This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/28f7a6-e1ba-4978-9122-e18e7b2ac536/1/U032uAEUZ0b4mkUs5GY7tAVTTzU.roa File: U032uAEUZ0b4mkUs5GY7tAVTTzU.roa (raw, json) Hash identifier: DED8ognEIVQikRQX7YkZQcK+eDMVkhFnX19M3oaeQrw= Subject key identifier: 53:4D:F6:B8:01:14:67:46:F8:9A:45:2C:E4:66:3B:B4:05:53:4F:35 Certificate issuer: /CN=494d7873416510a2fb2346ef342280155522713b Certificate serial: 019B7EA56B673D7C7CEA4DC6B7FE5C66B769 Authority key identifier: 49:4D:78:73:41:65:10:A2:FB:23:46:EF:34:22:80:15:55:22:71:3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SU14c0FlEKL7I0bvNCKAFVUicTs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/28f7a6-e1ba-4978-9122-e18e7b2ac536/1/U032uAEUZ0b4mkUs5GY7tAVTTzU.roa Signing time: Fri 02 Jan 2026 12:18:48 +0000 ROA not before: Fri 02 Jan 2026 12:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61272 IP address blocks: 2a02:e00:ffe7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/28f7a6-e1ba-4978-9122-e18e7b2ac536/1/SU14c0FlEKL7I0bvNCKAFVUicTs.crl rsync://rpki.ripe.net/repository/DEFAULT/25/28f7a6-e1ba-4978-9122-e18e7b2ac536/1/SU14c0FlEKL7I0bvNCKAFVUicTs.mft rsync://rpki.ripe.net/repository/DEFAULT/SU14c0FlEKL7I0bvNCKAFVUicTs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:6b:67:3d:7c:7c:ea:4d:c6:b7:fe:5c:66:b7:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=494d7873416510a2fb2346ef342280155522713b Validity Not Before: Jan 2 12:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=534df6b801146746f89a452ce4663bb405534f35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:c0:78:ad:5d:ba:6f:3e:c9:c2:7e:6c:65:b6: 5c:c7:1b:e2:d1:a8:6b:24:43:91:26:a2:9c:67:d0: e4:3e:24:69:32:2b:8a:e7:e0:a1:21:56:45:e4:93: c0:03:85:16:f6:a9:b2:5c:07:13:3c:4e:c5:ed:42: 90:2e:34:ea:5a:38:51:6d:e0:52:55:7e:53:17:1e: 21:65:98:86:0d:13:71:7e:93:71:98:6b:3f:a0:c0: df:91:47:5d:6b:82:f4:fe:2b:3c:31:14:3b:70:ca: 2a:1a:72:56:4d:20:d5:ae:1d:c5:1f:a8:52:30:06: e4:fd:76:ee:f8:67:a3:34:e3:49:f0:40:38:30:6b: 04:54:d4:f8:07:da:74:b3:65:7c:4f:b1:bf:91:f9: 07:7c:84:85:85:79:8f:a7:71:a6:5e:0e:92:88:1b: 52:27:25:f2:16:ba:14:07:31:60:9d:4e:64:16:13: 50:d9:fa:38:6f:3d:af:ef:0e:ed:b4:8d:32:78:ec: d1:dd:ad:fe:87:00:0d:d7:15:22:9c:d4:4d:cc:ae: bf:05:e4:5d:6f:6f:81:e6:03:01:70:05:40:be:18: d6:90:d5:e3:d6:29:4d:99:90:d4:d0:08:6f:5f:ca: 62:1c:4b:2f:44:24:94:3e:a3:a8:f6:36:e9:c5:17: 7f:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:4D:F6:B8:01:14:67:46:F8:9A:45:2C:E4:66:3B:B4:05:53:4F:35 X509v3 Authority Key Identifier: keyid:49:4D:78:73:41:65:10:A2:FB:23:46:EF:34:22:80:15:55:22:71:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SU14c0FlEKL7I0bvNCKAFVUicTs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/28f7a6-e1ba-4978-9122-e18e7b2ac536/1/U032uAEUZ0b4mkUs5GY7tAVTTzU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/28f7a6-e1ba-4978-9122-e18e7b2ac536/1/SU14c0FlEKL7I0bvNCKAFVUicTs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a02:e00:ffe7::/48 