This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/73f739-81b8-4511-81a1-b3a1680320ad/1/mFiXzHrxbxRLCdJjqMjDV1qXsf0.roa File: mFiXzHrxbxRLCdJjqMjDV1qXsf0.roa (raw, json) Hash identifier: xj8BfUXzJ6HgdFsCYVaF06L0rsBxHlnBN9flZ6X2gpQ= Subject key identifier: 98:58:97:CC:7A:F1:6F:14:4B:09:D2:63:A8:C8:C3:57:5A:97:B1:FD Certificate issuer: /CN=2f0bf1060af93917dafb569a80ccec9db08a76c5 Certificate serial: 019B7CED69BE9369E1932F6E5EBA1831DAE3 Authority key identifier: 2F:0B:F1:06:0A:F9:39:17:DA:FB:56:9A:80:CC:EC:9D:B0:8A:76:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LwvxBgr5ORfa-1aagMzsnbCKdsU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/73f739-81b8-4511-81a1-b3a1680320ad/1/mFiXzHrxbxRLCdJjqMjDV1qXsf0.roa Signing time: Fri 02 Jan 2026 04:18:12 +0000 ROA not before: Fri 02 Jan 2026 04:18:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211722 IP address blocks: 2001:67c:2970::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/73f739-81b8-4511-81a1-b3a1680320ad/1/LwvxBgr5ORfa-1aagMzsnbCKdsU.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/73f739-81b8-4511-81a1-b3a1680320ad/1/LwvxBgr5ORfa-1aagMzsnbCKdsU.mft rsync://rpki.ripe.net/repository/DEFAULT/LwvxBgr5ORfa-1aagMzsnbCKdsU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:69:be:93:69:e1:93:2f:6e:5e:ba:18:31:da:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f0bf1060af93917dafb569a80ccec9db08a76c5 Validity Not Before: Jan 2 04:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=985897cc7af16f144b09d263a8c8c3575a97b1fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:4c:07:32:70:de:66:22:fa:2c:94:e5:1c:41: 3a:cd:92:db:3d:d5:16:2e:50:4a:10:2e:94:5c:ed: 88:e9:3d:be:bf:45:cb:d8:0d:8d:44:f1:69:78:7b: 61:88:df:c8:d9:40:be:2a:bb:a2:43:8b:76:6c:ff: 8f:30:02:91:28:7f:3f:c9:a4:2a:b4:27:ff:38:a1: 59:4e:94:cd:02:bd:49:1d:8d:ff:c3:64:84:d4:ee: a5:9a:cf:24:31:ef:1d:9e:92:97:96:b5:a6:0e:d1: 6f:4a:24:a4:42:22:60:2b:f2:87:34:e7:25:62:3e: f7:81:66:77:6a:3c:6e:ed:0e:32:77:2f:8d:45:db: 4c:1c:c6:07:c6:68:43:47:a6:ec:42:6e:1b:86:66: 44:24:db:59:05:b9:81:ab:1d:16:ae:28:71:f2:e0: 75:94:00:c7:3b:92:93:ae:5a:cd:53:b7:46:00:96: f4:4e:b7:e5:86:46:bd:d3:d6:f5:f6:46:bd:5f:a4: d9:8a:99:49:b4:1a:bd:34:d0:e8:a8:64:7c:b4:14: 2f:0a:72:29:2e:27:b6:cc:aa:73:38:49:7d:63:6c: ad:c4:c6:a4:d0:42:5a:31:a9:f3:0f:ac:3c:72:90: a9:10:43:26:72:de:bc:c6:b2:01:09:d0:6d:5b:c9: a6:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:58:97:CC:7A:F1:6F:14:4B:09:D2:63:A8:C8:C3:57:5A:97:B1:FD X509v3 Authority Key Identifier: keyid:2F:0B:F1:06:0A:F9:39:17:DA:FB:56:9A:80:CC:EC:9D:B0:8A:76:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LwvxBgr5ORfa-1aagMzsnbCKdsU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/73f739-81b8-4511-81a1-b3a1680320ad/1/mFiXzHrxbxRLCdJjqMjDV1qXsf0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/73f739-81b8-4511-81a1-b3a1680320ad/1/LwvxBgr5ORfa-1aagMzsnbCKdsU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:2970::/48 