This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/5a1ef7-f3a4-473c-a69c-48225f3111cf/1/yfIVfxN62mXPNIQcBAIr1HDWsQ0.roa File: yfIVfxN62mXPNIQcBAIr1HDWsQ0.roa (raw, json) Hash identifier: IDg/3WOtqztOAgh+Loowhsk9bIJzHnk5Pz6kWQuqSiQ= Subject key identifier: C9:F2:15:7F:13:7A:DA:65:CF:34:84:1C:04:02:2B:D4:70:D6:B1:0D Certificate issuer: /CN=6ad0b0e44cc86a51769547c22ad796184b54b092 Certificate serial: 019B7DC98A05533E13F9C0FF5973C695F439 Authority key identifier: 6A:D0:B0:E4:4C:C8:6A:51:76:95:47:C2:2A:D7:96:18:4B:54:B0:92 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/atCw5EzIalF2lUfCKteWGEtUsJI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/5a1ef7-f3a4-473c-a69c-48225f3111cf/1/yfIVfxN62mXPNIQcBAIr1HDWsQ0.roa Signing time: Fri 02 Jan 2026 08:18:38 +0000 ROA not before: Fri 02 Jan 2026 08:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25446 IP address blocks: 2a0c:c580::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/5a1ef7-f3a4-473c-a69c-48225f3111cf/1/atCw5EzIalF2lUfCKteWGEtUsJI.crl rsync://rpki.ripe.net/repository/DEFAULT/e6/5a1ef7-f3a4-473c-a69c-48225f3111cf/1/atCw5EzIalF2lUfCKteWGEtUsJI.mft rsync://rpki.ripe.net/repository/DEFAULT/atCw5EzIalF2lUfCKteWGEtUsJI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 23:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:8a:05:53:3e:13:f9:c0:ff:59:73:c6:95:f4:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ad0b0e44cc86a51769547c22ad796184b54b092 Validity Not Before: Jan 2 08:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9f2157f137ada65cf34841c04022bd470d6b10d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:b1:41:47:0c:13:24:80:8f:24:5b:1a:98:c2: c7:d4:e2:d5:3b:c4:b8:99:b7:0e:a0:30:35:1f:9b: 47:29:44:f6:19:3e:cf:f0:a8:0b:7f:97:60:71:c9: 65:04:92:4c:ee:ef:46:cb:cc:00:40:0d:8c:f0:c4: 92:a5:14:4d:29:89:ea:06:d1:44:49:40:d2:70:39: 96:9f:58:e0:da:f9:db:87:06:a8:63:2f:a1:43:db: fc:84:30:d5:6e:c1:0f:58:66:53:51:b8:73:78:c9: 9d:ae:f5:98:50:fa:0e:ec:22:3e:bb:40:2f:c9:5a: 1b:d0:61:31:bb:9d:81:91:1e:b7:93:0e:93:ab:c2: e4:7a:47:69:af:3f:2d:2e:a6:15:93:88:19:35:43: 1f:5d:1e:0d:e8:90:d1:d7:b5:74:90:64:5f:91:8d: 47:f8:bb:42:af:5e:f6:8e:8d:5d:be:27:6c:f2:d2: 7a:72:e1:50:4f:b9:ac:5f:16:95:55:86:d9:2b:95: fe:b1:3d:92:d9:2c:c9:cf:4d:2e:d9:9f:0b:67:a6: 1e:a5:53:e7:6f:07:02:20:cd:3f:87:4e:cd:be:ec: a6:d5:0d:f6:70:7d:a0:68:50:f4:8e:0c:ed:50:95: 5a:ec:92:00:fa:67:ba:78:9a:30:ff:67:7e:f3:18: f3:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:F2:15:7F:13:7A:DA:65:CF:34:84:1C:04:02:2B:D4:70:D6:B1:0D X509v3 Authority Key Identifier: