This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/iAWiwffF86_QIBQ4X1gfjcEItDE.roa File: iAWiwffF86_QIBQ4X1gfjcEItDE.roa (raw, json) Hash identifier: Iv0B/B+2zc8cn3sWe9D30nXND8TdD/dY+sOwCzKpdxw= Subject key identifier: 88:05:A2:C1:F7:C5:F3:AF:D0:20:14:38:5F:58:1F:8D:C1:08:B4:31 Certificate issuer: /CN=f58e0c3b9333cb6fd4139e455a5abbafd569532a Certificate serial: 019B78350D26C3A10024B58662E08A9790DB Authority key identifier: F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/iAWiwffF86_QIBQ4X1gfjcEItDE.roa Signing time: Thu 01 Jan 2026 06:18:21 +0000 ROA not before: Thu 01 Jan 2026 06:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 2a14:b000::/29 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.mft rsync://rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:0d:26:c3:a1:00:24:b5:86:62:e0:8a:97:90:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f58e0c3b9333cb6fd4139e455a5abbafd569532a Validity Not Before: Jan 1 06:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8805a2c1f7c5f3afd02014385f581f8dc108b431 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:3f:b1:bd:66:54:9d:c8:b0:2e:bf:f8:d1:21: d2:f1:39:93:b2:90:be:4a:17:28:c4:1d:77:78:a5: 79:6b:1d:67:4d:cc:3f:a0:fa:d4:60:21:e3:51:fa: c5:a6:bf:9b:ab:1a:d9:81:1b:90:a5:9b:1e:06:76: 3c:4e:fd:98:ad:6c:b2:52:5c:42:83:1b:ed:09:50: c9:40:ca:58:6d:5a:a1:e1:63:3e:b0:45:7d:78:e6: 47:92:31:61:0e:39:3d:22:51:e8:08:0a:7a:a5:92: 69:a4:c6:79:56:1e:db:a2:ca:b4:7b:37:39:4d:5f: 93:3b:65:c7:60:2c:0c:aa:2b:65:93:d2:60:a1:57: e8:ae:f8:c4:a7:50:b8:c6:93:21:aa:3c:32:21:fd: f2:a9:83:a4:51:57:30:6d:ae:48:8c:20:04:29:63: 12:46:9f:ec:01:fc:47:d9:6c:32:85:52:f5:9a:a1: 70:4a:fc:25:ac:a5:e7:88:62:a9:0c:be:31:56:97: 7d:89:6b:ee:e0:00:4f:b9:87:d1:ad:5a:b6:e4:31: 3f:b6:d8:80:32:98:9c:c2:5c:25:c8:cf:a7:dc:e1: bd:dd:b2:fe:96:53:30:38:92:90:d7:06:90:73:1d: a8:14:4c:34:3a:ef:0d:40:f2:92:59:49:8e:2f:37: 7f:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:05:A2:C1:F7:C5:F3:AF:D0:20:14:38:5F:58:1F:8D:C1:08:B4:31 X509v3 Authority Key Identifier: keyid:F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/iAWiwffF86_QIBQ4X1gfjcEItDE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:b000::/29 Signature Algorithm: sha256WithRSAEncryption b6:38:22:be:13:9a:93:b3:b8:fd:9b:e2:b1:53:70:61:8b:d6: f7:9b:55:8c:80:83:17:8e:a7:04:1d:86:ac:47:bc:40:1a:e4: