This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/J7oFZC1CJk2GtQuj_-ICPxLHOsQ.roa File: J7oFZC1CJk2GtQuj_-ICPxLHOsQ.roa (raw, json) Hash identifier: oGKjzDdrrCM7vTukMw0Fba8efuuuaYKCVfCXlBR+Jpc= Subject key identifier: 27:BA:05:64:2D:42:26:4D:86:B5:0B:A3:FF:E2:02:3F:12:C7:3A:C4 Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6 Certificate serial: 019B7FF076512F759008E3458F9352017370 Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/J7oFZC1CJk2GtQuj_-ICPxLHOsQ.roa Signing time: Fri 02 Jan 2026 18:20:23 +0000 ROA not before: Fri 02 Jan 2026 18:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216370 IP address blocks: 2a06:9686:a00::/39 maxlen: 39 2a06:9686:c00::/39 maxlen: 39 2a06:9686:e00::/39 maxlen: 39 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.mft rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f0:76:51:2f:75:90:08:e3:45:8f:93:52:01:73:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6 Validity Not Before: Jan 2 18:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=27ba05642d42264d86b50ba3ffe2023f12c73ac4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:08:5e:64:15:9d:0c:cb:20:49:7c:f3:c2:73: a8:c3:19:33:d3:97:0f:d2:93:ef:d2:e4:49:70:fb: 3b:e9:7c:b7:c6:13:d1:30:1f:08:32:1d:4c:33:99: a1:5b:c4:a5:66:fd:0a:79:6c:90:bb:db:44:73:e0: 96:f5:5b:de:d5:66:92:33:10:aa:47:c7:24:20:f9: 26:ae:8d:76:75:7c:a2:bf:fe:7d:5e:d6:71:9c:af: 8b:d0:31:d4:96:c0:6a:f0:cd:43:f7:93:ff:b8:b1: d2:49:6c:5b:4b:e0:d3:86:9a:6a:83:c6:e7:37:c5: d6:9e:19:d1:24:f2:bb:dd:c1:90:36:cc:13:aa:c1: e5:0a:85:2b:f0:c6:b4:4a:37:fd:79:2b:0b:80:de: 30:d9:f2:b8:3b:85:42:9f:86:a4:39:18:b3:71:f2: b3:8e:9c:00:cf:b5:49:e3:85:cd:e7:80:1e:9b:42: 51:b8:85:0c:43:60:8f:1d:7c:cd:12:5a:62:c4:0f: b1:c9:71:17:df:5c:ca:b7:52:64:27:64:12:16:fc: e1:53:1a:fd:46:96:e8:75:c8:98:d1:f9:26:4a:05: 5e:6b:ba:80:ce:68:35:10:87:bf:4c:b7:7a:ca:1f: cb:83:05:a7:65:8a:55:dd:c5:44:a2:d2:ee:b7:9b: 7e:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:BA:05:64:2D:42:26:4D:86:B5:0B:A3:FF:E2:02:3F:12:C7:3A:C4 X509v3 Authority Key Identifier: keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/J7oFZC1CJk2GtQuj_-ICPxLHOsQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:9686:a00::-2a06:9686:fff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 0a:5c:e2:48:52:58:18:fc:c7:18:e7:01:68:dd:f5:0b:c4:ef: 59:cd:e3:c4:36:60:38:a6:f1:80:86:f2:bb:00:0f:c3:63:1c: a3:4f:c1:1a:0d:d7:90:e1:f7:d5:df:f6:be:de:bb:ca:f5:f8: 6e:9a:39:a2:8f:84:c4:88:38:bf:90:5a:43:35:35:0c:ed:59: 5f:fd:28:fd:96:9b:68:04:3b:52:6e:7c:da:4a:61:f5:e6:d9: 88:34:44:ed:4b:77:b1:c2:08:2f:04:65:fb:84:fa:29:ce:c8: 6e:2d:02:15:30:b4:c7:91:13:d7:c0:9c:24:6c:c5:6f:76:ca: 93:6f:68:af:c9:80:8e:43:c7:d1:96:6b:1b:5f:8c:9c:93:3d: 08:9c:a6:3a:8b:09:e3:c3:bd:5c:4d:ba:13:72:cd:5c:e5:24: b1:47:87:d0:93:27:c1:ff:92:83:7d:7d:c3:2e:51:05:0c:47: a0:36:5b:4d:d4:ed:50:80:60:f7:62:74:35:39:57:a4:37:02: d9:85:81:41:6e:b0:20:76:c2:9d:2e:d8:bb:d8:df:eb:d2:e9: 21:48:60:10:82:2a:81:55:e5:3c:c9:aa:79:9e:20:a7:e2:52: f8:b1:03:38:16:9e:e6:6a:5d:2d:f6:ca:81:4a:63:d2:b3:dc: eb:a1:ad:65 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/8HZRL3WQCONFj5NSAXNwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi OTdiYTYwHhcNMjYwMTAyMTgyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyN2JhMDU2NDJkNDIyNjRkODZiNTBiYTNmZmUyMDIzZjEyYzczYWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAheZBWdDMsgSXzzwnOowxkz05cP 0pPv0uRJcPs76Xy3xhPRMB8IMh1MM5mhW8SlZv0KeWyQu9tEc+CW9Vve1WaSMxCq R8ckIPkmro12dXyiv/59XtZxnK+L0DHUlsBq8M1D95P/uLHSSWxbS+DThppqg8bn N8XWnhnRJPK73cGQNswTqsHlCoUr8Ma0Sjf9eSsLgN4w2fK4O4VCn4akORizcfKz jpwAz7VJ44XN54Aem0JRuIUMQ2CPHXzNElpixA+xyXEX31zKt1JkJ2QSFvzhUxr9 RpbodciY0fkmSgVea7qAzmg1EIe/TLd6yh/LgwWnZYpV3cVEotLut5t+LQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCe6BWQtQiZNhrULo//iAj8SxzrEMB8GA1UdIwQY MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt MTIwMjVjNTRmNDg0LzEvSjdvRlpDMUNKazJHdFF1al8tSUNQeExIT3NRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0 LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgEqBpaG CgMGBCoGloYAMA0GCSqGSIb3DQEBCwUAA4IBAQAKXOJIUlgY/McY5wFo3fULxO9Z zePENmA4pvGAhvK7AA/DYxyjT8EaDdeQ4ffV3/a+3rvK9fhumjmij4TEiDi/kFpD NTUM7Vlf/Sj9lptoBDtSbnzaSmH15tmINETtS3exwggvBGX7hPopzshuLQIVMLTH kRPXwJwkbMVvdsqTb2ivyYCOQ8fRlmsbX4yckz0InKY6iwnjw71cTboTcs1c5SSx R4fQkyfB/5KDfX3DLlEFDEegNltN1O1QgGD3YnQ1OVekNwLZhYFBbrAgdsKdLti7 2N/r0ukhSGAQgiqBVeU8yap5niCn4lL4sQM4Fp7mal0t9sqBSmPSs9zroa1l -----END CERTIFICATE-----Generated at Mon Jan 26 08:38:39 2026 by rpki-client