This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/7113df-e0e8-440e-a118-8beadaaad0b1/1/XbK16gp1Rd7CTE3ryMVkvlqNehI.roa File: XbK16gp1Rd7CTE3ryMVkvlqNehI.roa (raw, json) Hash identifier: wmv1rflTHLRXNBfeQWldsma4iJiCHJfDkNf/3azIuu4= Subject key identifier: 5D:B2:B5:EA:0A:75:45:DE:C2:4C:4D:EB:C8:C5:64:BE:5A:8D:7A:12 Certificate issuer: /CN=251e7871fd38f2df918242dda1c6fc35688423ca Certificate serial: 019B7EA4605477D962B0B184E22312CBAD09 Authority key identifier: 25:1E:78:71:FD:38:F2:DF:91:82:42:DD:A1:C6:FC:35:68:84:23:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JR54cf048t-RgkLdocb8NWiEI8o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/7113df-e0e8-440e-a118-8beadaaad0b1/1/XbK16gp1Rd7CTE3ryMVkvlqNehI.roa Signing time: Fri 02 Jan 2026 12:17:40 +0000 ROA not before: Fri 02 Jan 2026 12:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25151 IP address blocks: 2001:678:c50::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/7113df-e0e8-440e-a118-8beadaaad0b1/1/JR54cf048t-RgkLdocb8NWiEI8o.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/7113df-e0e8-440e-a118-8beadaaad0b1/1/JR54cf048t-RgkLdocb8NWiEI8o.mft rsync://rpki.ripe.net/repository/DEFAULT/JR54cf048t-RgkLdocb8NWiEI8o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:60:54:77:d9:62:b0:b1:84:e2:23:12:cb:ad:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=251e7871fd38f2df918242dda1c6fc35688423ca Validity Not Before: Jan 2 12:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5db2b5ea0a7545dec24c4debc8c564be5a8d7a12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:59:1e:34:d9:13:80:e0:7e:e8:ff:54:93:9d: 3d:59:70:0f:7c:86:b4:3e:30:b8:7e:4a:de:f0:73: 76:f9:2d:f7:af:ec:e9:0a:1a:26:8e:95:cf:1e:7e: 20:ed:08:78:7d:28:a6:53:4c:e2:b9:c0:d0:9d:3c: d0:26:3b:e2:1a:fa:90:f8:e1:08:74:c1:76:45:ef: 26:80:34:83:35:7d:07:d5:fa:99:53:04:63:56:f1: 68:5d:c4:32:22:21:49:96:d2:0a:a3:15:5e:2e:90: be:d7:f0:0a:b6:20:73:45:d3:5f:f6:a6:bb:2c:1a: 36:41:91:d7:16:1d:07:80:14:cb:6f:f4:a2:0d:ae: 79:7c:3d:f4:0e:02:96:67:f3:1f:e2:60:63:9a:53: da:30:b4:29:97:64:bc:76:29:fa:b6:c1:2b:d1:7d: 65:c0:7c:7f:7e:e4:63:09:91:da:3e:ed:a0:b6:28: 59:2c:93:36:8a:eb:1e:ee:b3:92:f2:35:8d:93:0f: 7f:7d:80:8f:99:af:d8:9f:5e:4d:90:8f:dc:d6:f0: 84:a1:f4:a8:1e:62:88:2c:92:18:8c:fb:20:51:f0: 68:4a:5d:4f:d9:3c:c7:97:fa:c9:6a:74:91:2f:3d: 3e:a1:ce:20:9b:4a:b2:ba:e8:67:9e:55:a2:4c:88: 3f:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:B2:B5:EA:0A:75:45:DE:C2:4C:4D:EB:C8:C5:64:BE:5A:8D:7A:12 X509v3 Authority Key Identifier: keyid:25:1E:78:71:FD:38:F2:DF:91:82:42:DD:A1:C6:FC:35:68:84:23:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JR54cf048t-RgkLdocb8NWiEI8o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/7113df-e0e8-440e-a118-8beadaaad0b1/1/XbK16gp1Rd7CTE3ryMVkvlqNehI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/7113df-e0e8-440e-a118-8beadaaad0b1/1/JR54cf048t-RgkLdocb8NWiEI8o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:c50::/48 