a8:68:20:9d:47:4a:90:c9:15:cc:9b:62:8a:04:25:d9:87:b4: 85:ff:6b:23:d8:18:61:cd:f4:a4:3d:59:1e:9a:b7:fd:f5:0f: 07:91:47:68:1c:cb:8a:37:05:d7:e1:95:a3:de:7b:a1:24:e0: 6e:c5:9e:d3:c3:cd:01:fa:8e:99:e8:ab:e2:44:ff:4a:49:da: bf:bc:7c:b8:42:ec:ef:be:eb:88:3d:cf:16:04:ba:10:72:89: 25:49:08:65:a5:11:39:64:63:ac:a2:1c:68:2f:3f:f4:13:b8: 89:ae:10:6a:a2:2d:5a:de:84:a8:30:51:a3:67:c5:de:39:4a: 43:72:f4:e8:3d:e1:8f:50:13:a7:57:49:60:52:25:c9:f0:f5: 9d:ab:fc:13:a9:7f:ef:bd:1c:75:72:46:21:b7:f1:5b:6f:2b: 16:e0:21:fb:0d:3e:a9:65:1e:5d:05:a1:eb:7a:55:2f:8d:7b: b1:ab:cc:79:6c:fd:89:09:f7:c8:ae:ea:17:f7:2a:91:46:02: 2b:00:c9:fa:3a:07:57:5a:46:a7:48:d3:bc:1b:22:91:91:25: ed:08:91:2e -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt4NQ0mw6EAJLWGYuCKl5DbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1OGUwYzNiOTMzM2NiNmZkNDEzOWU0NTVhNWFiYmFmZDU2 OTUzMmEwHhcNMjYwMTAxMDYxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ODA1YTJjMWY3YzVmM2FmZDAyMDE0Mzg1ZjU4MWY4ZGMxMDhiNDMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz+xvWZUnciwLr/40SHS8TmTspC+ ShcoxB13eKV5ax1nTcw/oPrUYCHjUfrFpr+bqxrZgRuQpZseBnY8Tv2YrWyyUlxC gxvtCVDJQMpYbVqh4WM+sEV9eOZHkjFhDjk9IlHoCAp6pZJppMZ5Vh7bosq0ezc5 TV+TO2XHYCwMqitlk9JgoVforvjEp1C4xpMhqjwyIf3yqYOkUVcwba5IjCAEKWMS Rp/sAfxH2WwyhVL1mqFwSvwlrKXniGKpDL4xVpd9iWvu4ABPuYfRrVq25DE/ttiA MpicwlwlyM+n3OG93bL+llMwOJKQ1waQcx2oFEw0Ou8NQPKSWUmOLzd/mwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFIgFosH3xfOv0CAUOF9YH43BCLQxMB8GA1UdIwQY MBaAFPWODDuTM8tv1BOeRVpau6/VaVMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOVk0TU81TXp5Ml9VRTU1RldscTdyOVZwVXlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iMWNhNTEtNzVkZC00MWM5LTk0ODQt MmJjMWFlM2RiZGJlLzEvaUFXaXdmZkY4Nl9RSUJRNFgxZ2ZqY0VJdERFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi9iMWNhNTEtNzVkZC00MWM5LTk0ODQtMmJjMWFlM2RiZGJl LzEvOVk0TU81TXp5Ml9VRTU1RldscTdyOVZwVXlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhSwADAN BgkqhkiG9w0BAQsFAAOCAQEAtjgivhOak7O4/ZvisVNwYYvW95tVjICDF46nBB2G rEe8QBrkqGggnUdKkMkVzJtiigQl2Ye0hf9rI9gYYc30pD1ZHpq3/fUPB5FHaBzL ijcF1+GVo957oSTgbsWe08PNAfqOmeir4kT/Sknav7x8uELs777riD3PFgS6EHKJ JUkIZaUROWRjrKIcaC8/9BO4ia4QaqItWt6EqDBRo2fF3jlKQ3L06D3hj1ATp1dJ YFIlyfD1nav8E6l/770cdXJGIbfxW28rFuAh+w0+qWUeXQWh63pVL417savMeWz9 iQn3yK7qF/cqkUYCKwDJ+joHV1pGp0jTvBsikZEl7QiRLg== -----END CERTIFICATE-----Generated at Fri Jan 9 00:56:55 2026 by rpki-client