This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/8fGGuqV_pcqjv64pfQiKXOnA89E.roa File: 8fGGuqV_pcqjv64pfQiKXOnA89E.roa (raw, json) Hash identifier: VFpEm/CggmIw860nuw3P1+S3S7tI6esO+Ze0E21DRy8= Subject key identifier: F1:F1:86:BA:A5:7F:A5:CA:A3:BF:AE:29:7D:08:8A:5C:E9:C0:F3:D1 Certificate issuer: /CN=01a56c42ed7cb963f285503cec0606d60d0ab387 Certificate serial: 019A77ECC7CD2BFE84A1DC76BD524AFE301C Authority key identifier: 01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/8fGGuqV_pcqjv64pfQiKXOnA89E.roa Signing time: Wed 12 Nov 2025 11:56:37 +0000 ROA not before: Wed 12 Nov 2025 11:56:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 28676 IP address blocks: 2a00:1f08::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:77:ec:c7:cd:2b:fe:84:a1:dc:76:bd:52:4a:fe:30:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01a56c42ed7cb963f285503cec0606d60d0ab387 Validity Not Before: Nov 12 11:56:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f1f186baa57fa5caa3bfae297d088a5ce9c0f3d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:a9:9a:04:ee:0a:35:3a:6f:a6:75:49:f6:a2: 80:c7:27:a7:e7:6e:32:3a:4f:fb:8b:14:27:1d:b1: 5d:d9:e5:e5:0a:36:d4:70:d0:cc:d1:9f:fb:1a:89: de:a0:16:b1:4c:61:b4:89:ee:e4:20:ae:ce:4a:08: af:27:67:3a:93:07:df:e3:d1:5f:ea:e5:3e:96:b5: 80:45:aa:3e:18:f6:6a:ee:49:23:c9:73:ed:71:3b: b1:25:e0:05:0c:f3:1c:a2:10:6b:9a:11:ab:c4:4e: e8:98:ac:76:2c:74:53:39:fc:99:74:5b:b3:d5:8a: 9f:05:95:76:00:5e:c7:aa:9e:74:f7:29:12:ea:94: 80:59:6e:49:e9:b0:2e:e1:99:e8:e1:00:5d:f3:c5: 77:f7:78:4b:ac:91:ef:d1:0d:3f:29:b7:ef:03:69: 08:aa:fb:df:fe:93:d9:09:03:6b:2b:d0:38:cc:7a: bf:1c:c3:e8:b3:cd:cd:f2:7c:46:6f:3f:69:eb:09: 8f:97:26:07:0b:0b:a8:1d:3c:bb:f9:6e:df:ab:ff: ed:21:d1:f2:b0:36:c7:f3:5f:14:91:3a:cf:cb:4c: 09:ba:a6:99:40:14:1e:f0:0c:0d:d3:be:ca:b1:32: 1c:94:5f:ab:8f:34:a2:9f:36:0c:ba:19:ca:db:0d: f9:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:F1:86:BA:A5:7F:A5:CA:A3:BF:AE:29:7D:08:8A:5C:E9:C0:F3:D1 X509v3 Authority Key Identifier: keyid:01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/8fGGuqV_pcqjv64pfQiKXOnA89E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:1f08::/32 Signature Algorithm: sha256WithRSAEncryption e0:be:81:b8:22:f8:61:0d:4d:97:ad:f8:15:7f:2c:01:ab:a2: 4e:a5:f9:dd:f0:65:76:f9:a0:ea:49:14:26:03:97:52:db:d4: bb:3c:c3:d8:9e:9f:f5:ff:f5:29:b1:9f:5c:ce:ef:29:d9:25: 3d:f7:e3:9e:c4:48:ca:c6:7e:f0:98:1d:38:72:a8:b1:19:53: f2:f6:48:60:7f:01:e3:6e:22:c7:a0:0e:77:e5:4c:9f:9b:b5: cb:b9:6a:f7:b0:0e:a1:0a:f8:64:e4:b9:c6:bf:b2:dd:e7:78: 09:ae:03:cb:45:a8:de:23:b1:f1:76:75:1e:32:d5:42:95:31: 75:de:4f:bf:a1:2e:b1:c7:31:68:92:ed:24:a0:6d:89:1a:ed: ba:3b:1a:24:c6:a3:8b:1f:46:80:51:ed:bc:65:95:81:df:14: f3:17:8b:c0:97:59:0c:6e:b0:c9:3c:be:73:53:80:e6:9c:52: 6d:ce:18:8d:6f:f4:ff:1e:67:c9:ed:b3:5d:78:0a:cd:aa:b9: e3:10:da:df:47:be:81:63:bd:b0:7c:58:ee:ef:bf:7e:b2:44: 6d:7a:41:53:73:6d:24:c1:62:8a:60:e5:25:05:f9:22:ca:d0: d6:b4:2a:5a:1f:c2:c5:a6:db:77:db:5b:e7:42:7d:46:e7:b5: cf:fe:1c:2b -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZp37MfNK/6Eodx2vVJK/jAcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxYTU2YzQyZWQ3Y2I5NjNmMjg1NTAzY2VjMDYwNmQ2MGQw YWIzODcwHhcNMjUxMTEyMTE1NjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMWYxODZiYWE1N2ZhNWNhYTNiZmFlMjk3ZDA4OGE1Y2U5YzBmM2QxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2amaBO4KNTpvpnVJ9qKAxyen524y Ok/7ixQnHbFd2eXlCjbUcNDM0Z/7GoneoBaxTGG0ie7kIK7OSgivJ2c6kwff49Ff 6uU+lrWARao+GPZq7kkjyXPtcTuxJeAFDPMcohBrmhGrxE7omKx2LHRTOfyZdFuz 1YqfBZV2AF7Hqp509ykS6pSAWW5J6bAu4Zno4QBd88V393hLrJHv0Q0/KbfvA2kI qvvf/pPZCQNrK9A4zHq/HMPos83N8nxGbz9p6wmPlyYHCwuoHTy7+W7fq//tIdHy sDbH818UkTrPy0wJuqaZQBQe8AwN077KsTIclF+rjzSinzYMuhnK2w35mwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFPHxhrqlf6XKo7+uKX0IilzpwPPRMB8GA1UdIwQY MBaAFAGlbELtfLlj8oVQPOwGBtYNCrOHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMt ZWQwN2Y1Y2FkNmQ3LzEvOGZHR3VxVl9wY3FqdjY0cGZRaUtYT25BODlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMtZWQwN2Y1Y2FkNmQ3 LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgAfCDAN BgkqhkiG9w0BAQsFAAOCAQEA4L6BuCL4YQ1Nl634FX8sAauiTqX53fBldvmg6kkU JgOXUtvUuzzD2J6f9f/1KbGfXM7vKdklPffjnsRIysZ+8JgdOHKosRlT8vZIYH8B 424ix6AOd+VMn5u1y7lq97AOoQr4ZOS5xr+y3ed4Ca4Dy0Wo3iOx8XZ1HjLVQpUx dd5Pv6EusccxaJLtJKBtiRrtujsaJMajix9GgFHtvGWVgd8U8xeLwJdZDG6wyTy+ c1OA5pxSbc4YjW/0/x5nye2zXXgKzaq54xDa30e+gWO9sHxY7u+/frJEbXpBU3Nt JMFiimDlJQX5IsrQ1rQqWh/Cxabbd9tb50J9Rue1z/4cKw== -----END CERTIFICATE-----Generated at Sat Dec 6 21:14:30 2025 by rpki-client