This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/XExavfpXuaZ3MydZbyDnyFn5ni0.roa File: XExavfpXuaZ3MydZbyDnyFn5ni0.roa (raw, json) Hash identifier: WQdTsTZhStmdezt2VotpAadyLft0mMYrZPTmmKNNRro= Subject key identifier: 5C:4C:5A:BD:FA:57:B9:A6:77:33:27:59:6F:20:E7:C8:59:F9:9E:2D Certificate issuer: /CN=ca886d5587ec85f71242cd57ced409544528168d Certificate serial: 019B7E37D2C9BC8F97C902281754B0D3FCC3 Authority key identifier: CA:88:6D:55:87:EC:85:F7:12:42:CD:57:CE:D4:09:54:45:28:16:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yohtVYfshfcSQs1XztQJVEUoFo0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/XExavfpXuaZ3MydZbyDnyFn5ni0.roa Signing time: Fri 02 Jan 2026 10:19:06 +0000 ROA not before: Fri 02 Jan 2026 10:19:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203909 IP address blocks: 2001:678:d88::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.crl rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.mft rsync://rpki.ripe.net/repository/DEFAULT/yohtVYfshfcSQs1XztQJVEUoFo0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 18:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:d2:c9:bc:8f:97:c9:02:28:17:54:b0:d3:fc:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca886d5587ec85f71242cd57ced409544528168d Validity Not Before: Jan 2 10:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c4c5abdfa57b9a6773327596f20e7c859f99e2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:38:e7:8c:15:2c:e6:63:93:85:89:3e:61:de: 13:0d:76:1f:5d:c5:68:54:62:62:1e:ee:4b:93:93: 08:00:cf:b2:cf:7f:55:23:14:98:9a:8e:ad:dc:cc: b1:dd:25:38:5e:9d:77:53:6e:8d:17:4d:8a:cf:43: 88:e0:2d:9e:1d:af:db:13:67:ab:b5:1e:b5:1e:83: 62:e5:63:a6:90:56:bf:50:72:af:81:49:e8:1e:83: c1:bc:97:42:b2:bc:79:5f:69:3f:92:f0:83:5c:3e: d8:e4:ea:10:08:7b:71:73:7e:e7:bd:4c:e9:46:92: 2f:cd:00:99:61:df:17:16:a2:e9:eb:3a:f9:6c:c0: d0:ff:ac:01:e6:0a:e0:fd:fb:0b:70:1e:71:4f:3c: e8:25:e9:52:3e:1a:33:b2:80:46:69:8d:fb:ef:18: 10:58:6f:cf:13:c9:47:28:fb:e8:ab:72:f4:38:a4: dc:96:b0:b3:7d:fa:3e:35:4b:d4:62:72:ea:d9:d7: f3:bd:60:c8:14:ed:5c:cb:84:34:35:03:7e:90:7e: 69:ce:cf:1f:62:ff:f5:ef:c9:e7:57:bc:63:43:99: 2f:b2:e6:d2:df:de:ca:b0:bc:80:9a:c3:ed:12:a3: bd:3c:59:a8:82:e2:d9:76:4f:83:93:68:8b:12:f5: eb:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:4C:5A:BD:FA:57:B9:A6:77:33:27:59:6F:20:E7:C8:59:F9:9E:2D X509v3 Authority Key Identifier: keyid:CA:88:6D:55:87:EC:85:F7:12:42:CD:57:CE:D4:09:54:45:28:16:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yohtVYfshfcSQs1XztQJVEUoFo0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/XExavfpXuaZ3MydZbyDnyFn5ni0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:d88::/48 