This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/C138aOzacLuaGW8kvfeS05DZ2lE.roa File: C138aOzacLuaGW8kvfeS05DZ2lE.roa (raw, json) Hash identifier: 9U8phWYYVslUCCZLy5I+OdIKw1yMdq5fsrBfxYCaSm8= Subject key identifier: 0B:5D:FC:68:EC:DA:70:BB:9A:19:6F:24:BD:F7:92:D3:90:D9:DA:51 Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be Certificate serial: 019BEC8C35C44A6CBD9E5FCAC6257F419E94 Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/C138aOzacLuaGW8kvfeS05DZ2lE.roa Signing time: Fri 23 Jan 2026 20:29:30 +0000 ROA not before: Fri 23 Jan 2026 20:29:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206134 IP address blocks: 2a01:ecc0:3000::/36 maxlen: 36 2a01:ecc0:5000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.mft rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ec:8c:35:c4:4a:6c:bd:9e:5f:ca:c6:25:7f:41:9e:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be Validity Not Before: Jan 23 20:29:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0b5dfc68ecda70bb9a196f24bdf792d390d9da51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:dc:91:11:08:7c:48:a6:95:0b:ce:9c:fb:50: 6b:fa:f6:fc:56:06:56:9c:63:4a:f6:8c:93:bc:a8: fb:21:30:4f:64:7b:d6:15:5b:98:c4:7d:5c:50:90: ec:7d:bc:c6:16:f7:3a:cc:0a:0d:59:1f:6d:ec:1e: 80:07:af:87:1c:96:22:da:04:df:bb:e6:56:92:ad: a0:ee:3b:bb:bb:d9:a5:93:7d:2d:a4:b7:e9:71:c5: 76:8e:24:be:7e:de:98:74:fc:2e:a0:bf:ca:93:4f: 16:a3:2f:85:72:f3:05:b6:92:70:56:f8:df:24:dd: 66:1f:78:e3:4c:82:0b:96:a9:a2:f6:a6:8e:04:55: 29:06:a8:99:a4:60:7e:bd:3f:3d:37:de:54:b7:97: 51:a4:d5:19:26:0f:ef:76:7f:e1:07:38:80:1f:63: 48:fa:cf:69:d1:3e:ec:c6:ab:f2:69:26:70:9e:2d: 5d:9b:3f:54:0c:26:6d:aa:37:86:50:6f:24:73:60: 22:fc:fa:4d:e6:2f:8b:45:97:ab:10:ca:69:7d:45: 87:4d:a3:07:a9:b0:b7:c0:09:b9:1b:f8:e3:fe:c5: 63:f3:e6:e1:45:88:10:14:0b:67:fb:4c:11:0e:29: 25:1e:c9:40:6e:42:a3:31:f3:96:f8:9a:3f:c3:b5: 5c:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:5D:FC:68:EC:DA:70:BB:9A:19:6F:24:BD:F7:92:D3:90:D9:DA:51 X509v3 Authority Key Identifier: keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/C138aOzacLuaGW8kvfeS05DZ2lE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:ecc0:3000::/36 2a01:ecc0:5000::/36 Signature Algorithm: sha256WithRSAEncryption 75:35:07:36:f6:84:e3:d8:89:5f:5b:63:25:36:ae:7c:9e:ae: be:41:65:71:df:95:42:25:b9:77:0b:39:06:1f:f5:bb:95:14: 65:05:c4:e9:4b:a5:0a:d7:17:b0:dc:b8:57:ca:b2:a2:52:6a: f7:6c:04:f3:ca:03:79:98:9a:7f:b6:93:fb:d9:9d:41:18:84: 69:e0:07:e5:4c:99:ac:d8:9c:df:19:e1:06:ec:5f:56:dc:89: 9c:16:d3:bc:91:90:85:13:f8:2d:6d:c2:2e:62:78:5b:b0:8f: 8d:ab:e6:ec:a0:30:81:ee:54:3f:4f:9a:ec:9a:a7:fb:f5:51: 77:10:37:ad:04:08:f9:04:e7:26:93:68:70:d0:2f:3f:3c:07: 8a:f8:84:71:a2:33:5a:0b:1c:46:d1:91:9e:c7:de:1f:83:0f: eb:af:fb:22:16:94:37:04:0d:25:df:e0:e5:00:43:e6:5b:19: 41:cd:c4:bf:16:a2:88:1f:9c:f9:78:ea:e9:c0:40:b7:25:ef: 87:c3:98:61:b7:a4:dc:d6:55:06:ef:30:62:6a:67:3e:8a:6f: 2d:e5:c3:91:9b:5a:83:f1:15:44:ff:33:a6:db:5b:b0:f8:c0: 3e:2d:56:d2:83:97:c0:43:a4:0c:77:dd:5a:54:6c:62:23:c0: 80:c3:0f:3e -----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgISAZvsjDXESmy9nl/KxiV/QZ6UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0 ZWU1YmUwHhcNMjYwMTIzMjAyOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYjVkZmM2OGVjZGE3MGJiOWExOTZmMjRiZGY3OTJkMzkwZDlkYTUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdyREQh8SKaVC86c+1Br+vb8VgZW nGNK9oyTvKj7ITBPZHvWFVuYxH1cUJDsfbzGFvc6zAoNWR9t7B6AB6+HHJYi2gTf u+ZWkq2g7ju7u9mlk30tpLfpccV2jiS+ft6YdPwuoL/Kk08Woy+FcvMFtpJwVvjf JN1mH3jjTIILlqmi9qaOBFUpBqiZpGB+vT89N95Ut5dRpNUZJg/vdn/hBziAH2NI +s9p0T7sxqvyaSZwni1dmz9UDCZtqjeGUG8kc2Ai/PpN5i+LRZerEMppfUWHTaMH qbC3wAm5G/jj/sVj8+bhRYgQFAtn+0wRDiklHslAbkKjMfOW+Jo/w7VcBwIDAQAB o4ICEzCCAg8wHQYDVR0OBBYEFAtd/Gjs2nC7mhlvJL33ktOQ2dpRMB8GA1UdIwQY MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt NjM0NTE1NDg5NzlkLzEvQzEzOGFPemFjTHVhR1c4a3ZmZVMwNURaMmxFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYEKgHswDAD BgQqAezAUDANBgkqhkiG9w0BAQsFAAOCAQEAdTUHNvaE49iJX1tjJTaufJ6uvkFl cd+VQiW5dws5Bh/1u5UUZQXE6UulCtcXsNy4V8qyolJq92wE88oDeZiaf7aT+9md QRiEaeAH5UyZrNic3xnhBuxfVtyJnBbTvJGQhRP4LW3CLmJ4W7CPjavm7KAwge5U P0+a7Jqn+/VRdxA3rQQI+QTnJpNocNAvPzwHiviEcaIzWgscRtGRnsfeH4MP66/7 IhaUNwQNJd/g5QBD5lsZQc3EvxaiiB+c+Xjq6cBAtyXvh8OYYbek3NZVBu8wYmpn PopvLeXDkZtag/EVRP8zpttbsPjAPi1W0oOXwEOkDHfdWlRsYiPAgMMPPg== -----END CERTIFICATE-----Generated at Sun Jan 25 17:34:04 2026 by rpki-client