This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/aVdPfU4dss32Ry8yMEI__necPPw.roa File: aVdPfU4dss32Ry8yMEI__necPPw.roa (raw, json) Hash identifier: dEwEWAPf2LGlFYLBWr0q6EXerCJ3GpMpvQYiCO1t82Q= Subject key identifier: 69:57:4F:7D:4E:1D:B2:CD:F6:47:2F:32:30:42:3F:FE:77:9C:3C:FC Certificate issuer: /CN=b81bb21b5c1889030d365a549f21d5b426f9dda8 Certificate serial: 019B7B3671F76C341E46F089BEA90E79CBDD Authority key identifier: B8:1B:B2:1B:5C:18:89:03:0D:36:5A:54:9F:21:D5:B4:26:F9:DD:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uBuyG1wYiQMNNlpUnyHVtCb53ag.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/aVdPfU4dss32Ry8yMEI__necPPw.roa Signing time: Thu 01 Jan 2026 20:18:44 +0000 ROA not before: Thu 01 Jan 2026 20:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35062 IP address blocks: 2001:678:4a8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/uBuyG1wYiQMNNlpUnyHVtCb53ag.crl rsync://rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/uBuyG1wYiQMNNlpUnyHVtCb53ag.mft rsync://rpki.ripe.net/repository/DEFAULT/uBuyG1wYiQMNNlpUnyHVtCb53ag.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:71:f7:6c:34:1e:46:f0:89:be:a9:0e:79:cb:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b81bb21b5c1889030d365a549f21d5b426f9dda8 Validity Not Before: Jan 1 20:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69574f7d4e1db2cdf6472f3230423ffe779c3cfc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:84:20:b3:bc:86:4f:91:7c:7c:de:72:78:f9: c5:44:e7:65:c9:98:38:79:5c:19:16:50:b1:d4:51: 56:58:79:56:a2:15:70:82:f1:d7:0f:6c:8a:2f:24: 82:18:4d:37:f1:cf:be:37:eb:f8:cb:48:37:b4:88: e4:f8:8c:94:e1:6a:7f:73:44:e2:af:4c:cd:b2:a2: e0:db:84:fb:d0:9e:00:3d:25:f2:b7:22:b0:f6:55: 28:bb:69:00:b2:bf:7a:ba:c5:b8:58:9c:e0:df:59: 13:64:56:50:01:e8:73:9a:b2:92:98:01:0b:a2:ac: b6:ff:64:a2:a5:38:5a:36:9f:c7:5d:88:6a:7a:8b: b8:fa:07:23:04:7b:86:2c:50:44:64:48:f2:a9:d2: 72:59:87:df:ea:52:32:56:54:6c:72:84:46:2f:ae: 23:12:86:ae:7a:93:37:9b:b4:ff:5b:76:81:07:07: ee:ad:6c:9e:6c:7b:d6:88:5c:e2:38:ba:4f:9b:15: c2:08:9d:27:c3:f3:b5:fd:10:96:f2:32:9d:de:5e: a7:18:5a:2f:0d:b9:4c:91:a1:d9:d2:92:4b:45:e9: 81:28:4d:fb:df:9f:c4:ae:f0:80:d7:c3:23:c2:0c: 67:32:1d:b0:8f:09:dd:a5:3c:bc:2c:01:2b:27:71: a8:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:57:4F:7D:4E:1D:B2:CD:F6:47:2F:32:30:42:3F:FE:77:9C:3C:FC X509v3 Authority Key Identifier: keyid:B8:1B:B2:1B:5C:18:89:03:0D:36:5A:54:9F:21:D5:B4:26:F9:DD:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBuyG1wYiQMNNlpUnyHVtCb53ag.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/aVdPfU4dss32Ry8yMEI__necPPw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/uBuyG1wYiQMNNlpUnyHVtCb53ag.