This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dwnSi6hIkl-B0bCu7DnKPlNZzLg.roa File: dwnSi6hIkl-B0bCu7DnKPlNZzLg.roa (raw, json) Hash identifier: sXUyQ4gvIeZM16LhUWSfjJwXhynuc9X7oDXpD7bSzjI= Subject key identifier: 77:09:D2:8B:A8:48:92:5F:81:D1:B0:AE:EC:39:CA:3E:53:59:CC:B8 Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Certificate serial: 019B7D5CC61A138C93F59E24DBCFC4B46F33 Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dwnSi6hIkl-B0bCu7DnKPlNZzLg.roa Signing time: Fri 02 Jan 2026 06:19:50 +0000 ROA not before: Fri 02 Jan 2026 06:19:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29226 IP address blocks: 2a11:4b42::/32 maxlen: 32 2a13:93c5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:c6:1a:13:8c:93:f5:9e:24:db:cf:c4:b4:6f:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Validity Not Before: Jan 2 06:19:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7709d28ba848925f81d1b0aeec39ca3e5359ccb8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:13:07:25:9b:1f:4c:e7:be:1e:6d:5d:a5:84: 93:77:7f:8d:fc:b2:fc:3e:89:26:3c:bd:c6:04:78: bf:0f:22:7e:25:41:39:b1:c0:4c:c6:b1:2b:86:7e: 44:95:da:fb:58:9d:0a:df:ad:a7:29:d7:83:25:68: e4:73:db:ca:53:ba:20:fe:d8:57:36:f7:ad:99:fc: 83:c9:23:c4:b8:0e:9e:9b:eb:be:75:33:cb:f0:13: 0f:59:b1:f9:2d:26:f8:e0:2f:dc:da:fb:26:3b:55: e2:15:4f:22:3d:bb:0b:20:da:66:02:8a:86:2f:5e: b9:0c:b9:82:62:b6:0b:3d:c8:47:a4:80:67:02:f0: 5e:f6:d7:42:61:37:d7:54:ba:73:76:f3:3c:c5:f2: 40:21:4b:16:ee:54:dd:73:c8:ae:4e:dd:85:3f:85: 2f:24:2f:08:8c:fe:ae:fb:67:5f:e9:b7:e1:c9:f4: 64:4a:ec:58:42:2f:6f:a9:7a:3b:ac:30:e4:f1:cb: 82:3d:e4:5a:4b:43:d9:68:31:7a:ed:c9:5a:ff:13: 92:aa:e9:fd:d6:19:a4:a5:17:4a:ac:e0:fc:05:48: ed:88:17:36:be:8a:c7:41:d2:39:cb:85:e1:e3:e4: 57:38:8e:1c:20:b3:be:03:e4:c1:d8:87:63:7e:5e: 73:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:09:D2:8B:A8:48:92:5F:81:D1:B0:AE:EC:39:CA:3E:53:59:CC:B8 X509v3 Authority Key Identifier: keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dwnSi6hIkl-B0bCu7DnKPlNZzLg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:4b42::/32 2a13:93c5::/32 Signature Algorithm: sha256WithRSAEncryption 1a:93:ed:5b:7c:9f:43:ea:0a:08:0f:25:c6:48:29:1a:b2:cb: 09:cd:0a:77:fd:3e:b2:61:99:1a:12:9a:4b:1c:79:c6:27:d9: b5:81:65:8a:de:0f:00:c8:76:8f:fd:ff:a9:54:fc:19:81:4c: 1c:e4:17:7a:4b:52:04:09:3c:c8:cb:67:e7:30:1a:4e:c2:aa: ee:42:6a:3a:a7:c8:f7:0b:e9:d3:36:66:ec:3f:9e:01:5f:e8: d3:a6:7d:4d:a9:42:10:1e:19:9b:93:ff:45:f7:12:b4:d7:8c: 5d:e5:71:a4:b0:7f:32:cc:ec:cd:1f:94:25:de:ff:5b:fb:97: b6:c8:f4:6c:b3:33:85:55:35:b5:b6:46:24:43:02:fd:32:09: 8b:c4:d8:9b:b6:4c:75:3f:12:a0:88:3d:7e:02:42:06:0c:bb: 75:da:cd:db:77:a9:6b:74:fd:bb:6a:1c:e7:ff:29:e8:ab:fc: 7d:a7:81:55:2f:56:ff:8a:42:9f:cc:50:18:0e:fd:a2:6a:9d: 5c:07:55:14:5b:71:c7:f7:c1:e0:c0:47:ad:a2:83:f4:79:05: 0c:13:24:95:a9:ee:40:cb:1a:9f:d2:07:2d:ea:1d:04:3d:d0: 39:10:7d:cc:c7:75:af:92:52:71:83:ba:dc:ba:d4:52:dd:94: 35:d3:17:1f -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt9XMYaE4yT9Z4k28/EtG8zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl NWVjZjIwHhcNMjYwMTAyMDYxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NzA5ZDI4YmE4NDg5MjVmODFkMWIwYWVlYzM5Y2EzZTUzNTljY2I4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBMHJZsfTOe+Hm1dpYSTd3+N/LL8 PokmPL3GBHi/DyJ+JUE5scBMxrErhn5Eldr7WJ0K362nKdeDJWjkc9vKU7og/thX NvetmfyDySPEuA6em+u+dTPL8BMPWbH5LSb44C/c2vsmO1XiFU8iPbsLINpmAoqG L165DLmCYrYLPchHpIBnAvBe9tdCYTfXVLpzdvM8xfJAIUsW7lTdc8iuTt2FP4Uv JC8IjP6u+2df6bfhyfRkSuxYQi9vqXo7rDDk8cuCPeRaS0PZaDF67cla/xOSqun9 1hmkpRdKrOD8BUjtiBc2vorHQdI5y4Xh4+RXOI4cILO+A+TB2Idjfl5zWQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFHcJ0ouoSJJfgdGwruw5yj5TWcy4MB8GA1UdIwQY MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt MTcxYzM2N2JlNzgyLzEvZHduU2k2aElrbC1CMGJDdTdEbktQbE5aekxnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhFLQgMF ACoTk8UwDQYJKoZIhvcNAQELBQADggEBABqT7Vt8n0PqCggPJcZIKRqyywnNCnf9 PrJhmRoSmkscecYn2bWBZYreDwDIdo/9/6lU/BmBTBzkF3pLUgQJPMjLZ+cwGk7C qu5CajqnyPcL6dM2Zuw/ngFf6NOmfU2pQhAeGZuT/0X3ErTXjF3lcaSwfzLM7M0f lCXe/1v7l7bI9GyzM4VVNbW2RiRDAv0yCYvE2Ju2THU/EqCIPX4CQgYMu3Xazdt3 qWt0/btqHOf/Keir/H2ngVUvVv+KQp/MUBgO/aJqnVwHVRRbccf3weDAR62ig/R5 BQwTJJWp7kDLGp/SBy3qHQQ90DkQfczHda+SUnGDuty61FLdlDXTFx8= -----END CERTIFICATE-----Generated at Mon Jan 19 19:59:13 2026 by rpki-client