This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/l0q8XWJ1Kq-tzhNgucWKrkROmtg.roa File: l0q8XWJ1Kq-tzhNgucWKrkROmtg.roa (raw, json) Hash identifier: 6lWXlqZNdk+BzRRkFfjQUwCi/8dW4M9stYINXvYCgl8= Subject key identifier: 97:4A:BC:5D:62:75:2A:AF:AD:CE:13:60:B9:C5:8A:AE:44:4E:9A:D8 Certificate issuer: /CN=4c39055a6990b82408cf1abf29313780e249a4c9 Certificate serial: 019B79ECD09BA10C5A3660FD9197C1058147 Authority key identifier: 4C:39:05:5A:69:90:B8:24:08:CF:1A:BF:29:31:37:80:E2:49:A4:C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDkFWmmQuCQIzxq_KTE3gOJJpMk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/l0q8XWJ1Kq-tzhNgucWKrkROmtg.roa Signing time: Thu 01 Jan 2026 14:18:41 +0000 ROA not before: Thu 01 Jan 2026 14:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 26911 IP address blocks: 2a0e:c1c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/TDkFWmmQuCQIzxq_KTE3gOJJpMk.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/TDkFWmmQuCQIzxq_KTE3gOJJpMk.mft rsync://rpki.ripe.net/repository/DEFAULT/TDkFWmmQuCQIzxq_KTE3gOJJpMk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:d0:9b:a1:0c:5a:36:60:fd:91:97:c1:05:81:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4c39055a6990b82408cf1abf29313780e249a4c9 Validity Not Before: Jan 1 14:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=974abc5d62752aafadce1360b9c58aae444e9ad8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:0d:b9:a0:40:49:aa:0d:5e:33:ac:ed:d2:11: 5c:d1:b9:19:c2:96:f3:3d:df:d0:3a:de:a7:f6:6f: 30:38:4c:d7:cd:fc:bf:a7:39:cb:d5:90:71:76:46: 5d:df:64:8c:53:42:b0:6b:0e:ba:8f:aa:2e:b7:60: 0d:2d:b2:b2:a7:81:df:44:f0:6a:c9:f3:bd:9d:0e: 28:cd:59:fc:62:36:3e:3e:ae:82:ce:b7:00:28:81: bc:c5:0b:56:21:00:69:ce:54:eb:db:ce:77:0f:56: e2:d6:34:9f:bb:df:0c:86:0b:24:b7:47:06:86:20: 54:88:a4:d4:4f:6b:4f:f8:4a:38:51:f4:e2:6a:05: 2a:d9:f8:c3:24:1c:9f:5c:29:7c:9f:2c:40:1c:66: ad:9b:8f:64:ff:d9:88:31:66:30:b2:3f:6f:71:da: 12:c9:79:01:00:05:09:3f:91:20:7e:c4:5a:36:cd: 9a:65:06:98:19:89:71:6b:63:24:f2:1d:9c:d3:95: e0:ee:7e:9e:67:47:45:62:09:74:d3:8d:fc:5b:3f: cb:ce:44:dc:8b:30:55:10:99:c9:72:4f:b4:81:af: c2:99:d1:6c:e7:81:3f:bf:b8:4e:53:69:01:9d:01: a9:19:df:d2:6c:ef:b3:c9:e2:66:08:41:80:1a:fd: 09:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:4A:BC:5D:62:75:2A:AF:AD:CE:13:60:B9:C5:8A:AE:44:4E:9A:D8 X509v3 Authority Key Identifier: keyid:4C:39:05:5A:69:90:B8:24:08:CF:1A:BF:29:31:37:80:E2:49:A4:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDkFWmmQuCQIzxq_KTE3gOJJpMk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/l0q8XWJ1Kq-tzhNgucWKrkROmtg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/TDkFWmmQuCQIzxq_KTE3gOJJpMk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:c1c0::/29 