This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0fZnFf8vYw2u7gGSaiDC11kwrcI.roa File: 0fZnFf8vYw2u7gGSaiDC11kwrcI.roa (raw, json) Hash identifier: zB9Co8CQovAdtoFO8Oirg8OcBTwP2vhu4tTPYXlt42o= Subject key identifier: D1:F6:67:15:FF:2F:63:0D:AE:EE:01:92:6A:20:C2:D7:59:30:AD:C2 Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2 Certificate serial: 019B78344ECD9F8121BFE16FEE9212B3DE53 Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0fZnFf8vYw2u7gGSaiDC11kwrcI.roa Signing time: Thu 01 Jan 2026 06:17:32 +0000 ROA not before: Thu 01 Jan 2026 06:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43992 IP address blocks: 2a09:7:2001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:4e:cd:9f:81:21:bf:e1:6f:ee:92:12:b3:de:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2 Validity Not Before: Jan 1 06:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d1f66715ff2f630daeee01926a20c2d75930adc2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:5a:92:74:f4:46:47:07:bc:bf:e6:97:b6:e3: 90:13:57:49:03:ad:40:94:ba:91:2f:25:c8:ff:4a: 23:da:89:27:74:05:ed:71:6e:62:ab:64:c2:c0:88: 8a:8e:96:a3:b5:75:11:84:c6:20:95:dd:68:1b:ba: cd:73:d4:e4:3f:fb:1b:8e:5e:ed:e3:8f:68:eb:b9: 96:a2:91:44:8e:ef:a9:6d:2a:15:58:ff:ba:64:32: ee:b3:2e:3b:6f:db:cb:38:93:e9:74:c9:40:86:57: bd:20:32:11:1b:91:65:67:31:90:98:36:e2:79:7a: 49:bf:aa:88:99:8c:7f:bc:35:8f:30:8d:20:78:e0: 4d:96:2f:3c:7c:17:f2:95:a3:2e:84:e9:c2:be:df: d0:5c:0a:4b:5d:2d:9f:ac:8f:35:ce:5c:cd:aa:34: 4e:29:da:5e:ea:9e:32:36:da:49:95:db:85:e1:bb: 48:89:ca:1c:11:f2:ba:03:8d:13:f3:97:46:2b:8c: 63:da:6d:9e:20:a7:ba:cf:b6:4f:c3:8c:28:8e:de: 2e:95:b8:b4:19:ef:26:cf:6c:4a:41:0b:94:bd:17: dc:12:fa:52:50:de:34:94:8a:54:7f:10:51:f3:e9: 99:0b:e7:ef:07:8a:62:ca:b0:c8:a0:f2:1d:35:09: 42:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:F6:67:15:FF:2F:63:0D:AE:EE:01:92:6A:20:C2:D7:59:30:AD:C2 X509v3 Authority Key Identifier: keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0fZnFf8vYw2u7gGSaiDC11kwrcI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:7:2001::/48 Signature Algorithm: sha256WithRSAEncryption a0:09:79:07:e3:64:ba:fd:a0:05:81:e6:2f:55:9d:71:0c:df: 46:9e:38:22:1b:e0:cd:c5:1a:63:89:9f:82:ca:7c:15:06:e5: f8:a9:a6:0b:a2:70:0a:2e:31:d8:6c:0f:57:d6:17:b1:41:7c: d7:d8:f0:eb:26:31:fa:8c:91:b5:2d:25:c5:16:e7:34:1d:b6: 16:38:32:36:b9:02:cb:af:69:29:75:02:aa:3a:d2:d9:3d:5d: 84:41:b9:26:33:fb:94:bd:b4:18:a6:a3:8a:9f:f0:27:af:0f: f7:8b:a0:d1:93:dc:ff:c1:2a:53:63:0c:2d:1c:3b:ca:83:98: b3:ce:a6:5e:ef:f2:f1:47:1f:10:e8:15:80:69:14:fd:da:50: 52:70:b8:75:9b:50:c2:2e:f5:c3:31:46:a4:53:45:59:0d:56: 49:dc:10:11:9a:e2:11:c6:b2:02:87:e0:56:be:b4:94:00:94: bf:49:5a:3b:35:cc:9b:e1:96:c2:46:89:a6:05:99:79:44:fe: 24:9e:39:b1:b4:26:59:98:9c:db:de:df:53:d1:27:18:7e:14: df:53:a4:d1:89:66:5f:fb:1b:b2:4c:72:8e:d3:d9:41:96:a9: 55:22:11:15:dc:0d:a1:f0:cf:d0:c4:ca:a4:d7:26:ec:cf:10: f8:d0:8e:8c -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt4NE7Nn4Ehv+Fv7pISs95TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi YmFhZTIwHhcNMjYwMTAxMDYxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMWY2NjcxNWZmMmY2MzBkYWVlZTAxOTI2YTIwYzJkNzU5MzBhZGMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplqSdPRGRwe8v+aXtuOQE1dJA61A lLqRLyXI/0oj2okndAXtcW5iq2TCwIiKjpajtXURhMYgld1oG7rNc9TkP/sbjl7t 449o67mWopFEju+pbSoVWP+6ZDLusy47b9vLOJPpdMlAhle9IDIRG5FlZzGQmDbi eXpJv6qImYx/vDWPMI0geOBNli88fBfylaMuhOnCvt/QXApLXS2frI81zlzNqjRO Kdpe6p4yNtpJlduF4btIicocEfK6A40T85dGK4xj2m2eIKe6z7ZPw4wojt4ulbi0 Ge8mz2xKQQuUvRfcEvpSUN40lIpUfxBR8+mZC+fvB4piyrDIoPIdNQlC/wIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFNH2ZxX/L2MNru4BkmogwtdZMK3CMB8GA1UdIwQY MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt MjU0YWNkOTJiNGUxLzEvMGZabkZmOHZZdzJ1N2dHU2FpREMxMWt3cmNJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkAByAB MA0GCSqGSIb3DQEBCwUAA4IBAQCgCXkH42S6/aAFgeYvVZ1xDN9GnjgiG+DNxRpj iZ+CynwVBuX4qaYLonAKLjHYbA9X1hexQXzX2PDrJjH6jJG1LSXFFuc0HbYWODI2 uQLLr2kpdQKqOtLZPV2EQbkmM/uUvbQYpqOKn/Anrw/3i6DRk9z/wSpTYwwtHDvK g5izzqZe7/LxRx8Q6BWAaRT92lBScLh1m1DCLvXDMUakU0VZDVZJ3BARmuIRxrIC h+BWvrSUAJS/SVo7Ncyb4ZbCRommBZl5RP4knjmxtCZZmJzb3t9T0ScYfhTfU6TR iWZf+xuyTHKO09lBlqlVIhEV3A2h8M/QxMqk1ybszxD40I6M -----END CERTIFICATE-----Generated at Sun Jan 25 22:29:00 2026 by rpki-client