Signature Algorithm: sha256WithRSAEncryption 4f:63:f4:6b:d9:11:db:d9:47:b6:20:5b:82:3a:88:66:e5:82: 83:fa:3d:93:81:76:12:2c:d0:10:e0:da:52:ad:e1:a6:fe:6f: 07:a5:ca:24:6a:c9:ef:7e:24:06:e3:09:f8:88:44:ab:c7:e1: 28:cf:79:26:0c:09:1b:74:b0:8f:ae:9c:28:4f:ba:0c:5e:0e: ba:80:0f:a3:99:fd:cd:4d:4f:05:ff:c6:1e:b0:66:5f:f0:0f: 74:f1:f3:f1:f7:69:84:8e:26:b3:80:65:2e:fb:a1:83:71:9e: 9e:63:97:e5:6d:97:03:09:18:bc:0c:a6:6f:b3:98:f7:de:cd: da:d5:2e:ef:8e:e8:9f:a5:cd:12:1f:3e:5f:a5:fe:82:d0:fa: 13:7c:25:79:ce:83:b3:b2:5b:a9:18:f8:8f:37:31:ab:88:97: af:ea:1d:7f:ef:5c:ac:26:1a:07:f8:5c:2c:6e:90:20:de:13: 5b:8f:27:fe:7a:a3:3c:56:26:5b:85:f2:e3:70:98:45:61:e2: d4:e8:47:b0:e0:46:7e:b3:cf:dc:26:bb:d3:8b:a2:39:f8:8f: 56:34:f2:ce:29:f9:9a:fb:a4:b5:6c:bf:fd:f2:ac:87:32:a7: 48:7f:12:17:dc:93:37:ed:35:49:46:66:5c:2d:81:b6:c8:85: e7:8f:a3:ba -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt87Wm+k2nhky9uXroYMdrjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmMGJmMTA2MGFmOTM5MTdkYWZiNTY5YTgwY2NlYzlkYjA4 YTc2YzUwHhcNMjYwMTAyMDQxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ODU4OTdjYzdhZjE2ZjE0NGIwOWQyNjNhOGM4YzM1NzVhOTdiMWZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikwHMnDeZiL6LJTlHEE6zZLbPdUW LlBKEC6UXO2I6T2+v0XL2A2NRPFpeHthiN/I2UC+KruiQ4t2bP+PMAKRKH8/yaQq tCf/OKFZTpTNAr1JHY3/w2SE1O6lms8kMe8dnpKXlrWmDtFvSiSkQiJgK/KHNOcl Yj73gWZ3ajxu7Q4ydy+NRdtMHMYHxmhDR6bsQm4bhmZEJNtZBbmBqx0Wrihx8uB1 lADHO5KTrlrNU7dGAJb0Trflhka909b19ka9X6TZiplJtBq9NNDoqGR8tBQvCnIp Lie2zKpzOEl9Y2ytxMak0EJaManzD6w8cpCpEEMmct68xrIBCdBtW8mm+QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJhYl8x68W8USwnSY6jIw1dal7H9MB8GA1UdIwQY MBaAFC8L8QYK+TkX2vtWmoDM7J2winbFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTHd2eEJncjVPUmZhLTFhYWdNenNuYkNLZHNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83M2Y3MzktODFiOC00NTExLTgxYTEt YjNhMTY4MDMyMGFkLzEvbUZpWHpIcnhieFJMQ2RKanFNakRWMXFYc2YwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy83M2Y3MzktODFiOC00NTExLTgxYTEtYjNhMTY4MDMyMGFk LzEvTHd2eEJncjVPUmZhLTFhYWdNenNuYkNLZHNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfClw MA0GCSqGSIb3DQEBCwUAA4IBAQBPY/Rr2RHb2Ue2IFuCOohm5YKD+j2TgXYSLNAQ 4NpSreGm/m8HpcokasnvfiQG4wn4iESrx+Eoz3kmDAkbdLCPrpwoT7oMXg66gA+j mf3NTU8F/8YesGZf8A908fPx92mEjiazgGUu+6GDcZ6eY5flbZcDCRi8DKZvs5j3 3s3a1S7vjuifpc0SHz5fpf6C0PoTfCV5zoOzslupGPiPNzGriJev6h1/71ysJhoH +FwsbpAg3hNbjyf+eqM8ViZbhfLjcJhFYeLU6Eew4EZ+s8/cJrvTi6I5+I9WNPLO Kfma+6S1bL/98qyHMqdIfxIX3JM37TVJRmZcLYG2yIXnj6O6 -----END CERTIFICATE-----Generated at Sun Jan 25 17:49:22 2026 by rpki-client