This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/U8rAFRHUTCCeFS0o_q6-NxA38PI.roa File: U8rAFRHUTCCeFS0o_q6-NxA38PI.roa (raw, json) Hash identifier: 5JIclCt6zLru81U89z+ta1UW2nK3O+vE8QaUk7gij3o= Subject key identifier: 53:CA:C0:15:11:D4:4C:20:9E:15:2D:28:FE:AE:BE:37:10:37:F0:F2 Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Certificate serial: 019B78A37608A2BBED5749BD6A0AE84685A1 Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/U8rAFRHUTCCeFS0o_q6-NxA38PI.roa Signing time: Thu 01 Jan 2026 08:18:56 +0000 ROA not before: Thu 01 Jan 2026 08:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60729 IP address blocks: 2a03:f85:8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 08:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:76:08:a2:bb:ed:57:49:bd:6a:0a:e8:46:85:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Validity Not Before: Jan 1 08:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=53cac01511d44c209e152d28feaebe371037f0f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:8b:fe:f9:ca:09:13:95:d4:4f:2c:4d:6e:c9: 45:56:0d:b0:cb:53:a4:40:c8:64:0d:a8:be:d6:69: 87:3e:07:a6:01:ba:83:2b:77:cf:86:7b:25:4e:27: 22:87:08:10:d0:34:cd:06:d2:b0:ba:43:8b:a2:e5: 72:4e:df:50:e6:fd:ea:ba:ca:97:10:51:fb:d4:70: d3:fa:95:1d:db:f7:c4:7b:4f:9c:d5:b4:b7:cf:b5: 6e:71:c8:ac:a6:8e:2d:a3:89:54:7a:b0:c0:fb:71: 10:e8:e3:0f:9a:74:56:a6:d3:3d:4f:1f:ab:a8:93: 42:ea:69:28:60:2c:52:5f:10:18:73:52:dc:c5:13: 6c:b6:89:80:39:de:32:4d:c5:a6:41:27:47:af:a7: e1:35:ce:21:46:e0:37:3f:0a:2b:d3:cf:10:2f:61: 1e:38:aa:90:6b:c0:35:4c:4d:49:01:8d:03:fa:5a: ed:69:e4:82:64:53:01:bb:b3:57:7e:5a:53:9b:42: b0:b9:ae:71:82:a4:91:10:95:d0:44:d6:c2:c2:29: 71:b5:31:a4:0a:4e:ee:60:71:33:64:2a:68:31:e8: 17:b9:2a:3a:69:f4:31:6c:22:53:0a:f4:31:a5:41: 66:97:85:6f:c3:63:fd:d5:f2:ad:38:26:48:ed:c4: 91:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:CA:C0:15:11:D4:4C:20:9E:15:2D:28:FE:AE:BE:37:10:37:F0:F2 X509v3 Authority Key Identifier: keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/U8rAFRHUTCCeFS0o_q6-NxA38PI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:f85:8::/48 Signature Algorithm: sha256WithRSAEncryption 0d:6f:a1:46:8a:13:db:49:19:de:43:34:53:84:8b:e9:db:e5: 76:c1:7d:66:f7:8c:ee:9f:5c:77:92:6d:15:82:82:24:73:36: 28:57:f8:84:0e:19:f4:e4:b1:e3:c5:ea:3c:b2:eb:ea:f7:72: d7:af:45:8f:4c:29:52:35:fb:70:42:9c:83:49:a1:2a:5f:d6: 9c:f8:0b:76:5b:1a:b2:bb:08:98:16:bf:6b:ab:9b:59:6b:a8: 06:9b:49:21:58:00:04:17:2c:93:5e:94:d9:1b:99:8a:5f:39: 90:af:57:af:ad:5a:22:72:23:17:74:0f:f8:4d:a9:e3:26:5b: d6:dd:bf:44:ab:3d:ae:bd:cb:05:cc:f7:6e:c7:0e:3d:37:6f: 4a:94:1a:44:d6:27:93:44:e0:32:db:5b:ca:3a:60:7f:fa:79: cc:be:fb:ca:e8:7e:da:4b:37:2a:5a:46:df:0f:0f:f4:51:ad: a3:f2:cb:52:ac:bc:ba:cf:e9:99:34:80:fa:0d:75:44:bd:d5: 41:ee:48:ed:db:f3:e7:8f:09:05:7b:b5:8f:dc:6d:3f:b0:94: 08:a9:83:d2:cb:39:b7:ab:b2:4c:fa:1c:29:ba:cc:a6:13:e5: 11:b1:0f:67:37:2e:9e:31:6e:5b:10:8a:9e:3e:00:9b:22:52: 00:2e:65:94 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt4o3YIorvtV0m9agroRoWhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj MjhmNmEwHhcNMjYwMTAxMDgxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1M2NhYzAxNTExZDQ0YzIwOWUxNTJkMjhmZWFlYmUzNzEwMzdmMGYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Iv++coJE5XUTyxNbslFVg2wy1Ok QMhkDai+1mmHPgemAbqDK3fPhnslTicihwgQ0DTNBtKwukOLouVyTt9Q5v3qusqX EFH71HDT+pUd2/fEe0+c1bS3z7Vuccispo4to4lUerDA+3EQ6OMPmnRWptM9Tx+r qJNC6mkoYCxSXxAYc1LcxRNstomAOd4yTcWmQSdHr6fhNc4hRuA3Pwor088QL2Ee OKqQa8A1TE1JAY0D+lrtaeSCZFMBu7NXflpTm0Kwua5xgqSREJXQRNbCwilxtTGk Ck7uYHEzZCpoMegXuSo6afQxbCJTCvQxpUFml4Vvw2P91fKtOCZI7cSRoQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFFPKwBUR1EwgnhUtKP6uvjcQN/DyMB8GA1UdIwQY MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt YjM4ZTI2NzdiM2RjLzEvVThyQUZSSFVUQ0NlRlMwb19xNi1OeEEzOFBJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMPhQAI MA0GCSqGSIb3DQEBCwUAA4IBAQANb6FGihPbSRneQzRThIvp2+V2wX1m94zun1x3 km0VgoIkczYoV/iEDhn05LHjxeo8suvq93LXr0WPTClSNftwQpyDSaEqX9ac+At2 WxqyuwiYFr9rq5tZa6gGm0khWAAEFyyTXpTZG5mKXzmQr1evrVoiciMXdA/4Tanj JlvW3b9Eqz2uvcsFzPduxw49N29KlBpE1ieTROAy21vKOmB/+nnMvvvK6H7aSzcq WkbfDw/0Ua2j8stSrLy6z+mZNID6DXVEvdVB7kjt2/PnjwkFe7WP3G0/sJQIqYPS yzm3q7JM+hwpusymE+URsQ9nNy6eMW5bEIqePgCbIlIALmWU -----END CERTIFICATE-----Generated at Sun Jan 25 19:18:30 2026 by rpki-client