Signature Algorithm: sha256WithRSAEncryption 4a:06:f9:eb:4a:b3:5e:ad:23:2b:41:ac:93:7d:c4:12:fd:a8: 2d:cf:51:39:7b:97:88:1a:39:93:e5:e0:ad:bc:87:66:e3:ec: 21:a6:ed:1b:9f:01:e2:fc:51:0a:3c:ba:46:86:98:60:81:c4: 61:0d:b1:27:04:2d:45:5b:2c:61:94:3f:46:26:d1:db:39:72: 39:15:b6:d9:08:a1:e9:ae:05:55:31:bb:96:2c:5e:d0:b2:46: 5f:50:07:1b:1c:5a:f5:33:a7:04:b6:91:76:9a:15:18:72:78: 67:f0:78:64:01:78:56:a0:77:84:be:f5:94:2a:a0:50:e7:ba: 32:52:3b:63:f3:e2:02:6b:67:0c:58:f8:e6:14:8a:a4:cd:72: f5:e8:29:0f:8c:8d:0a:3a:93:bb:57:5b:a5:6c:90:15:29:aa: c9:f4:f1:5e:ee:8c:10:e1:35:32:f6:7a:dd:01:7e:d5:91:2d: 84:7b:95:97:1b:5c:51:95:7b:2d:0c:33:03:e9:69:9a:ce:44: 0e:d3:24:37:a5:bf:c6:11:cf:4d:01:55:2c:44:f1:6f:e3:46: 3f:ab:7a:35:7c:55:89:3f:36:ca:45:66:0a:32:c6:ad:84:78: fe:54:95:46:3f:02:f9:98:53:0a:11:8c:40:c1:e7:63:d9:b8: a1:23:2d:3f -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt57NCboQxaNmD9kZfBBYFHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjMzkwNTVhNjk5MGI4MjQwOGNmMWFiZjI5MzEzNzgwZTI0 OWE0YzkwHhcNMjYwMTAxMTQxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NzRhYmM1ZDYyNzUyYWFmYWRjZTEzNjBiOWM1OGFhZTQ0NGU5YWQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg25oEBJqg1eM6zt0hFc0bkZwpbz Pd/QOt6n9m8wOEzXzfy/pznL1ZBxdkZd32SMU0Kwaw66j6out2ANLbKyp4HfRPBq yfO9nQ4ozVn8YjY+Pq6CzrcAKIG8xQtWIQBpzlTr2853D1bi1jSfu98Mhgskt0cG hiBUiKTUT2tP+Eo4UfTiagUq2fjDJByfXCl8nyxAHGatm49k/9mIMWYwsj9vcdoS yXkBAAUJP5EgfsRaNs2aZQaYGYlxa2Mk8h2c05Xg7n6eZ0dFYgl00438Wz/LzkTc izBVEJnJck+0ga/CmdFs54E/v7hOU2kBnQGpGd/SbO+zyeJmCEGAGv0JaQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFJdKvF1idSqvrc4TYLnFiq5ETprYMB8GA1UdIwQY MBaAFEw5BVppkLgkCM8avykxN4DiSaTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVERrRldtbVF1Q1FJenhxX0tURTNnT0pKcE1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kZjZlMjUtOTIzYy00ODM4LTg2NGYt ZDRiMzdlNDRhYjdjLzEvbDBxOFhXSjFLcS10emhOZ3VjV0tya1JPbXRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy9kZjZlMjUtOTIzYy00ODM4LTg2NGYtZDRiMzdlNDRhYjdj LzEvVERrRldtbVF1Q1FJenhxX0tURTNnT0pKcE1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg7BwDAN BgkqhkiG9w0BAQsFAAOCAQEASgb560qzXq0jK0Gsk33EEv2oLc9ROXuXiBo5k+Xg rbyHZuPsIabtG58B4vxRCjy6RoaYYIHEYQ2xJwQtRVssYZQ/RibR2zlyORW22Qih 6a4FVTG7lixe0LJGX1AHGxxa9TOnBLaRdpoVGHJ4Z/B4ZAF4VqB3hL71lCqgUOe6 MlI7Y/PiAmtnDFj45hSKpM1y9egpD4yNCjqTu1dbpWyQFSmqyfTxXu6MEOE1MvZ6 3QF+1ZEthHuVlxtcUZV7LQwzA+lpms5EDtMkN6W/xhHPTQFVLETxb+NGP6t6NXxV iT82ykVmCjLGrYR4/lSVRj8C+ZhTChGMQMHnY9m4oSMtPw== -----END CERTIFICATE-----Generated at Sun Jan 25 23:04:26 2026 by rpki-client