This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/10fa00-ad6b-4b76-863e-4b35ad70cc1a/1/lD0Wwhw0gpihU_arbUQK_IQqs4c.roa File: lD0Wwhw0gpihU_arbUQK_IQqs4c.roa (raw, json) Hash identifier: 6HIhfJOZXKPxqB9WM2oez5Dgrzz0kzJpo4+10uPExmM= Subject key identifier: 94:3D:16:C2:1C:34:82:98:A1:53:F6:AB:6D:44:0A:FC:84:2A:B3:87 Certificate issuer: /CN=674c507a0cdb531374437ebf46dd59a6bd07486c Certificate serial: 019B7E385B1A125C73EA6C7B2B443F5FB162 Authority key identifier: 67:4C:50:7A:0C:DB:53:13:74:43:7E:BF:46:DD:59:A6:BD:07:48:6C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0xQegzbUxN0Q36_Rt1Zpr0HSGw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/10fa00-ad6b-4b76-863e-4b35ad70cc1a/1/lD0Wwhw0gpihU_arbUQK_IQqs4c.roa Signing time: Fri 02 Jan 2026 10:19:41 +0000 ROA not before: Fri 02 Jan 2026 10:19:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211389 IP address blocks: 159.253.123.0/24 maxlen: 24 2a13:38c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/10fa00-ad6b-4b76-863e-4b35ad70cc1a/1/Z0xQegzbUxN0Q36_Rt1Zpr0HSGw.crl rsync://rpki.ripe.net/repository/DEFAULT/68/10fa00-ad6b-4b76-863e-4b35ad70cc1a/1/Z0xQegzbUxN0Q36_Rt1Zpr0HSGw.mft rsync://rpki.ripe.net/repository/DEFAULT/Z0xQegzbUxN0Q36_Rt1Zpr0HSGw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:5b:1a:12:5c:73:ea:6c:7b:2b:44:3f:5f:b1:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=674c507a0cdb531374437ebf46dd59a6bd07486c Validity Not Before: Jan 2 10:19:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=943d16c21c348298a153f6ab6d440afc842ab387 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:b7:88:47:19:e4:30:4b:83:18:2d:01:20:9b: 0e:f5:8b:8f:8a:f8:f7:47:a2:c0:81:de:e8:04:69: f6:74:d1:8f:1d:08:6d:46:83:78:2e:a3:74:4d:ce: 7d:ed:78:3f:1c:5a:a7:aa:da:06:37:61:a8:88:c0: 4b:64:a6:78:2d:72:a4:b1:60:c7:08:b2:85:66:b2: 37:41:1c:c1:b4:e7:fb:71:e0:60:bc:6d:44:4f:8e: 61:93:e1:83:4a:76:7a:f7:12:d7:86:84:01:bb:85: 87:23:a9:77:a3:79:96:97:18:de:1d:12:8c:8c:41: de:b8:91:6e:62:f8:b1:e1:95:3c:19:57:fd:d0:d4: 1f:33:0f:48:9f:a1:96:af:5a:4a:ab:48:6d:77:b4: 6b:73:2e:17:93:5b:8a:1d:5e:72:6a:3e:c8:aa:7f: 8d:76:c3:94:95:26:d5:de:2d:b4:63:c2:5d:03:a4: 35:29:9b:fd:8f:9b:c7:2c:a7:81:43:16:bf:15:51: c2:ac:26:85:7b:d2:7a:0d:59:bb:8c:05:8a:55:07: a2:97:45:6a:9c:5f:f8:fc:d3:7d:ae:c9:cc:84:02: 30:47:cc:a2:ae:d2:6a:f6:f5:0b:3e:d8:1c:19:70: 4d:23:b0:d1:bd:5c:91:73:b6:a6:e4:0d:0b:1a:0b: de:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:3D:16:C2:1C:34:82:98:A1:53:F6:AB:6D:44:0A:FC:84:2A:B3:87 X509v3 Authority Key Identifier: keyid:67:4C:50:7A:0C:DB:53:13:74:43:7E:BF:46:DD:59:A6:BD:07:48:6C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0xQegzbUxN0Q36_Rt1Zpr0HSGw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/10fa00-ad6b-4b76-863e-4b35ad70cc1a/1/lD0Wwhw0gpihU_arbUQK_IQqs4c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/10fa00-ad6b-4b76-863e-4b35ad70cc1a/1/Z0xQegzbUxN0Q36_Rt1Zpr0HSGw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.253.123.0/24 