This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/n_DU8ayGMsHeUdkTrzuKYMpaU_Q.roa File: n_DU8ayGMsHeUdkTrzuKYMpaU_Q.roa (raw, json) Hash identifier: KHioroc4KbkqEBK4timMsuRiTYXUbx4dAfmekQJR2xY= Subject key identifier: 9F:F0:D4:F1:AC:86:32:C1:DE:51:D9:13:AF:3B:8A:60:CA:5A:53:F4 Certificate issuer: /CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857 Certificate serial: 019B79EC926E5CBAD6DD9AC4BBCC418297A4 Authority key identifier: AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/n_DU8ayGMsHeUdkTrzuKYMpaU_Q.roa Signing time: Thu 01 Jan 2026 14:18:25 +0000 ROA not before: Thu 01 Jan 2026 14:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21221 IP address blocks: 2a03:7e0::/32 maxlen: 48 2a04:d9c0::/32 maxlen: 48 2a05:a640::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.mft rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:92:6e:5c:ba:d6:dd:9a:c4:bb:cc:41:82:97:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857 Validity Not Before: Jan 1 14:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9ff0d4f1ac8632c1de51d913af3b8a60ca5a53f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:a6:6e:c4:3c:38:ce:5a:c9:2b:ba:3d:97:6a: 78:68:56:1d:71:e8:54:99:aa:0a:a2:1b:3e:63:5a: b3:20:3f:20:42:cb:cb:54:2e:12:b6:bc:62:ee:0e: 03:12:78:1d:31:b4:f2:fe:47:bf:8f:4c:5b:98:35: 02:04:48:6c:b0:57:85:08:d3:91:47:b2:af:65:58: e5:87:2d:de:e2:69:b7:0d:51:4e:71:2b:ce:e6:89: a5:61:39:08:df:9f:a9:15:a3:d1:62:6c:81:4d:3a: d4:55:4a:ca:87:68:d3:93:c0:12:c4:48:c4:07:eb: 7b:6a:b7:a8:59:5d:05:4c:88:38:dc:7e:23:14:9d: 8f:61:20:f3:14:0b:df:12:16:80:5c:3c:eb:f2:3c: 7b:4a:6b:60:e5:66:7b:8b:a5:87:4d:4a:c1:c8:7b: fc:2f:6f:30:1b:8c:0a:95:d9:c0:0a:1b:8d:c8:e8: 04:ca:29:a0:b2:5b:a9:94:b3:a8:8f:07:eb:f5:55: 0f:2c:18:05:4c:30:8f:c8:f5:cb:04:cc:e0:ee:07: 43:62:40:30:7c:0b:1d:05:8c:a6:5c:97:f6:4e:a8: 82:c0:36:57:54:96:14:f6:72:59:31:f3:4f:40:62: 56:90:e5:09:c7:34:51:ea:8a:ac:bb:98:4c:b3:e4: 81:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:F0:D4:F1:AC:86:32:C1:DE:51:D9:13:AF:3B:8A:60:CA:5A:53:F4 X509v3 Authority Key Identifier: keyid:AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/n_DU8ayGMsHeUdkTrzuKYMpaU_Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:7e0::/32 2a04:d9c0::/32 2a05:a640::/29 Signature Algorithm: sha256WithRSAEncryption 87:c4:1b:6c:6e:b9:34:61:d5:12:ed:47:1d:13:0e:ce:bd:b3: b5:11:3d:fd:f1:50:30:1e:13:50:ab:9c:9c:bb:87:fe:c8:ec: a3:67:85:52:05:07:d0:32:2c:80:91:44:e7:91:ce:bb:52:59: f6:2b:f5:fe:d1:12:ae:b9:b8:e9:c7:72:b4:68:53:7d:ff:11: bf:8b:70:46:75:54:ce:2c:55:3d:14:57:a0:59:56:2d:5c:75: 8e:74:41:8d:84:e3:af:dc:20:cf:80:f1:14:36:d6:ce:4d:81: 0c:d1:b8:f2:10:45:21:9b:56:b6:7b:78:a2:f1:54:f3:67:f3: fc:a1:9e:bd:8b:26:ab:cb:e3:4e:c5:fe:4d:3e:2d:48:b6:18: 13:1d:83:76:0c:6e:7a:63:be:6d:c4:fc:65:09:20:22:d7:33: 4f:75:46:da:02:04:3a:b0:f5:e1:ca:0a:cc:92:bc:f6:61:d2: 53:f3:a3:11:6d:d0:46:85:56:64:93:20:ad:0a:86:f9:23:fb: 86:1f:5b:99:47:04:69:aa:e2:85:72:95:cc:02:08:10:b7:02: 53:17:63:40:43:e0:ff:08:1c:29:a7:ee:98:15:f9:65:4d:6a: 07:ce:d1:8f:e8:31:cf:36:b8:43:0d:1b:fe:bd:cb:a6:08:0d: ec:3f:83:e4 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt57JJuXLrW3ZrEu8xBgpekMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkMWQyYTU2MmM3ZGIyMTE1MWI0YTA5MjZiOGQ2ZmVlYWNl Zjg4NTcwHhcNMjYwMTAxMTQxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZmYwZDRmMWFjODYzMmMxZGU1MWQ5MTNhZjNiOGE2MGNhNWE1M2Y0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqZuxDw4zlrJK7o9l2p4aFYdcehU maoKohs+Y1qzID8gQsvLVC4Strxi7g4DEngdMbTy/ke/j0xbmDUCBEhssFeFCNOR R7KvZVjlhy3e4mm3DVFOcSvO5omlYTkI35+pFaPRYmyBTTrUVUrKh2jTk8ASxEjE B+t7areoWV0FTIg43H4jFJ2PYSDzFAvfEhaAXDzr8jx7Smtg5WZ7i6WHTUrByHv8 L28wG4wKldnAChuNyOgEyimgsluplLOojwfr9VUPLBgFTDCPyPXLBMzg7gdDYkAw fAsdBYymXJf2TqiCwDZXVJYU9nJZMfNPQGJWkOUJxzRR6oqsu5hMs+SBiwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJ/w1PGshjLB3lHZE687imDKWlP0MB8GA1UdIwQY MBaAFK0dKlYsfbIRUbSgkmuNb+6s74hXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDkt MzI5MzZjM2E0YTlkLzEvbl9EVThheUdNc0hlVWRrVHJ6dUtZTXBhVV9RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDktMzI5MzZjM2E0YTlk LzEvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgMH4AMF ACoE2cADBQMqBaZAMA0GCSqGSIb3DQEBCwUAA4IBAQCHxBtsbrk0YdUS7UcdEw7O vbO1ET398VAwHhNQq5ycu4f+yOyjZ4VSBQfQMiyAkUTnkc67Uln2K/X+0RKuubjp x3K0aFN9/xG/i3BGdVTOLFU9FFegWVYtXHWOdEGNhOOv3CDPgPEUNtbOTYEM0bjy EEUhm1a2e3ii8VTzZ/P8oZ69iyary+NOxf5NPi1IthgTHYN2DG56Y75txPxlCSAi 1zNPdUbaAgQ6sPXhygrMkrz2YdJT86MRbdBGhVZkkyCtCob5I/uGH1uZRwRpquKF cpXMAggQtwJTF2NAQ+D/CBwpp+6YFfllTWoHztGP6DHPNrhDDRv+vcumCA3sP4Pk -----END CERTIFICATE-----Generated at Sun Jan 25 22:47:06 2026 by rpki-client