This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/858321-f51f-4401-9a39-68ee73f964f1/1/mvG3YWdgme5kDL899liGGrl6AXw.roa File: mvG3YWdgme5kDL899liGGrl6AXw.roa (raw, json) Hash identifier: RhjOG7ei+0jF0h6xgfCw7yY1D/pCi55eBTTmGtVMc0M= Subject key identifier: 9A:F1:B7:61:67:60:99:EE:64:0C:BF:3D:F6:58:86:1A:B9:7A:01:7C Certificate issuer: /CN=0e79f47eff1afa1b23b623813840f6cebf5779a4 Certificate serial: 019AEEC40697C80B3E822FBC0B57A7EC8488 Authority key identifier: 0E:79:F4:7E:FF:1A:FA:1B:23:B6:23:81:38:40:F6:CE:BF:57:79:A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dnn0fv8a-hsjtiOBOED2zr9XeaQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/858321-f51f-4401-9a39-68ee73f964f1/1/mvG3YWdgme5kDL899liGGrl6AXw.roa Signing time: Fri 05 Dec 2025 13:46:55 +0000 ROA not before: Fri 05 Dec 2025 13:46:55 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 205059 IP address blocks: 2a0f:aac0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/858321-f51f-4401-9a39-68ee73f964f1/1/Dnn0fv8a-hsjtiOBOED2zr9XeaQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/858321-f51f-4401-9a39-68ee73f964f1/1/Dnn0fv8a-hsjtiOBOED2zr9XeaQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Dnn0fv8a-hsjtiOBOED2zr9XeaQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ee:c4:06:97:c8:0b:3e:82:2f:bc:0b:57:a7:ec:84:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e79f47eff1afa1b23b623813840f6cebf5779a4 Validity Not Before: Dec 5 13:46:55 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=9af1b761676099ee640cbf3df658861ab97a017c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:16:d0:13:c1:f5:f3:b9:09:cc:f1:46:4f:c1: b4:6e:eb:98:cc:a8:00:6d:bb:9c:bc:8b:48:b7:bc: c5:ea:05:a1:44:fc:4d:c9:c6:9c:08:11:05:54:0d: 4f:17:6e:2a:43:99:ce:55:e9:f2:32:c2:e4:75:76: 0a:db:46:e6:a5:62:5e:f3:56:7b:4b:7a:a2:7a:7b: 83:4e:d7:7b:25:96:d9:d6:f1:d7:56:9a:00:76:fd: 16:65:fd:80:9c:2e:fc:78:ae:2f:d2:e4:29:46:76: f6:fd:d9:ff:6f:26:6f:41:52:d3:fe:03:42:c7:15: 01:70:2c:54:9f:14:fa:6d:7f:c4:a4:f4:4f:eb:f1: b3:19:94:82:fa:9c:ab:8a:07:0c:3b:8c:c8:e9:8c: 2e:b5:35:84:f5:7a:f2:7a:4a:ed:38:65:a9:4a:d9: 96:22:50:79:af:fe:be:11:c4:7a:d7:12:aa:eb:c2: 25:dc:fc:84:ef:9d:67:95:99:57:30:9a:d9:58:b8: 9a:57:2c:38:c5:4b:28:2a:4f:a1:74:34:ac:12:16: 7f:db:92:6f:ad:a4:a0:ea:c6:5f:ae:79:1b:21:03: 6e:1f:c1:30:e3:49:dd:61:94:cb:44:f4:09:57:e7: 9c:bb:68:b2:fb:52:cb:1c:ea:05:cb:7e:f8:0c:ec: 04:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:F1:B7:61:67:60:99:EE:64:0C:BF:3D:F6:58:86:1A:B9:7A:01:7C X509v3 Authority Key Identifier: keyid:0E:79:F4:7E:FF:1A:FA:1B:23:B6:23:81:38:40:F6:CE:BF:57:79:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dnn0fv8a-hsjtiOBOED2zr9XeaQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/858321-f51f-4401-9a39-68ee73f964f1/1/mvG3YWdgme5kDL899liGGrl6AXw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/858321-f51f-4401-9a39-68ee73f964f1/1/Dnn0fv8a-hsjtiOBOED2zr9XeaQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:aac0:2::/48 