This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/61b23c-a586-42c0-9ded-050da11491e7/1/CMYGKasLmsjGblCK6IVsYcoAi1Y.roa File: CMYGKasLmsjGblCK6IVsYcoAi1Y.roa (raw, json) Hash identifier: 5I3la7dVRWMx/gZhUW1jrF5r1NdUNZ+7mT0gXM18zsQ= Subject key identifier: 08:C6:06:29:AB:0B:9A:C8:C6:6E:50:8A:E8:85:6C:61:CA:00:8B:56 Certificate issuer: /CN=bc38eeb26c39df0f194e50d764198d90e1f3b5c9 Certificate serial: 019B76EB5A1D0D0784258ACBD1BA46A8716D Authority key identifier: BC:38:EE:B2:6C:39:DF:0F:19:4E:50:D7:64:19:8D:90:E1:F3:B5:C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vDjusmw53w8ZTlDXZBmNkOHztck.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/61b23c-a586-42c0-9ded-050da11491e7/1/CMYGKasLmsjGblCK6IVsYcoAi1Y.roa Signing time: Thu 01 Jan 2026 00:18:14 +0000 ROA not before: Thu 01 Jan 2026 00:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21013 IP address blocks: 2001:67c:c98::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/61b23c-a586-42c0-9ded-050da11491e7/1/vDjusmw53w8ZTlDXZBmNkOHztck.crl rsync://rpki.ripe.net/repository/DEFAULT/7c/61b23c-a586-42c0-9ded-050da11491e7/1/vDjusmw53w8ZTlDXZBmNkOHztck.mft rsync://rpki.ripe.net/repository/DEFAULT/vDjusmw53w8ZTlDXZBmNkOHztck.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:5a:1d:0d:07:84:25:8a:cb:d1:ba:46:a8:71:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bc38eeb26c39df0f194e50d764198d90e1f3b5c9 Validity Not Before: Jan 1 00:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08c60629ab0b9ac8c66e508ae8856c61ca008b56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:4b:1f:e1:3f:3a:df:41:0e:a2:af:02:b9:28: 06:0e:11:1d:ca:b3:96:fa:ee:6b:d1:5c:00:92:9c: ae:8b:aa:e9:db:88:2f:a1:c0:73:0f:99:b9:ff:b5: 68:3c:0e:da:5b:43:47:60:fa:fa:74:eb:a8:05:6b: 66:a4:da:61:63:f2:ed:9c:b9:ca:65:df:5d:e5:0e: 3a:f0:3b:81:d5:a7:15:e9:b4:87:73:db:95:0b:54: d5:eb:d7:3c:57:e1:27:77:fa:10:1d:f0:df:d5:92: c5:02:1f:1a:e0:73:96:80:2b:bb:6b:ea:22:5a:ec: a7:0a:e2:ce:ab:42:9a:56:37:37:7e:76:db:38:55: 43:82:90:93:e3:6e:6f:3a:e9:b2:cc:12:2c:d3:38: aa:c9:0a:94:3c:72:a3:96:36:6d:1a:ab:33:5d:ba: 10:0e:61:2c:bb:35:65:ed:d1:02:f3:b0:4f:65:f8: b9:b2:71:13:8a:c7:c9:91:cb:4b:9e:cb:14:54:aa: 6f:b7:c9:a7:56:2a:e4:d9:89:73:74:e7:20:39:48: 85:e7:0b:1d:2f:d9:74:d7:2e:13:9f:7f:c8:37:42: d3:99:4d:d4:e8:4f:f1:31:fe:4b:ce:c9:f4:1c:56: c5:d5:95:e2:b5:f1:73:67:7d:52:f0:90:df:b8:a7: c4:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:C6:06:29:AB:0B:9A:C8:C6:6E:50:8A:E8:85:6C:61:CA:00:8B:56 X509v3 Authority Key Identifier: keyid:BC:38:EE:B2:6C:39:DF:0F:19:4E:50:D7:64:19:8D:90:E1:F3:B5:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDjusmw53w8ZTlDXZBmNkOHztck.