This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/Rb6ICVosTC_zaZ16edh9MPPlC-4.roa File: Rb6ICVosTC_zaZ16edh9MPPlC-4.roa (raw, json) Hash identifier: f7bv124K8RG4yyZpz3BCEJydd5vMDmuet5IH5Sqpc1Q= Subject key identifier: 45:BE:88:09:5A:2C:4C:2F:F3:69:9D:7A:79:D8:7D:30:F3:E5:0B:EE Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd Certificate serial: 019B79EC3AACCF0CED86F854C7FB2F758718 Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/Rb6ICVosTC_zaZ16edh9MPPlC-4.roa Signing time: Thu 01 Jan 2026 14:18:03 +0000 ROA not before: Thu 01 Jan 2026 14:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5411 IP address blocks: 2a03:9b80:4000::/34 maxlen: 34 2a03:9b80:4000::/35 maxlen: 35 2a03:9b80:6000::/35 maxlen: 35 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.mft rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:3a:ac:cf:0c:ed:86:f8:54:c7:fb:2f:75:87:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd Validity Not Before: Jan 1 14:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=45be88095a2c4c2ff3699d7a79d87d30f3e50bee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:aa:c7:92:24:6a:da:f2:41:48:19:a2:0f:b7: dc:8a:4a:ab:f4:fd:4b:11:62:c5:5e:40:9c:55:95: 56:bb:90:52:15:b2:16:aa:70:d8:a2:04:48:1d:72: c0:81:a1:33:8c:9c:6b:ae:12:4e:20:70:5f:31:20: 48:6f:2b:de:86:7c:1d:ce:14:9b:ec:58:b7:ff:fb: 28:a9:b2:a2:78:78:7e:63:58:13:76:ed:e5:d3:a6: 1a:28:91:86:ac:d7:71:43:4a:8b:e4:31:4e:8a:fc: a1:82:74:5d:2d:4f:16:ca:c6:d0:66:84:9b:bc:76: ee:4a:fd:a8:1e:c8:e0:b1:11:62:9d:2a:73:d5:9c: 7f:29:93:26:9c:80:d0:82:9a:4e:7d:f1:49:03:83: 19:f3:45:5c:de:a3:3b:36:b7:6a:12:92:77:77:75: ac:97:2f:9f:c3:b5:31:66:a3:47:14:5d:d1:1e:bf: 74:fe:d7:f6:93:2a:42:3c:85:98:95:b6:4b:26:60: 2e:ce:e0:db:ca:f8:b9:55:de:e8:ea:2c:c7:bc:47: e0:e3:cd:a9:83:25:38:42:91:8f:9f:8e:42:11:c9: ed:16:f3:72:3e:e5:64:27:24:1b:ce:1f:8b:de:07: c6:96:a8:0c:5b:2d:be:c2:0b:71:a3:e1:cd:6a:0c: c1:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:BE:88:09:5A:2C:4C:2F:F3:69:9D:7A:79:D8:7D:30:F3:E5:0B:EE X509v3 Authority Key Identifier: keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/Rb6ICVosTC_zaZ16edh9MPPlC-4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:9b80:4000::/34 Signature Algorithm: sha256WithRSAEncryption 77:ee:b7:61:72:7a:16:05:4e:83:0d:15:85:2c:36:bd:98:94: 5d:94:c6:1a:fd:1a:53:ac:74:57:73:3f:75:1d:98:25:e8:11: 74:31:2e:51:09:5f:d5:2c:be:01:d5:a1:44:a3:0c:a7:41:9a: 9a:35:46:40:d9:a7:42:f0:de:6e:82:51:c8:85:0b:51:93:de: c7:bf:6a:b7:e6:01:27:61:3b:7d:3a:f8:bd:f1:21:0c:0c:1b: 10:46:7c:e3:a2:62:2c:d1:bf:fd:65:ab:2d:c2:d1:a9:ad:e2: a8:5f:7d:94:59:81:5f:a7:d8:c5:cb:22:1e:6f:92:00:17:ae: a0:96:bd:2e:6e:08:b2:25:05:12:84:13:b6:49:13:0b:ec:d3: 2d:8b:df:54:1a:e9:8b:2e:17:e4:b8:a5:6c:0a:8c:91:e0:6a: ea:52:17:16:46:4d:0c:03:a5:8e:74:97:5d:97:dc:fa:ce:99: 91:71:7f:dd:76:78:6b:b8:42:30:14:8c:29:01:7a:0f:3f:22: a3:fd:43:e6:76:b3:22:32:26:29:31:e3:dc:e3:a7:3e:47:8d: aa:54:f8:30:fa:da:ad:2d:9c:13:67:6a:1f:4b:6e:61:34:ac: 1c:5a:23:1e:f3:7d:c6:8b:9c:72:fb:9f:86:1b:44:94:10:b0: 03:30:89:8d -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt57DqszwzthvhUx/svdYcYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk ZjQ5ZGQwHhcNMjYwMTAxMTQxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NWJlODgwOTVhMmM0YzJmZjM2OTlkN2E3OWQ4N2QzMGYzZTUwYmVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKrHkiRq2vJBSBmiD7fcikqr9P1L EWLFXkCcVZVWu5BSFbIWqnDYogRIHXLAgaEzjJxrrhJOIHBfMSBIbyvehnwdzhSb 7Fi3//soqbKieHh+Y1gTdu3l06YaKJGGrNdxQ0qL5DFOivyhgnRdLU8WysbQZoSb vHbuSv2oHsjgsRFinSpz1Zx/KZMmnIDQgppOffFJA4MZ80Vc3qM7NrdqEpJ3d3Ws ly+fw7UxZqNHFF3RHr90/tf2kypCPIWYlbZLJmAuzuDbyvi5Vd7o6izHvEfg482p gyU4QpGPn45CEcntFvNyPuVkJyQbzh+L3gfGlqgMWy2+wgtxo+HNagzBWQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFEW+iAlaLEwv82mdennYfTDz5QvuMB8GA1UdIwQY MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt OGQyM2FjNWNiNTAyLzEvUmI2SUNWb3NUQ196YVoxNmVkaDlNUFBsQy00LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGKgObgEAw DQYJKoZIhvcNAQELBQADggEBAHfut2FyehYFToMNFYUsNr2YlF2Uxhr9GlOsdFdz P3UdmCXoEXQxLlEJX9UsvgHVoUSjDKdBmpo1RkDZp0Lw3m6CUciFC1GT3se/arfm ASdhO306+L3xIQwMGxBGfOOiYizRv/1lqy3C0amt4qhffZRZgV+n2MXLIh5vkgAX rqCWvS5uCLIlBRKEE7ZJEwvs0y2L31Qa6YsuF+S4pWwKjJHgaupSFxZGTQwDpY50 l12X3PrOmZFxf912eGu4QjAUjCkBeg8/IqP9Q+Z2syIyJikx49zjpz5HjapU+DD6 2q0tnBNnah9LbmE0rBxaIx7zfcaLnHL7n4YbRJQQsAMwiY0= -----END CERTIFICATE-----Generated at Sun Jan 25 15:11:35 2026 by rpki-client