This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/XE0uV5aWkakbXto1CgcBdZIztP4.roa File: XE0uV5aWkakbXto1CgcBdZIztP4.roa (raw, json) Hash identifier: Td1DQRkpx9SC0wJzCk6gDumqozx5Hu6He8/fRNyLpFI= Subject key identifier: 5C:4D:2E:57:96:96:91:A9:1B:5E:DA:35:0A:07:01:75:92:33:B4:FE Certificate issuer: /CN=c8531ae2ce57c95f5a398930ea45503542801ba1 Certificate serial: 019B7D5CA1F1710DAF8BE1E9C5825457AD39 Authority key identifier: C8:53:1A:E2:CE:57:C9:5F:5A:39:89:30:EA:45:50:35:42:80:1B:A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yFMa4s5XyV9aOYkw6kVQNUKAG6E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/XE0uV5aWkakbXto1CgcBdZIztP4.roa Signing time: Fri 02 Jan 2026 06:19:41 +0000 ROA not before: Fri 02 Jan 2026 06:19:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6279 IP address blocks: 2a03:5400:100::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/yFMa4s5XyV9aOYkw6kVQNUKAG6E.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/yFMa4s5XyV9aOYkw6kVQNUKAG6E.mft rsync://rpki.ripe.net/repository/DEFAULT/yFMa4s5XyV9aOYkw6kVQNUKAG6E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:a1:f1:71:0d:af:8b:e1:e9:c5:82:54:57:ad:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8531ae2ce57c95f5a398930ea45503542801ba1 Validity Not Before: Jan 2 06:19:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c4d2e57969691a91b5eda350a0701759233b4fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:39:c4:05:c1:ab:e5:0c:92:9e:bd:62:80:b2: dd:c0:50:06:86:d8:da:98:ca:61:84:3f:43:00:b7: 6f:71:b2:9e:70:d5:3c:e8:92:7c:2c:cd:41:55:6e: 51:be:32:25:25:f6:b9:2b:0d:0b:3e:42:f3:c7:43: eb:d6:af:59:46:b6:d9:a9:81:27:19:5a:87:56:8c: a2:f5:4d:a5:70:ea:ce:d2:ff:cc:37:03:0b:be:99: e7:e2:af:30:23:d7:4c:9f:40:f0:73:95:3b:dc:82: a0:12:0c:2c:e2:c0:64:0e:63:f4:76:35:31:73:fa: 0f:78:a2:4c:b5:f4:da:fc:b3:8c:91:ba:1d:86:40: 12:86:a1:bc:bb:42:ab:77:c5:66:d2:ab:66:1f:1c: e4:41:f4:dc:51:9f:f3:cd:fd:91:4a:12:fc:30:36: b9:3c:a2:a8:b0:15:8d:30:15:7f:a2:f2:e1:d6:f0: 62:17:0c:8c:8c:0e:8b:f4:51:11:c2:2d:5e:a1:8a: 99:b7:3a:cb:08:55:fc:fa:dc:db:ea:a1:57:e8:2c: 9c:57:df:9d:dd:13:39:63:ce:f9:6f:36:43:a4:64: dc:c1:5c:72:95:34:af:60:07:aa:86:d3:57:4f:ad: 7b:68:89:2f:b4:b7:f4:52:5d:79:00:b8:3c:14:47: 1c:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:4D:2E:57:96:96:91:A9:1B:5E:DA:35:0A:07:01:75:92:33:B4:FE X509v3 Authority Key Identifier: keyid:C8:53:1A:E2:CE:57:C9:5F:5A:39:89:30:EA:45:50:35:42:80:1B:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFMa4s5XyV9aOYkw6kVQNUKAG6E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/XE0uV5aWkakbXto1CgcBdZIztP4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/yFMa4s5XyV9aOYkw6kVQNUKAG6E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:5400:100::/40 