This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/U98gDyS6dRj9SjIXrnN3pWc2zgE.roa File: U98gDyS6dRj9SjIXrnN3pWc2zgE.roa (raw, json) Hash identifier: HsrUh8+O8DlJnCmiqH/w8bVErohPR7VfDdSGvWsJKvs= Subject key identifier: 53:DF:20:0F:24:BA:75:18:FD:4A:32:17:AE:73:77:A5:67:36:CE:01 Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f Certificate serial: 019B7758A4C798CC253550F9C8321E20ECBD Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/U98gDyS6dRj9SjIXrnN3pWc2zgE.roa Signing time: Thu 01 Jan 2026 02:17:36 +0000 ROA not before: Thu 01 Jan 2026 02:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34907 IP address blocks: 2a06:5cc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.mft rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:a4:c7:98:cc:25:35:50:f9:c8:32:1e:20:ec:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f Validity Not Before: Jan 1 02:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=53df200f24ba7518fd4a3217ae7377a56736ce01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fe:5c:c7:50:b0:1b:a3:8f:3b:1b:cb:b0:0e:63: 01:bb:d0:d7:f2:d8:d0:9c:a5:ef:89:31:1b:63:12: d2:f0:95:0f:5e:4c:3b:4b:32:9c:78:02:ae:0a:d1: d7:5e:dc:c1:64:a3:c3:4c:b7:20:f9:12:07:ab:b0: 7b:92:47:5a:6a:aa:04:67:a0:8f:3e:c7:0e:f3:cc: e9:2a:50:01:3b:cb:68:7f:f8:f3:db:c7:b1:7b:b2: 04:79:74:8f:ff:34:8a:69:42:28:83:17:16:26:85: d2:62:06:77:9e:71:6c:4d:8d:6b:bb:32:f7:5e:4c: 74:70:37:89:10:7c:40:fd:63:81:ae:85:b7:1b:c8: e4:0b:36:09:7c:83:53:86:94:0c:dc:16:23:ad:21: ae:94:11:24:df:32:85:53:c5:58:b8:b7:f0:16:54: cf:c6:cf:ee:01:ed:4d:5d:e3:7c:e4:4d:80:ea:dc: 7f:4d:60:de:da:c9:22:bc:34:21:df:fb:47:4e:09: 42:3c:1a:34:f1:40:ac:80:2f:29:2c:03:b5:4d:e6: 42:e7:68:0c:7e:91:1d:68:b3:80:f5:9c:fa:7e:e4: a6:e2:e2:4d:2a:39:9a:d2:50:fd:ed:e7:db:06:f0: 0a:76:aa:f4:f4:a6:fd:cf:e2:77:bc:0b:11:32:b0: 7c:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:DF:20:0F:24:BA:75:18:FD:4A:32:17:AE:73:77:A5:67:36:CE:01 X509v3 Authority Key Identifier: keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/U98gDyS6dRj9SjIXrnN3pWc2zgE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:5cc0::/29 Signature Algorithm: sha256WithRSAEncryption 38:04:ce:27:ad:b1:fe:ac:5d:80:32:bd:d0:65:15:00:9e:2c: a7:9f:72:3a:4b:d0:eb:77:3e:03:e5:d5:11:b6:61:ad:c1:38: 1d:f9:f4:7d:0c:5c:c5:8f:d7:81:06:30:05:e1:2b:47:21:de: 7c:79:c0:52:91:fa:ac:54:b5:c4:01:e4:e4:c6:6e:d0:c4:d6: 9c:58:89:3f:6f:bc:39:ce:b4:6d:f7:31:2c:ea:5b:30:43:61: 53:0a:ce:14:78:93:fe:36:70:9e:ec:b5:d1:ac:3a:25:3d:7d: ab:54:43:96:d1:d5:f1:dc:16:c4:f0:cb:91:50:84:da:76:80: 6e:28:e6:c9:87:c6:32:52:22:00:f3:f7:02:df:4e:cb:c7:f4: a0:57:1d:d7:62:25:ff:7d:25:dd:fe:55:d0:5d:2d:06:b4:8f: 33:2c:01:d9:c9:08:c5:99:ac:73:7f:7d:ce:11:b1:53:84:9a: be:3c:42:be:19:a4:bc:ab:3e:7d:90:ef:ff:c6:b5:39:89:3a: 46:04:6c:e8:b0:e7:6b:c2:6a:a0:73:5f:cd:d1:35:d0:cf:cb: ef:5e:77:6d:79:9b:48:b7:81:87:49:9c:e2:9c:79:fc:f8:56: 04:a6:69:02:55:5f:da:93:f1:a0:66:9b:76:45:c4:5c:b0:b7: e5:c4:0e:54 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt3WKTHmMwlNVD5yDIeIOy9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux YjBmM2YwHhcNMjYwMTAxMDIxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1M2RmMjAwZjI0YmE3NTE4ZmQ0YTMyMTdhZTczNzdhNTY3MzZjZTAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/lzHULAbo487G8uwDmMBu9DX8tjQ nKXviTEbYxLS8JUPXkw7SzKceAKuCtHXXtzBZKPDTLcg+RIHq7B7kkdaaqoEZ6CP PscO88zpKlABO8tof/jz28exe7IEeXSP/zSKaUIogxcWJoXSYgZ3nnFsTY1ruzL3 Xkx0cDeJEHxA/WOBroW3G8jkCzYJfINThpQM3BYjrSGulBEk3zKFU8VYuLfwFlTP xs/uAe1NXeN85E2A6tx/TWDe2skivDQh3/tHTglCPBo08UCsgC8pLAO1TeZC52gM fpEdaLOA9Zz6fuSm4uJNKjma0lD97efbBvAKdqr09Kb9z+J3vAsRMrB8eQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFFPfIA8kunUY/UoyF65zd6VnNs4BMB8GA1UdIwQY MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt ZGY1NzJmZTk2NzJhLzEvVTk4Z0R5UzZkUmo5U2pJWHJuTjNwV2MyemdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgZcwDAN BgkqhkiG9w0BAQsFAAOCAQEAOATOJ62x/qxdgDK90GUVAJ4sp59yOkvQ63c+A+XV EbZhrcE4Hfn0fQxcxY/XgQYwBeErRyHefHnAUpH6rFS1xAHk5MZu0MTWnFiJP2+8 Oc60bfcxLOpbMENhUwrOFHiT/jZwnuy10aw6JT19q1RDltHV8dwWxPDLkVCE2naA bijmyYfGMlIiAPP3At9Oy8f0oFcd12Il/30l3f5V0F0tBrSPMywB2ckIxZmsc399 zhGxU4SavjxCvhmkvKs+fZDv/8a1OYk6RgRs6LDna8JqoHNfzdE10M/L7153bXmb SLeBh0mc4px5/PhWBKZpAlVf2pPxoGabdkXEXLC35cQOVA== -----END CERTIFICATE-----Generated at Mon Jan 26 15:36:38 2026 by rpki-client