This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/lWXP4ZD7LyYWsz6B8qMtLIJG-sE.roa File: lWXP4ZD7LyYWsz6B8qMtLIJG-sE.roa (raw, json) Hash identifier: qryQy/5tlRLO0dyPYHVWOe1mQmpdbIPyn8DRUs1T4c4= Subject key identifier: 95:65:CF:E1:90:FB:2F:26:16:B3:3E:81:F2:A3:2D:2C:82:46:FA:C1 Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9 Certificate serial: 019B7C110D2C13FB05649AF1CE6B2CF5F5C0 Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/lWXP4ZD7LyYWsz6B8qMtLIJG-sE.roa Signing time: Fri 02 Jan 2026 00:17:30 +0000 ROA not before: Fri 02 Jan 2026 00:17:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209968 IP address blocks: 2a09:be41::/32 maxlen: 48 2a09:be42::/31 maxlen: 48 2a09:be44::/30 maxlen: 48 2a0e:ec00::/30 maxlen: 48 2a0e:ec04::/31 maxlen: 48 2a12:49c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.mft rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:0d:2c:13:fb:05:64:9a:f1:ce:6b:2c:f5:f5:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9 Validity Not Before: Jan 2 00:17:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9565cfe190fb2f2616b33e81f2a32d2c8246fac1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:84:8c:87:ea:21:30:42:97:5b:de:4f:3b:43: 0f:50:5d:92:b1:72:8f:a4:2a:b5:ca:48:47:99:f6: bf:c6:5a:fb:31:6d:e6:16:e3:f3:da:86:35:00:f7: 0e:cd:a4:0d:50:f5:d7:02:bd:ac:69:02:6a:f1:3f: d0:22:93:49:66:df:4f:37:01:c3:55:e2:03:e8:bb: f2:c6:58:dd:10:31:dc:a9:7e:f2:e5:57:75:72:27: 13:66:f0:1f:26:ca:ec:47:f4:4f:56:c1:1b:b6:e1: 45:86:7d:21:a7:66:7a:aa:71:08:31:37:7c:9c:53: 51:a8:6d:62:bc:20:af:84:df:f0:21:ed:76:67:9b: 09:69:f9:6f:02:e1:5f:9e:71:ac:0b:c4:8e:68:3e: d9:66:7e:7e:88:f8:42:0b:63:5e:eb:c6:7a:10:08: f0:55:00:c1:6e:13:b4:57:74:3e:8e:d6:22:0f:a9: 63:4e:1e:85:4c:e2:d1:bc:b3:3b:8d:6c:2a:6a:a9: a4:f9:3e:7f:e8:b6:4e:82:69:39:d0:38:b2:f6:d8: 48:5a:a9:f3:9f:d2:15:76:88:e6:41:da:e5:af:18: fb:2e:f4:c8:16:d8:28:0c:c4:4c:82:eb:e8:c6:4b: d7:f5:74:00:61:fd:ab:3c:05:aa:7d:fb:b7:0d:a0: ab:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:65:CF:E1:90:FB:2F:26:16:B3:3E:81:F2:A3:2D:2C:82:46:FA:C1 X509v3 Authority Key Identifier: keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/lWXP4ZD7LyYWsz6B8qMtLIJG-sE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff 2a0e:ec00::-2a0e:ec05:ffff:ffff:ffff:ffff:ffff:ffff 2a12:49c0::/29 Signature Algorithm: sha256WithRSAEncryption 44:5e:d8:c4:ad:99:b3:12:e9:99:f6:64:f2:3a:57:a3:23:83: 93:6e:d3:3c:87:a9:26:bb:08:43:1f:65:24:47:4f:2a:1d:ee: 25:5a:b4:92:bd:b1:c6:49:1b:a4:f9:b3:5b:c9:1a:d4:fe:2b: b4:c8:a3:b7:38:a9:4c:a1:32:a8:18:88:8b:6c:92:2c:d3:b5: 1e:98:48:f1:21:d6:fa:27:17:85:d1:c0:e7:cf:08:15:74:12: 75:d2:97:45:b4:37:b9:e7:95:72:66:5f:94:21:90:ff:99:1d: 24:aa:f0:9d:b3:6a:18:5a:5c:ca:f8:c3:68:5f:fc:ce:09:11: 49:61:35:da:00:30:83:6c:54:b4:6f:53:b0:55:f4:f9:02:27: 2c:75:6e:e2:17:12:8d:b7:64:d2:51:c4:87:67:4e:b4:ab:51: 43:cc:ab:99:df:44:b3:63:9d:58:89:c3:9c:80:58:68:fc:f2: bc:d5:7c:90:88:9e:88:1b:3a:8b:73:2e:64:ca:bd:9e:7e:79: d6:a8:a7:57:89:16:82:95:0d:1c:02:86:87:56:16:7c:27:da: 4d:66:57:5c:f7:e3:7f:99:d7:c1:2f:d9:54:10:5a:c1:75:c0: 27:75:5a:ea:76:1f:bd:9e:95:b8:fd:04:f6:86:6e:fd:8c:61: 58:da:19:44 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZt8EQ0sE/sFZJrxzmss9fXAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz NDY5YzkwHhcNMjYwMTAyMDAxNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTY1Y2ZlMTkwZmIyZjI2MTZiMzNlODFmMmEzMmQyYzgyNDZmYWMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyISMh+ohMEKXW95PO0MPUF2SsXKP pCq1ykhHmfa/xlr7MW3mFuPz2oY1APcOzaQNUPXXAr2saQJq8T/QIpNJZt9PNwHD VeID6LvyxljdEDHcqX7y5Vd1cicTZvAfJsrsR/RPVsEbtuFFhn0hp2Z6qnEIMTd8 nFNRqG1ivCCvhN/wIe12Z5sJaflvAuFfnnGsC8SOaD7ZZn5+iPhCC2Ne68Z6EAjw VQDBbhO0V3Q+jtYiD6ljTh6FTOLRvLM7jWwqaqmk+T5/6LZOgmk50Diy9thIWqnz n9IVdojmQdrlrxj7LvTIFtgoDMRMguvoxkvX9XQAYf2rPAWqffu3DaCrrwIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFJVlz+GQ+y8mFrM+gfKjLSyCRvrBMB8GA1UdIwQY MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt M2NlM2NmOGIxYzQ5LzEvbFdYUDRaRDdMeVlXc3o2QjhxTXRMSUpHLXNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5 LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMA4DBQAqCb5B AwUDKgm+QDANAwQCKg7sAwUBKg7sBAMFAyoSScAwDQYJKoZIhvcNAQELBQADggEB AERe2MStmbMS6Zn2ZPI6V6Mjg5Nu0zyHqSa7CEMfZSRHTyod7iVatJK9scZJG6T5 s1vJGtT+K7TIo7c4qUyhMqgYiItskizTtR6YSPEh1vonF4XRwOfPCBV0EnXSl0W0 N7nnlXJmX5QhkP+ZHSSq8J2zahhaXMr4w2hf/M4JEUlhNdoAMINsVLRvU7BV9PkC Jyx1buIXEo23ZNJRxIdnTrSrUUPMq5nfRLNjnViJw5yAWGj88rzVfJCInogbOotz LmTKvZ5+edaop1eJFoKVDRwChodWFnwn2k1mV1z343+Z18Ev2VQQWsF1wCd1Wup2 H72elbj9BPaGbv2MYVjaGUQ= -----END CERTIFICATE-----Generated at Sun Jan 25 11:40:39 2026 by rpki-client