Signature Algorithm: sha256WithRSAEncryption 5a:77:63:6a:fd:f7:ae:9a:2a:7c:5b:01:50:11:c6:f6:51:21: 0d:5c:a1:10:71:5c:31:d0:62:bb:fe:0a:c0:5d:17:8d:6a:61: 98:05:2b:50:4c:53:b7:a5:85:87:a9:37:e4:f0:f3:d9:ee:0a: 21:e4:c9:ad:bf:47:dd:2d:0b:ca:42:b6:bb:ac:8b:87:5e:a9: 5f:bd:3b:9a:2c:d4:71:da:f1:17:6f:ad:e5:29:06:59:e4:f7: d9:65:ce:2d:4a:7b:bf:d9:c5:da:c9:20:c5:a2:8a:74:98:6f: b9:56:aa:33:b2:15:30:c6:b8:e0:05:0f:5d:a3:c9:08:02:7a: 31:56:3c:f8:3c:1f:c4:89:b1:74:b1:ea:0b:be:19:ae:a5:04: f9:e6:79:56:7b:30:8e:23:29:9b:eb:67:97:6d:a6:bd:87:50: 10:8a:72:66:8c:d1:b9:78:4c:0c:3d:61:e7:ad:3c:89:35:0e: 6c:fc:5e:b5:1c:a5:ec:53:0c:b5:d7:1e:8c:25:75:7b:15:82: aa:4a:a4:ce:7f:13:01:1f:2d:2c:34:9e:40:55:ed:c9:48:25: 03:7e:90:a4:9a:06:d6:0f:c4:2e:7b:19:45:bf:8f:cb:d0:df: 50:1c:9f:ab:04:2a:70:e5:02:72:ee:85:3b:ca:c7:a6:1e:f1: bf:27:71:b3 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+pGBUd9lisLGE4iMSy60JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1MWU3ODcxZmQzOGYyZGY5MTgyNDJkZGExYzZmYzM1Njg4 NDIzY2EwHhcNMjYwMTAyMTIxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGIyYjVlYTBhNzU0NWRlYzI0YzRkZWJjOGM1NjRiZTVhOGQ3YTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFkeNNkTgOB+6P9Uk509WXAPfIa0 PjC4fkre8HN2+S33r+zpChomjpXPHn4g7Qh4fSimU0ziucDQnTzQJjviGvqQ+OEI dMF2Re8mgDSDNX0H1fqZUwRjVvFoXcQyIiFJltIKoxVeLpC+1/AKtiBzRdNf9qa7 LBo2QZHXFh0HgBTLb/SiDa55fD30DgKWZ/Mf4mBjmlPaMLQpl2S8din6tsEr0X1l wHx/fuRjCZHaPu2gtihZLJM2iuse7rOS8jWNkw9/fYCPma/Yn15NkI/c1vCEofSo HmKILJIYjPsgUfBoSl1P2TzHl/rJanSRLz0+oc4gm0qyuuhnnlWiTIg/wwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFF2yteoKdUXewkxN68jFZL5ajXoSMB8GA1UdIwQY MBaAFCUeeHH9OPLfkYJC3aHG/DVohCPKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlI1NGNmMDQ4dC1SZ2tMZG9jYjhOV2lFSThvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83MTEzZGYtZTBlOC00NDBlLWExMTgt OGJlYWRhYWFkMGIxLzEvWGJLMTZncDFSZDdDVEUzcnlNVmt2bHFOZWhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC83MTEzZGYtZTBlOC00NDBlLWExMTgtOGJlYWRhYWFkMGIx LzEvSlI1NGNmMDQ4dC1SZ2tMZG9jYjhOV2lFSThvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAxQ MA0GCSqGSIb3DQEBCwUAA4IBAQBad2Nq/feumip8WwFQEcb2USENXKEQcVwx0GK7 /grAXReNamGYBStQTFO3pYWHqTfk8PPZ7goh5Mmtv0fdLQvKQra7rIuHXqlfvTua LNRx2vEXb63lKQZZ5PfZZc4tSnu/2cXaySDFoop0mG+5VqozshUwxrjgBQ9do8kI AnoxVjz4PB/EibF0seoLvhmupQT55nlWezCOIymb62eXbaa9h1AQinJmjNG5eEwM PWHnrTyJNQ5s/F61HKXsUwy11x6MJXV7FYKqSqTOfxMBHy0sNJ5AVe3JSCUDfpCk mgbWD8QuexlFv4/L0N9QHJ+rBCpw5QJy7oU7ysemHvG/J3Gz -----END CERTIFICATE-----Generated at Sun Jan 25 21:03:32 2026 by rpki-client