This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/cbo9ZPmxQz5ojNzo3NLp3qPAq5U.roa File: cbo9ZPmxQz5ojNzo3NLp3qPAq5U.roa (raw, json) Hash identifier: WhZWAza+BOUN2V/ul+PIwoOcyAHFyg4fNWTLRfkjfEQ= Subject key identifier: 71:BA:3D:64:F9:B1:43:3E:68:8C:DC:E8:DC:D2:E9:DE:A3:C0:AB:95 Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Certificate serial: 019B797E4773A6CC52AC84E7E02B5B0D105F Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/cbo9ZPmxQz5ojNzo3NLp3qPAq5U.roa Signing time: Thu 01 Jan 2026 12:17:57 +0000 ROA not before: Thu 01 Jan 2026 12:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210325 IP address blocks: 2a0d:3140::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:47:73:a6:cc:52:ac:84:e7:e0:2b:5b:0d:10:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Validity Not Before: Jan 1 12:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=71ba3d64f9b1433e688cdce8dcd2e9dea3c0ab95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:72:4d:73:5e:f9:ec:7c:2a:7f:79:29:1a:0c: 3f:4a:b6:2a:7f:44:12:a5:63:0a:e3:ad:08:10:f4: 66:12:94:b1:4a:56:28:bc:d4:9c:c8:94:39:10:3c: 9d:d8:c6:e2:16:91:0e:d3:f7:82:48:f4:55:aa:ca: 1d:eb:f5:26:fa:58:13:7b:77:68:a6:60:4a:26:77: 2a:b1:29:c4:ad:98:15:c3:02:ca:b8:8a:4d:5e:7d: 75:88:33:c4:d7:b1:ed:48:f1:fc:e9:3f:07:99:22: d1:78:2d:2f:19:cd:b3:0b:09:5b:ad:e5:b5:a7:e9: 84:15:74:19:eb:90:21:58:29:7f:0e:92:7e:56:9d: 46:57:b7:08:c0:03:48:1f:9b:a2:12:bc:88:4e:03: a6:c2:0f:02:42:1f:dd:b9:65:a9:09:25:ba:d3:0c: 0e:fd:07:ae:05:5e:10:fb:74:ba:cc:19:65:5d:46: a4:bc:59:48:5a:83:4a:a2:e1:09:03:e4:89:c4:1e: ac:b0:ce:22:e0:76:aa:32:84:30:4e:b6:d5:43:ab: 02:e2:66:08:7a:a2:c7:ed:e0:7c:20:ee:b0:bd:8b: 8c:02:1a:96:2a:67:a1:85:38:4d:ce:c4:88:63:8d: 08:ad:53:81:82:34:3c:f6:bb:c6:d7:cf:64:3b:ee: 79:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:BA:3D:64:F9:B1:43:3E:68:8C:DC:E8:DC:D2:E9:DE:A3:C0:AB:95 X509v3 Authority Key Identifier: keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/cbo9ZPmxQz5ojNzo3NLp3qPAq5U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:3140::/29 Signature Algorithm: sha256WithRSAEncryption 97:70:6d:5b:42:7c:7b:a8:92:c2:e7:79:74:12:46:6d:b0:74: 38:62:43:63:e5:5a:9a:2d:67:bb:24:13:bf:af:1d:18:ae:5e: 03:b8:fc:2b:27:ee:31:80:2a:0c:9e:17:11:1a:4c:a3:93:4a: 56:aa:a0:56:c1:59:2c:87:f0:7d:1a:82:82:af:9f:ba:1f:b9: 4f:95:14:ec:04:18:10:79:f5:aa:c2:77:a8:d8:32:16:21:d9: 24:51:f6:03:06:50:6d:ac:6b:4c:43:a1:95:3d:6f:13:57:74: d8:db:40:26:08:a6:5b:24:48:b7:79:e3:a9:3c:38:5d:95:f5: f5:ae:87:4d:3b:05:82:72:a6:a2:55:8d:05:61:bc:4f:79:5c: d2:ca:8d:77:17:98:46:5a:f9:a8:88:7d:1a:1c:aa:a3:17:f5: 68:c6:0d:08:81:42:3b:6f:1d:e3:13:47:92:04:da:12:30:00: 78:a6:14:ed:96:71:86:7a:59:37:04:1b:97:2b:40:5f:0b:24: 26:51:21:53:42:80:16:66:da:72:5e:62:fc:4d:a1:45:ff:08: 44:61:b4:ee:82:e5:03:54:75:f0:a7:d3:c0:05:fe:92:03:e0: 64:a2:d4:99:84:a9:27:ab:cb:81:ef:10:b8:86:9f:19:ef:83: ea:99:9b:45 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt5fkdzpsxSrITn4CtbDRBfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2 MGY2ZjMwHhcNMjYwMTAxMTIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MWJhM2Q2NGY5YjE0MzNlNjg4Y2RjZThkY2QyZTlkZWEzYzBhYjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33JNc1757Hwqf3kpGgw/SrYqf0QS pWMK460IEPRmEpSxSlYovNScyJQ5EDyd2MbiFpEO0/eCSPRVqsod6/Um+lgTe3do pmBKJncqsSnErZgVwwLKuIpNXn11iDPE17HtSPH86T8HmSLReC0vGc2zCwlbreW1 p+mEFXQZ65AhWCl/DpJ+Vp1GV7cIwANIH5uiEryITgOmwg8CQh/duWWpCSW60wwO /QeuBV4Q+3S6zBllXUakvFlIWoNKouEJA+SJxB6ssM4i4HaqMoQwTrbVQ6sC4mYI eqLH7eB8IO6wvYuMAhqWKmehhThNzsSIY40IrVOBgjQ89rvG189kO+55BQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFHG6PWT5sUM+aIzc6NzS6d6jwKuVMB8GA1UdIwQY MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It ZDFhYmY0ZWUzMmNiLzEvY2JvOVpQbXhRejVvak56bzNOTHAzcVBBcTVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg0xQDAN BgkqhkiG9w0BAQsFAAOCAQEAl3BtW0J8e6iSwud5dBJGbbB0OGJDY+Vami1nuyQT v68dGK5eA7j8KyfuMYAqDJ4XERpMo5NKVqqgVsFZLIfwfRqCgq+fuh+5T5UU7AQY EHn1qsJ3qNgyFiHZJFH2AwZQbaxrTEOhlT1vE1d02NtAJgimWyRIt3njqTw4XZX1 9a6HTTsFgnKmolWNBWG8T3lc0sqNdxeYRlr5qIh9Ghyqoxf1aMYNCIFCO28d4xNH kgTaEjAAeKYU7ZZxhnpZNwQblytAXwskJlEhU0KAFmbacl5i/E2hRf8IRGG07oLl A1R18KfTwAX+kgPgZKLUmYSpJ6vLge8QuIafGe+D6pmbRQ== -----END CERTIFICATE-----Generated at Mon Jan 26 01:01:55 2026 by rpki-client