This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/X5qhIZ7xGCMvKQfZQrbeuOZ9uf8.roa File: X5qhIZ7xGCMvKQfZQrbeuOZ9uf8.roa (raw, json) Hash identifier: i3DUL5+61b/Yr3dFWew0V6gv0s7RuSUIeTUfltYEFJs= Subject key identifier: 5F:9A:A1:21:9E:F1:18:23:2F:29:07:D9:42:B6:DE:B8:E6:7D:B9:FF Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 019B7EA6B3C8EE7F1061EB751EF4B5242049 Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/X5qhIZ7xGCMvKQfZQrbeuOZ9uf8.roa Signing time: Fri 02 Jan 2026 12:20:12 +0000 ROA not before: Fri 02 Jan 2026 12:20:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25135 IP address blocks: 2a01:840::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:b3:c8:ee:7f:10:61:eb:75:1e:f4:b5:24:20:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: Jan 2 12:20:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5f9aa1219ef118232f2907d942b6deb8e67db9ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:73:74:73:9a:9f:3c:bf:9d:85:5a:6a:5f:15: f5:5a:76:37:e2:d2:1b:bf:20:36:c3:90:9f:e5:1b: 69:83:36:76:f5:e5:1e:05:6f:48:51:11:82:f2:24: c2:10:de:d2:96:c8:e6:72:93:c5:bf:62:b0:83:bb: fe:c2:dc:7e:c5:01:17:ac:4b:b3:72:0b:c9:87:24: 7a:26:ce:af:11:1a:07:02:23:49:aa:d7:01:d4:35: 57:9c:49:96:f8:e2:1d:fb:47:b2:f6:47:c5:5c:54: b1:03:21:68:f8:3c:bd:34:27:d5:16:13:d4:1a:d0: d6:62:5c:2c:55:c2:b1:db:bd:23:40:ac:f5:da:80: f7:f4:1f:f3:6d:45:c8:48:2d:d6:43:80:1b:ef:11: 2d:41:97:11:17:ac:b4:e6:01:27:4f:c1:a1:2b:ff: c7:cf:dd:87:96:e6:fb:5d:22:df:e5:46:aa:87:6e: 9f:0d:21:e4:d8:92:0b:1c:ef:af:97:17:d6:47:d3: da:54:a0:62:50:8e:75:df:f2:ec:4b:9d:70:a6:c8: 99:ec:d0:93:6c:70:35:d7:b7:92:0b:55:ee:39:2b: bc:71:87:a8:6a:3d:7c:10:14:a8:e5:d5:7c:c6:c0: 50:af:b0:a9:1e:17:c7:88:43:2a:64:c3:f7:28:2a: cd:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:9A:A1:21:9E:F1:18:23:2F:29:07:D9:42:B6:DE:B8:E6:7D:B9:FF X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/X5qhIZ7xGCMvKQfZQrbeuOZ9uf8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:840::/32 Signature Algorithm: sha256WithRSAEncryption 2a:49:66:f5:e8:3e:a1:26:fd:ce:08:7a:54:26:29:bb:d3:1b: b0:95:19:14:99:1f:eb:c2:29:64:9a:72:4d:86:8d:fc:a5:64: bd:4b:19:0b:66:f4:90:1d:53:ab:40:b8:d9:af:de:e0:b9:11: 5f:eb:89:3e:b1:e2:31:2d:4e:55:ac:58:e2:13:45:18:ae:e0: c1:72:6b:96:31:24:c8:69:44:21:27:e2:b0:57:88:8e:d0:d0: 4d:86:43:63:76:1e:d2:8b:dd:c1:ce:3b:d0:cb:e0:03:22:bb: d4:b4:4f:99:c4:48:ed:c3:71:45:de:7c:1c:3a:cc:12:24:73: 34:7b:9f:37:2d:6b:77:94:a3:2c:dc:8f:ea:0f:66:c9:7b:16: 75:91:f8:19:d6:34:0b:71:09:bf:0e:16:d4:5f:04:82:24:74: 8d:09:39:f9:6a:c1:ff:ee:19:6c:22:f1:21:6f:a6:2d:c2:90: af:3d:ec:cb:c7:b3:28:a9:5f:1a:f7:2a:42:10:80:d5:09:7f: 54:d0:62:4b:ce:18:51:ae:e9:0e:65:57:04:d3:db:67:75:7e: a7:fa:43:a2:55:a5:84:2b:87:cb:6e:4a:09:ff:33:f3:01:ed: d0:f8:0d:27:90:9b:43:9f:f5:95:69:86:47:2d:fc:63:d1:35: e3:ea:cf:de -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt+prPI7n8QYet1HvS1JCBJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjYwMTAyMTIyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZjlhYTEyMTllZjExODIzMmYyOTA3ZDk0MmI2ZGViOGU2N2RiOWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3N0c5qfPL+dhVpqXxX1WnY34tIb vyA2w5Cf5RtpgzZ29eUeBW9IURGC8iTCEN7SlsjmcpPFv2Kwg7v+wtx+xQEXrEuz cgvJhyR6Js6vERoHAiNJqtcB1DVXnEmW+OId+0ey9kfFXFSxAyFo+Dy9NCfVFhPU GtDWYlwsVcKx270jQKz12oD39B/zbUXISC3WQ4Ab7xEtQZcRF6y05gEnT8GhK//H z92Hlub7XSLf5Uaqh26fDSHk2JILHO+vlxfWR9PaVKBiUI513/LsS51wpsiZ7NCT bHA117eSC1XuOSu8cYeoaj18EBSo5dV8xsBQr7CpHhfHiEMqZMP3KCrNUQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFF+aoSGe8RgjLykH2UK23rjmfbn/MB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEvWDVxaElaN3hHQ012S1FmWlFyYmV1T1o5dWY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEIQDAN BgkqhkiG9w0BAQsFAAOCAQEAKklm9eg+oSb9zgh6VCYpu9MbsJUZFJkf68IpZJpy TYaN/KVkvUsZC2b0kB1Tq0C42a/e4LkRX+uJPrHiMS1OVaxY4hNFGK7gwXJrljEk yGlEISfisFeIjtDQTYZDY3Ye0ovdwc470MvgAyK71LRPmcRI7cNxRd58HDrMEiRz NHufNy1rd5SjLNyP6g9myXsWdZH4GdY0C3EJvw4W1F8EgiR0jQk5+WrB/+4ZbCLx IW+mLcKQrz3sy8ezKKlfGvcqQhCA1Ql/VNBiS84YUa7pDmVXBNPbZ3V+p/pDolWl hCuHy25KCf8z8wHt0PgNJ5CbQ5/1lWmGRy38Y9E14+rP3g== -----END CERTIFICATE-----Generated at Sun Jan 25 19:16:08 2026 by rpki-client