This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/7CXmH7ThrZok20WiAGjCXCBOzas.roa File: 7CXmH7ThrZok20WiAGjCXCBOzas.roa (raw, json) Hash identifier: ML0vggVdekDweRUo8ISIsoQBBgpWCyTUPYs8nGYXR2s= Subject key identifier: EC:25:E6:1F:B4:E1:AD:9A:24:DB:45:A2:00:68:C2:5C:20:4E:CD:AB Certificate issuer: /CN=d914da56e1a934649da02964ac12eba34c5cb84f Certificate serial: 019B7FF1D87C2A817E45B8D84FE6458D2177 Authority key identifier: D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/7CXmH7ThrZok20WiAGjCXCBOzas.roa Signing time: Fri 02 Jan 2026 18:21:54 +0000 ROA not before: Fri 02 Jan 2026 18:21:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48883 IP address blocks: 2a13:e3c1:9b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.mft rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:d8:7c:2a:81:7e:45:b8:d8:4f:e6:45:8d:21:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d914da56e1a934649da02964ac12eba34c5cb84f Validity Not Before: Jan 2 18:21:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ec25e61fb4e1ad9a24db45a20068c25c204ecdab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:21:83:c7:ab:45:dd:8f:97:2e:04:b2:76:90: 5e:8d:ba:ed:83:15:03:c1:db:8f:a3:e8:7f:56:be: 90:f6:3e:0d:39:e4:6c:ea:5e:c4:e6:9c:87:70:b6: 2b:da:6f:9d:51:4b:b5:84:91:fa:80:d4:a9:5c:10: 2a:5c:06:7f:f9:f3:ff:83:3f:11:96:e1:c3:4c:03: d0:d4:0f:83:b5:c1:ae:35:4c:24:86:9a:2e:6f:79: e6:f7:68:3e:d4:60:33:42:e7:ad:45:5e:10:e3:5b: a4:14:8a:39:4a:f0:c1:b9:c0:7f:e4:c4:e4:0b:f8: 5b:b8:d1:12:f6:fb:d2:15:12:0d:d5:66:19:4b:48: d5:5c:74:62:8a:90:e8:b6:aa:33:d1:36:bc:a6:41: 45:c2:ac:17:e2:e3:ad:27:12:b4:c7:6c:6b:a1:3a: f7:d9:58:10:33:75:40:ed:c2:d0:44:d1:39:2a:bd: e2:fd:84:15:59:30:83:21:cc:59:48:45:7d:62:77: 63:a1:18:8c:69:f1:5f:7f:8a:49:30:e2:2e:08:f7: e8:ef:bf:15:e4:c2:bb:cd:f2:69:98:be:69:1b:4c: 77:6e:11:75:08:3c:6e:b9:85:fb:75:a9:94:d7:bd: 7c:49:2e:83:00:ce:ec:8b:53:94:90:41:b8:e6:04: 78:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:25:E6:1F:B4:E1:AD:9A:24:DB:45:A2:00:68:C2:5C:20:4E:CD:AB X509v3 Authority Key Identifier: keyid:D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/7CXmH7ThrZok20WiAGjCXCBOzas.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:e3c1:9b::/48 Signature Algorithm: sha256WithRSAEncryption be:c9:94:f8:96:95:d8:d3:f5:b9:09:36:c4:d6:cd:ed:4f:0c: a8:62:b4:a7:31:d7:a5:ca:78:d9:8d:1a:19:ba:07:f7:5f:29: 97:5a:d3:bf:8b:61:40:a4:ec:ad:bc:7b:6b:46:3e:6c:30:24: b0:38:42:d8:9f:98:dd:b3:ed:29:ac:82:65:5a:bb:0a:1c:f8: 16:24:70:ec:9b:83:1e:92:f2:a5:c9:f9:45:41:75:bf:8a:b9: 46:a0:57:9f:c1:81:0e:f3:85:fb:9d:7b:b8:b3:1c:3a:0a:68: 01:8b:03:fe:22:37:96:e9:db:3a:c9:3b:85:cc:b9:c0:a8:c8: ac:50:dc:98:e3:ba:49:31:fd:f6:6e:01:6a:43:cc:fd:a7:86: aa:f3:b2:f4:79:0d:cc:3f:a1:1f:3f:55:ec:7f:0e:7b:29:e7: 3c:78:f6:cf:bc:e7:ae:c9:e8:8d:6b:17:15:41:fc:f2:a3:6d: ec:21:be:e1:a0:e8:4e:b0:82:d1:2a:41:9f:00:69:3c:d7:47: 38:18:5a:06:76:7f:39:bc:a3:0d:0f:21:c5:e2:76:80:61:b3: 12:a1:7c:d3:ab:05:1e:d2:58:e5:7b:24:36:e4:db:9d:f0:8b: d5:c5:1b:6b:fd:07:af:08:0f:f1:68:a2:22:ae:42:ff:60:3a: be:b0:a2:be -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/8dh8KoF+RbjYT+ZFjSF3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5MTRkYTU2ZTFhOTM0NjQ5ZGEwMjk2NGFjMTJlYmEzNGM1 Y2I4NGYwHhcNMjYwMTAyMTgyMTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlYzI1ZTYxZmI0ZTFhZDlhMjRkYjQ1YTIwMDY4YzI1YzIwNGVjZGFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SGDx6tF3Y+XLgSydpBejbrtgxUD wduPo+h/Vr6Q9j4NOeRs6l7E5pyHcLYr2m+dUUu1hJH6gNSpXBAqXAZ/+fP/gz8R luHDTAPQ1A+DtcGuNUwkhpoub3nm92g+1GAzQuetRV4Q41ukFIo5SvDBucB/5MTk C/hbuNES9vvSFRIN1WYZS0jVXHRiipDotqoz0Ta8pkFFwqwX4uOtJxK0x2xroTr3 2VgQM3VA7cLQRNE5Kr3i/YQVWTCDIcxZSEV9YndjoRiMafFff4pJMOIuCPfo778V 5MK7zfJpmL5pG0x3bhF1CDxuuYX7damU1718SS6DAM7si1OUkEG45gR4VwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFOwl5h+04a2aJNtFogBowlwgTs2rMB8GA1UdIwQY MBaAFNkU2lbhqTRknaApZKwS66NMXLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2It ZjZiY2NmMWU1MzFmLzEvN0NYbUg3VGhyWm9rMjBXaUFHakNYQ0JPemFzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2ItZjZiY2NmMWU1MzFm LzEvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPjwQCb MA0GCSqGSIb3DQEBCwUAA4IBAQC+yZT4lpXY0/W5CTbE1s3tTwyoYrSnMdelynjZ jRoZugf3XymXWtO/i2FApOytvHtrRj5sMCSwOELYn5jds+0prIJlWrsKHPgWJHDs m4MekvKlyflFQXW/irlGoFefwYEO84X7nXu4sxw6CmgBiwP+IjeW6ds6yTuFzLnA qMisUNyY47pJMf32bgFqQ8z9p4aq87L0eQ3MP6EfP1Xsfw57Kec8ePbPvOeuyeiN axcVQfzyo23sIb7hoOhOsILRKkGfAGk810c4GFoGdn85vKMNDyHF4naAYbMSoXzT qwUe0ljleyQ25Nud8IvVxRtr/QevCA/xaKIirkL/YDq+sKK+ -----END CERTIFICATE-----Generated at Mon Jan 26 03:28:13 2026 by rpki-client