This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/uuyf9SL1IzQsxC4GwsHv2Aqvi6I.roa File: uuyf9SL1IzQsxC4GwsHv2Aqvi6I.roa (raw, json) Hash identifier: bWBF8Lzkc1fXhVOcL+v1lM3xBjFclLxIjyc/HWhj0fY= Subject key identifier: BA:EC:9F:F5:22:F5:23:34:2C:C4:2E:06:C2:C1:EF:D8:0A:AF:8B:A2 Certificate issuer: /CN=7d01a5d90dc3a836ceb6381efc7534e129f43a4c Certificate serial: 019B7DCB410CE294427359B4C50A5F23C005 Authority key identifier: 7D:01:A5:D9:0D:C3:A8:36:CE:B6:38:1E:FC:75:34:E1:29:F4:3A:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQGl2Q3DqDbOtjge_HU04Sn0Okw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/uuyf9SL1IzQsxC4GwsHv2Aqvi6I.roa Signing time: Fri 02 Jan 2026 08:20:30 +0000 ROA not before: Fri 02 Jan 2026 08:20:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5524 IP address blocks: 2001:67c:23b8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/fQGl2Q3DqDbOtjge_HU04Sn0Okw.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/fQGl2Q3DqDbOtjge_HU04Sn0Okw.mft rsync://rpki.ripe.net/repository/DEFAULT/fQGl2Q3DqDbOtjge_HU04Sn0Okw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:41:0c:e2:94:42:73:59:b4:c5:0a:5f:23:c0:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7d01a5d90dc3a836ceb6381efc7534e129f43a4c Validity Not Before: Jan 2 08:20:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=baec9ff522f523342cc42e06c2c1efd80aaf8ba2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:3b:f1:31:aa:ff:3d:d0:6c:c5:6a:7e:29:fd: 45:12:05:bc:f7:ce:11:df:05:ef:3d:21:3f:4b:4f: f9:4f:73:18:06:e5:0d:8f:ac:ef:86:39:70:b8:56: aa:9a:64:3d:c3:b9:0d:87:fc:40:50:5b:8a:c4:35: 32:50:a6:00:6a:3c:91:f2:5a:46:4c:c0:49:55:d7: ac:58:68:b2:62:76:84:a1:52:6c:6b:7a:94:5b:9a: 82:ca:86:a2:af:2a:b5:dd:8b:36:eb:dc:14:8c:6f: 66:10:a0:46:11:4b:a1:e2:69:a7:3b:84:cc:da:3b: d1:b0:79:e6:3f:21:3d:22:91:0e:22:b6:6a:1e:78: e7:b6:78:a7:38:3c:94:27:c7:aa:af:55:fe:c2:28: 44:fd:1b:89:07:85:3b:4b:8a:0c:96:aa:b8:de:78: 59:69:f2:ae:86:82:8b:a7:53:16:52:75:a4:fc:11: 60:c0:1e:6b:a5:4d:30:4b:29:c5:28:8e:70:8c:64: ad:8e:86:9b:e5:d3:af:79:cd:95:8b:6f:89:e2:e8: 28:ee:2e:77:13:10:d6:f6:32:a8:de:5d:92:dd:86: 84:b7:03:a6:e5:54:2e:71:38:c9:d0:e6:56:e9:fa: 28:ef:4e:3d:75:1d:a0:8f:6c:42:d6:51:83:f5:cc: 27:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:EC:9F:F5:22:F5:23:34:2C:C4:2E:06:C2:C1:EF:D8:0A:AF:8B:A2 X509v3 Authority Key Identifier: keyid:7D:01:A5:D9:0D:C3:A8:36:CE:B6:38:1E:FC:75:34:E1:29:F4:3A:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQGl2Q3DqDbOtjge_HU04Sn0Okw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/uuyf9SL1IzQsxC4GwsHv2Aqvi6I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/fQGl2Q3DqDbOtjge_HU04Sn0Okw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:23b8::/48 