This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/28aRdczFMy_NGN1l2BbHpUWcrsw.roa File: 28aRdczFMy_NGN1l2BbHpUWcrsw.roa (raw, json) Hash identifier: bMy6fvXop3dbRIfN9XbRZ3EVtlEMOV2r+B3tLBXy9NY= Subject key identifier: DB:C6:91:75:CC:C5:33:2F:CD:18:DD:65:D8:16:C7:A5:45:9C:AE:CC Certificate issuer: /CN=dfb8ff2f3a0bfc41eadc18af9e52acd100524149 Certificate serial: 019B7A5AEA35548126DDEEB438CA2E62C66E Authority key identifier: DF:B8:FF:2F:3A:0B:FC:41:EA:DC:18:AF:9E:52:AC:D1:00:52:41:49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/28aRdczFMy_NGN1l2BbHpUWcrsw.roa Signing time: Thu 01 Jan 2026 16:18:57 +0000 ROA not before: Thu 01 Jan 2026 16:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51219 IP address blocks: 2a0a:2b00::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/37j_LzoL_EHq3BivnlKs0QBSQUk.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/37j_LzoL_EHq3BivnlKs0QBSQUk.mft rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:ea:35:54:81:26:dd:ee:b4:38:ca:2e:62:c6:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dfb8ff2f3a0bfc41eadc18af9e52acd100524149 Validity Not Before: Jan 1 16:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dbc69175ccc5332fcd18dd65d816c7a5459caecc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:4d:8a:32:dd:b5:12:32:3b:e3:5d:ea:9d:e0: cf:17:fd:af:be:84:63:ce:67:c4:40:e9:fd:db:5d: 8d:8a:bc:9d:4b:12:27:af:f3:36:62:a4:97:ef:7a: b3:9d:78:f6:cf:d3:73:7c:5d:47:a6:6b:c8:d2:e5: a7:4f:92:cf:61:11:cd:39:ae:47:93:4a:61:c3:e6: 55:35:62:9e:de:41:f0:9f:e5:7c:f1:94:ae:02:eb: 9e:b1:6e:93:1b:86:2f:f6:42:7e:1b:f5:0e:fd:c2: c2:16:bd:bf:0c:29:eb:e7:58:ac:dc:e7:c3:85:27: 02:a1:37:05:a2:f0:3e:53:7a:9d:f3:b3:0c:22:ad: 07:3f:da:58:e5:0a:6c:93:9f:b1:4e:8e:f2:63:2c: 39:5f:15:67:11:22:b9:c5:93:06:14:37:cb:fe:08: b7:48:a2:1c:8c:32:a7:a4:1a:cb:e5:11:76:11:6f: f3:a9:2d:b8:2c:55:fa:a2:a8:e5:25:45:69:bc:b8: 00:9e:69:91:15:c3:2d:e7:33:0f:e9:ef:0d:83:85: 02:cb:e2:18:4f:6c:e8:ba:62:9b:0c:99:8a:50:8b: e1:b3:85:46:63:79:9e:7c:38:f1:29:f1:18:93:e1: 37:98:08:25:38:62:3b:15:4c:a7:f2:77:56:96:cb: ac:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:C6:91:75:CC:C5:33:2F:CD:18:DD:65:D8:16:C7:A5:45:9C:AE:CC X509v3 Authority Key Identifier: keyid:DF:B8:FF:2F:3A:0B:FC:41:EA:DC:18:AF:9E:52:AC:D1:00:52:41:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/28aRdczFMy_NGN1l2BbHpUWcrsw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/37j_LzoL_EHq3BivnlKs0QBSQUk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:2b00::/32 Signature Algorithm: