This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/xkK7Kbvhg6ccWQLBKOWEjOj8dIs.roa File: xkK7Kbvhg6ccWQLBKOWEjOj8dIs.roa (raw, json) Hash identifier: hSxWOh+4pOoJgqKHeBLOsvvNqhI/bRq5ZNPWvaG7HYQ= Subject key identifier: C6:42:BB:29:BB:E1:83:A7:1C:59:02:C1:28:E5:84:8C:E8:FC:74:8B Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df Certificate serial: 019B7D5C630C25F5FA1AA7A4FBED7169DD60 Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/xkK7Kbvhg6ccWQLBKOWEjOj8dIs.roa Signing time: Fri 02 Jan 2026 06:19:25 +0000 ROA not before: Fri 02 Jan 2026 06:19:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 760 IP address blocks: 2001:62a::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.mft rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:63:0c:25:f5:fa:1a:a7:a4:fb:ed:71:69:dd:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df Validity Not Before: Jan 2 06:19:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c642bb29bbe183a71c5902c128e5848ce8fc748b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:74:0e:a4:33:32:be:10:8b:8e:7a:5f:44:91: ee:70:d2:6f:bd:a2:1b:c5:fd:a4:f3:e2:78:6f:8f: 3e:3b:4d:d8:3a:8e:6c:43:eb:e1:b1:26:05:70:16: 5f:6f:f9:ef:1e:d7:81:32:81:75:db:ea:3c:93:99: 05:b4:8a:01:35:f0:fd:18:d1:5f:ce:26:6d:16:9d: 22:53:82:7f:03:cd:da:6e:2f:70:dd:11:b9:d3:ed: b8:69:59:df:a6:4e:9f:f9:30:2f:7d:9b:ea:b0:3a: 2e:ba:e6:30:8a:f5:2f:45:bd:e6:29:bf:50:c2:ae: 12:2d:12:dc:6e:4d:91:09:7d:97:53:a1:d8:30:d3: e4:cd:9a:2b:5f:83:8c:74:63:1c:d9:0f:4f:ff:f4: 59:a7:4c:9c:ab:e7:7c:39:1e:23:ec:a1:23:68:f8: de:58:3a:78:ef:61:0f:25:27:95:24:be:45:48:68: 2d:fc:de:2e:fb:77:77:c8:60:78:a3:b5:df:35:ca: 61:d0:cb:cc:d4:a4:a3:52:b5:da:99:48:8a:8e:b0: 13:8e:bb:be:77:eb:9c:40:8f:26:a3:ea:1e:9a:34: 6f:b8:63:4a:d6:2c:10:e4:1e:21:bc:9a:38:0d:87: 6c:88:21:8b:c3:d7:80:8a:4c:ea:5c:43:66:31:58: 76:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:42:BB:29:BB:E1:83:A7:1C:59:02:C1:28:E5:84:8C:E8:FC:74:8B X509v3 Authority Key Identifier: keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/xkK7Kbvhg6ccWQLBKOWEjOj8dIs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:62a::/31 Signature Algorithm: sha256WithRSAEncryption 53:21:7d:9c:bf:45:0e:93:74:0c:ac:4e:cd:21:2f:8c:c2:9d: 36:78:e4:ff:81:e2:f4:6d:b1:86:8d:eb:19:8b:03:35:bb:6e: 0f:d8:a4:5d:54:28:65:11:64:b8:1e:9b:42:5c:32:b5:75:2e: 81:3a:dc:70:83:d9:0e:38:5a:8b:a1:8b:0f:3c:d7:11:bf:d0: 61:c5:2b:54:f8:8b:97:0b:a9:65:50:ea:88:0d:13:f1:ce:95: 10:d0:4a:7c:4a:96:38:55:dc:df:09:3f:71:c7:e4:ae:3f:e3: f5:54:a8:f3:01:55:64:bb:0e:c0:c6:f1:0b:ad:51:a8:a8:f6: e1:64:19:9a:c2:45:d7:77:e3:f9:62:5a:ca:e7:f0:3b:3b:7d: b6:f4:04:19:50:f4:9f:4b:4a:5c:d0:97:d8:90:8d:4c:bb:18: 26:03:62:9d:59:2a:6f:d5:45:20:98:e6:4e:03:39:d1:31:6b: 2e:3b:8e:ce:34:7a:89:c7:46:67:d8:94:02:6c:77:ae:05:2e: 85:8e:d4:00:e8:34:8c:8c:25:6c:0a:8e:dc:31:07:f1:fa:c4: 54:57:13:a7:ef:df:4c:b6:49:41:0b:20:c8:53:c7:8c:42:64: d9:19:f6:c3:7e:ba:7a:64:29:14:81:99:6a:6a:d0:54:bc:d0: 61:b1:0c:2d -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt9XGMMJfX6Gqek++1xad1gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzZDg0NDhjNWNiOTAzOThlNGMyODVjZWM5YzBmNDc2NmFj OTMxZGYwHhcNMjYwMTAyMDYxOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjQyYmIyOWJiZTE4M2E3MWM1OTAyYzEyOGU1ODQ4Y2U4ZmM3NDhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXQOpDMyvhCLjnpfRJHucNJvvaIb xf2k8+J4b48+O03YOo5sQ+vhsSYFcBZfb/nvHteBMoF12+o8k5kFtIoBNfD9GNFf ziZtFp0iU4J/A83abi9w3RG50+24aVnfpk6f+TAvfZvqsDouuuYwivUvRb3mKb9Q wq4SLRLcbk2RCX2XU6HYMNPkzZorX4OMdGMc2Q9P//RZp0ycq+d8OR4j7KEjaPje WDp472EPJSeVJL5FSGgt/N4u+3d3yGB4o7XfNcph0MvM1KSjUrXamUiKjrATjru+ d+ucQI8mo+oemjRvuGNK1iwQ5B4hvJo4DYdsiCGLw9eAikzqXENmMVh28QIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFMZCuym74YOnHFkCwSjlhIzo/HSLMB8GA1UdIwQY MBaAFCPYRIxcuQOY5MKFzsnA9HZqyTHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUt Zjc3MmEwMTM5MDE2LzEveGtLN0tidmhnNmNjV1FMQktPV0VqT2o4ZElzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUtZjc3MmEwMTM5MDE2 LzEvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBIAEGKjAN BgkqhkiG9w0BAQsFAAOCAQEAUyF9nL9FDpN0DKxOzSEvjMKdNnjk/4Hi9G2xho3r GYsDNbtuD9ikXVQoZRFkuB6bQlwytXUugTrccIPZDjhai6GLDzzXEb/QYcUrVPiL lwupZVDqiA0T8c6VENBKfEqWOFXc3wk/ccfkrj/j9VSo8wFVZLsOwMbxC61RqKj2 4WQZmsJF13fj+WJayufwOzt9tvQEGVD0n0tKXNCX2JCNTLsYJgNinVkqb9VFIJjm TgM50TFrLjuOzjR6icdGZ9iUAmx3rgUuhY7UAOg0jIwlbAqO3DEH8frEVFcTp+/f TLZJQQsgyFPHjEJk2Rn2w366emQpFIGZamrQVLzQYbEMLQ== -----END CERTIFICATE-----Generated at Tue Jan 27 12:42:35 2026 by rpki-client