Signature Algorithm: sha256WithRSAEncryption 4f:db:04:76:2f:9b:4c:03:3f:2f:e1:35:40:f2:b1:b6:cd:65: a8:8c:97:4c:0d:15:49:fa:f7:e6:11:91:2c:67:08:ca:1c:11: 4e:12:df:a8:00:3f:e1:f7:7b:6f:15:98:f3:c4:e6:b3:0f:10: 02:8f:05:18:41:42:3c:50:cc:51:26:24:37:6d:a9:a0:d8:4d: a1:56:0f:3d:35:90:9b:a3:eb:45:e8:ad:c2:cd:c2:bf:d2:c6: 0d:88:c9:a6:73:cd:ca:08:cf:e0:77:fc:6c:60:73:d2:97:e3: cd:6d:6a:d5:5e:9d:c5:4e:24:d4:3f:42:d2:db:64:1b:2f:a7: a3:17:ac:71:7e:b6:4a:0c:6e:c3:96:7b:91:29:c5:6c:6b:7f: 5b:11:d3:92:55:18:96:38:e9:9b:bd:85:e5:9b:8d:23:dd:42: 5b:d7:01:71:e7:0d:9c:ac:84:37:78:79:e5:4f:d2:c1:36:f6: 72:3a:7d:75:10:d3:c8:60:e8:85:ee:19:ef:ba:b8:bb:82:d8: 3b:b0:34:cc:99:81:e0:a0:10:67:e9:ee:66:8f:06:d8:e7:f6: b0:ec:ad:ea:c0:14:2d:e5:c4:fe:5f:8f:5e:1c:16:49:6c:a1: 47:96:03:be:f2:a0:14:37:3e:9a:7a:ef:06:2b:5e:36:b9:96: 30:81:70:3d -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZruxAaXyAs+gi+8C1en7ISIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlNzlmNDdlZmYxYWZhMWIyM2I2MjM4MTM4NDBmNmNlYmY1 Nzc5YTQwHhcNMjUxMjA1MTM0NjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YWYxYjc2MTY3NjA5OWVlNjQwY2JmM2RmNjU4ODYxYWI5N2EwMTdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhbQE8H187kJzPFGT8G0buuYzKgA bbucvItIt7zF6gWhRPxNycacCBEFVA1PF24qQ5nOVenyMsLkdXYK20bmpWJe81Z7 S3qienuDTtd7JZbZ1vHXVpoAdv0WZf2AnC78eK4v0uQpRnb2/dn/byZvQVLT/gNC xxUBcCxUnxT6bX/EpPRP6/GzGZSC+pyrigcMO4zI6YwutTWE9XryekrtOGWpStmW IlB5r/6+EcR61xKq68Il3PyE751nlZlXMJrZWLiaVyw4xUsoKk+hdDSsEhZ/25Jv raSg6sZfrnkbIQNuH8Ew40ndYZTLRPQJV+ecu2iy+1LLHOoFy374DOwEuwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJrxt2FnYJnuZAy/PfZYhhq5egF8MB8GA1UdIwQY MBaAFA559H7/GvobI7YjgThA9s6/V3mkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRG5uMGZ2OGEtaHNqdGlPQk9FRDJ6cjlYZWFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS84NTgzMjEtZjUxZi00NDAxLTlhMzkt NjhlZTczZjk2NGYxLzEvbXZHM1lXZGdtZTVrREw4OTlsaUdHcmw2QVh3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS84NTgzMjEtZjUxZi00NDAxLTlhMzktNjhlZTczZjk2NGYx LzEvRG5uMGZ2OGEtaHNqdGlPQk9FRDJ6cjlYZWFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+qwAAC MA0GCSqGSIb3DQEBCwUAA4IBAQBP2wR2L5tMAz8v4TVA8rG2zWWojJdMDRVJ+vfm EZEsZwjKHBFOEt+oAD/h93tvFZjzxOazDxACjwUYQUI8UMxRJiQ3bamg2E2hVg89 NZCbo+tF6K3CzcK/0sYNiMmmc83KCM/gd/xsYHPSl+PNbWrVXp3FTiTUP0LS22Qb L6ejF6xxfrZKDG7DlnuRKcVsa39bEdOSVRiWOOmbvYXlm40j3UJb1wFx5w2crIQ3 eHnlT9LBNvZyOn11ENPIYOiF7hnvuri7gtg7sDTMmYHgoBBn6e5mjwbY5/aw7K3q wBQt5cT+X49eHBZJbKFHlgO+8qAUNz6aeu8GK142uZYwgXA9 -----END CERTIFICATE-----Generated at Sat Dec 6 09:54:48 2025 by rpki-client