Signature Algorithm: sha256WithRSAEncryption 80:e7:99:ec:c7:7c:b6:c0:4a:e6:d0:6c:07:fd:00:08:a8:aa: 3f:61:29:8b:f1:2b:80:14:ec:0f:24:44:09:2f:96:b1:15:b4: 50:95:ec:9b:8d:1c:21:7f:52:42:ea:9f:e1:b6:b2:f7:44:29: 80:ee:15:3d:de:cb:0c:a6:18:46:a9:b1:cd:c3:62:fd:a3:9b: d9:53:06:fd:64:54:61:83:4d:6b:c0:32:69:eb:bf:69:59:84: 9d:a3:af:8e:7f:70:5e:4a:61:56:e9:8d:da:76:4d:e9:fd:0c: d9:8f:ea:1a:a9:b9:ec:fb:6b:72:f5:f0:5c:a5:66:20:a8:24: f9:6c:8a:5c:5b:d2:70:9a:82:02:53:26:d5:7c:42:03:3f:11: 8a:1c:2d:d0:81:06:74:e5:fd:5e:71:7f:a9:8b:7a:f0:17:27: 72:33:76:5d:3a:b7:5c:d2:ac:a7:7a:30:a8:f1:10:1b:a3:fc: f3:44:14:a6:72:0a:be:98:12:b6:ea:71:29:d3:3c:b5:b5:99: df:ab:32:c5:ab:e6:eb:48:80:24:f0:a9:4a:36:6a:96:3f:cb: 8e:94:4d:0f:35:c7:62:1b:fc:15:39:94:45:3a:90:f5:32:33: c0:50:41:ad:86:83:e2:60:7b:24:9e:9d:7e:af:25:11:40:cd: f8:d5:6f:71 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+pWtnPXx86k3Gt/5cZrdpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5NGQ3ODczNDE2NTEwYTJmYjIzNDZlZjM0MjI4MDE1NTUy MjcxM2IwHhcNMjYwMTAyMTIxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MzRkZjZiODAxMTQ2NzQ2Zjg5YTQ1MmNlNDY2M2JiNDA1NTM0ZjM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cB4rV26bz7Jwn5sZbZcxxvi0ahr JEORJqKcZ9DkPiRpMiuK5+ChIVZF5JPAA4UW9qmyXAcTPE7F7UKQLjTqWjhRbeBS VX5TFx4hZZiGDRNxfpNxmGs/oMDfkUdda4L0/is8MRQ7cMoqGnJWTSDVrh3FH6hS MAbk/Xbu+GejNONJ8EA4MGsEVNT4B9p0s2V8T7G/kfkHfISFhXmPp3GmXg6SiBtS JyXyFroUBzFgnU5kFhNQ2fo4bz2v7w7ttI0yeOzR3a3+hwAN1xUinNRNzK6/BeRd b2+B5gMBcAVAvhjWkNXj1ilNmZDU0AhvX8piHEsvRCSUPqOo9jbpxRd/aQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFFNN9rgBFGdG+JpFLORmO7QFU081MB8GA1UdIwQY MBaAFElNeHNBZRCi+yNG7zQigBVVInE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1UxNGMwRmxFS0w3STBidk5DS0FGVlVpY1RzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8yOGY3YTYtZTFiYS00OTc4LTkxMjIt ZTE4ZTdiMmFjNTM2LzEvVTAzMnVBRVVaMGI0bWtVczVHWTd0QVZUVHpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS8yOGY3YTYtZTFiYS00OTc4LTkxMjItZTE4ZTdiMmFjNTM2 LzEvU1UxNGMwRmxFS0w3STBidk5DS0FGVlVpY1RzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIOAP/n MA0GCSqGSIb3DQEBCwUAA4IBAQCA55nsx3y2wErm0GwH/QAIqKo/YSmL8SuAFOwP JEQJL5axFbRQleybjRwhf1JC6p/htrL3RCmA7hU93ssMphhGqbHNw2L9o5vZUwb9 ZFRhg01rwDJp679pWYSdo6+Of3BeSmFW6Y3adk3p/QzZj+oaqbns+2ty9fBcpWYg qCT5bIpcW9JwmoICUybVfEIDPxGKHC3QgQZ05f1ecX+pi3rwFydyM3ZdOrdc0qyn ejCo8RAbo/zzRBSmcgq+mBK26nEp0zy1tZnfqzLFq+brSIAk8KlKNmqWP8uOlE0P NcdiG/wVOZRFOpD1MjPAUEGthoPiYHsknp1+ryURQM341W9x -----END CERTIFICATE-----Generated at Sun Jan 25 19:35:47 2026 by rpki-client