This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/l1MJKpxpJrooh4yYg2GeABzuRlk.roa File: l1MJKpxpJrooh4yYg2GeABzuRlk.roa (raw, json) Hash identifier: auDKOkr78/mYWOPaTVOBS3ng5JPSWspfHkibCydvr1k= Subject key identifier: 97:53:09:2A:9C:69:26:BA:28:87:8C:98:83:61:9E:00:1C:EE:46:59 Certificate issuer: /CN=7f6bd1a6b04625c571d830f878b1c0238247408c Certificate serial: 019B7DC94E8E6A9AABEFFE6BFB4595525CE5 Authority key identifier: 7F:6B:D1:A6:B0:46:25:C5:71:D8:30:F8:78:B1:C0:23:82:47:40:8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f2vRprBGJcVx2DD4eLHAI4JHQIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/l1MJKpxpJrooh4yYg2GeABzuRlk.roa Signing time: Fri 02 Jan 2026 08:18:23 +0000 ROA not before: Fri 02 Jan 2026 08:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 996 IP address blocks: 2a0b:d500::/29 maxlen: 32 2a0b:d500::/32 maxlen: 32 2a0b:d501::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/f2vRprBGJcVx2DD4eLHAI4JHQIw.crl rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/f2vRprBGJcVx2DD4eLHAI4JHQIw.mft rsync://rpki.ripe.net/repository/DEFAULT/f2vRprBGJcVx2DD4eLHAI4JHQIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:4e:8e:6a:9a:ab:ef:fe:6b:fb:45:95:52:5c:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f6bd1a6b04625c571d830f878b1c0238247408c Validity Not Before: Jan 2 08:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9753092a9c6926ba28878c9883619e001cee4659 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:c2:13:22:2b:80:4d:23:eb:f6:57:06:48:03: 6d:bb:1a:98:b0:fc:ff:37:7c:7b:41:70:1d:04:79: 61:36:d4:d4:8e:03:a9:25:f4:2a:12:49:4b:4d:7e: 9b:7e:1b:c2:31:3e:94:5c:eb:ae:08:06:58:47:2c: 9a:90:86:8a:c3:c7:53:b9:03:a1:e8:bd:d4:b8:60: 98:fc:70:13:a9:e0:5d:bd:cc:61:be:f6:8b:3f:85: f6:fc:05:33:c2:0a:39:39:81:83:6f:ce:f3:4e:ab: d9:a6:d8:cc:47:c8:f9:41:e5:87:18:83:ef:66:b5: 89:5a:42:e4:27:52:55:47:3b:ef:a4:d1:85:48:c1: 39:06:53:59:2d:8f:67:56:e2:a6:4f:e4:3b:82:9c: b8:32:6b:1c:35:dc:3d:07:72:53:69:3a:ca:e8:5a: 26:8e:0e:67:c1:e6:06:db:2f:21:20:c7:ab:19:8f: 67:e4:0c:3b:fe:cc:ad:65:ad:e7:a1:54:b6:31:39: c2:7a:0f:81:7c:3c:d6:95:3b:88:ce:4c:60:a0:ce: e4:e7:6c:5e:d0:4b:e0:f7:c1:59:32:de:4c:cc:86: 10:86:8d:b9:95:eb:21:cb:c4:cf:a5:25:6c:d9:6f: 00:b4:0a:29:7a:5a:3a:96:ef:7a:1e:0d:d0:bf:ee: 76:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:53:09:2A:9C:69:26:BA:28:87:8C:98:83:61:9E:00:1C:EE:46:59 X509v3 Authority Key Identifier: keyid:7F:6B:D1:A6:B0:46:25:C5:71:D8:30:F8:78:B1:C0:23:82:47:40:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2vRprBGJcVx2DD4eLHAI4JHQIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/l1MJKpxpJrooh4yYg2GeABzuRlk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/f2vRprBGJcVx2DD4eLHAI4JHQIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:d500::/29 