This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5811d-1da0-4c32-9c4c-d82a90e34c2d/1/nLyBYh_-xS3oHwbNRqWGVgUNTRY.roa File: nLyBYh_-xS3oHwbNRqWGVgUNTRY.roa (raw, json) Hash identifier: 9Xa1rCA4u9NZzBjSRG8myyIdB/P+MqXB6RzEhye4VOc= Subject key identifier: 9C:BC:81:62:1F:FE:C5:2D:E8:1F:06:CD:46:A5:86:56:05:0D:4D:16 Certificate issuer: /CN=bafed139df0fad6fde0d82869144104d204b92b5 Certificate serial: 019B79ECE018144CDC6FBB80A0C4281101D4 Authority key identifier: BA:FE:D1:39:DF:0F:AD:6F:DE:0D:82:86:91:44:10:4D:20:4B:92:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uv7ROd8PrW_eDYKGkUQQTSBLkrU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c5811d-1da0-4c32-9c4c-d82a90e34c2d/1/nLyBYh_-xS3oHwbNRqWGVgUNTRY.roa Signing time: Thu 01 Jan 2026 14:18:45 +0000 ROA not before: Thu 01 Jan 2026 14:18:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205927 IP address blocks: 2a0a:68c0:200::/48 maxlen: 48 2a0a:68c0:203::/48 maxlen: 48 2a0a:68c0:204::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c5811d-1da0-4c32-9c4c-d82a90e34c2d/1/uv7ROd8PrW_eDYKGkUQQTSBLkrU.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/c5811d-1da0-4c32-9c4c-d82a90e34c2d/1/uv7ROd8PrW_eDYKGkUQQTSBLkrU.mft rsync://rpki.ripe.net/repository/DEFAULT/uv7ROd8PrW_eDYKGkUQQTSBLkrU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:e0:18:14:4c:dc:6f:bb:80:a0:c4:28:11:01:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bafed139df0fad6fde0d82869144104d204b92b5 Validity Not Before: Jan 1 14:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9cbc81621ffec52de81f06cd46a58656050d4d16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:d4:64:35:c8:20:0c:26:02:08:72:e9:e5:fd: de:0b:7a:c4:3b:85:cd:23:ce:ac:39:f4:cc:06:c0: d7:f9:60:0b:7a:4b:2f:fd:3b:d5:06:5d:6b:f3:54: 87:85:38:65:61:e3:8d:76:69:5e:38:24:7a:36:cd: 6c:11:04:0b:45:32:0d:ac:ed:aa:a2:c2:79:a1:ed: 1c:a8:3b:02:87:ff:ed:44:27:cd:b1:ab:f8:81:ab: 8d:12:f7:1a:55:01:1c:34:53:c1:cf:cd:d0:0b:09: a4:95:63:ee:c3:f0:4b:e6:23:24:d0:47:82:98:32: 77:8b:5f:24:bb:d8:bd:b1:c5:aa:e2:5f:21:c6:81: 23:63:38:28:e0:b1:34:1f:07:5b:99:0e:0d:b7:e6: 1a:95:bd:9f:bf:4c:84:f4:ef:f0:d5:3a:ae:ad:0e: 51:c1:ed:00:ec:67:6c:c8:be:6c:e1:86:ab:32:45: b4:c3:db:e8:84:1b:de:c5:c5:f0:6d:cc:f5:f5:84: 26:4a:5f:72:b9:7c:b2:a3:5b:cd:ff:c7:f0:2a:6d: 95:96:69:6d:36:47:58:9e:09:47:7f:7f:16:28:6e: c6:ec:05:df:6c:ed:38:28:c7:53:d8:63:2c:79:b5: 24:eb:5c:21:32:77:3a:c6:a0:24:08:94:34:2e:0c: c5:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:BC:81:62:1F:FE:C5:2D:E8:1F:06:CD:46:A5:86:56:05:0D:4D:16 X509v3 Authority Key Identifier: keyid:BA:FE:D1:39:DF:0F:AD:6F:DE:0D:82:86:91:44:10:4D:20:4B:92:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uv7ROd8PrW_eDYKGkUQQTSBLkrU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5811d-1da0-4c32-9c4c-d82a90e34c2d/1/nLyBYh_-xS3oHwbNRqWGVgUNTRY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5811d-1da0-4c32-9c4c-d82a90e34c2d/1/uv7ROd8PrW_eDYKGkUQQTSBLkrU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:68c0:200::/48 