sha256WithRSAEncryption 6c:86:15:ce:bc:9d:d8:eb:6c:80:ef:c4:9b:e7:46:90:64:14: b8:4a:70:2f:8c:10:15:9a:f9:01:cb:5d:e7:d2:81:95:12:f9: 49:c2:5b:7b:09:aa:f4:b1:b2:9e:41:06:8d:03:28:2f:b1:49: d1:83:46:10:ef:8f:b9:af:74:08:68:32:47:ab:c9:f6:3c:de: 5c:0d:e1:f4:d4:f3:c3:a9:85:07:a3:26:1a:db:3c:db:73:a6: 61:27:87:75:02:61:4d:47:13:04:6f:e7:83:17:d8:4f:e5:eb: 34:fd:db:3d:4c:91:b6:b8:0d:56:ee:da:67:5e:82:74:99:ff: 4a:e5:a2:55:7e:20:dc:19:db:92:c1:1c:b9:fa:b9:8f:ac:69: d1:ed:10:27:75:07:58:92:90:21:f4:70:8b:5d:fa:2d:6d:a1: 47:bd:dd:8b:f7:45:2f:be:70:60:d5:9b:f4:dd:1d:6e:df:8d: 84:07:78:92:4f:86:32:cc:ec:d1:12:ee:9d:bc:e6:0d:d4:82: a5:c8:f0:0e:54:08:4e:e7:a7:0b:7d:73:db:0e:4c:41:cd:10: 02:90:83:e6:c7:5c:b8:24:0b:a9:68:16:f6:97:49:f5:27:2c: a1:56:f7:c6:47:b4:98:69:bf:19:c7:ae:2b:f8:9a:68:18:5d: af:44:f9:f9 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt6Wuo1VIEm3e60OMouYsZuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmYjhmZjJmM2EwYmZjNDFlYWRjMThhZjllNTJhY2QxMDA1 MjQxNDkwHhcNMjYwMTAxMTYxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYmM2OTE3NWNjYzUzMzJmY2QxOGRkNjVkODE2YzdhNTQ1OWNhZWNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk2KMt21EjI7413qneDPF/2vvoRj zmfEQOn9212NirydSxInr/M2YqSX73qznXj2z9NzfF1HpmvI0uWnT5LPYRHNOa5H k0phw+ZVNWKe3kHwn+V88ZSuAuuesW6TG4Yv9kJ+G/UO/cLCFr2/DCnr51is3OfD hScCoTcFovA+U3qd87MMIq0HP9pY5Qpsk5+xTo7yYyw5XxVnESK5xZMGFDfL/gi3 SKIcjDKnpBrL5RF2EW/zqS24LFX6oqjlJUVpvLgAnmmRFcMt5zMP6e8Ng4UCy+IY T2zoumKbDJmKUIvhs4VGY3mefDjxKfEYk+E3mAglOGI7FUyn8ndWlsusPQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFNvGkXXMxTMvzRjdZdgWx6VFnK7MMB8GA1UdIwQY MBaAFN+4/y86C/xB6twYr55SrNEAUkFJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMzdqX0x6b0xfRUhxM0Jpdm5sS3MwUUJTUVVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82Yjg3YWYtYTIxMi00ODBkLWE0ZDQt YTNkZjNiNjljZTVhLzEvMjhhUmRjekZNeV9OR04xbDJCYkhwVVdjcnN3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC82Yjg3YWYtYTIxMi00ODBkLWE0ZDQtYTNkZjNiNjljZTVh LzEvMzdqX0x6b0xfRUhxM0Jpdm5sS3MwUUJTUVVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgorADAN BgkqhkiG9w0BAQsFAAOCAQEAbIYVzryd2OtsgO/Em+dGkGQUuEpwL4wQFZr5Actd 59KBlRL5ScJbewmq9LGynkEGjQMoL7FJ0YNGEO+Pua90CGgyR6vJ9jzeXA3h9NTz w6mFB6MmGts823OmYSeHdQJhTUcTBG/ngxfYT+XrNP3bPUyRtrgNVu7aZ16CdJn/ SuWiVX4g3BnbksEcufq5j6xp0e0QJ3UHWJKQIfRwi136LW2hR73di/dFL75wYNWb 9N0dbt+NhAd4kk+GMszs0RLunbzmDdSCpcjwDlQITuenC31z2w5MQc0QApCD5sdc uCQLqWgW9pdJ9ScsoVb3xke0mGm/GceuK/iaaBhdr0T5+Q== -----END CERTIFICATE-----Generated at Sun Jan 25 10:30:18 2026 by rpki-client