This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/u21fpxmmOR9mlnHoRxP6iE7HrmQ.roa File: u21fpxmmOR9mlnHoRxP6iE7HrmQ.roa (raw, json) Hash identifier: UB+VK364X+iu32GdfVjBn8r1mi4BDsfoTepchYMyQUY= Subject key identifier: BB:6D:5F:A7:19:A6:39:1F:66:96:71:E8:47:13:FA:88:4E:C7:AE:64 Certificate issuer: /CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f Certificate serial: 019B7E38F6E913DE65590C8AC8DE172FED23 Authority key identifier: F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/u21fpxmmOR9mlnHoRxP6iE7HrmQ.roa Signing time: Fri 02 Jan 2026 10:20:20 +0000 ROA not before: Fri 02 Jan 2026 10:20:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211615 IP address blocks: 2a12:5840:2410::/44 maxlen: 48 2a12:5840:2410::/48 maxlen: 48 2a12:5840:2411::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.mft rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:f6:e9:13:de:65:59:0c:8a:c8:de:17:2f:ed:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f Validity Not Before: Jan 2 10:20:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bb6d5fa719a6391f669671e84713fa884ec7ae64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:04:de:43:90:de:6c:00:d5:e9:60:ee:54:9e: a0:36:7a:d2:fd:fa:7b:f3:11:5e:3c:ee:ad:16:d5: f2:09:2e:5d:20:90:fa:da:e1:3f:cd:fa:28:c0:b4: 6f:23:45:41:bf:59:25:f5:57:95:98:bf:42:da:57: a6:27:5d:98:89:2d:d9:a3:77:fc:c5:62:af:5f:a7: 62:b4:17:5d:43:ba:c1:df:e6:d9:18:81:df:c0:51: e3:2e:dd:93:5d:01:58:f2:c4:cc:ae:48:d1:87:a2: 2d:28:b2:fb:92:5b:f6:78:ca:f3:b7:b5:8b:2a:e4: 04:32:90:7b:9b:9b:63:4b:7e:33:f4:66:65:68:ff: 3b:c1:0b:07:d9:10:a2:c3:14:1f:cc:30:ec:46:b3: 26:71:0c:e0:16:ac:3a:7d:14:76:36:8b:ee:6c:58: 8a:1c:db:70:af:f8:54:bf:c5:59:38:5d:5a:2a:0d: 8e:85:51:7d:3b:c2:33:a5:cc:67:9a:dc:d4:6a:b6: 31:35:04:ac:12:34:b8:be:90:78:20:ae:f5:d1:ce: 5e:fd:0b:e3:bb:ec:0e:30:50:0b:a0:59:b4:76:04: 44:11:4d:4b:b6:03:f2:43:ec:43:a1:62:40:65:f2: ee:41:00:1f:6d:a9:a6:5d:f5:e1:ad:09:45:c0:a4: ff:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:6D:5F:A7:19:A6:39:1F:66:96:71:E8:47:13:FA:88:4E:C7:AE:64 X509v3 Authority Key Identifier: keyid:F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/u21fpxmmOR9mlnHoRxP6iE7HrmQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:5840:2410::/44 Signature Algorithm: sha256WithRSAEncryption 58:0e:79:02:45:49:a2:38:16:31:3d:39:ad:b0:4c:72:ae:1b: eb:31:ed:5b:fa:f7:ff:1b:14:57:3f:5b:92:5c:8d:19:2b:1f: a8:c3:0c:05:dc:5a:f6:60:eb:4b:62:63:63:4f:9d:34:9d:0d: fb:af:4d:a0:b0:06:d7:24:3f:3f:70:b5:a1:09:85:28:3b:25: 46:bc:f8:3a:f4:c0:a4:c0:a4:b1:33:f0:f8:d2:07:08:c1:f2: f8:7a:16:aa:d6:99:e3:a3:53:19:b2:2c:91:72:f2:76:bd:5e: 9f:54:bd:eb:36:c7:5c:0f:9e:65:66:2b:27:38:81:6a:d8:bb: 46:8e:f3:1d:3f:1e:f0:20:64:bd:08:ab:54:38:c9:39:53:73: 90:56:c4:9d:03:31:a3:00:3f:16:87:8d:34:f3:1e:b9:e2:1c: 66:4d:b4:ac:57:ee:c6:0c:98:5d:32:e0:03:4c:be:4f:2c:38: ac:b7:8c:5d:9d:47:9b:ad:78:2e:81:e6:9b:68:73:ac:00:8b: 46:bd:f5:e6:40:82:ca:e6:74:5d:5b:4f:e2:a7:aa:ad:51:96: c4:e5:2b:3a:74:01:17:21:6b:56:37:67:2e:88:08:01:11:78: c3:5c:51:f9:ca:fb:b7:93:29:54:f9:d0:cd:8c:6f:1d:de:dc: 61:22:cf:6a -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+OPbpE95lWQyKyN4XL+0jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY2YzNlMDI3ZDJkMWMyZDM2ZDdjOTU0ODY3MjI2YzgzYjY1 ZWI1NmYwHhcNMjYwMTAyMTAyMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYjZkNWZhNzE5YTYzOTFmNjY5NjcxZTg0NzEzZmE4ODRlYzdhZTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQTeQ5DebADV6WDuVJ6gNnrS/fp7 8xFePO6tFtXyCS5dIJD62uE/zfoowLRvI0VBv1kl9VeVmL9C2lemJ12YiS3Zo3f8 xWKvX6ditBddQ7rB3+bZGIHfwFHjLt2TXQFY8sTMrkjRh6ItKLL7klv2eMrzt7WL KuQEMpB7m5tjS34z9GZlaP87wQsH2RCiwxQfzDDsRrMmcQzgFqw6fRR2NovubFiK HNtwr/hUv8VZOF1aKg2OhVF9O8IzpcxnmtzUarYxNQSsEjS4vpB4IK710c5e/Qvj u+wOMFALoFm0dgREEU1LtgPyQ+xDoWJAZfLuQQAfbammXfXhrQlFwKT/pwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFLttX6cZpjkfZpZx6EcT+ohOx65kMB8GA1UdIwQY MBaAFPbD4CfS0cLTbXyVSGcibIO2XrVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOXNQZ0o5TFJ3dE50ZkpWSVp5SnNnN1pldFc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYjI4NzgtNWI3OS00MGY3LWI0YjUt MzU2YzRkN2JiNDUyLzEvdTIxZnB4bW1PUjltbG5Ib1J4UDZpRTdIcm1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi8yYjI4NzgtNWI3OS00MGY3LWI0YjUtMzU2YzRkN2JiNDUy LzEvOXNQZ0o5TFJ3dE50ZkpWSVp5SnNnN1pldFc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhJYQCQQ MA0GCSqGSIb3DQEBCwUAA4IBAQBYDnkCRUmiOBYxPTmtsExyrhvrMe1b+vf/GxRX P1uSXI0ZKx+owwwF3Fr2YOtLYmNjT500nQ37r02gsAbXJD8/cLWhCYUoOyVGvPg6 9MCkwKSxM/D40gcIwfL4ehaq1pnjo1MZsiyRcvJ2vV6fVL3rNsdcD55lZisnOIFq 2LtGjvMdPx7wIGS9CKtUOMk5U3OQVsSdAzGjAD8Wh4008x654hxmTbSsV+7GDJhd MuADTL5PLDist4xdnUebrXgugeabaHOsAItGvfXmQILK5nRdW0/ip6qtUZbE5Ss6 dAEXIWtWN2cuiAgBEXjDXFH5yvu3kylU+dDNjG8d3txhIs9q -----END CERTIFICATE-----Generated at Sun Jan 25 16:11:16 2026 by rpki-client