This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/JjNsdw31mkopTJEXLbd7F3jftjY.roa File: JjNsdw31mkopTJEXLbd7F3jftjY.roa (raw, json) Hash identifier: DFuBhTTsIvaSw7xpZBBqOn0fJhT7O4EMyfeXK8BYOr4= Subject key identifier: 26:33:6C:77:0D:F5:9A:4A:29:4C:91:17:2D:B7:7B:17:78:DF:B6:36 Certificate issuer: /CN=0b1c6d0de70cc51805b63a5e2327622525d075b1 Certificate serial: 019B7DCA9D588B1826DB12433229CA35C3BF Authority key identifier: 0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/JjNsdw31mkopTJEXLbd7F3jftjY.roa Signing time: Fri 02 Jan 2026 08:19:49 +0000 ROA not before: Fri 02 Jan 2026 08:19:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 19637 IP address blocks: 2a02:ce8:54c::/48 maxlen: 48 2a02:ce8:5ba::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.mft rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:9d:58:8b:18:26:db:12:43:32:29:ca:35:c3:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b1c6d0de70cc51805b63a5e2327622525d075b1 Validity Not Before: Jan 2 08:19:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=26336c770df59a4a294c91172db77b1778dfb636 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:f8:79:76:22:88:f5:ce:b5:84:4c:a3:8a:bd: 4e:8e:17:e2:e9:47:6f:4a:e3:e4:54:a5:57:17:0c: 75:aa:98:a4:bb:e4:66:f2:9c:04:f6:2e:37:d7:2f: 4d:ad:c5:ed:bc:76:93:f0:df:da:88:3c:cd:7a:b3: 46:af:41:cb:1a:a3:57:8d:e9:04:07:11:72:8b:da: 1f:7b:54:f1:a6:2b:e9:fa:3f:ff:29:bd:05:de:0b: e3:3d:a2:ee:c4:54:e2:d1:fd:2a:6f:40:59:37:13: 21:98:51:1c:1c:a0:12:90:81:ff:72:72:2b:90:e5: 12:f2:d0:01:d6:48:e1:7e:5c:ae:1a:13:24:54:76: 9d:67:4f:20:47:24:13:77:e4:9c:a3:ca:5d:d2:a0: b3:82:8f:b9:eb:9c:03:46:71:6c:6f:19:ac:62:33: d0:2f:38:76:90:88:1e:7f:0c:f4:6a:0a:59:d0:30: 3f:76:54:40:5f:37:2d:23:fe:53:11:b5:fb:a8:68: 75:a9:c0:03:dd:8b:80:d9:fc:7c:f6:d6:3b:f9:f5: a5:1f:7d:5f:06:b4:3d:41:77:d4:58:68:81:80:de: 7c:68:61:e7:da:4b:89:ea:c8:4e:11:6a:1d:2a:07: d7:8b:5d:93:92:b4:4e:2d:58:ff:8c:ac:0f:97:ce: 1b:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:33:6C:77:0D:F5:9A:4A:29:4C:91:17:2D:B7:7B:17:78:DF:B6:36 X509v3 Authority Key Identifier: keyid:0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/JjNsdw31mkopTJEXLbd7F3jftjY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a02:ce8:54c::/48 2a02:ce8:5ba::/48 Signature Algorithm: sha256WithRSAEncryption 0e:f8:94:d9:2d:12:3d:8f:53:fe:55:dc:1e:11:64:b0:29:64: ac:cc:41:de:85:03:3c:94:32:eb:9a:cd:c7:82:c7:b7:ba:46: 7c:7e:b1:1f:30:2c:0e:7d:95:21:c4:f4:59:ef:98:8b:47:ed: 8d:15:57:d7:58:5a:4a:4d:66:f0:b5:94:3d:c9:c0:2d:7e:1b: 67:41:87:7d:e8:8b:1c:63:b7:fd:e0:86:96:cb:90:cb:77:95: a9:9b:a2:42:3c:fd:1a:43:3f:b4:9a:07:a3:eb:90:2d:1c:63: 83:45:98:6a:55:84:9d:da:6e:b8:ea:91:b6:30:66:8b:9e:29: 86:b8:e5:34:37:c2:de:d8:6c:7f:1e:f9:db:64:44:fa:3b:50: 82:0f:bb:e8:c7:b5:27:69:88:22:f2:fe:04:f5:38:09:c5:12: 6d:b8:32:38:f5:ad:05:30:28:45:87:f7:4c:5d:8a:31:e1:b2: 02:95:ac:f3:e2:52:5d:99:cf:59:93:bd:d0:22:ac:5d:bb:b2: c4:b8:ba:b8:d5:5c:5f:be:aa:0c:2c:44:26:68:e2:12:91:5c: 6e:d5:05:8a:f9:0a:03:9f:13:26:82:d4:f4:ec:c8:fd:e6:40: c3:cc:ee:48:38:9a:0a:31:11:b4:25:40:93:5b:18:f0:12:86: 2e:61:62:1a -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9yp1Yixgm2xJDMinKNcO/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiMWM2ZDBkZTcwY2M1MTgwNWI2M2E1ZTIzMjc2MjI1MjVk MDc1YjEwHhcNMjYwMTAyMDgxOTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNjMzNmM3NzBkZjU5YTRhMjk0YzkxMTcyZGI3N2IxNzc4ZGZiNjM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPh5diKI9c61hEyjir1Ojhfi6Udv SuPkVKVXFwx1qpiku+Rm8pwE9i431y9NrcXtvHaT8N/aiDzNerNGr0HLGqNXjekE BxFyi9ofe1Txpivp+j//Kb0F3gvjPaLuxFTi0f0qb0BZNxMhmFEcHKASkIH/cnIr kOUS8tAB1kjhflyuGhMkVHadZ08gRyQTd+Sco8pd0qCzgo+565wDRnFsbxmsYjPQ Lzh2kIgefwz0agpZ0DA/dlRAXzctI/5TEbX7qGh1qcAD3YuA2fx89tY7+fWlH31f BrQ9QXfUWGiBgN58aGHn2kuJ6shOEWodKgfXi12TkrROLVj/jKwPl84bfwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCYzbHcN9ZpKKUyRFy23exd437Y2MB8GA1UdIwQY MBaAFAscbQ3nDMUYBbY6XiMnYiUl0HWxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAt Zjc3NGYxZWFmYmZmLzEvSmpOc2R3MzFta29wVEpFWExiZDdGM2pmdGpZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAtZjc3NGYxZWFmYmZm LzEvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgIM6AVM AwcAKgIM6AW6MA0GCSqGSIb3DQEBCwUAA4IBAQAO+JTZLRI9j1P+VdweEWSwKWSs zEHehQM8lDLrms3Hgse3ukZ8frEfMCwOfZUhxPRZ75iLR+2NFVfXWFpKTWbwtZQ9 ycAtfhtnQYd96IscY7f94IaWy5DLd5Wpm6JCPP0aQz+0mgej65AtHGODRZhqVYSd 2m646pG2MGaLnimGuOU0N8Le2Gx/HvnbZET6O1CCD7vox7UnaYgi8v4E9TgJxRJt uDI49a0FMChFh/dMXYox4bIClazz4lJdmc9Zk73QIqxdu7LEuLq41VxfvqoMLEQm aOISkVxu1QWK+QoDnxMmgtT07Mj95kDDzO5IOJoKMRG0JUCTWxjwEoYuYWIa -----END CERTIFICATE-----Generated at Sun Jan 25 10:33:10 2026 by rpki-client