This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/DdnrFMVJaCyL71PqpfIa-rq-_TE.roa File: DdnrFMVJaCyL71PqpfIa-rq-_TE.roa (raw, json) Hash identifier: xbl0A24iKpXHLs/IpPryN8K2fvu9yKQgN1UENAxstjo= Subject key identifier: 0D:D9:EB:14:C5:49:68:2C:8B:EF:53:EA:A5:F2:1A:FA:BA:BE:FD:31 Certificate issuer: /CN=0b1c6d0de70cc51805b63a5e2327622525d075b1 Certificate serial: 019AA20A9A67BCE4FB368DF36D80FA3A8139 Authority key identifier: 0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/DdnrFMVJaCyL71PqpfIa-rq-_TE.roa Signing time: Thu 20 Nov 2025 16:13:15 +0000 ROA not before: Thu 20 Nov 2025 16:13:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 202940 IP address blocks: 2a02:ce8:556::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.mft rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a2:0a:9a:67:bc:e4:fb:36:8d:f3:6d:80:fa:3a:81:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b1c6d0de70cc51805b63a5e2327622525d075b1 Validity Not Before: Nov 20 16:13:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=0dd9eb14c549682c8bef53eaa5f21afababefd31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a2:16:ec:fa:f2:b8:af:f3:21:8a:16:92:f6: 51:e8:21:bb:e2:e8:9d:0d:a8:b0:42:9d:df:66:af: 95:9f:e6:ee:69:32:5c:29:7d:a2:0a:97:b4:37:0c: 37:78:90:31:8f:8f:d6:3a:cb:ec:4f:be:92:c7:b2: 28:19:8b:4a:54:b7:e8:1e:a5:b8:67:92:22:e2:c8: 6e:f0:75:41:f4:8e:94:fe:00:01:ed:9f:b7:76:1b: b1:af:73:7a:87:23:73:83:76:42:c6:4b:41:a3:0f: ad:98:94:0c:3b:c2:d1:1b:ee:b1:c5:3d:77:fb:3e: 4e:8f:8e:81:3c:72:15:32:79:09:55:94:a1:37:4f: ff:6c:fe:f3:7d:73:cd:67:22:dd:5d:04:38:3e:03: 18:20:89:f9:1b:79:d1:dd:c9:f4:38:d8:65:29:90: c9:46:96:49:92:95:4f:c9:3f:fa:0c:1f:bd:3f:e9: 7d:6f:c9:a7:75:44:54:ea:f4:08:72:cf:58:ba:ff: ff:32:d0:48:14:52:d6:42:bd:35:45:a3:92:86:16: c3:f3:c4:90:8f:7b:74:31:d0:6c:7b:9a:24:b2:e4: 20:6c:0a:d7:a7:2a:fd:9c:b6:a9:32:6d:7c:e7:8e: ca:91:b5:17:8a:ec:bd:df:f6:7b:72:a0:80:d0:03: 53:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:D9:EB:14:C5:49:68:2C:8B:EF:53:EA:A5:F2:1A:FA:BA:BE:FD:31 X509v3 Authority Key Identifier: keyid:0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/DdnrFMVJaCyL71PqpfIa-rq-_TE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a02:ce8:556::/48 Signature Algorithm: sha256WithRSAEncryption 01:19:bb:bd:94:48:be:49:6a:5b:bc:d2:15:b1:15:67:bb:ab: 3e:bd:a0:62:92:f2:b3:cd:4b:61:d0:24:a5:b7:6b:28:ec:de: c2:0c:bd:6d:e1:5b:92:ca:f4:f6:54:4c:82:25:c2:bb:9b:e7: 7e:b9:5d:73:fb:eb:5c:f0:65:bf:44:72:31:7f:96:9f:a4:99: d0:bd:7d:d1:90:96:86:00:29:1a:a4:0d:83:f1:2d:dc:6c:de: 0a:07:40:6e:65:d1:52:50:28:98:fb:e3:19:77:4e:a9:c6:e2: 02:30:dd:49:cc:91:56:41:74:8f:5d:ea:c3:e8:14:35:9d:99: 13:e4:08:5d:cc:3a:64:6d:f8:ac:00:11:8e:a6:cc:d1:12:11: de:eb:b0:c5:d9:5c:d0:8e:8f:c4:6e:b7:f5:21:5a:8b:f6:ec: 26:6b:2e:0a:2c:b2:52:08:37:5d:a9:32:25:ed:62:55:02:bb: 35:03:f3:a1:e8:09:8f:29:0f:b0:b9:fb:93:c9:8c:79:50:d5: 6c:2d:a0:61:d3:6c:da:9a:cf:10:c0:fd:18:8a:e3:16:c4:07: 90:52:7b:3c:dc:a2:e1:db:4b:a1:bd:7a:38:68:b2:fc:05:69: e9:2e:1c:ae:fa:de:04:08:bc:c5:91:24:79:1c:2b:1a:7c:20: ef:59:e4:f2 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZqiCppnvOT7No3zbYD6OoE5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiMWM2ZDBkZTcwY2M1MTgwNWI2M2E1ZTIzMjc2MjI1MjVk MDc1YjEwHhcNMjUxMTIwMTYxMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZGQ5ZWIxNGM1NDk2ODJjOGJlZjUzZWFhNWYyMWFmYWJhYmVmZDMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6IW7PryuK/zIYoWkvZR6CG74uid DaiwQp3fZq+Vn+buaTJcKX2iCpe0Nww3eJAxj4/WOsvsT76Sx7IoGYtKVLfoHqW4 Z5Ii4shu8HVB9I6U/gAB7Z+3dhuxr3N6hyNzg3ZCxktBow+tmJQMO8LRG+6xxT13 +z5Oj46BPHIVMnkJVZShN0//bP7zfXPNZyLdXQQ4PgMYIIn5G3nR3cn0ONhlKZDJ RpZJkpVPyT/6DB+9P+l9b8mndURU6vQIcs9Yuv//MtBIFFLWQr01RaOShhbD88SQ j3t0MdBse5oksuQgbArXpyr9nLapMm18547KkbUXiuy93/Z7cqCA0ANTPwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFA3Z6xTFSWgsi+9T6qXyGvq6vv0xMB8GA1UdIwQY MBaAFAscbQ3nDMUYBbY6XiMnYiUl0HWxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAt Zjc3NGYxZWFmYmZmLzEvRGRuckZNVkphQ3lMNzFQcXBmSWEtcnEtX1RFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAtZjc3NGYxZWFmYmZm LzEvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIM6AVW MA0GCSqGSIb3DQEBCwUAA4IBAQABGbu9lEi+SWpbvNIVsRVnu6s+vaBikvKzzUth 0CSlt2so7N7CDL1t4VuSyvT2VEyCJcK7m+d+uV1z++tc8GW/RHIxf5afpJnQvX3R kJaGACkapA2D8S3cbN4KB0BuZdFSUCiY++MZd06pxuICMN1JzJFWQXSPXerD6BQ1 nZkT5AhdzDpkbfisABGOpszREhHe67DF2VzQjo/Ebrf1IVqL9uwmay4KLLJSCDdd qTIl7WJVArs1A/Oh6AmPKQ+wufuTyYx5UNVsLaBh02zams8QwP0YiuMWxAeQUns8 3KLh20uhvXo4aLL8BWnpLhyu+t4ECLzFkSR5HCsafCDvWeTy -----END CERTIFICATE-----Generated at Sat Dec 6 17:18:06 2025 by rpki-client