This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/xfHjlvR4GqmLKHrBF2UQj5zlnl4.roa File: xfHjlvR4GqmLKHrBF2UQj5zlnl4.roa (raw, json) Hash identifier: 8M7wSB8jbbP+DfjlEMm6KSFYNEcYB3CLaxYLFnfuaa0= Subject key identifier: C5:F1:E3:96:F4:78:1A:A9:8B:28:7A:C1:17:65:10:8F:9C:E5:9E:5E Certificate issuer: /CN=321ec4626ecde25335aff088b04c71395ae6bc24 Certificate serial: 019B7F158F4E2C64203AE44A99D04A3E1F09 Authority key identifier: 32:1E:C4:62:6E:CD:E2:53:35:AF:F0:88:B0:4C:71:39:5A:E6:BC:24 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/xfHjlvR4GqmLKHrBF2UQj5zlnl4.roa Signing time: Fri 02 Jan 2026 14:21:17 +0000 ROA not before: Fri 02 Jan 2026 14:21:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39535 IP address blocks: 2a01:6c60:3000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:8f:4e:2c:64:20:3a:e4:4a:99:d0:4a:3e:1f:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=321ec4626ecde25335aff088b04c71395ae6bc24 Validity Not Before: Jan 2 14:21:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c5f1e396f4781aa98b287ac11765108f9ce59e5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a2:fd:c8:ef:84:03:f3:4a:c4:a3:5d:b2:34: eb:9f:7e:8a:ca:1d:34:b1:a6:08:52:68:29:84:d9: f3:d3:30:16:c8:13:c4:c0:ce:af:05:a5:15:d1:91: 82:61:ce:ec:83:fa:60:6f:35:77:bb:7a:ae:3c:c7: 90:5a:2f:70:d9:d2:6d:c7:ce:a9:07:33:02:46:92: 8c:d6:5c:d5:7d:2f:71:dd:e0:5c:22:8e:d3:db:e3: 6e:3d:14:96:78:bd:20:99:3c:ce:ab:a8:ab:9b:e6: 00:9c:25:f9:8d:88:71:b3:b5:4a:62:c0:07:d1:b9: 85:9c:af:c5:43:56:0c:a2:b7:a7:a5:52:62:b3:af: df:8b:75:52:b8:a3:a3:31:90:dc:e7:1c:dd:ab:37: 98:6d:74:23:b1:d5:de:99:5d:9c:36:25:da:7f:69: 3b:9c:31:0c:87:d6:75:09:cf:6e:87:c3:d5:ab:05: f7:b8:a2:61:da:7c:b2:2d:4e:b7:55:ee:9e:01:79: 78:bb:d7:18:cb:79:a2:0f:95:01:b0:06:c8:60:69: 7a:7b:17:fb:64:f5:92:38:12:cf:39:f1:1d:00:41: 41:31:10:6e:7a:2d:58:15:05:41:91:f1:ef:65:20: d2:e9:4d:38:d2:81:6e:81:71:2c:1a:47:e3:aa:cd: 3f:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:F1:E3:96:F4:78:1A:A9:8B:28:7A:C1:17:65:10:8F:9C:E5:9E:5E X509v3 Authority Key Identifier: keyid:32:1E:C4:62:6E:CD:E2:53:35:AF:F0:88:B0:4C:71:39:5A:E6:BC:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/xfHjlvR4GqmLKHrBF2UQj5zlnl4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:6c60:3000::/36 Signature Algorithm: sha256WithRSAEncryption 24:a9:d4:d0:33:a3:74:3b:e2:e9:41:d5:51:d2:e8:56:cf:32: 2a:db:35:40:9b:8c:2b:20:f3:15:e0:f9:b3:a4:22:c7:d0:a1: 