Signature Algorithm: sha256WithRSAEncryption 51:a6:31:7f:7d:15:3f:4a:bb:e8:6e:de:2d:d1:47:c8:87:9c: 32:22:9d:f7:e4:e7:04:65:28:23:b9:58:f6:1e:ba:49:7a:2c: bf:3a:c5:dc:1e:29:a6:16:83:5e:dc:ac:88:f4:7a:1d:80:fe: 48:14:53:04:53:c8:66:87:92:d8:2a:6e:ec:0b:f4:b8:c6:47: fb:63:d8:8a:6a:c1:76:cb:db:cc:06:85:bf:fd:5e:a2:92:ec: c0:4f:5a:9a:a9:9c:f8:75:2e:aa:0d:5f:71:d6:50:c2:48:c4: 56:28:e1:ab:27:32:8d:30:fc:ab:df:4a:44:f4:d1:98:4c:76: e8:83:32:b0:df:90:47:67:75:9c:45:08:80:6e:0e:7b:25:21: e5:83:93:55:9f:94:19:d1:d1:9a:4c:f4:73:69:58:dc:7f:5e: 7c:3e:2a:95:92:30:3b:49:34:c3:59:c1:4f:49:ee:4d:35:24: 00:9b:43:a9:32:29:40:61:ac:f2:57:f8:13:65:6e:9e:03:67: 23:69:0a:b7:76:60:b5:35:11:af:d3:03:5e:54:22:73:7e:e4: 78:cf:e9:25:ba:e0:1c:60:26:23:81:b7:8e:a4:bb:de:74:4b: 9f:14:0d:33:b6:81:69:7e:2a:14:16:a7:54:93:42:bb:75:7b: e7:b8:8e:13 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9y0EM4pRCc1m0xQpfI8AFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkMDFhNWQ5MGRjM2E4MzZjZWI2MzgxZWZjNzUzNGUxMjlm NDNhNGMwHhcNMjYwMTAyMDgyMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYWVjOWZmNTIyZjUyMzM0MmNjNDJlMDZjMmMxZWZkODBhYWY4YmEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjvxMar/PdBsxWp+Kf1FEgW8984R 3wXvPSE/S0/5T3MYBuUNj6zvhjlwuFaqmmQ9w7kNh/xAUFuKxDUyUKYAajyR8lpG TMBJVdesWGiyYnaEoVJsa3qUW5qCyoairyq13Ys269wUjG9mEKBGEUuh4mmnO4TM 2jvRsHnmPyE9IpEOIrZqHnjntninODyUJ8eqr1X+wihE/RuJB4U7S4oMlqq43nhZ afKuhoKLp1MWUnWk/BFgwB5rpU0wSynFKI5wjGStjoab5dOvec2Vi2+J4ugo7i53 ExDW9jKo3l2S3YaEtwOm5VQucTjJ0OZW6foo7049dR2gj2xC1lGD9cwn4QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFLrsn/Ui9SM0LMQuBsLB79gKr4uiMB8GA1UdIwQY MBaAFH0BpdkNw6g2zrY4Hvx1NOEp9DpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZlFHbDJRM0RxRGJPdGpnZV9IVTA0U24wT2t3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMWIwMDctYTA4Ni00MzEyLTlkMjMt NjJmNjY2NDczYjIxLzEvdXV5ZjlTTDFJelFzeEM0R3dzSHYyQXF2aTZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi8yMWIwMDctYTA4Ni00MzEyLTlkMjMtNjJmNjY2NDczYjIx LzEvZlFHbDJRM0RxRGJPdGpnZV9IVTA0U24wT2t3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCO4 MA0GCSqGSIb3DQEBCwUAA4IBAQBRpjF/fRU/Srvobt4t0UfIh5wyIp335OcEZSgj uVj2HrpJeiy/OsXcHimmFoNe3KyI9HodgP5IFFMEU8hmh5LYKm7sC/S4xkf7Y9iK asF2y9vMBoW//V6ikuzAT1qaqZz4dS6qDV9x1lDCSMRWKOGrJzKNMPyr30pE9NGY THbogzKw35BHZ3WcRQiAbg57JSHlg5NVn5QZ0dGaTPRzaVjcf158PiqVkjA7STTD WcFPSe5NNSQAm0OpMilAYazyV/gTZW6eA2cjaQq3dmC1NRGv0wNeVCJzfuR4z+kl uuAcYCYjgbeOpLvedEufFA0ztoFpfioUFqdUk0K7dXvnuI4T -----END CERTIFICATE-----Generated at Mon Jan 26 02:07:52 2026 by rpki-client