This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/XpKA71gUP1e7UUjZfSVd57bX570.roa File: XpKA71gUP1e7UUjZfSVd57bX570.roa (raw, json) Hash identifier: 6PtbKEpVQwlUQzyUCiZ3HIGqzJT0phPeJKaGDFOYcU4= Subject key identifier: 5E:92:80:EF:58:14:3F:57:BB:51:48:D9:7D:25:5D:E7:B6:D7:E7:BD Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Certificate serial: 019B7D5CD50F0DC8B90CE4BB95D1AF196BF3 Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/XpKA71gUP1e7UUjZfSVd57bX570.roa Signing time: Fri 02 Jan 2026 06:19:54 +0000 ROA not before: Fri 02 Jan 2026 06:19:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203493 IP address blocks: 2a09:6280:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:d5:0f:0d:c8:b9:0c:e4:bb:95:d1:af:19:6b:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Validity Not Before: Jan 2 06:19:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e9280ef58143f57bb5148d97d255de7b6d7e7bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:17:e7:98:93:20:ae:4a:26:03:95:fd:57:e6: be:fb:ad:76:56:b7:e1:bd:9b:96:aa:0b:f1:72:88: 21:11:fb:db:a1:6b:65:b9:be:5e:9f:4e:37:e6:fd: e1:68:c8:9f:e5:58:3c:ee:5f:9d:8e:6f:c7:20:0b: 95:ec:82:73:90:db:b2:bf:09:8e:de:ff:8f:b4:53: 9f:18:7b:cd:1a:79:1f:f5:51:f0:1f:b1:02:27:e9: d7:3c:03:26:cd:3e:51:4c:26:df:f1:eb:51:20:01: d0:3c:be:eb:2e:95:14:e3:16:81:a5:b7:4b:86:e1: 29:6c:43:1f:87:5e:9f:fd:61:d2:4f:01:a9:b7:52: 74:1a:22:fe:2d:db:7b:ad:1b:71:69:6d:09:37:ce: 7b:12:6d:8a:73:02:86:eb:14:24:6c:ef:cf:c0:64: 21:fe:59:cc:63:a0:11:9d:34:0f:2f:3c:4f:ed:ad: c9:2b:94:4b:d6:d5:f6:fb:a0:00:14:6a:8d:c3:b8: 29:c7:b0:05:5a:61:5a:c3:94:e6:16:d0:32:5a:c4: bd:9f:93:2e:13:11:a8:10:59:37:45:5c:99:6f:39: 48:35:3e:be:c9:02:1d:24:7d:86:cc:c8:93:e7:9b: 15:94:83:86:14:70:6c:66:c5:18:41:32:a0:4f:5f: 6e:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:92:80:EF:58:14:3F:57:BB:51:48:D9:7D:25:5D:E7:B6:D7:E7:BD X509v3 Authority Key Identifier: keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/XpKA71gUP1e7UUjZfSVd57bX570.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:6280:3::/48 Signature Algorithm: sha256WithRSAEncryption bc:c0:af:6d:0f:6f:c5:83:26:77:f8:97:3a:71:68:f5:d2:91: 91:87:99:b1:8b:c5:20:f3:4c:6a:ae:eb:37:80:e2:28:93:d8: 88:f2:a0:ce:a5:13:81:b4:0b:58:84:66:4f:0b:6b:f9:d7:76: 5b:e7:dc:94:59:a5:70:6a:14:8d:3b:ed:23:a6:eb:af:1b:24: 6e:d5:e2:81:96:20:d1:f9:5f:27:51:d5:a3:38:16:83:d9:61: 1c:91:39:3a:9a:ff:a3:4e:91:13:dc:ec:c9:d9:e4:3a:07:5f: bb:af:3e:4c:51:54:e9:16:bd:e2:d6:b9:fa:37:df:30:a1:3d: 4c:95:ae:6c:12:9b:2d:03:d5:87:e3:30:4f:75:08:fe:89:d6: 81:35:84:db:2e:aa:c1:b1:83:2f:94:bd:22:fc:63:49:2c:b5: 99:99:30:89:c5:13:cf:55:3d:e3:84:97:99:cf:e6:c2:ce:86: ee:11:93:91:79:cd:0c:2f:65:2e:5a:28:42:9e:58:82:68:78: f5:d1:35:c6:73:77:0d:8c:07:cd:3a:ce:0b:3b:50:75:a6:9a: a1:06:1c:bd:e4:bc:6d:29:fd:3e:63:f9:38:e3:88:d3:fe:ec: 3e:b8:50:07:14:54:63:51:db:19:e6:9a:63:4c:65:bc:97:f1: 48:81:85:01 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9XNUPDci5DOS7ldGvGWvzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl NWVjZjIwHhcNMjYwMTAyMDYxOTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTkyODBlZjU4MTQzZjU3YmI1MTQ4ZDk3ZDI1NWRlN2I2ZDdlN2JkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxfnmJMgrkomA5X9V+a++612Vrfh vZuWqgvxcoghEfvboWtlub5en0435v3haMif5Vg87l+djm/HIAuV7IJzkNuyvwmO 3v+PtFOfGHvNGnkf9VHwH7ECJ+nXPAMmzT5RTCbf8etRIAHQPL7rLpUU4xaBpbdL huEpbEMfh16f/WHSTwGpt1J0GiL+Ldt7rRtxaW0JN857Em2KcwKG6xQkbO/PwGQh /lnMY6ARnTQPLzxP7a3JK5RL1tX2+6AAFGqNw7gpx7AFWmFaw5TmFtAyWsS9n5Mu ExGoEFk3RVyZbzlINT6+yQIdJH2GzMiT55sVlIOGFHBsZsUYQTKgT19uQwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFF6SgO9YFD9Xu1FI2X0lXee21+e9MB8GA1UdIwQY MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt MTcxYzM2N2JlNzgyLzEvWHBLQTcxZ1VQMWU3VVVqWmZTVmQ1N2JYNTcwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgligAAD MA0GCSqGSIb3DQEBCwUAA4IBAQC8wK9tD2/FgyZ3+Jc6cWj10pGRh5mxi8Ug80xq rus3gOIok9iI8qDOpROBtAtYhGZPC2v513Zb59yUWaVwahSNO+0jpuuvGyRu1eKB liDR+V8nUdWjOBaD2WEckTk6mv+jTpET3OzJ2eQ6B1+7rz5MUVTpFr3i1rn6N98w oT1Mla5sEpstA9WH4zBPdQj+idaBNYTbLqrBsYMvlL0i/GNJLLWZmTCJxRPPVT3j hJeZz+bCzobuEZORec0ML2UuWihCnliCaHj10TXGc3cNjAfNOs4LO1B1ppqhBhy9 5LxtKf0+Y/k444jT/uw+uFAHFFRjUdsZ5ppjTGW8l/FIgYUB -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:19 2026 by rpki-client