46:a3:2e:15:64:e2:74:aa:e7:38:e1:de:40:3e:ca:61:ca:c3: 1e:6d:c8:30:c7:81:19:67:a4:ef:df:eb:06:90:f3:48:93:95: da:5b:e8:19:d0:69:74:02:86:ae:76:28:7e:1e:12:aa:54:94: 43:17:e0:25:28:17:d5:6d:bc:80:1d:90:38:f9:63:38:6f:89: a5:d5:3a:4f:dc:ed:0e:59:9c:bb:9e:57:ba:1f:5e:c1:77:9f: f9:07:f8:32:9b:44:ea:1d:91:d8:1f:5f:d7:33:bd:ac:79:50: 20:dd:3d:95:be:74:f6:05:7b:9d:66:9f:5a:f2:37:81:53:05: 82:f8:35:f1:fb:3b:f7:c0:c9:07:e3:1a:67:3a:30:db:99:ed: eb:e5:7a:bf:3e:f4:e9:a5:a5:f7:ed:ab:3b:32:16:88:f6:9d: 06:81:90:3b:a3:b6:8f:9a:a3:6d:39:40:d3:1e:da:17:2c:e7: 7b:14:b6:a6:20:ad:c9:5a:20:1e:4b:b9:4b:a5:b4:96:02:46: 74:e8:02:52:39:fb:ad:4c:2b:66:d9:14:ea:93:24:92:93:07: 0a:97:4b:67 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt/FY9OLGQgOuRKmdBKPh8JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyMWVjNDYyNmVjZGUyNTMzNWFmZjA4OGIwNGM3MTM5NWFl NmJjMjQwHhcNMjYwMTAyMTQyMTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNWYxZTM5NmY0NzgxYWE5OGIyODdhYzExNzY1MTA4ZjljZTU5ZTVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaL9yO+EA/NKxKNdsjTrn36Kyh00 saYIUmgphNnz0zAWyBPEwM6vBaUV0ZGCYc7sg/pgbzV3u3quPMeQWi9w2dJtx86p BzMCRpKM1lzVfS9x3eBcIo7T2+NuPRSWeL0gmTzOq6irm+YAnCX5jYhxs7VKYsAH 0bmFnK/FQ1YMorenpVJis6/fi3VSuKOjMZDc5xzdqzeYbXQjsdXemV2cNiXaf2k7 nDEMh9Z1Cc9uh8PVqwX3uKJh2nyyLU63Ve6eAXl4u9cYy3miD5UBsAbIYGl6exf7 ZPWSOBLPOfEdAEFBMRBuei1YFQVBkfHvZSDS6U040oFugXEsGkfjqs0/AQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFMXx45b0eBqpiyh6wRdlEI+c5Z5eMB8GA1UdIwQY MBaAFDIexGJuzeJTNa/wiLBMcTla5rwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWg3RVltN040bE0xcl9DSXNFeHhPVnJtdkNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84ZTA4YjMtNDg3Yy00ODVhLTk0Nzkt YjA4NGM3Mzg2MWI4LzEveGZIamx2UjRHcW1MS0hyQkYyVVFqNXpsbmw0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC84ZTA4YjMtNDg3Yy00ODVhLTk0NzktYjA4NGM3Mzg2MWI4 LzEvTWg3RVltN040bE0xcl9DSXNFeHhPVnJtdkNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgFsYDAw DQYJKoZIhvcNAQELBQADggEBACSp1NAzo3Q74ulB1VHS6FbPMirbNUCbjCsg8xXg +bOkIsfQoUajLhVk4nSq5zjh3kA+ymHKwx5tyDDHgRlnpO/f6waQ80iTldpb6BnQ aXQChq52KH4eEqpUlEMX4CUoF9VtvIAdkDj5YzhviaXVOk/c7Q5ZnLueV7ofXsF3 n/kH+DKbROodkdgfX9czvax5UCDdPZW+dPYFe51mn1ryN4FTBYL4NfH7O/fAyQfj Gmc6MNuZ7evler8+9OmlpfftqzsyFoj2nQaBkDujto+ao205QNMe2hcs53sUtqYg rclaIB5LuUultJYCRnToAlI5+61MK2bZFOqTJJKTBwqXS2c= -----END CERTIFICATE-----Generated at Mon Jan 26 02:07:34 2026 by rpki-client