This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/MCZi_c1huQ6n-Z4n0Hakd2KDigI.roa File: MCZi_c1huQ6n-Z4n0Hakd2KDigI.roa (raw, json) Hash identifier: H2EeTFvMV9vfrNQ5klZfjHCU/MDXIu4F+IYD6yleIdg= Subject key identifier: 30:26:62:FD:CD:61:B9:0E:A7:F9:9E:27:D0:76:A4:77:62:83:8A:02 Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8 Certificate serial: 019B7DC8803E7386BA986F05A8AE31940066 Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/MCZi_c1huQ6n-Z4n0Hakd2KDigI.roa Signing time: Fri 02 Jan 2026 08:17:30 +0000 ROA not before: Fri 02 Jan 2026 08:17:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39598 IP address blocks: 2a00:11d8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c8:80:3e:73:86:ba:98:6f:05:a8:ae:31:94:00:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8 Validity Not Before: Jan 2 08:17:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=302662fdcd61b90ea7f99e27d076a47762838a02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ef:bd:e9:b4:46:2b:e8:9d:d5:2b:22:8e:24: 8f:7c:c4:3b:4e:7a:a6:31:22:a0:8a:d1:ab:64:85: dd:66:78:dc:1f:df:c5:f0:9c:96:c4:55:29:21:d2: eb:3d:55:69:9c:b3:03:9d:22:3b:9f:da:ef:9f:52: 68:c0:41:56:fe:e0:93:c7:bf:c9:b0:92:c6:13:57: 30:01:20:e8:47:c1:98:8d:71:28:8b:2f:65:c1:98: ee:35:e6:6d:c4:0b:f3:60:7a:5e:2c:cb:02:b4:66: ca:9a:13:02:cc:ae:c2:f1:b3:15:a7:b6:9b:37:29: 01:ea:dd:14:e6:a0:1a:38:a8:0b:f7:e7:f9:e7:48: 3e:d8:10:81:7f:e9:c3:28:e6:1d:7e:27:23:90:48: 78:e8:49:f2:be:ee:0c:77:90:0c:71:5f:21:49:9d: c0:d7:d8:9c:ef:97:41:61:8d:61:6d:bc:bd:10:a2: c3:5f:13:94:59:ca:80:8e:01:0c:a9:88:46:f3:49: 48:bc:1d:4f:3c:d2:bf:40:89:3a:10:4a:50:84:7d: 1c:e4:c7:14:9b:20:3b:84:ac:69:25:90:0a:ae:5d: aa:9a:1b:de:53:74:95:a5:64:79:f0:ae:e6:84:27: 67:d8:c8:a7:d6:9a:63:34:5d:6d:69:35:4a:e9:34: 45:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:26:62:FD:CD:61:B9:0E:A7:F9:9E:27:D0:76:A4:77:62:83:8A:02 X509v3 Authority Key Identifier: keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/MCZi_c1huQ6n-Z4n0Hakd2KDigI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:11d8::/32 Signature Algorithm: sha256WithRSAEncryption b4:e9:9c:21:06:ba:0b:14:d0:c0:e6:47:4f:11:a2:02:b6:16: 20:cb:1c:a6:51:f8:98:66:a6:2a:1c:53:3f:36:db:d3:45:42: a3:b5:d2:21:e4:e0:9a:b8:0e:fc:d8:fd:43:30:52:12:5b:70: 72:65:74:d2:c9:00:42:48:fb:ea:b7:b0:b0:de:37:13:1b:c0: 92:fe:74:6a:de:6d:ed:b5:15:52:7b:8a:79:2d:b1:f4:b4:cf: 65:c0:6b:ad:67:64:03:8d:01:85:34:fc:8d:3f:80:e1:0b:58: 33:ab:05:af:67:e2:80:3d:9b:f4:68:39:36:83:dc:b3:49:9c: 3f:46:62:e0:d1:0d:3f:9b:99:b4:46:4b:78:dd:50:65:74:bf: e9:11:b9:1d:66:d1:a5:3e:54:65:8a:45:87:60:47:b5:f2:ef: 02:f3:ab:b6:03:d6:ca:ab:8a:cd:81:f6:80:73:74:33:8f:be: 63:a3:30:93:d6:9f:e5:08:80:ae:64:de:27:ce:b1:6b:69:f0: cb:52:4e:78:2b:6d:2b:54:6d:39:6e:f1:a8:f2:2a:0d:8c:e8: 0f:45:63:6e:fc:0d:4b:0e:10:e0:4b:64:a7:b2:f9:5d:18:83: 6d:07:a8:f2:fb:f8:a4:c0:bb:66:8d:ab:55:6a:eb:d6:32:18: a1:1a:49:2c -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt9yIA+c4a6mG8FqK4xlABmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx YTUxYjgwHhcNMjYwMTAyMDgxNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMDI2NjJmZGNkNjFiOTBlYTdmOTllMjdkMDc2YTQ3NzYyODM4YTAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO+96bRGK+id1SsijiSPfMQ7Tnqm MSKgitGrZIXdZnjcH9/F8JyWxFUpIdLrPVVpnLMDnSI7n9rvn1JowEFW/uCTx7/J sJLGE1cwASDoR8GYjXEoiy9lwZjuNeZtxAvzYHpeLMsCtGbKmhMCzK7C8bMVp7ab NykB6t0U5qAaOKgL9+f550g+2BCBf+nDKOYdficjkEh46Enyvu4Md5AMcV8hSZ3A 19ic75dBYY1hbby9EKLDXxOUWcqAjgEMqYhG80lIvB1PPNK/QIk6EEpQhH0c5McU myA7hKxpJZAKrl2qmhveU3SVpWR58K7mhCdn2Min1ppjNF1taTVK6TRFqQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFDAmYv3NYbkOp/meJ9B2pHdig4oCMB8GA1UdIwQY MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt NzY3NDE2NTI1MTBkLzEvTUNaaV9jMWh1UTZuLVo0bjBIYWtkMktEaWdJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgAR2DAN BgkqhkiG9w0BAQsFAAOCAQEAtOmcIQa6CxTQwOZHTxGiArYWIMscplH4mGamKhxT Pzbb00VCo7XSIeTgmrgO/Nj9QzBSEltwcmV00skAQkj76rewsN43ExvAkv50at5t 7bUVUnuKeS2x9LTPZcBrrWdkA40BhTT8jT+A4QtYM6sFr2figD2b9Gg5NoPcs0mc P0Zi4NENP5uZtEZLeN1QZXS/6RG5HWbRpT5UZYpFh2BHtfLvAvOrtgPWyquKzYH2 gHN0M4++Y6Mwk9af5QiArmTeJ86xa2nwy1JOeCttK1RtOW7xqPIqDYzoD0VjbvwN Sw4Q4Etkp7L5XRiDbQeo8vv4pMC7Zo2rVWrr1jIYoRpJLA== -----END CERTIFICATE-----Generated at Sun Jan 25 13:01:29 2026 by rpki-client