Signature Algorithm: sha256WithRSAEncryption 81:25:86:47:e9:d0:9a:bf:5c:81:21:bd:fc:07:13:00:b9:6f: b9:6c:f3:67:3f:48:16:8d:d1:79:be:d5:99:88:2d:b1:e2:45: ae:2d:28:04:96:35:81:20:d9:ca:5c:ac:6a:a1:2a:0c:14:97: 64:a0:5b:3d:95:bd:40:48:e7:1f:0c:9a:13:be:9b:6f:7f:03: 28:6a:eb:72:7a:ac:ad:3a:ad:d9:97:fd:f1:a4:19:0f:fc:3c: 91:52:f8:29:6a:11:bb:72:03:52:2c:5f:ea:fe:8a:20:b4:66: 15:d2:4a:bb:1f:d1:86:83:63:29:2a:df:a9:7a:ba:0c:dc:43: 51:24:53:e1:55:81:20:3e:3b:2e:08:93:5a:0f:81:9f:42:28: 43:11:6c:68:92:33:16:37:5b:ad:be:52:a1:ef:79:14:0d:25: 27:2d:12:47:34:d3:38:44:10:9a:28:61:b8:7f:cb:24:ea:5f: cd:7c:72:ae:7e:66:04:6b:92:87:d3:f9:c9:09:4f:ba:c0:22: 30:68:fd:61:f4:d9:36:ba:bc:43:a3:fe:6d:d2:37:89:31:ad: 06:9e:af:24:f7:c6:97:22:b1:9e:16:9c:88:1b:f6:52:27:b0: 09:46:f3:9c:0a:89:87:a0:13:5c:11:c5:ab:5d:79:3e:f2:13: ca:91:8f:16 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt9yU6Oapqr7/5r+0WVUlzlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmNmJkMWE2YjA0NjI1YzU3MWQ4MzBmODc4YjFjMDIzODI0 NzQwOGMwHhcNMjYwMTAyMDgxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NzUzMDkyYTljNjkyNmJhMjg4NzhjOTg4MzYxOWUwMDFjZWU0NjU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9sITIiuATSPr9lcGSANtuxqYsPz/ N3x7QXAdBHlhNtTUjgOpJfQqEklLTX6bfhvCMT6UXOuuCAZYRyyakIaKw8dTuQOh 6L3UuGCY/HATqeBdvcxhvvaLP4X2/AUzwgo5OYGDb87zTqvZptjMR8j5QeWHGIPv ZrWJWkLkJ1JVRzvvpNGFSME5BlNZLY9nVuKmT+Q7gpy4MmscNdw9B3JTaTrK6Fom jg5nweYG2y8hIMerGY9n5Aw7/sytZa3noVS2MTnCeg+BfDzWlTuIzkxgoM7k52xe 0Evg98FZMt5MzIYQho25leshy8TPpSVs2W8AtAopelo6lu96Hg3Qv+52PQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFJdTCSqcaSa6KIeMmINhngAc7kZZMB8GA1UdIwQY MBaAFH9r0aawRiXFcdgw+HixwCOCR0CMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZjJ2UnByQkdKY1Z4MkRENGVMSEFJNEpIUUl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9iYzY2ZDctNTdhYi00NzVkLTk2YmEt ODliNmMzMjMxNWMyLzEvbDFNSktweHBKcm9vaDR5WWcyR2VBQnp1UmxrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC9iYzY2ZDctNTdhYi00NzVkLTk2YmEtODliNmMzMjMxNWMy LzEvZjJ2UnByQkdKY1Z4MkRENGVMSEFJNEpIUUl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgvVADAN BgkqhkiG9w0BAQsFAAOCAQEAgSWGR+nQmr9cgSG9/AcTALlvuWzzZz9IFo3Reb7V mYgtseJFri0oBJY1gSDZylysaqEqDBSXZKBbPZW9QEjnHwyaE76bb38DKGrrcnqs rTqt2Zf98aQZD/w8kVL4KWoRu3IDUixf6v6KILRmFdJKux/RhoNjKSrfqXq6DNxD USRT4VWBID47LgiTWg+Bn0IoQxFsaJIzFjdbrb5Soe95FA0lJy0SRzTTOEQQmihh uH/LJOpfzXxyrn5mBGuSh9P5yQlPusAiMGj9YfTZNrq8Q6P+bdI3iTGtBp6vJPfG lyKxnhaciBv2UiewCUbznAqJh6ATXBHFq115PvITypGPFg== -----END CERTIFICATE-----Generated at Sun Jan 25 17:41:26 2026 by rpki-client