This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/ivXhF8HUZHKEYR2EUtQx0A5y1L0.roa File: ivXhF8HUZHKEYR2EUtQx0A5y1L0.roa (raw, json) Hash identifier: XQATR8bU8IBZH5tjUzM6YW6W1aJgryoOIOyHkr8fKR0= Subject key identifier: 8A:F5:E1:17:C1:D4:64:72:84:61:1D:84:52:D4:31:D0:0E:72:D4:BD Certificate issuer: /CN=167782bea46fd271768ff46d9b45c057a9df5481 Certificate serial: 019B7C12E6923B98AE8A0845D22B10E26036 Authority key identifier: 16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/ivXhF8HUZHKEYR2EUtQx0A5y1L0.roa Signing time: Fri 02 Jan 2026 00:19:32 +0000 ROA not before: Fri 02 Jan 2026 00:19:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205399 IP address blocks: 2a0a:e080::/29 maxlen: 29 2a0b:e8c0::/29 maxlen: 29 2a0d:ae00::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.crl rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.mft rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:e6:92:3b:98:ae:8a:08:45:d2:2b:10:e2:60:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=167782bea46fd271768ff46d9b45c057a9df5481 Validity Not Before: Jan 2 00:19:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8af5e117c1d4647284611d8452d431d00e72d4bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ae:eb:00:fb:06:66:e5:35:ea:45:54:fc:da: e5:46:95:89:3d:e3:57:18:55:23:21:08:69:ed:7a: cd:d3:78:9f:25:b6:22:0f:cb:3e:ff:f5:01:15:32: 5d:57:ce:44:50:45:d0:d4:2e:ea:81:98:c2:15:54: 19:a5:c6:b9:d1:05:39:a0:67:48:05:18:05:76:53: f7:7e:f3:e4:28:c6:2d:5b:61:73:38:d0:a6:3e:cb: 23:36:17:b0:20:67:88:7c:fd:52:80:06:1f:0c:35: bd:c3:a5:8d:96:0e:e7:a2:d0:a9:52:72:e5:81:d1: 50:26:e8:70:8b:45:8b:75:f4:fc:b6:37:d6:97:9f: 25:a0:51:a1:b5:53:8b:86:5b:44:5e:b2:d3:4a:88: 40:5c:60:b9:16:b3:21:0f:f4:63:69:3e:8b:17:04: 7e:0d:3e:57:01:7e:28:e2:e3:7d:26:43:5e:aa:29: 4b:c8:c7:90:c2:2f:a8:95:be:fd:28:37:69:ee:0f: c8:86:f3:13:d1:c2:92:14:3c:2e:d3:9d:74:4a:c7: c5:e4:87:47:a8:97:f8:8e:2b:e8:22:3c:81:c1:6a: 14:10:60:0f:e9:bf:c3:03:aa:a0:7d:85:6c:37:58: a7:18:26:77:e4:45:ae:8e:48:d0:47:14:98:99:54: f0:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:F5:E1:17:C1:D4:64:72:84:61:1D:84:52:D4:31:D0:0E:72:D4:BD X509v3 Authority Key Identifier: keyid:16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/ivXhF8HUZHKEYR2EUtQx0A5y1L0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:e080::/29 2a0b:e8c0::/29 2a0d:ae00::/29 Signature Algorithm: sha256WithRSAEncryption 55:f6:01:ba:27:e1:b9:f6:5d:c2:d2:87:d2:22:2b:e2:f6:2b: 