This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ib3eXdJ0h8wtIzIl2cBYokJr_9Q.roa File: ib3eXdJ0h8wtIzIl2cBYokJr_9Q.roa (raw, json) Hash identifier: NphbwdgT6fB0qOIn0HJy/kyHWoDJIQz8cXWMiK9ya4Y= Subject key identifier: 89:BD:DE:5D:D2:74:87:CC:2D:23:32:25:D9:C0:58:A2:42:6B:FF:D4 Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b Certificate serial: 019B7F841774C621DD97DE417CF2C3B532F5 Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ib3eXdJ0h8wtIzIl2cBYokJr_9Q.roa Signing time: Fri 02 Jan 2026 16:22:01 +0000 ROA not before: Fri 02 Jan 2026 16:22:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 397515 IP address blocks: 2a01:488:bb06::/48 maxlen: 48 2a01:488:bb07::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:17:74:c6:21:dd:97:de:41:7c:f2:c3:b5:32:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b Validity Not Before: Jan 2 16:22:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=89bdde5dd27487cc2d233225d9c058a2426bffd4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:d1:fe:e7:cb:63:c8:88:de:d1:87:40:4a:da: 7c:b0:23:a5:7b:e8:73:bc:1f:b7:85:8c:d2:cd:25: 2e:03:b6:03:02:dc:80:92:4f:5a:1c:b0:0e:b4:6e: f0:b2:d8:40:f4:9b:10:f7:2e:d0:4a:7d:e4:1f:a3: 59:fa:b6:07:69:2b:7f:ec:0f:22:0f:cb:33:a8:dd: c5:59:8c:3f:a0:0d:7c:47:98:8f:fb:d6:0f:41:ac: d2:76:83:c2:62:d5:6a:82:78:8f:b9:a3:6e:30:70: d0:f9:9e:ad:44:1e:80:02:64:fc:5e:73:e2:cc:b4: 17:8e:59:51:ae:91:07:ce:4e:3f:ac:3b:ce:f5:b7: a2:07:c3:87:e6:64:1a:e9:e6:34:69:f9:68:3f:40: 62:6c:47:61:2e:8e:4d:3a:c9:ef:ee:f3:a9:7e:12: 6b:09:8b:cd:2a:37:f1:85:b4:c0:3b:de:ff:1e:71: f5:08:46:d3:b0:c2:1f:de:38:ab:a3:db:c1:c2:17: 14:77:c0:4b:b3:2c:f5:56:08:1b:ec:6a:dd:67:0c: bd:0f:af:35:b7:9e:31:e6:fb:05:99:d0:18:6d:62: 25:88:96:9d:70:40:11:21:b6:8c:14:f8:5e:fa:f5: 36:05:20:8f:8a:bf:01:d3:c7:3a:20:40:b8:33:c8: 8f:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:BD:DE:5D:D2:74:87:CC:2D:23:32:25:D9:C0:58:A2:42:6B:FF:D4 X509v3 Authority Key Identifier: keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ib3eXdJ0h8wtIzIl2cBYokJr_9Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:488:bb06::/47 Signature Algorithm: sha256WithRSAEncryption 60:0d:72:49:52:7c:b9:d3:60:c6:bb:42:b5:1c:23:27:b5:cc: f8:99:39:77:ff:a1:5a:a5:35:18:c9:67:96:b2:0a:de:fb:d5: d9:d0:3a:aa:6c:22:86:d1:49:ad:ea:bd:44:65:20:01:33:09: a2:f0:f8:2f:fa:29:b9:2d:00:50:c2:07:a8:b6:76:45:07:9f: a2:f7:34:66:8c:04:ad:20:df:2e:d6:ba:51:24:42:11:1d:df: 30:c3:74:fe:13:55:2f:85:55:94:be:04:31:33:8f:8a:5b:7d: 5d:83:7f:54:56:3a:e5:56:1e:9f:c7:bf:47:4f:8a:8e:8a:06: be:8f:e0:b8:ab:8e:83:93:81:9f:1a:00:72:92:e2:8e:ee:22: 9d:b3:d8:e0:5b:00:2c:1c:b5:70:17:83:b1:b3:55:7e:39:ad: a3:7a:45:34:17:74:81:13:0c:51:e6:85:8e:2d:3f:b6:68:94: cb:59:ea:fc:e2:02:b4:c7:8e:0b:e4:51:fb:db:cc:a4:ba:21: 8b:1b:53:e0:2b:cf:35:7c:e6:62:a4:c1:e4:7f:8b:05:a2:6b: b5:9e:74:fc:1a:8c:ba:c0:7b:47:8d:ff:b5:0c:c9:ca:51:c2: 1b:9d:6d:99:ef:4c:5c:d1:0f:29:80:c2:14:e5:20:3f:d0:c2: c0:71:11:e7 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/hBd0xiHdl95BfPLDtTL1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0 ZTk4MWIwHhcNMjYwMTAyMTYyMjAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OWJkZGU1ZGQyNzQ4N2NjMmQyMzMyMjVkOWMwNThhMjQyNmJmZmQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29H+58tjyIje0YdAStp8sCOle+hz vB+3hYzSzSUuA7YDAtyAkk9aHLAOtG7wsthA9JsQ9y7QSn3kH6NZ+rYHaSt/7A8i D8szqN3FWYw/oA18R5iP+9YPQazSdoPCYtVqgniPuaNuMHDQ+Z6tRB6AAmT8XnPi zLQXjllRrpEHzk4/rDvO9beiB8OH5mQa6eY0afloP0BibEdhLo5NOsnv7vOpfhJr CYvNKjfxhbTAO97/HnH1CEbTsMIf3jiro9vBwhcUd8BLsyz1Vggb7GrdZwy9D681 t54x5vsFmdAYbWIliJadcEARIbaMFPhe+vU2BSCPir8B08c6IEC4M8iPcQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFIm93l3SdIfMLSMyJdnAWKJCa//UMB8GA1UdIwQY MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt MTYxZjM0MjM4N2QxLzEvaWIzZVhkSjBoOHd0SXpJbDJjQllva0pyXzlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgEEiLsG MA0GCSqGSIb3DQEBCwUAA4IBAQBgDXJJUny502DGu0K1HCMntcz4mTl3/6FapTUY yWeWsgre+9XZ0DqqbCKG0Umt6r1EZSABMwmi8Pgv+im5LQBQwgeotnZFB5+i9zRm jAStIN8u1rpRJEIRHd8ww3T+E1UvhVWUvgQxM4+KW31dg39UVjrlVh6fx79HT4qO iga+j+C4q46Dk4GfGgBykuKO7iKds9jgWwAsHLVwF4Oxs1V+Oa2jekU0F3SBEwxR 5oWOLT+2aJTLWer84gK0x44L5FH728ykuiGLG1PgK881fOZipMHkf4sFomu1nnT8 Goy6wHtHjf+1DMnKUcIbnW2Z70xc0Q8pgMIU5SA/0MLAcRHn -----END CERTIFICATE-----Generated at Sun Jan 25 17:19:14 2026 by rpki-client