This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/OP7bxl83igEU6NAWuyxcLICUNsQ.roa File: OP7bxl83igEU6NAWuyxcLICUNsQ.roa (raw, json) Hash identifier: +9brXGoVUvP5up8EM7NGTCuXxaOnS0mmdR1InJNqLu8= Subject key identifier: 38:FE:DB:C6:5F:37:8A:01:14:E8:D0:16:BB:2C:5C:2C:80:94:36:C4 Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Certificate serial: 019BCC857EDB57B6AC995B28E69929DD2BEC Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/OP7bxl83igEU6NAWuyxcLICUNsQ.roa Signing time: Sat 17 Jan 2026 15:14:19 +0000 ROA not before: Sat 17 Jan 2026 15:14:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211729 IP address blocks: 2a14:67c1:a110::/44 maxlen: 48 2a14:67c1:b400::/40 maxlen: 48 2a14:67c3:3330::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:cc:85:7e:db:57:b6:ac:99:5b:28:e6:99:29:dd:2b:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Validity Not Before: Jan 17 15:14:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38fedbc65f378a0114e8d016bb2c5c2c809436c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b3:f6:25:1d:1c:3d:fd:21:16:ff:fa:95:9d: 76:6c:96:f2:00:aa:05:59:2a:85:f4:48:8f:dc:1a: 8d:f4:c4:3b:37:fe:0e:ba:fd:b8:72:c4:6e:84:58: a1:f2:92:d0:bd:95:05:7e:1c:d9:5e:95:bf:3d:c2: af:bb:49:14:61:db:61:04:0e:f0:6b:81:de:8a:eb: 85:81:4e:8c:da:2d:dd:b8:6b:31:8b:f5:74:1a:7f: 1e:36:17:e4:83:73:a7:9e:9a:61:eb:75:ae:d4:8c: 5c:95:38:67:7c:d1:12:76:23:72:1c:d3:36:dc:33: f0:5b:48:7a:18:26:c4:06:71:c3:9a:18:d7:db:28: 59:2b:10:f7:65:68:99:ed:c4:dd:69:5a:b3:c8:ae: a4:f9:36:12:1c:e8:95:f7:8d:d5:c5:c4:33:8f:62: af:4f:b4:65:c8:a0:d6:7a:9c:fb:ab:c0:cd:ac:80: ae:f1:64:5b:f9:b9:7e:d8:88:74:ca:36:d7:26:fd: a0:99:c4:4e:84:0b:61:39:c2:45:52:1b:df:09:f4: 2d:56:c2:6c:2d:85:b2:d4:34:a1:01:af:82:66:56: 2e:29:1d:a8:ca:6b:d6:fe:fa:de:cf:ad:f1:90:c5: e6:a6:c1:1e:39:6b:13:8d:f8:d8:7a:30:99:76:b9: a5:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:FE:DB:C6:5F:37:8A:01:14:E8:D0:16:BB:2C:5C:2C:80:94:36:C4 X509v3 Authority Key Identifier: keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/OP7bxl83igEU6NAWuyxcLICUNsQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:67c1:a110::/44 2a14:67c1:b400::/40 2a14:67c3:3330::/44 Signature Algorithm: sha256WithRSAEncryption 1e:6b:1d:1e:05:17:4c:a6:76:8d:e6:72:5b:f8:93:16:76:d4: fc:7e:3d:09:db:46:ad:c9:be:f9:59:4f:80:8e:5f:ae:66:20: b6:35:ac:08:d6:43:20:27:3d:8b:3c:af:2d:d3:2d:7c:9e:c0: da:38:ec:eb:b1:44:fb:10:64:c6:b8:d2:a1:31:a9:6c:44:5d: b8:65:20:1c:ae:a5:fb:3a:f5:a7:fa:72:77:1c:86:96:db:8e: 9c:18:e8:07:d7:7d:be:ec:88:a2:b4:99:1e:5c:1b:5a:f0:dd: 1c:3d:35:73:fb:0a:ff:ef:20:92:c3:ff:61:19:bd:6c:95:c8: 27:24:68:6a:f1:db:03:b4:bf:7b:0b:a6:32:3a:57:86:db:7c: d9:97:57:e2:43:88:cd:7b:e1:c0:f9:e8:ee:a0:4f:90:eb:e5: 2b:5e:77:28:5f:1e:3e:b0:77:26:b1:0e:e9:02:c7:2a:91:94: 7d:92:1c:ac:df:e7:f1:06:a4:45:b4:0c:59:04:fb:00:34:59: cd:94:60:96:6a:1d:8a:06:6d:8d:f9:6a:9d:9b:3d:dd:ab:93: 5e:53:90:8c:b5:37:d0:60:d5:8f:82:fb:48:21:46:c9:17:22: 21:1e:08:38:79:0b:4b:03:56:26:fe:2a:4c:85:25:cd:e4:80: 04:85:c5:ae -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZvMhX7bV7asmVso5pkp3SvsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll NGUwZTAwHhcNMjYwMTE3MTUxNDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOGZlZGJjNjVmMzc4YTAxMTRlOGQwMTZiYjJjNWMyYzgwOTQzNmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrP2JR0cPf0hFv/6lZ12bJbyAKoF WSqF9EiP3BqN9MQ7N/4Ouv24csRuhFih8pLQvZUFfhzZXpW/PcKvu0kUYdthBA7w a4HeiuuFgU6M2i3duGsxi/V0Gn8eNhfkg3Onnpph63Wu1IxclThnfNESdiNyHNM2 3DPwW0h6GCbEBnHDmhjX2yhZKxD3ZWiZ7cTdaVqzyK6k+TYSHOiV943VxcQzj2Kv T7RlyKDWepz7q8DNrICu8WRb+bl+2Ih0yjbXJv2gmcROhAthOcJFUhvfCfQtVsJs LYWy1DShAa+CZlYuKR2oymvW/vrez63xkMXmpsEeOWsTjfjYejCZdrmlxQIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFDj+28ZfN4oBFOjQFrssXCyAlDbEMB8GA1UdIwQY MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt ZjZjYzRlZjBmN2RmLzEvT1A3YnhsODNpZ0VVNk5BV3V5eGNMSUNVTnNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwcEKhRnwaEQ AwYAKhRnwbQDBwQqFGfDMzAwDQYJKoZIhvcNAQELBQADggEBAB5rHR4FF0ymdo3m clv4kxZ21Px+PQnbRq3JvvlZT4COX65mILY1rAjWQyAnPYs8ry3TLXyewNo47Oux RPsQZMa40qExqWxEXbhlIByupfs69af6cncchpbbjpwY6AfXfb7siKK0mR5cG1rw 3Rw9NXP7Cv/vIJLD/2EZvWyVyCckaGrx2wO0v3sLpjI6V4bbfNmXV+JDiM174cD5 6O6gT5Dr5StedyhfHj6wdyaxDukCxyqRlH2SHKzf5/EGpEW0DFkE+wA0Wc2UYJZq HYoGbY35ap2bPd2rk15TkIy1N9Bg1Y+C+0ghRskXIiEeCDh5C0sDVib+KkyFJc3k gASFxa4= -----END CERTIFICATE-----Generated at Sun Jan 25 12:02:19 2026 by rpki-client