This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/0I00I8J66neTXe4iZZcrlFXaZ8U.roa File: 0I00I8J66neTXe4iZZcrlFXaZ8U.roa (raw, json) Hash identifier: coA5RtPDBJN+kY2dT0FgtVFZYsCgYcbOym4tHbbuY/Y= Subject key identifier: D0:8D:34:23:C2:7A:EA:77:93:5D:EE:22:65:97:2B:94:55:DA:67:C5 Certificate issuer: /CN=093509e7ec68fe2d943407d5dd126a0f596f2ab5 Certificate serial: 019B7E3751236AE5B432ABE88C91C0564ACE Authority key identifier: 09:35:09:E7:EC:68:FE:2D:94:34:07:D5:DD:12:6A:0F:59:6F:2A:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/0I00I8J66neTXe4iZZcrlFXaZ8U.roa Signing time: Fri 02 Jan 2026 10:18:33 +0000 ROA not before: Fri 02 Jan 2026 10:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47959 IP address blocks: 2a00:1b80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.crl rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.mft rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:51:23:6a:e5:b4:32:ab:e8:8c:91:c0:56:4a:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093509e7ec68fe2d943407d5dd126a0f596f2ab5 Validity Not Before: Jan 2 10:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d08d3423c27aea77935dee2265972b9455da67c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:08:32:db:8a:59:a4:87:70:a7:e6:28:87:d9: 1a:f1:73:ba:34:7e:c3:7d:e8:f0:fa:d5:5d:84:4d: b2:fa:85:bb:2f:af:90:38:5e:8d:44:e6:fb:04:56: f6:83:e0:0e:db:75:e1:74:09:ba:b6:48:f8:2e:3d: 70:3e:40:96:c5:21:c3:a0:de:9b:c9:67:ea:15:fd: a3:37:e7:40:f8:e8:40:b5:7b:0b:1a:86:87:ba:b3: f7:9b:71:25:3f:f4:0c:85:5f:cb:18:f9:6c:ec:83: b7:2a:53:b5:ec:dd:da:5f:96:ee:c5:5e:86:89:72: 0c:99:92:76:04:43:bf:e3:30:1a:d2:f4:8d:fb:e3: 6a:3e:2a:5e:5a:ee:50:c6:f8:78:bc:8b:03:b9:32: 72:46:0c:9e:e6:66:7c:8e:3f:8e:cc:c9:e3:2f:7a: 13:ac:dd:28:91:23:35:5c:2b:69:cf:41:6a:df:a9: 46:72:aa:e5:c7:cc:3d:02:b6:82:b2:72:69:62:bc: 1b:3f:66:3d:a4:65:03:2d:df:79:da:f1:c4:9a:c6: 7c:65:27:b8:eb:8d:a0:74:4e:19:65:24:17:3d:4c: 68:93:db:63:a8:e6:4e:d4:a6:f7:a6:4a:1e:e0:9d: 11:00:a5:02:6c:cf:d0:4a:90:99:97:7a:3b:75:5f: 91:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:8D:34:23:C2:7A:EA:77:93:5D:EE:22:65:97:2B:94:55:DA:67:C5 X509v3 Authority Key Identifier: keyid:09:35:09:E7:EC:68:FE:2D:94:34:07:D5:DD:12:6A:0F:59:6F:2A:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/0I00I8J66neTXe4iZZcrlFXaZ8U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:1b80::/29 Signature Algorithm: sha256WithRSAEncryption 5d:fe:6e:7a:7e:f8:2a:01:a5:43:13:bf:a3:05:e0:02:ac:4a: 