This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/vX_8fXaxigdlWpe1tG-xpUdtIoQ.roa File: vX_8fXaxigdlWpe1tG-xpUdtIoQ.roa (raw, json) Hash identifier: XxkJj1YMXQmGGy2zQBCP59NASJ3xuWotiNT/aTYNmvw= Subject key identifier: BD:7F:FC:7D:76:B1:8A:07:65:5A:97:B5:B4:6F:B1:A5:47:6D:22:84 Certificate issuer: /CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a Certificate serial: 019B78A2BCD2D861F651D4322A73973B97B3 Authority key identifier: 8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/vX_8fXaxigdlWpe1tG-xpUdtIoQ.roa Signing time: Thu 01 Jan 2026 08:18:09 +0000 ROA not before: Thu 01 Jan 2026 08:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211691 IP address blocks: 2a07:7940:42::/48 maxlen: 48 2a07:7940:44::/48 maxlen: 48 2a07:7940:fffd::/48 maxlen: 48 2a07:7940:fffe::/48 maxlen: 48 2a07:7947:ff00::/44 maxlen: 44 2a07:7947:ff80::/44 maxlen: 44 2a07:7947:ffc0::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.mft rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:bc:d2:d8:61:f6:51:d4:32:2a:73:97:3b:97:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a Validity Not Before: Jan 1 08:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bd7ffc7d76b18a07655a97b5b46fb1a5476d2284 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:08:99:d4:60:4a:96:9e:74:80:ac:21:e7:2b: 58:a3:0a:18:a3:d9:82:da:bc:a9:66:5f:49:fc:8d: 24:fd:2c:9a:c4:b7:7b:f4:15:28:d8:e1:05:52:b2: 77:61:f2:d3:cf:86:85:6a:8a:1c:c2:fa:42:45:f7: c3:97:c8:31:e0:54:bb:a7:52:7c:19:af:2e:48:cb: 84:10:d9:9f:1e:ed:fa:83:ea:62:de:18:3c:e1:6f: 42:5d:47:1f:5b:92:3c:da:0a:0f:1d:7f:a6:f3:34: ec:52:e1:12:32:f6:9f:cb:3f:0c:47:5f:7b:f6:1f: 96:d8:02:f3:6d:65:56:ed:fc:5b:86:e6:7f:aa:54: 7d:d0:a6:34:cb:b0:c8:cc:17:39:82:39:7d:7b:fe: 5c:12:45:5a:8e:a8:81:18:0c:30:4a:5d:a8:ae:dd: 21:b5:88:ab:e5:33:1f:2f:74:4a:04:36:a6:c4:76: 40:6b:a1:6a:ac:21:8c:9e:e1:ab:6a:81:66:34:f9: 3d:08:4c:a4:d4:56:a8:e6:49:a3:57:3b:a2:69:65: 36:7e:e4:3c:59:42:73:15:62:54:05:8b:c6:cb:f2: a0:d1:cc:c6:5e:3e:f4:73:8e:1b:4f:88:02:71:34: e2:71:bf:51:b6:1e:10:c2:f3:66:e6:fb:f0:78:5b: 76:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:7F:FC:7D:76:B1:8A:07:65:5A:97:B5:B4:6F:B1:A5:47:6D:22:84 X509v3 Authority Key Identifier: keyid:8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/vX_8fXaxigdlWpe1tG-xpUdtIoQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:7940:42::/48 2a07:7940:44::/48 2a07:7940:fffd::-2a07:7940:fffe:ffff:ffff:ffff:ffff:ffff 2a07:7947:ff00::/44 