Signature Algorithm: sha256WithRSAEncryption 0e:bb:46:77:04:91:6a:2c:49:4f:ce:a1:eb:93:22:88:a4:56: 3a:5f:b1:a7:0f:b5:8f:3d:c7:5d:c6:ae:5f:42:2a:1e:d3:6a: 1b:db:61:67:d8:ec:45:20:44:21:29:15:5c:62:b2:6d:98:9f: 0e:53:ff:87:07:83:ca:66:95:76:27:5a:29:ea:61:98:e5:a4: d9:67:24:34:59:a2:88:a9:d7:41:e3:e7:fc:19:fa:c1:d8:2d: d8:2d:03:48:ef:9f:0b:1c:3a:b7:25:d6:55:43:dc:5d:25:c6: 2e:c7:61:1e:5f:68:2d:5c:f6:7e:92:f7:37:eb:6d:5f:61:3e: 95:31:33:75:e8:d0:e5:e0:0b:53:b0:7b:2e:36:b0:89:22:e6: 8f:2b:9c:2d:b4:e8:c0:ce:ae:58:69:3b:3f:4b:56:84:75:f3: 56:44:d7:20:19:ad:0c:93:ca:09:76:76:6c:cc:9b:cf:7a:a4: 7a:47:d3:e2:c5:a3:38:22:16:92:cf:96:14:e1:6c:fb:85:68: f7:90:1e:d0:f9:9e:85:f8:ee:8f:d0:76:d1:f9:80:85:22:19: 28:5b:2e:51:08:2f:5d:aa:9b:6f:89:29:a2:b8:f8:6b:49:84: 7a:56:e4:d6:fd:e3:bd:46:ba:bc:30:72:a5:66:58:94:c4:ad: b0:9d:bd:96 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+N9LJvI+XyQIoF1Sw0/zDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhODg2ZDU1ODdlYzg1ZjcxMjQyY2Q1N2NlZDQwOTU0NDUy ODE2OGQwHhcNMjYwMTAyMTAxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzRjNWFiZGZhNTdiOWE2NzczMzI3NTk2ZjIwZTdjODU5Zjk5ZTJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDjnjBUs5mOThYk+Yd4TDXYfXcVo VGJiHu5Lk5MIAM+yz39VIxSYmo6t3Myx3SU4Xp13U26NF02Kz0OI4C2eHa/bE2er tR61HoNi5WOmkFa/UHKvgUnoHoPBvJdCsrx5X2k/kvCDXD7Y5OoQCHtxc37nvUzp RpIvzQCZYd8XFqLp6zr5bMDQ/6wB5grg/fsLcB5xTzzoJelSPhozsoBGaY377xgQ WG/PE8lHKPvoq3L0OKTclrCzffo+NUvUYnLq2dfzvWDIFO1cy4Q0NQN+kH5pzs8f Yv/178nnV7xjQ5kvsubS397KsLyAmsPtEqO9PFmoguLZdk+Dk2iLEvXrmwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFFxMWr36V7mmdzMnWW8g58hZ+Z4tMB8GA1UdIwQY MBaAFMqIbVWH7IX3EkLNV87UCVRFKBaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveW9odFZZZnNoZmNTUXMxWHp0UUpWRVVvRm8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mZTgyZDEtMTU3NS00N2MxLTlmMjIt YzdlMjUyMGM0Y2VhLzEvWEV4YXZmcFh1YVozTXlkWmJ5RG55Rm41bmkwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYy9mZTgyZDEtMTU3NS00N2MxLTlmMjItYzdlMjUyMGM0Y2Vh LzEveW9odFZZZnNoZmNTUXMxWHp0UUpWRVVvRm8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA2I MA0GCSqGSIb3DQEBCwUAA4IBAQAOu0Z3BJFqLElPzqHrkyKIpFY6X7GnD7WPPcdd xq5fQioe02ob22Fn2OxFIEQhKRVcYrJtmJ8OU/+HB4PKZpV2J1op6mGY5aTZZyQ0 WaKIqddB4+f8GfrB2C3YLQNI758LHDq3JdZVQ9xdJcYux2EeX2gtXPZ+kvc3621f YT6VMTN16NDl4AtTsHsuNrCJIuaPK5wttOjAzq5YaTs/S1aEdfNWRNcgGa0Mk8oJ dnZszJvPeqR6R9PixaM4IhaSz5YU4Wz7hWj3kB7Q+Z6F+O6P0HbR+YCFIhkoWy5R CC9dqptviSmiuPhrSYR6VuTW/eO9Rrq8MHKlZliUxK2wnb2W -----END CERTIFICATE-----Generated at Wed Jan 21 03:38:37 2026 by rpki-client