This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/9aVW5Ze1o0Y4oVgHxgnUhn1RdhQ.roa File: 9aVW5Ze1o0Y4oVgHxgnUhn1RdhQ.roa (raw, json) Hash identifier: BRrYLjxdA6J0znC7g9IK6bOs3/hTtVjuCxhtd6Laps4= Subject key identifier: F5:A5:56:E5:97:B5:A3:46:38:A1:58:07:C6:09:D4:86:7D:51:76:14 Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694 Certificate serial: 019B7FF14BBFC15660149E8329E46233D59A Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/9aVW5Ze1o0Y4oVgHxgnUhn1RdhQ.roa Signing time: Fri 02 Jan 2026 18:21:18 +0000 ROA not before: Fri 02 Jan 2026 18:21:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2027 IP address blocks: 2a0b:cbc0::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.mft rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:4b:bf:c1:56:60:14:9e:83:29:e4:62:33:d5:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694 Validity Not Before: Jan 2 18:21:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f5a556e597b5a34638a15807c609d4867d517614 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:2a:1b:45:c4:fa:de:8e:80:a0:e4:b4:a7:11: 0c:22:59:91:a4:3b:ac:9f:b4:49:15:57:58:01:42: aa:b7:da:fd:45:ce:df:31:b0:ac:09:ad:b0:a8:e9: 68:ea:ee:57:30:cc:9b:1b:e7:11:17:13:3e:9a:bc: 9f:62:db:5e:a8:25:fc:2b:8a:37:15:0f:e4:76:fd: 93:a3:0a:a2:41:d4:b1:d1:c3:26:cd:d9:fb:b4:25: 21:e6:ee:36:ad:15:2d:ff:88:f3:cd:3e:7a:4d:b5: ae:ee:c9:94:a1:d8:54:dd:08:fb:b9:29:4e:00:a9: f2:50:d0:19:2c:88:e6:c6:7f:42:80:3e:38:0f:b0: 87:c9:92:04:ea:31:1a:8d:1f:57:24:53:56:23:b1: cc:a5:ce:d0:e5:28:2a:7f:bf:40:a2:f0:5c:54:f9: a2:fb:ff:b5:63:e8:1e:a4:df:3c:24:1f:20:c6:80: 11:85:4e:28:09:57:29:a9:1d:6d:18:87:a5:52:32: 4e:a5:2e:14:b9:28:b2:e2:2e:d2:8f:2c:f2:db:50: 42:6d:7f:c6:1d:84:24:87:bf:15:76:f9:3c:d1:2b: 4c:7b:3e:9d:95:2c:15:7d:a1:4b:94:8a:75:f8:f3: 70:77:18:b6:c7:52:6c:a0:ce:ef:e4:e5:11:8a:b9: 30:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:A5:56:E5:97:B5:A3:46:38:A1:58:07:C6:09:D4:86:7D:51:76:14 X509v3 Authority Key Identifier: keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/9aVW5Ze1o0Y4oVgHxgnUhn1RdhQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:cbc0::/29 Signature Algorithm: sha256WithRSAEncryption 22:21:2f:b7:6f:dd:0e:01:fe:41:92:0c:36:ce:b6:9b:2d:35: 66:21:c2:2b:ea:06:16:08:e9:75:cb:64:3f:ce:8b:c9:63:0d: 90:b0:a9:8f:1d:cf:5d:76:a3:72:ec:d7:d1:8d:f4:da:a7:3e: ea:a3:0a:ed:0d:1c:f0:4a:ca:52:a9:58:c3:9e:8d:d9:31:34: 01:ce:a9:36:aa:67:4a:38:46:79:23:0c:e6:d0:fe:2b:41:f3: bf:29:ab:c3:33:3e:5f:3c:10:e9:b4:b9:72:eb:88:36:83:ab: b3:5e:d0:f6:9a:c1:e2:f3:f2:25:da:ab:b8:f0:0a:99:34:72: 1a:70:fb:38:e0:28:ca:7f:73:f2:88:ad:e4:62:7b:07:82:28: 98:47:d8:32:6f:84:17:8b:92:3a:d7:aa:a1:a6:ff:cb:21:56: 10:0f:36:3c:1a:2d:59:b9:7b:1c:d9:07:f3:1f:9c:5e:fc:4d: 48:13:e1:76:4c:48:b3:78:a1:ac:9e:7f:3d:dd:9a:86:b0:39: 27:5a:75:5e:82:be:8b:84:57:61:28:b6:a6:cf:16:f3:34:fe: 75:33:60:d0:bb:ff:82:ea:0b:b8:e1:5d:a2:86:09:93:ad:42: 54:50:37:f1:54:f1:f6:8a:39:df:cb:80:ae:c1:7f:32:65:d4: fe:d3:ba:2b -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt/8Uu/wVZgFJ6DKeRiM9WaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5 YTI2OTQwHhcNMjYwMTAyMTgyMTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNWE1NTZlNTk3YjVhMzQ2MzhhMTU4MDdjNjA5ZDQ4NjdkNTE3NjE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiobRcT63o6AoOS0pxEMIlmRpDus n7RJFVdYAUKqt9r9Rc7fMbCsCa2wqOlo6u5XMMybG+cRFxM+mryfYtteqCX8K4o3 FQ/kdv2TowqiQdSx0cMmzdn7tCUh5u42rRUt/4jzzT56TbWu7smUodhU3Qj7uSlO AKnyUNAZLIjmxn9CgD44D7CHyZIE6jEajR9XJFNWI7HMpc7Q5Sgqf79AovBcVPmi +/+1Y+gepN88JB8gxoARhU4oCVcpqR1tGIelUjJOpS4UuSiy4i7Sjyzy21BCbX/G HYQkh78Vdvk80StMez6dlSwVfaFLlIp1+PNwdxi2x1JsoM7v5OURirkwiQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFPWlVuWXtaNGOKFYB8YJ1IZ9UXYUMB8GA1UdIwQY MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt ODM4ZWJmNDEyYTYxLzEvOWFWVzVaZTFvMFk0b1ZnSHhnblVobjFSZGhRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgvLwDAN BgkqhkiG9w0BAQsFAAOCAQEAIiEvt2/dDgH+QZIMNs62my01ZiHCK+oGFgjpdctk P86LyWMNkLCpjx3PXXajcuzX0Y302qc+6qMK7Q0c8ErKUqlYw56N2TE0Ac6pNqpn SjhGeSMM5tD+K0HzvymrwzM+XzwQ6bS5cuuINoOrs17Q9prB4vPyJdqruPAKmTRy GnD7OOAoyn9z8oit5GJ7B4IomEfYMm+EF4uSOteqoab/yyFWEA82PBotWbl7HNkH 8x+cXvxNSBPhdkxIs3ihrJ5/Pd2ahrA5J1p1XoK+i4RXYSi2ps8W8zT+dTNg0Lv/ guoLuOFdooYJk61CVFA38VTx9oo538uArsF/MmXU/tO6Kw== -----END CERTIFICATE-----Generated at Mon Jan 26 10:25:26 2026 by rpki-client