keyid:6A:D0:B0:E4:4C:C8:6A:51:76:95:47:C2:2A:D7:96:18:4B:54:B0:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/atCw5EzIalF2lUfCKteWGEtUsJI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5a1ef7-f3a4-473c-a69c-48225f3111cf/1/yfIVfxN62mXPNIQcBAIr1HDWsQ0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5a1ef7-f3a4-473c-a69c-48225f3111cf/1/atCw5EzIalF2lUfCKteWGEtUsJI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:c580::/48 Signature Algorithm: sha256WithRSAEncryption 2e:bd:03:2a:b9:fb:ce:b0:64:38:ce:4d:eb:74:4c:42:e0:f8: 5e:f5:97:42:8c:3f:58:83:4c:d1:2b:ad:69:0a:b3:ae:7b:2c: ed:56:03:91:33:27:e2:23:9c:13:d2:8c:c5:61:c2:9a:42:3d: 16:9a:e1:7d:c6:8b:6a:3c:e9:09:63:0b:b6:f9:cf:7a:02:48: 88:cf:bc:cc:62:19:db:3f:be:9d:b1:6a:6f:11:a5:64:76:77: 6d:8a:2a:ad:c5:af:b5:21:0f:56:fb:f8:5f:10:84:ff:6e:ac: 6c:8f:0a:49:c0:5c:a1:cb:ad:aa:72:b8:fa:44:8c:33:eb:ad: da:00:3c:a8:ef:a9:27:16:bd:98:28:f1:9f:02:36:8d:65:48: 11:0d:90:00:b0:89:d5:b3:a0:25:99:47:06:ca:81:28:5d:73: 57:f7:80:a1:0e:8e:a6:8d:43:84:30:89:62:a5:44:8b:69:51: 7f:01:ee:e7:82:a7:36:da:d8:51:8a:f7:a6:1c:d2:e7:4f:07: df:ca:21:d9:87:7c:a2:ee:2d:a3:7c:ae:19:60:d4:40:5b:ed: af:3e:51:04:9f:38:04:dc:93:92:1e:a8:eb:a2:e0:4a:01:b8: 5a:10:7c:bd:66:58:5a:ce:db:ee:f8:0e:c7:5a:db:42:91:e0: 48:26:31:d8 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9yYoFUz4T+cD/WXPGlfQ5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhZDBiMGU0NGNjODZhNTE3Njk1NDdjMjJhZDc5NjE4NGI1 NGIwOTIwHhcNMjYwMTAyMDgxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOWYyMTU3ZjEzN2FkYTY1Y2YzNDg0MWMwNDAyMmJkNDcwZDZiMTBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7FBRwwTJICPJFsamMLH1OLVO8S4 mbcOoDA1H5tHKUT2GT7P8KgLf5dgccllBJJM7u9Gy8wAQA2M8MSSpRRNKYnqBtFE SUDScDmWn1jg2vnbhwaoYy+hQ9v8hDDVbsEPWGZTUbhzeMmdrvWYUPoO7CI+u0Av yVob0GExu52BkR63kw6Tq8Lkekdprz8tLqYVk4gZNUMfXR4N6JDR17V0kGRfkY1H +LtCr172jo1dvids8tJ6cuFQT7msXxaVVYbZK5X+sT2S2SzJz00u2Z8LZ6YepVPn bwcCIM0/h07Nvuym1Q32cH2gaFD0jgztUJVa7JIA+me6eJow/2d+8xjz4wIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFMnyFX8TetplzzSEHAQCK9Rw1rENMB8GA1UdIwQY MBaAFGrQsORMyGpRdpVHwirXlhhLVLCSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXRDdzVFeklhbEYybFVmQ0t0ZVdHRXRVc0pJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81YTFlZjctZjNhNC00NzNjLWE2OWMt NDgyMjVmMzExMWNmLzEveWZJVmZ4TjYybVhQTklRY0JBSXIxSERXc1EwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNi81YTFlZjctZjNhNC00NzNjLWE2OWMtNDgyMjVmMzExMWNm LzEvYXRDdzVFeklhbEYybFVmQ0t0ZVdHRXRVc0pJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgzFgAAA MA0GCSqGSIb3DQEBCwUAA4IBAQAuvQMqufvOsGQ4zk3rdExC4Phe9ZdCjD9Yg0zR K61pCrOueyztVgORMyfiI5wT0ozFYcKaQj0WmuF9xotqPOkJYwu2+c96AkiIz7zM YhnbP76dsWpvEaVkdndtiiqtxa+1IQ9W+/hfEIT/bqxsjwpJwFyhy62qcrj6RIwz 663aADyo76knFr2YKPGfAjaNZUgRDZAAsInVs6AlmUcGyoEoXXNX94ChDo6mjUOE MIlipUSLaVF/Ae7ngqc22thRivemHNLnTwffyiHZh3yi7i2jfK4ZYNRAW+2vPlEE nzgE3JOSHqjrouBKAbhaEHy9Zlhaztvu+A7HWttCkeBIJjHY -----END CERTIFICATE-----Generated at Mon Jan 26 08:58:27 2026 by rpki-client