Signature Algorithm: sha256WithRSAEncryption a9:61:7f:48:89:cf:cb:e9:e4:95:73:f4:24:ab:c6:bb:1a:2a: 33:c4:81:73:49:00:78:30:b7:4f:7a:c5:75:5e:d0:a8:ea:19: 76:2a:a0:ac:1b:f7:6e:12:12:dd:b5:93:e6:fc:96:3a:b8:fa: d4:f6:af:27:8b:c7:bb:3c:ba:ef:9e:38:16:0c:40:6c:cb:05: c9:74:fc:53:c4:9e:89:12:0e:59:76:7a:11:ae:e8:c1:2e:a2: a4:55:0c:f5:67:29:c5:d0:1b:1f:81:e2:0c:fa:cf:d8:0a:d3: 4f:82:34:5e:cf:36:31:5e:6c:db:10:f4:55:db:cc:19:f2:c1: 2c:39:2b:8d:c2:8d:4a:03:27:98:05:ca:a4:e9:83:04:38:10: fd:d9:65:9a:cb:6a:93:b7:ec:b6:1c:b6:7e:9b:43:fd:73:dc: f0:aa:05:b8:2b:30:ef:8e:5e:bb:85:15:0f:e4:85:e5:3a:db: 80:39:3b:73:c0:f4:d1:2f:24:15:97:4b:33:c1:ad:48:94:19: a4:63:32:b5:a9:3a:20:51:3b:e3:ad:e0:3d:cc:95:a6:34:c7: e8:61:ee:c0:68:56:3a:b1:cb:d7:17:56:a0:6d:27:ac:83:27: 55:94:41:04:4e:ed:59:93:38:73:23:b5:11:7f:f3:f6:f9:2c: 39:d2:d9:f5 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt9XKHxcQ2vi+HpxYJUV605MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4NTMxYWUyY2U1N2M5NWY1YTM5ODkzMGVhNDU1MDM1NDI4 MDFiYTEwHhcNMjYwMTAyMDYxOTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzRkMmU1Nzk2OTY5MWE5MWI1ZWRhMzUwYTA3MDE3NTkyMzNiNGZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDnEBcGr5QySnr1igLLdwFAGhtja mMphhD9DALdvcbKecNU86JJ8LM1BVW5RvjIlJfa5Kw0LPkLzx0Pr1q9ZRrbZqYEn GVqHVoyi9U2lcOrO0v/MNwMLvpnn4q8wI9dMn0Dwc5U73IKgEgws4sBkDmP0djUx c/oPeKJMtfTa/LOMkbodhkAShqG8u0Krd8Vm0qtmHxzkQfTcUZ/zzf2RShL8MDa5 PKKosBWNMBV/ovLh1vBiFwyMjA6L9FERwi1eoYqZtzrLCFX8+tzb6qFX6CycV9+d 3RM5Y875bzZDpGTcwVxylTSvYAeqhtNXT617aIkvtLf0Ul15ALg8FEccLwIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFFxNLleWlpGpG17aNQoHAXWSM7T+MB8GA1UdIwQY MBaAFMhTGuLOV8lfWjmJMOpFUDVCgBuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUZNYTRzNVh5VjlhT1lrdzZrVlFOVUtBRzZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9jNGMzMmMtMzIyZS00ZWQ3LThhMjkt NDVkNTQyZDVmNTVmLzEvWEUwdVY1YVdrYWtiWHRvMUNnY0JkWkl6dFA0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy9jNGMzMmMtMzIyZS00ZWQ3LThhMjktNDVkNTQyZDVmNTVm LzEveUZNYTRzNVh5VjlhT1lrdzZrVlFOVUtBRzZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgNUAAEw DQYJKoZIhvcNAQELBQADggEBAKlhf0iJz8vp5JVz9CSrxrsaKjPEgXNJAHgwt096 xXVe0KjqGXYqoKwb924SEt21k+b8ljq4+tT2ryeLx7s8uu+eOBYMQGzLBcl0/FPE nokSDll2ehGu6MEuoqRVDPVnKcXQGx+B4gz6z9gK00+CNF7PNjFebNsQ9FXbzBny wSw5K43CjUoDJ5gFyqTpgwQ4EP3ZZZrLapO37LYctn6bQ/1z3PCqBbgrMO+OXruF FQ/kheU624A5O3PA9NEvJBWXSzPBrUiUGaRjMrWpOiBRO+Ot4D3MlaY0x+hh7sBo Vjqxy9cXVqBtJ6yDJ1WUQQRO7VmTOHMjtRF/8/b5LDnS2fU= -----END CERTIFICATE-----Generated at Sun Jan 25 16:55:22 2026 by rpki-client