This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/raiLbBG1CMRiAfKyRkS-YiJSo9g.roa File: raiLbBG1CMRiAfKyRkS-YiJSo9g.roa (raw, json) Hash identifier: 8FLAxtrWMI4dbICfx4l/Gu56C8DGN6sem1ZiAu15jqk= Subject key identifier: AD:A8:8B:6C:11:B5:08:C4:62:01:F2:B2:46:44:BE:62:22:52:A3:D8 Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984 Certificate serial: 019B7B366C30D8980DD33DE5FCD9DBFC4E7C Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/raiLbBG1CMRiAfKyRkS-YiJSo9g.roa Signing time: Thu 01 Jan 2026 20:18:42 +0000 ROA not before: Thu 01 Jan 2026 20:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207134 IP address blocks: 2a00:8860:500::/40 maxlen: 64 2a00:8861:500::/40 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:6c:30:d8:98:0d:d3:3d:e5:fc:d9:db:fc:4e:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984 Validity Not Before: Jan 1 20:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ada88b6c11b508c46201f2b24644be622252a3d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:90:50:50:56:6b:39:b5:fc:5f:25:51:70:91: 5e:73:8b:fa:3e:95:2e:75:93:0a:58:e7:bf:ec:53: 25:93:95:9e:10:49:01:13:5a:a0:95:61:53:b0:8f: 4f:90:49:c2:b2:0b:f8:a7:77:d1:50:34:f3:f4:e7: 1c:fe:ec:73:2c:d7:d7:2a:f4:ef:66:14:b6:34:96: c9:20:07:01:b9:b3:c8:80:83:0d:91:75:f1:0e:fb: 88:ec:9f:a7:1d:8f:6a:07:f7:72:2b:1a:21:b8:cb: 60:cf:1d:de:bb:29:6e:a5:b0:0d:fd:20:8e:18:14: 1d:33:4d:c7:70:f3:80:10:86:d7:74:e1:a1:9b:a3: e9:2e:2f:c4:f4:49:dd:e3:be:cf:7b:e8:fa:60:28: 1e:70:6c:51:da:44:48:cf:ea:f0:12:d3:3e:2e:61: b9:c8:a0:1d:06:34:90:61:7b:ba:89:31:85:6e:46: 9f:dc:70:31:1c:20:76:ef:b3:b4:96:d8:dc:e1:f2: 05:f6:ae:d1:b1:17:eb:bf:d7:22:2f:33:be:be:ef: 6a:98:4e:c4:ae:c3:96:65:06:2b:ac:e9:39:dd:83: 01:27:09:4b:3b:e2:f1:15:c6:ac:56:d6:ac:b0:4f: c5:aa:e5:ed:94:50:18:1d:af:ec:16:40:9b:4d:ac: 88:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:A8:8B:6C:11:B5:08:C4:62:01:F2:B2:46:44:BE:62:22:52:A3:D8 X509v3 Authority Key Identifier: keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/raiLbBG1CMRiAfKyRkS-YiJSo9g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:8860:500::/40 2a00:8861:500::/40 Signature Algorithm: sha256WithRSAEncryption 07:2a:f9:60:f7:8b:62:79:81:27:17:d3:7c:05:bc:0c:5d:cd: a2:a4:8f:b6:ad:57:7d:78:4d:5a:89:f4:fe:df:60:17:2e:bc: a5:cc:e0:c2:91:83:eb:b6:55:41:7f:7f:c6:a1:76:b2:76:9c: 40:5d:c7:3e:f5:c9:76:d3:47:27:1a:22:10:ed:b8:1f:69:27: e8:84:bb:85:d3:ee:74:d9:6b:9d:bd:00:3d:7b:30:64:1b:22: ca:c6:7d:4a:ec:d4:46:f3:29:5d:49:94:1b:82:4d:af:8a:4d: cb:32:e6:65:1c:f7:c4:e0:f0:28:0d:2f:7c:c9:b5:3d:87:a7: 41:e4:1f:11:4f:18:7e:98:de:9c:7b:9f:6b:df:24:a9:92:cd: 97:86:fe:eb:9c:ac:03:ad:11:c1:fc:fa:6d:66:f7:cf:1d:42: 29:d4:ef:a8:e5:b0:a2:d6:61:96:86:3b:f1:09:fd:40:b8:e7: 8d:ea:cd:61:2b:c8:61:b9:2a:58:5b:45:be:d6:3a:60:39:82: b0:80:3a:f0:c7:74:97:bd:cf:86:dc:fc:ac:3f:08:2d:65:ce: 90:08:98:40:8e:40:51:c0:6e:fa:17:e0:ee:45:9d:5b:b1:88: a9:e6:31:6d:63:19:62:5b:06:87:40:24:b7:0a:63:1b:10:28: 42:a8:4b:3b -----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgISAZt7Nmww2JgN0z3l/Nnb/E58MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2 ZjM5ODQwHhcNMjYwMTAxMjAxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZGE4OGI2YzExYjUwOGM0NjIwMWYyYjI0NjQ0YmU2MjIyNTJhM2Q4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05BQUFZrObX8XyVRcJFec4v6PpUu dZMKWOe/7FMlk5WeEEkBE1qglWFTsI9PkEnCsgv4p3fRUDTz9Occ/uxzLNfXKvTv ZhS2NJbJIAcBubPIgIMNkXXxDvuI7J+nHY9qB/dyKxohuMtgzx3euylupbAN/SCO GBQdM03HcPOAEIbXdOGhm6PpLi/E9End477Pe+j6YCgecGxR2kRIz+rwEtM+LmG5 yKAdBjSQYXu6iTGFbkaf3HAxHCB277O0ltjc4fIF9q7RsRfrv9ciLzO+vu9qmE7E rsOWZQYrrOk53YMBJwlLO+LxFcasVtassE/FquXtlFAYHa/sFkCbTayIqwIDAQAB o4ICEzCCAg8wHQYDVR0OBBYEFK2oi2wRtQjEYgHyskZEvmIiUqPYMB8GA1UdIwQY MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt NTg5MzUxNzliOTg1LzEvcmFpTGJCRzFDTVJpQWZLeVJrUy1ZaUpTbzlnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1 LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgCIYAUD BgAqAIhhBTANBgkqhkiG9w0BAQsFAAOCAQEAByr5YPeLYnmBJxfTfAW8DF3NoqSP tq1XfXhNWon0/t9gFy68pczgwpGD67ZVQX9/xqF2snacQF3HPvXJdtNHJxoiEO24 H2kn6IS7hdPudNlrnb0APXswZBsiysZ9SuzURvMpXUmUG4JNr4pNyzLmZRz3xODw KA0vfMm1PYenQeQfEU8YfpjenHufa98kqZLNl4b+65ysA60Rwfz6bWb3zx1CKdTv qOWwotZhloY78Qn9QLjnjerNYSvIYbkqWFtFvtY6YDmCsIA68Md0l73Phtz8rD8I LWXOkAiYQI5AUcBu+hfg7kWdW7GIqeYxbWMZYlsGh0AktwpjGxAoQqhLOw== -----END CERTIFICATE-----Generated at Mon Jan 26 01:17:53 2026 by rpki-client