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/61b23c-a586-42c0-9ded-050da11491e7/1/CMYGKasLmsjGblCK6IVsYcoAi1Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/61b23c-a586-42c0-9ded-050da11491e7/1/vDjusmw53w8ZTlDXZBmNkOHztck.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:c98::/48 Signature Algorithm: sha256WithRSAEncryption 2d:e0:9b:2e:f4:9f:a0:38:c8:d8:97:42:da:21:0c:80:43:79: 2f:5c:bc:65:ec:6b:55:c8:81:3e:f3:b9:3d:96:eb:52:d3:d0: 85:8c:98:ef:d0:b9:32:db:08:7f:45:49:ee:5d:0a:a6:ff:fa: 40:62:16:49:6c:bc:38:23:da:85:3d:93:80:4a:f8:46:fd:46: b3:ea:d0:7f:97:da:48:66:be:68:17:09:3e:57:3d:99:9a:81: 5c:63:cd:c2:2b:3d:01:32:5d:29:22:92:06:22:75:45:86:6a: 74:60:70:c7:80:48:4c:9f:ed:fe:55:f1:5c:32:86:46:ea:d2: 6d:7b:e5:59:57:18:24:0b:d2:55:84:f8:8b:2d:5d:63:96:12: e7:eb:35:72:9c:eb:c5:5e:2e:05:96:3c:10:72:79:48:bd:48: 69:42:89:74:a2:7d:d5:ca:d0:3d:30:50:28:81:72:81:f6:5c: c8:de:be:48:89:49:06:54:8e:8f:d7:22:97:fc:57:40:07:d7: c3:22:bb:36:e7:ed:49:4e:ca:f7:da:c9:3c:6a:a4:21:4e:21: fc:4e:3b:62:09:91:fe:ca:30:0f:04:d0:0e:e2:68:88:7f:de: c4:0d:81:ac:83:be:4c:3b:cc:f8:bf:fb:13:70:eb:5c:5e:64: 4f:3c:d0:3a -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt261odDQeEJYrL0bpGqHFtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjMzhlZWIyNmMzOWRmMGYxOTRlNTBkNzY0MTk4ZDkwZTFm M2I1YzkwHhcNMjYwMTAxMDAxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGM2MDYyOWFiMGI5YWM4YzY2ZTUwOGFlODg1NmM2MWNhMDA4YjU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Usf4T8630EOoq8CuSgGDhEdyrOW +u5r0VwAkpyui6rp24gvocBzD5m5/7VoPA7aW0NHYPr6dOuoBWtmpNphY/LtnLnK Zd9d5Q468DuB1acV6bSHc9uVC1TV69c8V+End/oQHfDf1ZLFAh8a4HOWgCu7a+oi WuynCuLOq0KaVjc3fnbbOFVDgpCT425vOumyzBIs0ziqyQqUPHKjljZtGqszXboQ DmEsuzVl7dEC87BPZfi5snETisfJkctLnssUVKpvt8mnVirk2YlzdOcgOUiF5wsd L9l01y4Tn3/IN0LTmU3U6E/xMf5Lzsn0HFbF1ZXitfFzZ31S8JDfuKfE4wIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAjGBimrC5rIxm5QiuiFbGHKAItWMB8GA1UdIwQY MBaAFLw47rJsOd8PGU5Q12QZjZDh87XJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdkRqdXNtdzUzdzhaVGxEWFpCbU5rT0h6dGNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy82MWIyM2MtYTU4Ni00MmMwLTlkZWQt MDUwZGExMTQ5MWU3LzEvQ01ZR0thc0xtc2pHYmxDSzZJVnNZY29BaTFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yy82MWIyM2MtYTU4Ni00MmMwLTlkZWQtMDUwZGExMTQ5MWU3 LzEvdkRqdXNtdzUzdzhaVGxEWFpCbU5rT0h6dGNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAyY MA0GCSqGSIb3DQEBCwUAA4IBAQAt4Jsu9J+gOMjYl0LaIQyAQ3kvXLxl7GtVyIE+ 87k9lutS09CFjJjv0Lky2wh/RUnuXQqm//pAYhZJbLw4I9qFPZOASvhG/Uaz6tB/ l9pIZr5oFwk+Vz2ZmoFcY83CKz0BMl0pIpIGInVFhmp0YHDHgEhMn+3+VfFcMoZG 6tJte+VZVxgkC9JVhPiLLV1jlhLn6zVynOvFXi4FljwQcnlIvUhpQol0on3VytA9 MFAogXKB9lzI3r5IiUkGVI6P1yKX/FdAB9fDIrs25+1JTsr32sk8aqQhTiH8Tjti CZH+yjAPBNAO4miIf97EDYGsg75MO8z4v/sTcOtcXmRPPNA6 -----END CERTIFICATE-----Generated at Mon Jan 26 16:23:26 2026 by rpki-client