This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/D8y4sjkGpeIiHLe_h9a8iEbgYNY.roa File: D8y4sjkGpeIiHLe_h9a8iEbgYNY.roa (raw, json) Hash identifier: TDMEwz5gt3EPb3Q8n7MUHWvN5PqCg9O85yXhInv+mAY= Subject key identifier: 0F:CC:B8:B2:39:06:A5:E2:22:1C:B7:BF:87:D6:BC:88:46:E0:60:D6 Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f Certificate serial: 019B9EF376AC31D15C3F7D3EE10B4E7BFBE6 Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/D8y4sjkGpeIiHLe_h9a8iEbgYNY.roa Signing time: Thu 08 Jan 2026 18:51:54 +0000 ROA not before: Thu 08 Jan 2026 18:51:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20473 IP address blocks: 2a04:5b81:2010::/44 maxlen: 48 2a04:5b81:2060::/44 maxlen: 48 2a04:5b81:2100::/40 maxlen: 48 2a04:5b81:2130::/44 maxlen: 48 2a04:5b81:21d0::/44 maxlen: 44 2a04:5b81:2200::/39 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.mft rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 21:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9e:f3:76:ac:31:d1:5c:3f:7d:3e:e1:0b:4e:7b:fb:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f Validity Not Before: Jan 8 18:51:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0fccb8b23906a5e2221cb7bf87d6bc8846e060d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:4b:17:93:0c:f6:70:6c:1d:ea:98:20:ad:c8: c8:bb:20:de:40:ed:33:48:31:70:48:fb:13:84:e3: fa:f2:b1:57:21:52:d3:b3:22:6a:76:26:6e:5a:ea: d2:86:09:80:b3:62:4a:d0:e0:4e:75:5c:21:64:98: a4:35:2a:78:1e:ac:27:74:be:79:05:9e:cf:4e:a9: 1e:70:d7:91:26:83:37:fd:8e:57:3d:c4:5a:54:68: 92:8d:c9:6f:1e:0e:bb:19:b9:f4:d4:fb:5b:5e:17: 7a:b0:bb:49:55:3b:5a:93:3c:49:2f:e3:dc:d8:93: d3:ce:88:55:89:2f:32:ad:84:ca:7b:75:ed:3b:eb: 46:f3:b6:1a:4e:22:52:2e:6b:ba:46:d4:ac:d5:f0: 0f:22:98:1d:83:6b:be:4a:5f:89:ec:ac:dc:34:62: ed:f1:e6:f1:8c:ed:92:31:b2:2c:4e:5c:75:d2:57: f7:55:43:40:a4:8c:51:b4:0d:b1:4a:b6:95:89:11: d1:8c:ff:51:1b:c4:74:99:94:2e:9d:35:14:12:4f: bc:4c:b6:b2:9b:4d:8d:4d:10:15:c6:f9:e1:28:36: 5b:af:6c:d5:fe:d6:f8:0c:5d:3d:42:2d:9b:22:49: 52:82:66:94:0a:e8:b3:41:ca:31:33:46:f5:d6:1c: 13:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:CC:B8:B2:39:06:A5:E2:22:1C:B7:BF:87:D6:BC:88:46:E0:60:D6 X509v3 Authority Key Identifier: keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/D8y4sjkGpeIiHLe_h9a8iEbgYNY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a04:5b81:2010::/44 2a04:5b81:2060::/44 2a04:5b81:2100::-2a04:5b81:23ff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 12:77:03:41:35:ef:42:0c:58:c3:ee:a1:cb:5a:ba:b3:89:15: a5:b8:8f:49:9a:8e:2a:c8:42:1b:af:df:40:94:51:1a:dc:08: a7:d1:08:38:4b:4e:6c:b2:c8:7f:f3:af:76:55:88:69:d9:85: 11:41:2c:29:49:1d:89:62:9a:1b:a6:77:fd:fc:90:a2:d9:a2: 1f:cd:6a:86:f0:79:7a:da:e4:3e:90:4c:fd:aa:70:f9:3d:ea: c1:04:12:ba:43:18:5f:1c:65:74:6b:e5:e4:e6:a0:60:9b:0a: 5b:35:37:9b:c9:e3:c0:8d:6f:89:32:fd:cb:3d:2b:ed:97:88: 07:7a:78:0d:13:9f:4f:a7:3d:93:83:5e:57:6e:9e:f7:0e:2a: fc:ea:ab:42:a4:5d:91:03:28:01:39:71:32:26:69:c7:ab:d9: a0:a4:68:cf:3c:1e:4e:e3:24:c8:8e:57:48:69:75:4b:92:5a: da:e5:d5:65:b7:10:67:24:e8:c3:53:9e:b8:7b:42:c2:49:49: ae:11:e7:1e:e6:18:3b:38:83:05:39:ff:b0:44:54:17:e7:5f: c0:ee:68:f9:c7:0d:81:71:8d:06:bc:53:ba:a0:b7:4f:31:9b: a2:0f:96:bb:03:de:7e:c2:8b:e0:75:62:94:28:85:ce:02:e4: b8:72:d1:3f -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZue83asMdFcP30+4QtOe/vmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1 MTNhMGYwHhcNMjYwMTA4MTg1MTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZmNjYjhiMjM5MDZhNWUyMjIxY2I3YmY4N2Q2YmM4ODQ2ZTA2MGQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwksXkwz2cGwd6pggrcjIuyDeQO0z SDFwSPsThOP68rFXIVLTsyJqdiZuWurShgmAs2JK0OBOdVwhZJikNSp4HqwndL55 BZ7PTqkecNeRJoM3/Y5XPcRaVGiSjclvHg67Gbn01PtbXhd6sLtJVTtakzxJL+Pc 2JPTzohViS8yrYTKe3XtO+tG87YaTiJSLmu6RtSs1fAPIpgdg2u+Sl+J7KzcNGLt 8ebxjO2SMbIsTlx10lf3VUNApIxRtA2xSraViRHRjP9RG8R0mZQunTUUEk+8TLay m02NTRAVxvnhKDZbr2zV/tb4DF09Qi2bIklSgmaUCuizQcoxM0b11hwTvQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFA/MuLI5BqXiIhy3v4fWvIhG4GDWMB8GA1UdIwQY MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt MWQyMWQxYmNlM2ZlLzEvRDh5NHNqa0dwZUlpSExlX2g5YThpRWJnWU5ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKgRbgSAQ AwcEKgRbgSBgMBADBgAqBFuBIQMGAioEW4EgMA0GCSqGSIb3DQEBCwUAA4IBAQAS dwNBNe9CDFjD7qHLWrqziRWluI9Jmo4qyEIbr99AlFEa3Ain0Qg4S05sssh/8692 VYhp2YURQSwpSR2JYpobpnf9/JCi2aIfzWqG8Hl62uQ+kEz9qnD5PerBBBK6Qxhf HGV0a+Xk5qBgmwpbNTebyePAjW+JMv3LPSvtl4gHengNE59Ppz2Tg15Xbp73Dir8 6qtCpF2RAygBOXEyJmnHq9mgpGjPPB5O4yTIjldIaXVLklra5dVltxBnJOjDU564 e0LCSUmuEece5hg7OIMFOf+wRFQX51/A7mj5xw2BcY0GvFO6oLdPMZuiD5a7A95+ wovgdWKUKIXOAuS4ctE/ -----END CERTIFICATE-----Generated at Sun Jan 25 08:00:32 2026 by rpki-client