This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b6a467-bc95-405c-84ec-d4286978a80a/1/IbMGTXyTOTdiq2NpG4tVLW4bQtQ.roa File: IbMGTXyTOTdiq2NpG4tVLW4bQtQ.roa (raw, json) Hash identifier: j1uMtZdT3V+8GANHlpcXgXLtn7udaUVnpZ9J8VG0PMs= Subject key identifier: 21:B3:06:4D:7C:93:39:37:62:AB:63:69:1B:8B:55:2D:6E:1B:42:D4 Certificate issuer: /CN=12671bebb8ac3e30b5d7c3d2537357a3b2546d5b Certificate serial: 019B7CEE115E4B1858F570ADB9721B6B05A2 Authority key identifier: 12:67:1B:EB:B8:AC:3E:30:B5:D7:C3:D2:53:73:57:A3:B2:54:6D:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Emcb67isPjC118PSU3NXo7JUbVs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/b6a467-bc95-405c-84ec-d4286978a80a/1/IbMGTXyTOTdiq2NpG4tVLW4bQtQ.roa Signing time: Fri 02 Jan 2026 04:18:55 +0000 ROA not before: Fri 02 Jan 2026 04:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215351 IP address blocks: 2001:678:428::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/b6a467-bc95-405c-84ec-d4286978a80a/1/Emcb67isPjC118PSU3NXo7JUbVs.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/b6a467-bc95-405c-84ec-d4286978a80a/1/Emcb67isPjC118PSU3NXo7JUbVs.mft rsync://rpki.ripe.net/repository/DEFAULT/Emcb67isPjC118PSU3NXo7JUbVs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:11:5e:4b:18:58:f5:70:ad:b9:72:1b:6b:05:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=12671bebb8ac3e30b5d7c3d2537357a3b2546d5b Validity Not Before: Jan 2 04:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21b3064d7c93393762ab63691b8b552d6e1b42d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:eb:8e:05:5a:4a:3d:cc:57:01:ff:35:4d:5a: f3:ae:d8:3a:8b:7f:bd:15:30:70:40:b9:10:0f:2d: bc:6e:b8:7b:ad:89:87:7c:01:d9:81:f1:a0:6c:7f: f4:4a:12:d5:2f:8a:21:76:a3:53:31:94:b0:ae:85: 3e:30:e1:e5:af:62:79:1e:17:67:aa:0b:8c:1c:e8: 91:77:9b:aa:b1:73:bb:0a:7e:53:a1:5a:2f:07:92: 8f:e2:46:c8:b2:15:0a:18:c1:69:d8:48:ee:24:87: 43:5f:54:96:72:66:9d:4c:4d:db:04:61:d0:f0:b4: 79:c6:43:31:d9:f5:62:90:dd:0f:40:ea:f7:93:f4: 0a:79:9e:01:2b:e6:28:cd:47:2c:45:c0:d3:45:3b: 59:66:9c:90:e7:5f:c7:be:93:16:d0:35:8e:e4:c3: 13:6d:b6:75:b4:de:c2:7d:fd:db:81:67:96:80:e9: 0a:3f:c3:c2:1c:9c:6d:cc:46:60:84:53:af:eb:59: 95:95:8a:74:10:bc:31:ee:05:0c:09:5d:d0:7a:e6: fd:35:1e:35:a2:31:fb:ef:7d:7b:e0:ea:17:e6:33: ea:60:18:18:c4:58:64:a7:92:bd:73:49:74:01:b8: 7b:3b:fd:0e:5a:a8:f2:bc:90:3c:02:fd:2f:ab:45: 7c:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:B3:06:4D:7C:93:39:37:62:AB:63:69:1B:8B:55:2D:6E:1B:42:D4 X509v3 Authority Key Identifier: keyid:12:67:1B:EB:B8:AC:3E:30:B5:D7:C3:D2:53:73:57:A3:B2:54:6D:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Emcb67isPjC118PSU3NXo7JUbVs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b6a467-bc95-405c-84ec-d4286978a80a/1/IbMGTXyTOTdiq2NpG4tVLW4bQtQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b6a467-bc95-405c-84ec-d4286978a80a/1/Emcb67isPjC118PSU3NXo7JUbVs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:428::/48 