5b:cb:34:f9:a1:50:2a:2c:c2:1a:5d:d1:bb:d2:a2:ca:d9:78: a6:bc:bb:0c:03:3d:d1:a5:2a:5c:b7:36:15:05:79:ab:8f:c7: 32:8c:49:49:00:8c:29:32:39:a5:b5:50:8b:f7:b6:21:c0:bd: f6:3d:17:ab:90:4e:ac:fd:d3:58:1a:03:7c:60:6e:bd:2f:ba: c6:26:64:cf:a8:98:66:13:8d:49:9c:c8:85:39:a8:d7:d1:ee: a1:53:89:43:5d:8d:0d:59:00:4a:e5:91:97:b2:5f:f4:30:41: db:95:4f:a4:ba:91:23:4f:03:39:7a:31:61:00:61:76:ef:ae: 50:f3:26:fe:0f:a3:60:8c:1a:ca:47:18:a4:23:1d:7c:44:9c: f8:80:29:14:b1:fe:70:c5:b2:09:6a:d4:e6:42:dc:a5:0a:c6: de:4d:33:71:3e:33:9e:e8:3d:fa:bc:c4:69:44:96:5f:50:d4: a0:89:bb:2d:e9:ae:0e:75:df:ca:33:15:d3:cd:83:b9:d4:28: 0d:22:9e:ec:cd:88:d3:30:b5:63:16:47:9c:18:0d:17:bf:62: 62:46:11:5c:ed:29:68:68:b4:47:3d:3f:e3:95:73:7e:b8:9f: d9:f1:73:82 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt+N1EjauW0MqvojJHAVkrOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzUwOWU3ZWM2OGZlMmQ5NDM0MDdkNWRkMTI2YTBmNTk2 ZjJhYjUwHhcNMjYwMTAyMTAxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMDhkMzQyM2MyN2FlYTc3OTM1ZGVlMjI2NTk3MmI5NDU1ZGE2N2M1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkggy24pZpIdwp+Yoh9ka8XO6NH7D fejw+tVdhE2y+oW7L6+QOF6NROb7BFb2g+AO23XhdAm6tkj4Lj1wPkCWxSHDoN6b yWfqFf2jN+dA+OhAtXsLGoaHurP3m3ElP/QMhV/LGPls7IO3KlO17N3aX5buxV6G iXIMmZJ2BEO/4zAa0vSN++NqPipeWu5Qxvh4vIsDuTJyRgye5mZ8jj+OzMnjL3oT rN0okSM1XCtpz0Fq36lGcqrlx8w9AraCsnJpYrwbP2Y9pGUDLd952vHEmsZ8ZSe4 642gdE4ZZSQXPUxok9tjqOZO1Kb3pkoe4J0RAKUCbM/QSpCZl3o7dV+RlwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFNCNNCPCeup3k13uImWXK5RV2mfFMB8GA1UdIwQY MBaAFAk1CefsaP4tlDQH1d0Sag9Zbyq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1RVSjUteG9faTJVTkFmVjNSSnFEMWx2S3JVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9kZmI5NGMtZmRmNC00OTcyLTlhZDgt N2Q2OTczMzcxMzdiLzEvMEkwMEk4SjY2bmVUWGU0aVpaY3JsRlhhWjhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9kZmI5NGMtZmRmNC00OTcyLTlhZDgtN2Q2OTczMzcxMzdi LzEvQ1RVSjUteG9faTJVTkFmVjNSSnFEMWx2S3JVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgAbgDAN BgkqhkiG9w0BAQsFAAOCAQEAXf5uen74KgGlQxO/owXgAqxKW8s0+aFQKizCGl3R u9Kiytl4pry7DAM90aUqXLc2FQV5q4/HMoxJSQCMKTI5pbVQi/e2IcC99j0Xq5BO rP3TWBoDfGBuvS+6xiZkz6iYZhONSZzIhTmo19HuoVOJQ12NDVkASuWRl7Jf9DBB 25VPpLqRI08DOXoxYQBhdu+uUPMm/g+jYIwaykcYpCMdfESc+IApFLH+cMWyCWrU 5kLcpQrG3k0zcT4znug9+rzEaUSWX1DUoIm7LemuDnXfyjMV082DudQoDSKe7M2I 0zC1YxZHnBgNF79iYkYRXO0paGi0Rz0/45Vzfrif2fFzgg== -----END CERTIFICATE-----Generated at Sun Jan 25 21:33:38 2026 by rpki-client