This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/256da7-19d0-459a-b53e-94e7d07fb31d/1/C9VfmyBoyBG--3Zr3s8ERPvb0L4.roa File: C9VfmyBoyBG--3Zr3s8ERPvb0L4.roa (raw, json) Hash identifier: AyN3qqD/8tiCfn+7UUC8E6XJPPe6XPYGtMnnz4+mJrI= Subject key identifier: 0B:D5:5F:9B:20:68:C8:11:BE:FB:76:6B:DE:CF:04:44:FB:DB:D0:BE Certificate issuer: /CN=3e5b347967cea67bb62b69d259acde4b8f9e9417 Certificate serial: 019B7D5BFB604F86A0652A50A6692FBE02D4 Authority key identifier: 3E:5B:34:79:67:CE:A6:7B:B6:2B:69:D2:59:AC:DE:4B:8F:9E:94:17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pls0eWfOpnu2K2nSWazeS4-elBc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/256da7-19d0-459a-b53e-94e7d07fb31d/1/C9VfmyBoyBG--3Zr3s8ERPvb0L4.roa Signing time: Fri 02 Jan 2026 06:18:58 +0000 ROA not before: Fri 02 Jan 2026 06:18:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202585 IP address blocks: 2001:678:d64::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/256da7-19d0-459a-b53e-94e7d07fb31d/1/Pls0eWfOpnu2K2nSWazeS4-elBc.crl rsync://rpki.ripe.net/repository/DEFAULT/85/256da7-19d0-459a-b53e-94e7d07fb31d/1/Pls0eWfOpnu2K2nSWazeS4-elBc.mft rsync://rpki.ripe.net/repository/DEFAULT/Pls0eWfOpnu2K2nSWazeS4-elBc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:fb:60:4f:86:a0:65:2a:50:a6:69:2f:be:02:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3e5b347967cea67bb62b69d259acde4b8f9e9417 Validity Not Before: Jan 2 06:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0bd55f9b2068c811befb766bdecf0444fbdbd0be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:dd:16:87:23:df:fe:b6:2b:eb:79:14:64:83: 27:9a:80:3d:49:2c:5f:8e:3b:59:1f:c8:08:f3:ef: 2d:21:a1:49:b2:5a:2d:af:08:55:89:12:cb:ea:b3: b1:64:37:d3:c0:3e:6e:8b:ea:eb:06:f5:0d:40:5d: c8:07:63:69:b6:76:5e:6b:15:89:cf:ca:dc:9c:64: d8:05:16:26:38:c0:a4:1e:09:bc:dc:96:52:d8:dd: 07:d1:8a:ea:95:9f:5e:cb:bd:67:c0:ac:b1:4c:30: 46:d6:e5:5e:09:ac:b8:15:f6:9b:bd:bd:ef:dc:a7: 30:0e:8c:28:d9:c6:c2:97:f4:f2:dd:2b:62:06:eb: 1b:c9:58:72:35:2e:30:0b:0e:ae:cb:2e:ba:6d:da: 64:83:31:5f:9a:ba:9a:5d:9d:2d:b7:46:35:a3:a5: 15:7d:72:4a:8e:16:d7:ae:35:c9:36:1d:90:83:fd: fc:c7:46:fb:a0:66:85:19:00:e4:45:33:61:fa:f6: d5:e0:43:7a:ed:ab:3e:40:8f:e3:13:65:3e:2c:3c: ea:fc:c8:ca:06:d1:95:d5:d7:e5:15:0f:ea:35:fd: ce:c5:3f:64:ae:12:98:66:39:06:1d:e4:32:84:4e: c6:3b:71:9d:98:4f:99:69:4c:54:7e:7f:61:13:cb: 86:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:D5:5F:9B:20:68:C8:11:BE:FB:76:6B:DE:CF:04:44:FB:DB:D0:BE X509v3 Authority Key Identifier: keyid:3E:5B:34:79:67:CE:A6:7B:B6:2B:69:D2:59:AC:DE:4B:8F:9E:94:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pls0eWfOpnu2K2nSWazeS4-elBc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/256da7-19d0-459a-b53e-94e7d07fb31d/1/C9VfmyBoyBG--3Zr3s8ERPvb0L4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/256da7-19d0-459a-b53e-94e7d07fb31d/1/Pls0eWfOpnu2K2nSWazeS4-elBc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:d64::/48 