Signature Algorithm: sha256WithRSAEncryption 7a:15:fa:b3:d7:3c:da:fe:01:14:32:55:52:9c:71:8d:a6:82: 42:3c:4b:cf:25:bf:13:66:44:d2:5c:2f:2b:fe:7e:5f:71:19: 58:51:8f:0a:f9:78:0d:e8:a9:68:51:ad:ea:87:94:4f:55:a6: 71:7e:07:65:f8:d8:82:04:99:3a:b6:25:ae:c6:fe:8f:53:6f: 92:39:50:4b:46:c3:5a:7f:5a:c0:26:df:cb:bb:17:34:75:f1: 08:88:14:2b:d9:6c:31:5b:bb:d0:98:9c:84:b0:62:f9:bf:fd: 05:3d:11:b8:e8:26:62:4f:d4:52:5f:6f:d7:68:aa:ef:7c:87: 05:2b:d7:05:b8:6f:2c:f0:b0:c0:5e:3d:4f:ed:1d:18:a7:56: a0:fb:96:c7:9c:30:ad:0a:3d:9e:7c:4b:43:03:c9:3e:e5:34: e2:ba:f6:d8:0d:0a:55:dc:95:ab:29:81:32:a8:ba:49:1d:1a: 76:78:cd:5a:95:fc:13:bf:72:69:5e:5f:75:2f:32:a6:77:72: c0:33:1f:d3:e2:37:df:95:6b:3a:31:17:7b:11:e5:91:78:22: a9:d6:71:98:02:4f:a2:72:b4:33:06:77:88:1e:cb:7b:12:6b: 40:1d:65:8b:ea:38:61:cc:0f:6a:9e:58:ba:bd:b0:b1:c4:de: 14:50:98:aa -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt87hFeSxhY9XCtuXIbawWiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyNjcxYmViYjhhYzNlMzBiNWQ3YzNkMjUzNzM1N2EzYjI1 NDZkNWIwHhcNMjYwMTAyMDQxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWIzMDY0ZDdjOTMzOTM3NjJhYjYzNjkxYjhiNTUyZDZlMWI0MmQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OuOBVpKPcxXAf81TVrzrtg6i3+9 FTBwQLkQDy28brh7rYmHfAHZgfGgbH/0ShLVL4ohdqNTMZSwroU+MOHlr2J5Hhdn qguMHOiRd5uqsXO7Cn5ToVovB5KP4kbIshUKGMFp2EjuJIdDX1SWcmadTE3bBGHQ 8LR5xkMx2fVikN0PQOr3k/QKeZ4BK+YozUcsRcDTRTtZZpyQ51/HvpMW0DWO5MMT bbZ1tN7Cff3bgWeWgOkKP8PCHJxtzEZghFOv61mVlYp0ELwx7gUMCV3Qeub9NR41 ojH773174OoX5jPqYBgYxFhkp5K9c0l0Abh7O/0OWqjyvJA8Av0vq0V8IQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFCGzBk18kzk3YqtjaRuLVS1uG0LUMB8GA1UdIwQY MBaAFBJnG+u4rD4wtdfD0lNzV6OyVG1bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRW1jYjY3aXNQakMxMThQU1UzTlhvN0pVYlZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iNmE0NjctYmM5NS00MDVjLTg0ZWMt ZDQyODY5NzhhODBhLzEvSWJNR1RYeVRPVGRpcTJOcEc0dFZMVzRiUXRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS9iNmE0NjctYmM5NS00MDVjLTg0ZWMtZDQyODY5NzhhODBh LzEvRW1jYjY3aXNQakMxMThQU1UzTlhvN0pVYlZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAQo MA0GCSqGSIb3DQEBCwUAA4IBAQB6Ffqz1zza/gEUMlVSnHGNpoJCPEvPJb8TZkTS XC8r/n5fcRlYUY8K+XgN6KloUa3qh5RPVaZxfgdl+NiCBJk6tiWuxv6PU2+SOVBL RsNaf1rAJt/Luxc0dfEIiBQr2WwxW7vQmJyEsGL5v/0FPRG46CZiT9RSX2/XaKrv fIcFK9cFuG8s8LDAXj1P7R0Yp1ag+5bHnDCtCj2efEtDA8k+5TTiuvbYDQpV3JWr KYEyqLpJHRp2eM1alfwTv3JpXl91LzKmd3LAMx/T4jfflWs6MRd7EeWReCKp1nGY Ak+icrQzBneIHst7EmtAHWWL6jhhzA9qnli6vbCxxN4UUJiq -----END CERTIFICATE-----Generated at Sun Jan 25 22:31:38 2026 by rpki-client