This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/VDlRmZ_UUBGQIZXe-tlycFHtxuY.roa File: VDlRmZ_UUBGQIZXe-tlycFHtxuY.roa (raw, json) Hash identifier: roAWquTgnTt3gI/FQ9e2D2VEpYewknrb+S48y8ncfXs= Subject key identifier: 54:39:51:99:9F:D4:50:11:90:21:95:DE:FA:D9:72:70:51:ED:C6:E6 Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0 Certificate serial: 019B7FF23FFDEA95E0E7252E9A68F5298619 Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/VDlRmZ_UUBGQIZXe-tlycFHtxuY.roa Signing time: Fri 02 Jan 2026 18:22:21 +0000 ROA not before: Fri 02 Jan 2026 18:22:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211066 IP address blocks: 2a0e:da40:10::/44 maxlen: 128 2a0e:da40:da40::/48 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.mft rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 21:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:3f:fd:ea:95:e0:e7:25:2e:9a:68:f5:29:86:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0 Validity Not Before: Jan 2 18:22:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=543951999fd45011902195defad9727051edc6e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:85:31:d6:f6:56:34:bf:c2:34:e4:8b:c2:27: 4c:26:24:13:9a:b4:63:a5:ec:67:e7:5d:2b:4b:61: 6c:da:b5:74:e6:cb:22:d1:6d:db:bc:95:06:99:93: 02:60:04:0a:cf:53:a6:72:b0:ba:69:e9:27:2f:60: 6d:c5:ba:47:07:4c:76:0d:a6:f1:a5:4f:9a:3f:8f: 95:4b:0e:44:2b:88:31:70:7f:4c:99:c3:3c:9a:f2: 4b:61:56:64:ef:2f:c7:5d:1f:28:81:9c:18:ae:9a: a7:63:b0:60:8a:1c:19:e9:3e:54:e3:55:e6:a4:4b: 42:84:4b:63:85:0e:dd:79:cf:3a:49:24:1c:9f:2d: ab:c3:3d:d3:76:82:a7:5b:34:cb:ee:73:a1:c3:3c: 4d:0e:13:0b:2c:ae:e5:8f:50:d8:f1:00:8d:52:86: 64:7b:8d:4e:a1:82:eb:c9:a9:99:0c:a6:7e:4b:2c: f8:3b:ce:ae:73:cc:1d:41:73:0a:3b:59:53:ef:f8: 5f:4b:8b:9c:63:17:fb:5e:00:2f:b6:66:62:91:30: f6:72:a3:66:b3:ff:bb:a9:7f:95:ba:af:d3:15:20: 3b:4f:18:38:e3:5c:76:34:3f:ee:00:95:5f:cc:41: 66:ce:8c:f2:b3:9a:4f:f0:21:b2:88:f8:f8:9d:1a: fa:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:39:51:99:9F:D4:50:11:90:21:95:DE:FA:D9:72:70:51:ED:C6:E6 X509v3 Authority Key Identifier: keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/VDlRmZ_UUBGQIZXe-tlycFHtxuY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:da40:10::/44 2a0e:da40:da40::/48 Signature Algorithm: sha256WithRSAEncryption 2a:4d:7e:50:17:6e:52:dd:12:e5:14:74:ae:76:3a:a4:40:47: fc:55:ed:be:79:92:85:25:cc:5f:1c:5a:65:8d:30:b4:d3:fa: 7e:22:b4:c8:cc:5e:f5:c4:84:01:2d:e9:aa:d4:58:a8:d1:ed: d6:75:f2:ea:05:9b:6c:d9:aa:17:9d:e6:01:67:06:67:b2:f0: 30:f8:54:0f:94:aa:47:41:69:b3:18:69:82:9e:47:24:11:34: 92:ed:e0:d2:b2:06:a4:95:c2:69:0e:90:8e:85:1a:fe:8f:1d: c1:f2:e8:c0:2d:10:f7:9a:99:00:6f:8d:f8:80:50:aa:21:57: 31:13:80:d6:8f:34:33:0d:37:53:d9:38:e3:cf:cf:80:d7:e7: 92:5c:3d:1b:2b:86:fa:a6:ef:f1:d6:3e:2a:a1:17:c8:c5:5a: 8e:59:54:43:e8:9b:58:d5:98:2d:0b:a1:37:1a:cc:d7:7c:6b: f6:be:8c:e5:c5:1c:f7:b1:89:38:e0:47:89:dc:ca:7c:87:98: 06:e6:ef:0a:8b:c2:25:5b:b7:0c:19:66:ec:8d:b9:35:96:57: 27:d7:58:02:7c:d0:60:0b:ad:b3:b6:53:5f:9d:0d:ff:32:d9: ff:05:88:6c:f2:69:d5:b4:cd:28:6e:bc:ec:b5:9d:49:b2:5a: a9:0d:f4:5c -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/8j/96pXg5yUummj1KYYZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk NDI1YjAwHhcNMjYwMTAyMTgyMjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NDM5NTE5OTlmZDQ1MDExOTAyMTk1ZGVmYWQ5NzI3MDUxZWRjNmU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4Ux1vZWNL/CNOSLwidMJiQTmrRj pexn510rS2Fs2rV05ssi0W3bvJUGmZMCYAQKz1OmcrC6aeknL2BtxbpHB0x2Dabx pU+aP4+VSw5EK4gxcH9MmcM8mvJLYVZk7y/HXR8ogZwYrpqnY7BgihwZ6T5U41Xm pEtChEtjhQ7dec86SSQcny2rwz3TdoKnWzTL7nOhwzxNDhMLLK7lj1DY8QCNUoZk e41OoYLryamZDKZ+Syz4O86uc8wdQXMKO1lT7/hfS4ucYxf7XgAvtmZikTD2cqNm s/+7qX+Vuq/TFSA7Txg441x2ND/uAJVfzEFmzozys5pP8CGyiPj4nRr6swIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFFQ5UZmf1FARkCGV3vrZcnBR7cbmMB8GA1UdIwQY MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt YjAzZGY5OTZlNDgxLzEvVkRsUm1aX1VVQkdRSVpYZS10bHljRkh0eHVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg7aQAAQ AwcAKg7aQNpAMA0GCSqGSIb3DQEBCwUAA4IBAQAqTX5QF25S3RLlFHSudjqkQEf8 Ve2+eZKFJcxfHFpljTC00/p+IrTIzF71xIQBLemq1Fio0e3WdfLqBZts2aoXneYB ZwZnsvAw+FQPlKpHQWmzGGmCnkckETSS7eDSsgaklcJpDpCOhRr+jx3B8ujALRD3 mpkAb434gFCqIVcxE4DWjzQzDTdT2Tjjz8+A1+eSXD0bK4b6pu/x1j4qoRfIxVqO WVRD6JtY1ZgtC6E3GszXfGv2vozlxRz3sYk44EeJ3Mp8h5gG5u8Ki8IlW7cMGWbs jbk1llcn11gCfNBgC62ztlNfnQ3/Mtn/BYhs8mnVtM0obrzstZ1JslqpDfRc -----END CERTIFICATE-----Generated at Sun Jan 25 08:52:06 2026 by rpki-client