IPv6: 2a13:38c0::/29 Signature Algorithm: sha256WithRSAEncryption 30:34:a3:c4:b2:17:26:d0:eb:bc:21:1f:5b:53:4e:8b:35:e0: bc:8e:aa:34:1a:33:3d:ef:c7:ea:85:38:83:b0:37:43:bf:9d: 3d:f4:97:1f:f5:ff:f3:40:d4:91:43:dd:26:32:11:08:28:f3: 23:34:74:60:55:3c:73:ec:74:af:3e:37:a7:c0:38:b6:26:84: 4f:85:7c:ea:42:a8:83:fa:dc:2c:3d:f1:a6:aa:a7:f0:62:d7: ae:cb:b3:ad:6f:a4:81:d1:00:d4:60:5b:88:ca:62:7f:02:b8: 10:30:de:dc:88:a1:64:f2:25:c5:12:b8:cb:5f:8c:98:97:06: fa:39:d8:04:ce:c2:da:f3:a2:93:71:7f:e6:31:17:d3:fe:9e: 45:8a:92:ac:94:d2:e4:6d:cf:4b:e4:bd:e0:ac:c9:bd:70:a4: dc:e4:95:c1:b9:b8:7b:ff:f1:1f:b7:d1:88:5f:9c:04:9a:70: 41:f6:57:c8:c0:52:72:34:78:17:a4:e5:fb:f7:ca:e2:45:44: c8:ee:9b:13:f9:ac:b3:8d:ea:59:76:ce:96:b8:1c:de:74:2c: 38:22:f3:2d:d1:5b:6b:fe:d3:ae:20:1b:e0:5b:f1:29:a8:cf: 8b:f7:9a:66:68:c5:b8:1f:43:69:05:a1:31:71:84:d7:50:fe: a0:59:8e:8b -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OFsaElxz6mx7K0Q/X7FiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3NGM1MDdhMGNkYjUzMTM3NDQzN2ViZjQ2ZGQ1OWE2YmQw NzQ4NmMwHhcNMjYwMTAyMTAxOTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDNkMTZjMjFjMzQ4Mjk4YTE1M2Y2YWI2ZDQ0MGFmYzg0MmFiMzg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7eIRxnkMEuDGC0BIJsO9YuPivj3 R6LAgd7oBGn2dNGPHQhtRoN4LqN0Tc597Xg/HFqnqtoGN2GoiMBLZKZ4LXKksWDH CLKFZrI3QRzBtOf7ceBgvG1ET45hk+GDSnZ69xLXhoQBu4WHI6l3o3mWlxjeHRKM jEHeuJFuYvix4ZU8GVf90NQfMw9In6GWr1pKq0htd7Rrcy4Xk1uKHV5yaj7Iqn+N dsOUlSbV3i20Y8JdA6Q1KZv9j5vHLKeBQxa/FVHCrCaFe9J6DVm7jAWKVQeil0Vq nF/4/NN9rsnMhAIwR8yirtJq9vULPtgcGXBNI7DRvVyRc7am5A0LGgverQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJQ9FsIcNIKYoVP2q21ECvyEKrOHMB8GA1UdIwQY MBaAFGdMUHoM21MTdEN+v0bdWaa9B0hsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjB4UWVnemJVeE4wUTM2X1J0MVpwcjBIU0d3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8xMGZhMDAtYWQ2Yi00Yjc2LTg2M2Ut NGIzNWFkNzBjYzFhLzEvbEQwV3dodzBncGloVV9hcmJVUUtfSVFxczRjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC8xMGZhMDAtYWQ2Yi00Yjc2LTg2M2UtNGIzNWFkNzBjYzFh LzEvWjB4UWVnemJVeE4wUTM2X1J0MVpwcjBIU0d3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAn/17MA0E AgACMAcDBQMqEzjAMA0GCSqGSIb3DQEBCwUAA4IBAQAwNKPEshcm0Ou8IR9bU06L NeC8jqo0GjM978fqhTiDsDdDv5099Jcf9f/zQNSRQ90mMhEIKPMjNHRgVTxz7HSv PjenwDi2JoRPhXzqQqiD+twsPfGmqqfwYteuy7Otb6SB0QDUYFuIymJ/ArgQMN7c iKFk8iXFErjLX4yYlwb6OdgEzsLa86KTcX/mMRfT/p5FipKslNLkbc9L5L3grMm9 cKTc5JXBubh7//Eft9GIX5wEmnBB9lfIwFJyNHgXpOX798riRUTI7psT+ayzjepZ ds6WuBzedCw4IvMt0Vtr/tOuIBvgW/EpqM+L95pmaMW4H0NpBaExcYTXUP6gWY6L -----END CERTIFICATE-----Generated at Sun Jan 25 23:49:01 2026 by rpki-client