This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/d1OmJ5EbUHtADnyIohLW9jC5Wjo.roa File: d1OmJ5EbUHtADnyIohLW9jC5Wjo.roa (raw, json) Hash identifier: yBVfSKcBt77ogbUo89PUUnSGbbNLrBsb2eo4WCv4VgE= Subject key identifier: 77:53:A6:27:91:1B:50:7B:40:0E:7C:88:A2:12:D6:F6:30:B9:5A:3A Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3 Certificate serial: 019B7F84CCE300A72ACC06248C14430FE121 Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/d1OmJ5EbUHtADnyIohLW9jC5Wjo.roa Signing time: Fri 02 Jan 2026 16:22:48 +0000 ROA not before: Fri 02 Jan 2026 16:22:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205987 IP address blocks: 2a06:b441::/32 maxlen: 32 2a11:3b40::/32 maxlen: 32 2a12:6640::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:cc:e3:00:a7:2a:cc:06:24:8c:14:43:0f:e1:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3 Validity Not Before: Jan 2 16:22:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7753a627911b507b400e7c88a212d6f630b95a3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:02:64:c0:47:1e:00:9f:f1:cb:4d:90:62:78: 03:11:b1:3b:77:f1:36:77:3b:b3:bc:f2:e8:8a:2a: 55:19:4f:31:d7:d1:8d:6b:d2:0f:de:31:bc:3b:46: dd:62:fc:b1:e2:86:bf:8e:22:15:01:b8:b1:90:18: af:b0:9b:8b:ef:0b:d0:5a:47:0e:ee:9a:55:8a:7a: 01:27:4f:6e:d3:8c:27:08:90:35:45:45:0a:03:15: c3:b4:9f:73:b3:fb:78:4d:08:b9:64:47:cb:d2:30: 11:3b:93:58:42:bc:30:67:1e:cc:e1:e2:ee:64:b7: a2:86:1a:bc:76:48:13:13:dd:56:7b:41:aa:ac:97: 44:93:19:75:b6:df:24:e9:4a:78:1d:6f:cf:e8:93: f5:b3:f3:3e:7e:8a:f2:53:dc:d6:20:fd:b2:85:c6: f8:79:64:ef:e7:bb:4f:1d:99:7e:c4:3a:bd:ce:18: 43:15:b7:56:cb:9e:d5:ce:9c:75:6c:b4:eb:e5:08: 21:cb:12:1b:f8:92:0c:22:ff:5b:f3:08:82:b4:b1: 24:74:75:c2:94:16:9b:5d:50:c5:9e:b5:66:f4:92: 50:3a:73:ec:7f:66:79:51:52:1c:7b:a3:8b:f4:15: 28:07:2a:52:af:db:5c:35:fd:25:bc:ca:c9:d1:55: 0a:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:53:A6:27:91:1B:50:7B:40:0E:7C:88:A2:12:D6:F6:30:B9:5A:3A X509v3 Authority Key Identifier: keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/d1OmJ5EbUHtADnyIohLW9jC5Wjo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:b441::/32 2a11:3b40::/32 2a12:6640::/32 Signature Algorithm: sha256WithRSAEncryption c3:71:56:a2:a2:57:55:84:7f:2a:5e:c7:61:d5:61:e5:48:3c: e9:07:a1:ba:93:56:a3:35:e8:d1:55:ba:70:99:b0:7e:01:4e: 92:21:9f:06:f1:49:69:40:a6:94:fb:58:1b:05:15:68:ca:ef: 91:e8:ac:3f:ac:ec:aa:00:1e:99:32:bb:0f:b3:24:45:57:cb: 4d:53:de:98:c8:fe:11:9f:0b:52:20:12:a7:e6:1d:77:11:99: ac:76:77:08:69:c9:96:34:05:57:17:6e:e4:86:1d:1e:7e:9f: 66:a0:d7:11:d5:a5:ab:98:23:4b:6e:a5:fa:f4:da:f9:1f:ee: ab:62:09:61:74:05:7f:8d:78:f5:7a:7b:25:db:3e:9d:35:c1: 03:61:4b:33:aa:1a:b0:8f:98:59:3f:52:6d:01:5d:bd:04:c6: 59:7d:47:84:4a:28:75:b0:70:b4:ce:f1:43:a4:aa:5f:29:2b: a6:a9:a1:70:b3:5c:3b:72:95:52:d1:f4:d9:04:40:1f:4f:2e: 4a:e7:f0:44:17:53:c5:90:55:0d:13:f3:d2:cc:3c:68:e5:c1: 0d:aa:80:a9:e1:be:77:1e:a9:5a:64:63:00:ac:fc:12:f8:38: ce:d9:c8:e8:05:e5:7e:30:d6:97:fe:4d:14:3f:ca:2a:9f:f0: 4e:fd:ae:89 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/hMzjAKcqzAYkjBRDD+EhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz Mjc2ZTMwHhcNMjYwMTAyMTYyMjQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NzUzYTYyNzkxMWI1MDdiNDAwZTdjODhhMjEyZDZmNjMwYjk1YTNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQJkwEceAJ/xy02QYngDEbE7d/E2 dzuzvPLoiipVGU8x19GNa9IP3jG8O0bdYvyx4oa/jiIVAbixkBivsJuL7wvQWkcO 7ppVinoBJ09u04wnCJA1RUUKAxXDtJ9zs/t4TQi5ZEfL0jARO5NYQrwwZx7M4eLu ZLeihhq8dkgTE91We0GqrJdEkxl1tt8k6Up4HW/P6JP1s/M+foryU9zWIP2yhcb4 eWTv57tPHZl+xDq9zhhDFbdWy57Vzpx1bLTr5QghyxIb+JIMIv9b8wiCtLEkdHXC lBabXVDFnrVm9JJQOnPsf2Z5UVIce6OL9BUoBypSr9tcNf0lvMrJ0VUKcQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHdTpieRG1B7QA58iKIS1vYwuVo6MB8GA1UdIwQY MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt YTJhNGM2YTYyMWNkLzEvZDFPbUo1RWJVSHRBRG55SW9oTFc5akM1V2pvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKga0QQMF ACoRO0ADBQAqEmZAMA0GCSqGSIb3DQEBCwUAA4IBAQDDcVaioldVhH8qXsdh1WHl SDzpB6G6k1ajNejRVbpwmbB+AU6SIZ8G8UlpQKaU+1gbBRVoyu+R6Kw/rOyqAB6Z MrsPsyRFV8tNU96YyP4RnwtSIBKn5h13EZmsdncIacmWNAVXF27khh0efp9moNcR 1aWrmCNLbqX69Nr5H+6rYglhdAV/jXj1ensl2z6dNcEDYUszqhqwj5hZP1JtAV29 BMZZfUeESih1sHC0zvFDpKpfKSumqaFws1w7cpVS0fTZBEAfTy5K5/BEF1PFkFUN E/PSzDxo5cENqoCp4b53HqlaZGMArPwS+DjO2cjoBeV+MNaX/k0UP8oqn/BO/a6J -----END CERTIFICATE-----Generated at Sun Jan 25 23:03:39 2026 by rpki-client