2a07:7947:ff80::/44 2a07:7947:ffc0::/44 Signature Algorithm: sha256WithRSAEncryption 26:74:fd:e8:36:d0:27:11:74:97:88:c2:a2:c4:eb:37:2d:d9: 2c:d9:66:7a:74:f7:88:01:9e:2c:2b:c4:c6:c5:58:75:2e:f1: d6:a7:3b:a5:99:b2:39:3e:69:61:84:08:9c:db:f2:a3:73:ae: 2b:a2:7b:41:00:9e:6c:fb:eb:60:92:6d:4e:1f:a8:1c:61:84: 28:bd:5d:70:45:af:28:ff:6d:6b:3d:73:e1:64:05:b5:2a:1c: b2:29:4d:b3:7d:36:2c:66:2b:4a:07:e4:f8:9b:1f:dd:23:b6: 70:06:b7:40:ae:c3:81:0d:6a:18:4a:ea:19:39:70:b5:2d:e7: 64:7f:1a:b0:f4:31:7b:6a:3c:f9:b2:a5:76:fb:a3:cb:8e:1d: 1f:f1:49:5f:a2:9e:bc:74:ea:52:9a:a4:cb:c0:e2:99:62:4d: 7c:d8:86:52:e0:59:08:8a:52:77:4a:94:ea:eb:28:12:48:82: 4a:e5:4a:89:81:94:3b:77:dc:35:74:f7:b4:69:5a:6a:1a:bd: d0:e6:c4:62:4c:ca:f2:64:2a:79:7c:ac:00:a9:3e:75:43:95: 7f:da:3b:1d:22:25:94:11:21:89:0d:dc:f8:a6:cf:31:ed:8c: 9f:b0:37:c7:26:42:00:e3:b9:a0:4c:44:eb:1c:ab:1b:e9:e1: ab:94:45:84 -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgISAZt4orzS2GH2UdQyKnOXO5ezMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhYWI0YzBjZjIxYzFhM2Q2ZWE0MTA2OGNiZTkwOGJlMzg4 ZTQ1MGEwHhcNMjYwMTAxMDgxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZDdmZmM3ZDc2YjE4YTA3NjU1YTk3YjViNDZmYjFhNTQ3NmQyMjg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQiZ1GBKlp50gKwh5ytYowoYo9mC 2rypZl9J/I0k/SyaxLd79BUo2OEFUrJ3YfLTz4aFaoocwvpCRffDl8gx4FS7p1J8 Ga8uSMuEENmfHu36g+pi3hg84W9CXUcfW5I82goPHX+m8zTsUuESMvafyz8MR197 9h+W2ALzbWVW7fxbhuZ/qlR90KY0y7DIzBc5gjl9e/5cEkVajqiBGAwwSl2ort0h tYir5TMfL3RKBDamxHZAa6FqrCGMnuGraoFmNPk9CEyk1Fao5kmjVzuiaWU2fuQ8 WUJzFWJUBYvGy/Kg0czGXj70c44bT4gCcTTicb9Rth4QwvNm5vvweFt2VQIDAQAB o4ICRDCCAkAwHQYDVR0OBBYEFL1//H12sYoHZVqXtbRvsaVHbSKEMB8GA1UdIwQY MBaAFIqrTAzyHBo9bqQQaMvpCL44jkUKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMt NTM3YjFiNDlkZmU3LzEvdlhfOGZYYXhpZ2RsV3BlMXRHLXhwVWR0SW9RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMtNTM3YjFiNDlkZmU3 LzEvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwcAKgd5QABC AwcAKgd5QABEMBIDBwAqB3lA//0DBwAqB3lA//4DBwQqB3lH/wADBwQqB3lH/4AD BwQqB3lH/8AwDQYJKoZIhvcNAQELBQADggEBACZ0/eg20CcRdJeIwqLE6zct2SzZ Znp094gBniwrxMbFWHUu8danO6WZsjk+aWGECJzb8qNzriuie0EAnmz762CSbU4f qBxhhCi9XXBFryj/bWs9c+FkBbUqHLIpTbN9NixmK0oH5PibH90jtnAGt0Cuw4EN ahhK6hk5cLUt52R/GrD0MXtqPPmypXb7o8uOHR/xSV+inrx06lKapMvA4pliTXzY hlLgWQiKUndKlOrrKBJIgkrlSomBlDt33DV097RpWmoavdDmxGJMyvJkKnl8rACp PnVDlX/aOx0iJZQRIYkN3PimzzHtjJ+wN8cmQgDjuaBMROscqxvp4auURYQ= -----END CERTIFICATE-----Generated at Mon Jan 26 04:39:17 2026 by rpki-client