This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/9FhDVq2bIcKPVT4-LNeLhleMtsU.roa File: 9FhDVq2bIcKPVT4-LNeLhleMtsU.roa (raw, json) Hash identifier: 9KYuP3D+C7cw6iLbwhFcurqEz58uGe5Kg9G2sCqyt6U= Subject key identifier: F4:58:43:56:AD:9B:21:C2:8F:55:3E:3E:2C:D7:8B:86:57:8C:B6:C5 Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff Certificate serial: 019B7BA515E01703C7B78C84C1842A7306A5 Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/9FhDVq2bIcKPVT4-LNeLhleMtsU.roa Signing time: Thu 01 Jan 2026 22:19:35 +0000 ROA not before: Thu 01 Jan 2026 22:19:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 10099 IP address blocks: 2a04:ac03::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.mft rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:15:e0:17:03:c7:b7:8c:84:c1:84:2a:73:06:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff Validity Not Before: Jan 1 22:19:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f4584356ad9b21c28f553e3e2cd78b86578cb6c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:f2:ba:3e:c3:0b:9c:f1:97:2b:d4:dd:a5:df: 0e:ca:52:bd:a3:1f:4a:fe:a0:2c:c9:e0:b1:32:04: b8:bd:c0:2a:24:dd:40:94:83:a2:db:41:63:cf:3a: 78:3e:0f:d0:3d:4a:ee:ab:ef:37:43:e9:3d:be:0e: f9:c2:55:b9:d1:de:ae:64:78:2f:8a:76:dc:25:53: 5b:c6:fb:3c:dd:55:84:fd:d9:7d:09:4f:41:44:f7: 34:8c:c1:9e:2f:a0:ef:3e:99:2b:0a:12:35:9d:f3: b6:3c:39:2b:f3:0f:4f:7e:e4:35:60:d4:d7:c0:9b: 6a:e1:3e:6d:4b:dd:6f:b7:9c:12:1e:56:e1:2e:dc: e9:e4:e7:de:95:7b:ab:96:d0:11:e3:60:91:d5:fa: da:a3:45:ad:99:5d:2b:3e:60:54:2d:a3:f3:3a:c9: 28:a4:ac:a2:35:22:e9:db:9b:43:e3:eb:f9:8d:12: ae:0f:24:31:74:3d:5c:34:37:18:fe:7b:89:81:b8: 6a:d3:9f:59:9b:ff:fc:1c:32:4a:ba:bc:c3:51:58: 2e:ff:0b:f4:87:4f:fa:0e:a6:43:a8:5e:39:be:13: ca:00:48:58:f7:ea:26:a5:53:24:c2:08:7a:65:7d: 39:a6:90:9a:f4:0f:70:23:f3:89:0f:02:a3:50:26: d4:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:58:43:56:AD:9B:21:C2:8F:55:3E:3E:2C:D7:8B:86:57:8C:B6:C5 X509v3 Authority Key Identifier: keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/9FhDVq2bIcKPVT4-LNeLhleMtsU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a04:ac03::/64 Signature Algorithm: sha256WithRSAEncryption b7:72:6d:fc:3c:c5:97:b0:52:0f:f4:d6:28:f5:dc:2a:b6:82: ea:db:5e:33:95:73:d9:7a:ba:4a:9f:af:35:6e:5c:fe:0d:34: eb:7e:c7:54:ad:69:ec:1f:a0:73:18:e9:30:7c:66:60:43:da: 46:94:23:6a:58:78:f8:b7:f1:6a:82:f6:d8:d1:61:2f:5e:f4: 10:7a:c9:3d:e4:b4:df:87:ba:04:20:92:ca:f3:33:08:07:67: c1:7a:be:ba:50:df:92:94:80:cf:2c:1a:23:99:b0:d2:c3:dc: 88:ae:52:1e:43:d2:47:7e:06:e0:ed:03:50:2d:7b:5b:92:36: 77:5e:fd:c0:f7:27:9d:a9:7f:8f:0b:80:3d:87:36:00:8e:71: b4:c2:05:3e:f6:89:a2:86:97:60:ef:7e:ab:61:0b:51:7d:5e: 7b:50:76:d1:1f:76:a1:7e:fe:90:71:fa:4e:57:97:86:a6:ff: 6b:b9:d6:77:88:8d:a1:55:86:fc:b6:5c:89:83:ac:f5:9e:d0: 9b:5e:c7:10:0e:28:b7:5a:e3:23:8c:7e:16:a2:cb:d7:0f:56: 82:69:d5:3c:10:18:3c:11:c2:6b:f0:f1:ab:59:88:16:f1:c5: 31:17:6a:72:fa:6a:b7:a3:03:d5:26:a3:d8:fa:ea:76:5f:3d: c3:80:24:11 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgISAZt7pRXgFwPHt4yEwYQqcwalMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz NmM0ZmYwHhcNMjYwMTAxMjIxOTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNDU4NDM1NmFkOWIyMWMyOGY1NTNlM2UyY2Q3OGI4NjU3OGNiNmM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfK6PsMLnPGXK9Tdpd8OylK9ox9K /qAsyeCxMgS4vcAqJN1AlIOi20Fjzzp4Pg/QPUruq+83Q+k9vg75wlW50d6uZHgv inbcJVNbxvs83VWE/dl9CU9BRPc0jMGeL6DvPpkrChI1nfO2PDkr8w9PfuQ1YNTX wJtq4T5tS91vt5wSHlbhLtzp5OfelXurltAR42CR1frao0WtmV0rPmBULaPzOsko pKyiNSLp25tD4+v5jRKuDyQxdD1cNDcY/nuJgbhq059Zm//8HDJKurzDUVgu/wv0 h0/6DqZDqF45vhPKAEhY9+ompVMkwgh6ZX05ppCa9A9wI/OJDwKjUCbUewIDAQAB o4ICDjCCAgowHQYDVR0OBBYEFPRYQ1atmyHCj1U+PizXi4ZXjLbFMB8GA1UdIwQY MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt ODg2MmI1MTczMTdjLzEvOUZoRFZxMmJJY0tQVlQ0LUxOZUxobGVNdHNVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAAjALAwkAKgSsAwAA AAAwDQYJKoZIhvcNAQELBQADggEBALdybfw8xZewUg/01ij13Cq2gurbXjOVc9l6 ukqfrzVuXP4NNOt+x1StaewfoHMY6TB8ZmBD2kaUI2pYePi38WqC9tjRYS9e9BB6 yT3ktN+HugQgksrzMwgHZ8F6vrpQ35KUgM8sGiOZsNLD3IiuUh5D0kd+BuDtA1At e1uSNnde/cD3J52pf48LgD2HNgCOcbTCBT72iaKGl2DvfqthC1F9XntQdtEfdqF+ /pBx+k5Xl4am/2u51neIjaFVhvy2XImDrPWe0JtexxAOKLda4yOMfhaiy9cPVoJp 1TwQGDwRwmvw8atZiBbxxTEXanL6arejA9Umo9j66nZfPcOAJBE= -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:43 2026 by rpki-client