e:e0:22:e0: 95:7d:8b:a2:c2:25:75:bb:84:f3:eb:29:38:94:fc:ae:77:9a: 07:5c:e4:55:70:6d:06:6b:25:6c:d2:e8:38:75:88:f7:22:bc: 37:8c:69:56:9c:57:db:cd:e8:4d:02:8e:bc:60:ff:28:a9:af: 8a:e5:ce:0b:75:6e:c7:86:10:82:ae:ae:20:c2:14:de:4e:36: 6c:4c:2e:88:32:47:65:d0:4b:14:84:44:65:d8:ba:73:38:d7: e3:9f:a0:a8:b1:29:b5:e0:ef:e4:04:d6:b2:65:2c:9c:0e:42: 22:41:7e:46:23:51:7a:eb:f4:dd:0d:e2:72:90:08:73:ee:f1: 1e:72:d6:2b:06:cf:b7:4b:4c:ad:79:68:f0:18:aa:28:8e:84: 74:ba:14:f6:c1:a4:aa:67:30:99:da:af:a5:6b:5f:e1:17:8f: 48:45:69:9c:6d:7f:20:ad:d5:98:26:af:d8:e9:34:c2:33:0e: f2:ec:bd:46:a5:ab:46:8e:0c:c5:7d:58:b7:29:47:f2:1a:c9: c1:30:d3:57:63:22:15:60:9e:de:ab:2e:67:6d:40:a1:18:a7: 9e:4d:b0:c5 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt5ENRiw1Oep82K+mDYakQfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm MmNmNGUwHhcNMjYwMTAxMTAxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MWE0ZmI4YjQxZThmOWM3YmJkMGNmNDAwOTU2YWQ1NjAzOTVlODQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGdRtYpxp2Sf5JqJP4J0icTaCoY4 vuARQGnMdWvu7bLIaOHFUrnwc0fbuiuCnCT+00MJPKPLCFKo8X948MltwyhjevI5 6Ounhkg3DGV6Z9CqThWSbWePhnhyB61pcBBZkUThTDE6gIMEbRcXnBlbmxRvzIid nkLYJuwD2NQNR9ZHBW9GCjbYdcnn3cTHbdloZ0ggt5PEHIkKhn9X/0TR42zkRrGH ad7ZTsnHKZYDXJ5AX7J1AEBnWz4pidxZLRfLQA7dCN+t+Ba/yi82exTbr/p6JNo7 oHHQ4pHjGlx8ODjyBzGQ/6Gm8ALCXLeOs62dg7U/6TDvpL87pD/aEkEjVQIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFHGk+4tB6PnHu9DPQAlWrVYDlehBMB8GA1UdIwQY MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt ODY0MjM4YmMwNDliLzEvY2FUN2kwSG8tY2U3ME05QUNWYXRWZ09WNkVFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvMBIDBwAqA1AA BDEDBwAqA1AABDIDBwAqA1AABHEDBwAqA1AABIEDBwAqA1AABQEwDQYJKoZIhvcN AQELBQADggEBAJ02jEIYNdfuPlQBRQA8h9bM4DKZHiE2qHHTwEHq4T6SDuAi4JV9 i6LCJXW7hPPrKTiU/K53mgdc5FVwbQZrJWzS6Dh1iPcivDeMaVacV9vN6E0Cjrxg /yipr4rlzgt1bseGEIKuriDCFN5ONmxMLogyR2XQSxSERGXYunM41+OfoKixKbXg 7+QE1rJlLJwOQiJBfkYjUXrr9N0N4nKQCHPu8R5y1isGz7dLTK15aPAYqiiOhHS6 FPbBpKpnMJnar6VrX+EXj0hFaZxtfyCt1Zgmr9jpNMIzDvLsvUalq0aODMV9WLcp R/IaycEw01djIhVgnt6rLmdtQKEYp55NsMU= -----END CERTIFICATE-----Generated at Fri Jan 9 17:06:35 2026 by rpki-client