1c:c2:85:c2:3d:2a:47:ab:5b:e4:86:3d:62:33:44:82:a3:8d: f8:76:f3:ac:17:85:e2:4e:68:46:e0:f0:4c:49:65:13:d2:73: b9:18:93:7d:a1:f0:9e:70:cd:0d:6c:41:63:b2:c3:08:d0:ef: 38:91:8e:9d:04:68:04:a5:35:aa:c4:f7:93:54:84:51:57:7a: 25:83:0f:dc:46:94:8b:dd:3b:80:33:6f:d0:3f:7a:23:14:66: 92:19:52:78:92:45:83:59:4d:4d:46:af:0d:29:bc:49:69:4b: f5:d5:08:a8:31:58:cf:2b:01:f7:59:a2:e3:b5:7b:5c:4b:62: 09:3b:fa:95:3c:93:51:07:81:6e:bd:30:f6:7c:f4:a4:aa:19: 8f:8a:5b:fe:50:e7:23:00:47:17:1b:54:2c:8c:68:af:55:de: ba:f2:14:f2:13:3e:d8:ab:66:75:f9:d3:a0:70:03:9c:0a:c6: 92:66:06:4a:21:a4:63:81:06:49:c1:9a:e8:17:25:4e:87:c2: 0b:04:40:55:dd:3c:cf:9d:e2:e3:fa:71:0c:c1:dc:5b:40:62: b4:ba:84:11:fa:ec:14:83:d5:12:55:41:e5:88:56:85:b2:c5: 93:e7:91:32 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8EuaSO5iuighF0isQ4mA2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE2Nzc4MmJlYTQ2ZmQyNzE3NjhmZjQ2ZDliNDVjMDU3YTlk ZjU0ODEwHhcNMjYwMTAyMDAxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YWY1ZTExN2MxZDQ2NDcyODQ2MTFkODQ1MmQ0MzFkMDBlNzJkNGJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK7rAPsGZuU16kVU/NrlRpWJPeNX GFUjIQhp7XrN03ifJbYiD8s+//UBFTJdV85EUEXQ1C7qgZjCFVQZpca50QU5oGdI BRgFdlP3fvPkKMYtW2FzONCmPssjNhewIGeIfP1SgAYfDDW9w6WNlg7notCpUnLl gdFQJuhwi0WLdfT8tjfWl58loFGhtVOLhltEXrLTSohAXGC5FrMhD/RjaT6LFwR+ DT5XAX4o4uN9JkNeqilLyMeQwi+olb79KDdp7g/IhvMT0cKSFDwu0510SsfF5IdH qJf4jivoIjyBwWoUEGAP6b/DA6qgfYVsN1inGCZ35EWujkjQRxSYmVTwHQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIr14RfB1GRyhGEdhFLUMdAOctS9MB8GA1UdIwQY MBaAFBZ3gr6kb9Jxdo/0bZtFwFep31SBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRm5lQ3ZxUnYwbkYyal9SdG0wWEFWNm5mVklFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9lZjBiOTItNWQ4NS00NzkyLWI1NTEt OWEzNTgzNjI4MjljLzEvaXZYaEY4SFVaSEtFWVIyRVV0UXgwQTV5MUwwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9lZjBiOTItNWQ4NS00NzkyLWI1NTEtOWEzNTgzNjI4Mjlj LzEvRm5lQ3ZxUnYwbkYyal9SdG0wWEFWNm5mVklFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgrggAMF AyoL6MADBQMqDa4AMA0GCSqGSIb3DQEBCwUAA4IBAQBV9gG6J+G59l3C0ofSIivi 9iscwoXCPSpHq1vkhj1iM0SCo434dvOsF4XiTmhG4PBMSWUT0nO5GJN9ofCecM0N bEFjssMI0O84kY6dBGgEpTWqxPeTVIRRV3olgw/cRpSL3TuAM2/QP3ojFGaSGVJ4 kkWDWU1NRq8NKbxJaUv11QioMVjPKwH3WaLjtXtcS2IJO/qVPJNRB4FuvTD2fPSk qhmPilv+UOcjAEcXG1QsjGivVd668hTyEz7Yq2Z1+dOgcAOcCsaSZgZKIaRjgQZJ wZroFyVOh8ILBEBV3TzPneLj+nEMwdxbQGK0uoQR+uwUg9USVUHliFaFssWT55Ey -----END CERTIFICATE-----Generated at Sun Jan 25 19:18:14 2026 by rpki-client