Signature Algorithm: sha256WithRSAEncryption 5c:ec:ff:41:f9:ad:43:34:b2:0c:c0:84:8e:d7:fa:ba:54:0c: dc:8a:2f:81:e0:b7:26:3b:28:d5:51:27:27:0f:f3:8a:80:b5: e0:a3:2c:cd:d9:cf:25:94:65:f8:35:41:7b:8e:92:ca:19:3e: 0e:7c:bb:28:6b:0d:38:19:c9:a1:d9:eb:68:10:12:a8:ae:af: ce:ba:7f:e7:61:e0:26:0b:89:8a:5c:8d:98:74:95:e9:c9:fd: 43:2a:10:1a:7f:51:a4:0c:34:0a:2a:4d:aa:ef:fd:dd:b9:6e: f9:a8:fb:f2:93:cc:bb:d5:ac:a5:08:6e:de:e2:51:1a:12:ee: 71:d0:0e:02:9d:2a:3c:b7:18:fe:5b:73:20:39:45:32:11:a1: 59:17:26:20:5a:3c:a2:75:c4:15:6d:8a:8c:9c:60:1a:12:49: 00:49:2d:95:cd:1c:97:0a:3e:b3:a8:10:4e:17:df:41:59:1a: 43:5b:4e:c2:b3:62:a7:bd:2c:2e:bd:7b:a1:e9:d5:08:e8:58: b0:15:42:f1:db:a9:88:c2:47:66:10:17:e6:40:ef:4e:1a:76: 7b:46:ed:69:88:35:f4:f0:8c:db:3a:4c:be:c2:12:a0:dd:d0: 55:d1:9b:3f:a9:84:0f:c4:d8:d3:86:2c:eb:b0:99:d3:0c:a6: 7e:b8:31:05 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9W/tgT4agZSpQpmkvvgLUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlNWIzNDc5NjdjZWE2N2JiNjJiNjlkMjU5YWNkZTRiOGY5 ZTk0MTcwHhcNMjYwMTAyMDYxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYmQ1NWY5YjIwNjhjODExYmVmYjc2NmJkZWNmMDQ0NGZiZGJkMGJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy90WhyPf/rYr63kUZIMnmoA9SSxf jjtZH8gI8+8tIaFJslotrwhViRLL6rOxZDfTwD5ui+rrBvUNQF3IB2NptnZeaxWJ z8rcnGTYBRYmOMCkHgm83JZS2N0H0YrqlZ9ey71nwKyxTDBG1uVeCay4Ffabvb3v 3KcwDowo2cbCl/Ty3StiBusbyVhyNS4wCw6uyy66bdpkgzFfmrqaXZ0tt0Y1o6UV fXJKjhbXrjXJNh2Qg/38x0b7oGaFGQDkRTNh+vbV4EN67as+QI/jE2U+LDzq/MjK BtGV1dflFQ/qNf3OxT9krhKYZjkGHeQyhE7GO3GdmE+ZaUxUfn9hE8uGiwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAvVX5sgaMgRvvt2a97PBET729C+MB8GA1UdIwQY MBaAFD5bNHlnzqZ7titp0lms3kuPnpQXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUGxzMGVXZk9wbnUySzJuU1dhemVTNC1lbEJjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yNTZkYTctMTlkMC00NTlhLWI1M2Ut OTRlN2QwN2ZiMzFkLzEvQzlWZm15Qm95QkctLTNacjNzOEVSUHZiMEw0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS8yNTZkYTctMTlkMC00NTlhLWI1M2UtOTRlN2QwN2ZiMzFk LzEvUGxzMGVXZk9wbnUySzJuU1dhemVTNC1lbEJjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA1k MA0GCSqGSIb3DQEBCwUAA4IBAQBc7P9B+a1DNLIMwISO1/q6VAzcii+B4LcmOyjV UScnD/OKgLXgoyzN2c8llGX4NUF7jpLKGT4OfLsoaw04Gcmh2etoEBKorq/Oun/n YeAmC4mKXI2YdJXpyf1DKhAaf1GkDDQKKk2q7/3duW75qPvyk8y71aylCG7e4lEa Eu5x0A4CnSo8txj+W3MgOUUyEaFZFyYgWjyidcQVbYqMnGAaEkkASS2VzRyXCj6z qBBOF99BWRpDW07Cs2KnvSwuvXuh6dUI6FiwFULx26mIwkdmEBfmQO9OGnZ7Ru1p iDX08IzbOky+whKg3dBV0Zs/qYQPxNjThizrsJnTDKZ+uDEF -----END CERTIFICATE-----Generated at Sun Jan 25 19:18:12 2026 by rpki-client