This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/xR7LKB9cMx20WjaSYnBDWdIRF-g.roa File: xR7LKB9cMx20WjaSYnBDWdIRF-g.roa (raw, json) Hash identifier: vumkR84YsHI2dcyHQIVTL0w8JKyaUvc5rnjqJHi4+6U= Subject key identifier: C5:1E:CB:28:1F:5C:33:1D:B4:5A:36:92:62:70:43:59:D2:11:17:E8 Certificate issuer: /CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03 Certificate serial: 019B7FF2B9F1A65CDCBB1D57D238E186408C Authority key identifier: 33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/xR7LKB9cMx20WjaSYnBDWdIRF-g.roa Signing time: Fri 02 Jan 2026 18:22:52 +0000 ROA not before: Fri 02 Jan 2026 18:22:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208111 IP address blocks: 2a14:9d01::/32 maxlen: 32 2a14:9d02::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:b9:f1:a6:5c:dc:bb:1d:57:d2:38:e1:86:40:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03 Validity Not Before: Jan 2 18:22:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c51ecb281f5c331db45a369262704359d21117e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ef:fe:48:39:7d:13:68:97:16:4f:5a:df:fd: 6c:fc:f3:6c:76:aa:0c:e6:19:c4:b9:f7:b7:b1:82: 85:70:a6:92:e5:8f:ee:79:26:cd:2c:ab:13:c5:7c: a2:20:cb:30:03:b9:f9:fb:86:6a:bb:28:bb:50:c2: b8:20:7c:8e:55:ab:45:68:a7:45:c9:85:ec:43:75: 22:5e:94:b8:b1:93:2f:a9:c9:1e:fb:ec:88:9b:77: 6c:f0:42:6d:19:d2:80:60:a8:3f:6e:24:84:19:0e: a8:a0:f7:ca:7e:6a:33:bc:39:35:39:5c:32:24:e8: da:d0:57:0b:d5:64:a5:49:80:7c:da:1e:92:56:1f: ba:3b:64:87:b4:75:89:01:bd:90:40:69:b8:7d:59: 86:79:8b:64:ef:c9:02:8f:6e:5c:e2:d5:58:ca:4b: 28:f7:09:a4:7d:4e:88:a7:e1:52:bc:de:a2:28:79: 6c:d7:18:48:63:d2:15:cf:bc:28:da:bc:03:11:d1: 50:0d:02:1e:07:c2:b8:93:8f:02:cb:fc:5c:97:5c: f7:3b:3c:92:0a:76:e2:e4:1b:a4:1c:59:9a:c2:5f: ca:15:0c:e6:6d:1e:6e:1c:92:f1:e0:80:c0:31:13: 8c:d2:f5:7b:af:b0:ba:b2:35:d7:95:a3:db:dc:37: cd:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:1E:CB:28:1F:5C:33:1D:B4:5A:36:92:62:70:43:59:D2:11:17:E8 X509v3 Authority Key Identifier: keyid:33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/xR7LKB9cMx20WjaSYnBDWdIRF-g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:9d01::-2a14:9d02:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 4f:eb:b8:cb:02:70:e7:ca:65:41:83:6b:1d:ad:f0:73:d1:4e: 11:30:1c:4f:07:3a:28:d1:04:dc:8c:ab:1e:6b:d6:ce:73:c9: 21:7c:e6:ba:90:b5:6a:75:9b:45:5d:ca:e0:e2:99:e4:ec:a8: 90:e6:77:e1:d0:87:fb:f2:c0:b2:4c:6a:f8:18:c5:56:01:b1: 94:48:57:29:44:27:51:22:62:84:66:3b:75:8a:76:c7:c5:1b: 7a:bc:bd:27:4b:84:26:22:41:94:9c:88:de:f4:45:ce:55:c9: 69:d4:da:5d:7a:21:52:a7:18:ac:8c:44:2f:04:27:27:29:d0: 96:12:5b:8e:9c:75:7a:1c:33:48:29:e5:f8:35:28:3c:67:dd: 1a:64:e9:b7:ad:dd:62:da:05:8e:62:a7:46:94:33:04:34:50: b2:36:36:e4:4e:c1:b4:a9:7a:3c:55:49:16:92:80:27:8f:bb: ff:12:61:23:2e:0b:37:2c:48:de:f6:40:59:12:f1:fc:55:9e: 28:b7:17:3c:15:d3:e9:8d:5a:b8:7f:99:a8:13:fa:ce:d5:2c: 8f:cb:4d:68:34:98:eb:dc:1f:61:af:cf:43:c7:2d:f8:61:02: a8:cf:36:c6:fd:5f:1e:1c:64:ca:15:97:2b:93:88:69:10:a7: 9f:3c:32:be -----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgISAZt/8rnxplzcux1X0jjhhkCMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzYjY1YThiYWViYTRmZjYyMTQ5MmViZWU2ZmMxZTg4YWRi MjFiMDMwHhcNMjYwMTAyMTgyMjUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNTFlY2IyODFmNWMzMzFkYjQ1YTM2OTI2MjcwNDM1OWQyMTExN2U4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe/+SDl9E2iXFk9a3/1s/PNsdqoM 5hnEufe3sYKFcKaS5Y/ueSbNLKsTxXyiIMswA7n5+4Zquyi7UMK4IHyOVatFaKdF yYXsQ3UiXpS4sZMvqcke++yIm3ds8EJtGdKAYKg/biSEGQ6ooPfKfmozvDk1OVwy JOja0FcL1WSlSYB82h6SVh+6O2SHtHWJAb2QQGm4fVmGeYtk78kCj25c4tVYykso 9wmkfU6Ip+FSvN6iKHls1xhIY9IVz7wo2rwDEdFQDQIeB8K4k48Cy/xcl1z3OzyS Cnbi5BukHFmawl/KFQzmbR5uHJLx4IDAMROM0vV7r7C6sjXXlaPb3DfN6wIDAQAB o4ICEzCCAg8wHQYDVR0OBBYEFMUeyygfXDMdtFo2kmJwQ1nSERfoMB8GA1UdIwQY MBaAFDO2Wouuuk/2IUkuvub8HoitshsDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0Njkt ZDU0NzE4NTUxMmRlLzEveFI3TEtCOWNNeDIwV2phU1luQkRXZElSRi1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0NjktZDU0NzE4NTUxMmRl LzEvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqFJ0B AwUAKhSdAjANBgkqhkiG9w0BAQsFAAOCAQEAT+u4ywJw58plQYNrHa3wc9FOETAc Twc6KNEE3IyrHmvWznPJIXzmupC1anWbRV3K4OKZ5OyokOZ34dCH+/LAskxq+BjF VgGxlEhXKUQnUSJihGY7dYp2x8Ubery9J0uEJiJBlJyI3vRFzlXJadTaXXohUqcY rIxELwQnJynQlhJbjpx1ehwzSCnl+DUoPGfdGmTpt63dYtoFjmKnRpQzBDRQsjY2 5E7BtKl6PFVJFpKAJ4+7/xJhIy4LNyxI3vZAWRLx/FWeKLcXPBXT6Y1auH+ZqBP6 ztUsj8tNaDSY69wfYa/PQ8ct+GECqM82xv1fHhxkyhWXK5OIaRCnnzwyvg== -----END CERTIFICATE-----Generated at Sun Jan 25 13:01:48 2026 by rpki-client