2a0a:68c0:203::-2a0a:68c0:204:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 9f:93:43:3c:12:6c:01:39:0e:51:66:a6:27:70:1d:b2:30:e3: 0d:1f:9a:46:31:cb:0f:9f:bf:4b:e6:84:c0:3e:7b:bc:18:5a: 4d:2b:27:e3:20:93:49:32:48:96:fc:3a:3e:6a:b3:55:b1:74: f6:f9:46:64:fe:4c:76:00:45:6a:ca:25:28:ec:40:e3:44:56: 62:a6:6e:78:8a:7d:d9:b8:a7:05:63:28:17:44:48:f0:8d:0e: 9e:13:75:2a:93:ea:0a:87:eb:50:4e:fa:e1:a4:4e:1e:ae:bf: 88:b9:7b:65:d0:9e:da:26:5f:5b:d8:33:ca:72:e6:f1:00:4c: 5a:5b:80:2c:1b:28:18:da:92:7e:32:ef:f4:49:a0:fc:c3:c3: d3:3c:ed:82:44:fb:60:49:10:e8:ef:c6:dd:85:8b:ea:17:d8: c1:d6:f6:cc:33:66:83:c6:e4:24:a3:2a:02:96:90:3a:fa:b7: a9:11:e9:03:5c:78:9b:79:5d:7c:22:ca:34:cb:17:f3:6b:68: a9:6b:1e:a9:ac:2a:7d:c4:d3:4a:80:13:71:28:55:21:58:3c: ba:2d:81:3d:6f:9a:fc:7c:bc:8d:3e:09:ad:f3:7a:d6:51:f4: f7:0d:0d:9b:d8:42:4f:4f:85:5f:5e:e4:1a:d5:77:38:9d:85: 86:ec:85:69 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt57OAYFEzcb7uAoMQoEQHUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhZmVkMTM5ZGYwZmFkNmZkZTBkODI4NjkxNDQxMDRkMjA0 YjkyYjUwHhcNMjYwMTAxMTQxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Y2JjODE2MjFmZmVjNTJkZTgxZjA2Y2Q0NmE1ODY1NjA1MGQ0ZDE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9RkNcggDCYCCHLp5f3eC3rEO4XN I86sOfTMBsDX+WALeksv/TvVBl1r81SHhThlYeONdmleOCR6Ns1sEQQLRTINrO2q osJ5oe0cqDsCh//tRCfNsav4gauNEvcaVQEcNFPBz83QCwmklWPuw/BL5iMk0EeC mDJ3i18ku9i9scWq4l8hxoEjYzgo4LE0HwdbmQ4Nt+Yalb2fv0yE9O/w1TqurQ5R we0A7GdsyL5s4YarMkW0w9vohBvexcXwbcz19YQmSl9yuXyyo1vN/8fwKm2Vlmlt NkdYnglHf38WKG7G7AXfbO04KMdT2GMsebUk61whMnc6xqAkCJQ0LgzFgwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFJy8gWIf/sUt6B8GzUalhlYFDU0WMB8GA1UdIwQY MBaAFLr+0TnfD61v3g2ChpFEEE0gS5K1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXY3Uk9kOFByV19lRFlLR2tVUVFUU0JMa3JVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNTgxMWQtMWRhMC00YzMyLTljNGMt ZDgyYTkwZTM0YzJkLzEvbkx5QlloXy14UzNvSHdiTlJxV0dWZ1VOVFJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9jNTgxMWQtMWRhMC00YzMyLTljNGMtZDgyYTkwZTM0YzJk LzEvdXY3Uk9kOFByV19lRFlLR2tVUVFUU0JMa3JVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKgpowAIA MBIDBwAqCmjAAgMDBwAqCmjAAgQwDQYJKoZIhvcNAQELBQADggEBAJ+TQzwSbAE5 DlFmpidwHbIw4w0fmkYxyw+fv0vmhMA+e7wYWk0rJ+Mgk0kySJb8Oj5qs1WxdPb5 RmT+THYARWrKJSjsQONEVmKmbniKfdm4pwVjKBdESPCNDp4TdSqT6gqH61BO+uGk Th6uv4i5e2XQntomX1vYM8py5vEATFpbgCwbKBjakn4y7/RJoPzDw9M87YJE+2BJ EOjvxt2Fi+oX2MHW9swzZoPG5CSjKgKWkDr6t6kR6QNceJt5XXwiyjTLF/NraKlr HqmsKn3E00qAE3EoVSFYPLotgT1vmvx8vI0+Ca3zetZR9PcNDZvYQk9PhV9e5BrV dzidhYbshWk= -----END CERTIFICATE-----Generated at Sun Jan 25 16:54:57 2026 by rpki-client