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:4a8::/48 Signature Algorithm: sha256WithRSAEncryption 2c:25:13:33:74:c9:99:a3:4e:7c:21:e4:e9:77:75:a1:85:15: f1:f2:00:46:b9:0d:f6:10:57:08:49:2a:de:49:e4:71:ad:6e: a5:a5:7f:30:cf:6d:db:7a:56:8a:f3:ff:1c:d9:24:7d:fd:42: 86:2c:f5:97:3e:06:45:e2:df:02:d4:ba:24:36:a9:be:66:1b: 67:44:28:d1:1b:9a:a1:42:ea:a3:d4:d0:00:93:ad:9d:3b:39: c3:ae:72:b4:b8:64:a3:f2:51:ab:26:22:af:7a:a0:c4:f5:4b: 52:b4:3f:26:40:d7:c4:84:ea:c0:87:11:41:b2:a3:7b:5e:78: 6b:45:f0:41:ea:af:b3:c5:a0:3e:bf:01:e2:cf:b2:1d:95:33: af:3d:28:57:da:05:4e:8c:00:0d:e7:6f:8d:25:60:eb:96:2f: 16:cb:9e:c6:18:ea:ee:9d:f5:63:29:93:41:11:aa:6e:f6:bd: 1c:7a:30:9c:3e:55:38:a3:b9:bf:69:41:b5:29:c4:bd:fd:0c: 9e:15:83:0b:99:5d:d3:f3:7e:70:97:de:e3:3e:c8:58:08:c5: 7d:3a:8c:b8:78:9b:b5:88:32:c0:eb:be:a6:99:58:4e:d2:9d: 96:fc:fb:0b:11:b2:fa:4e:42:63:a9:4c:da:92:37:96:35:59: 10:0e:de:2a -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt7NnH3bDQeRvCJvqkOecvdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI4MWJiMjFiNWMxODg5MDMwZDM2NWE1NDlmMjFkNWI0MjZm OWRkYTgwHhcNMjYwMTAxMjAxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OTU3NGY3ZDRlMWRiMmNkZjY0NzJmMzIzMDQyM2ZmZTc3OWMzY2ZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YQgs7yGT5F8fN5yePnFROdlyZg4 eVwZFlCx1FFWWHlWohVwgvHXD2yKLySCGE038c++N+v4y0g3tIjk+IyU4Wp/c0Ti r0zNsqLg24T70J4APSXytyKw9lUou2kAsr96usW4WJzg31kTZFZQAehzmrKSmAEL oqy2/2SipThaNp/HXYhqeou4+gcjBHuGLFBEZEjyqdJyWYff6lIyVlRscoRGL64j EoauepM3m7T/W3aBBwfurWyebHvWiFziOLpPmxXCCJ0nw/O1/RCW8jKd3l6nGFov DblMkaHZ0pJLRemBKE3735/ErvCA18MjwgxnMh2wjwndpTy8LAErJ3GoSwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFGlXT31OHbLN9kcvMjBCP/53nDz8MB8GA1UdIwQY MBaAFLgbshtcGIkDDTZaVJ8h1bQm+d2oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdUJ1eUcxd1lpUU1OTmxwVW55SFZ0Q2I1M2FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8wYTk2YzktMThlYS00NzUzLWEyYzUt YWM5YWNkMzUyODQyLzEvYVZkUGZVNGRzczMyUnk4eU1FSV9fbmVjUFB3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZS8wYTk2YzktMThlYS00NzUzLWEyYzUtYWM5YWNkMzUyODQy LzEvdUJ1eUcxd1lpUU1OTmxwVW55SFZ0Q2I1M2FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeASo MA0GCSqGSIb3DQEBCwUAA4IBAQAsJRMzdMmZo058IeTpd3WhhRXx8gBGuQ32EFcI SSreSeRxrW6lpX8wz23belaK8/8c2SR9/UKGLPWXPgZF4t8C1LokNqm+ZhtnRCjR G5qhQuqj1NAAk62dOznDrnK0uGSj8lGrJiKveqDE9UtStD8mQNfEhOrAhxFBsqN7 XnhrRfBB6q+zxaA+vwHiz7IdlTOvPShX2gVOjAAN52+NJWDrli8Wy57GGOrunfVj KZNBEapu9r0cejCcPlU4o7m/aUG1KcS9/QyeFYMLmV3T835wl97jPshYCMV9Ooy4 eJu1iDLA676mmVhO0p2W/PsLEbL6TkJjqUzakjeWNVkQDt4q -----END CERTIFICATE-----Generated at Mon Jan 26 12:26:00 2026 by rpki-client