This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/f6e099-9b64-4041-9d19-317279818acc/1/D17eb-YaN69zmYAWu9of4KG5E8Y.roa File: D17eb-YaN69zmYAWu9of4KG5E8Y.roa (raw, json) Hash identifier: stGJZzeKt4km6Sv/uUT+Q3OWclxmp1dOYGAe5XGVe2w= Subject key identifier: 0F:5E:DE:6F:E6:1A:37:AF:73:99:80:16:BB:DA:1F:E0:A1:B9:13:C6 Certificate issuer: /CN=245de65f37515df8cc242f36dbbef320c6d90b4f Certificate serial: 019B797F3E6FBF98ABEB032252A3466F5E39 Authority key identifier: 24:5D:E6:5F:37:51:5D:F8:CC:24:2F:36:DB:BE:F3:20:C6:D9:0B:4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JF3mXzdRXfjMJC82277zIMbZC08.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/f6e099-9b64-4041-9d19-317279818acc/1/D17eb-YaN69zmYAWu9of4KG5E8Y.roa Signing time: Thu 01 Jan 2026 12:19:00 +0000 ROA not before: Thu 01 Jan 2026 12:19:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44066 IP address blocks: 2a03:aae0:fc::/48 maxlen: 48 2a03:aae0:fc00::/48 maxlen: 48 2a03:aae0:fc01::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/f6e099-9b64-4041-9d19-317279818acc/1/JF3mXzdRXfjMJC82277zIMbZC08.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/f6e099-9b64-4041-9d19-317279818acc/1/JF3mXzdRXfjMJC82277zIMbZC08.mft rsync://rpki.ripe.net/repository/DEFAULT/JF3mXzdRXfjMJC82277zIMbZC08.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 03:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:3e:6f:bf:98:ab:eb:03:22:52:a3:46:6f:5e:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=245de65f37515df8cc242f36dbbef320c6d90b4f Validity Not Before: Jan 1 12:19:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0f5ede6fe61a37af73998016bbda1fe0a1b913c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:8e:f1:20:93:87:03:75:5d:5b:3f:a5:c6:6f: b6:8c:88:bd:6a:e4:50:c7:13:54:82:95:f9:b6:64: 96:8c:51:05:35:6e:06:09:e1:6a:21:5d:c2:79:b8: 94:30:4f:10:4e:19:00:c6:34:54:f9:a2:8b:f9:5e: 82:fc:7d:20:dc:b8:6a:08:58:53:94:50:1c:d6:58: 92:14:24:73:ad:a1:51:de:1d:77:b3:ba:1f:d7:a0: 8a:03:78:39:9c:8e:1e:d6:b3:b9:65:83:ab:7e:94: 36:e9:ec:47:a5:d0:6e:fb:4a:fa:5c:30:b8:65:6d: 8e:3e:d6:57:70:a0:58:a2:ee:04:66:63:f6:0f:b0: be:31:b4:7e:41:81:56:b0:dd:3b:e1:d6:08:4c:22: 01:85:0e:54:07:bf:a7:9f:26:67:0a:fb:3a:18:29: ef:9c:78:42:24:aa:59:c6:14:c3:74:b3:f1:3e:8a: da:54:53:93:af:13:ab:c4:43:e5:92:5b:59:cc:63: c5:29:f8:94:0b:91:5b:68:00:ed:b6:d4:c5:5c:20: 98:4e:74:1f:01:e5:03:72:2e:80:81:ae:15:8b:95: 62:7b:91:60:3e:89:a0:1f:81:98:14:b2:32:a2:12: 64:e6:df:d1:8e:e4:ea:29:ba:db:b2:c4:e1:c9:94: f6:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:5E:DE:6F:E6:1A:37:AF:73:99:80:16:BB:DA:1F:E0:A1:B9:13:C6 X509v3 Authority Key Identifier: keyid:24:5D:E6:5F:37:51:5D:F8:CC:24:2F:36:DB:BE:F3:20:C6:D9:0B:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JF3mXzdRXfjMJC82277zIMbZC08.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/f6e099-9b64-4041-9d19-317279818acc/1/D17eb-YaN69zmYAWu9of4KG5E8Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/f6e099-9b64-4041-9d19-317279818acc/1/JF3mXzdRXfjMJC82277zIMbZC08.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:aae0:fc::/48 2a03:aae0:fc00::/47 Signature Algorithm: sha256WithRSAEncryption 14:f3:3f:77:a7:e1:f0:7a:ef:30:95:af:bd:c8:4b:f4:68:48: 75:99:3d:f1:99:35:c3:0b:ed:24:b6:83:72:e9:21:14:0c:54: 3b:e8:1f:75:d2:f2:21:1d:56:ad:6e:ac:57:de:8f:9f:00:0f: 44:0c:67:b6:2d:36:05:55:ec:80:4d:dd:11:7c:e9:a4:d7:5d: ad:7b:11:75:5b:3f:e5:8f:ae:1f:da:73:96:b3:50:9e:d2:9f: 90:ac:22:05:6d:50:5b:75:c0:f8:52:1f:65:c9:0f:9d:28:ab: dd:01:71:71:61:be:bc:22:23:e7:fd:ae:53:26:11:6f:ae:2a: 1d:90:f6:f6:ef:24:dd:bf:e2:89:53:a0:8d:97:b5:3c:45:be: 47:34:4e:eb:6d:30:91:69:2b:36:bc:3d:ad:fa:6a:02:d9:f3: e7:00:0c:aa:57:7c:9b:20:2c:a6:a1:e6:71:04:ba:58:1d:9d: cc:c0:9c:dd:3b:95:30:b8:ea:bf:1f:78:e3:89:62:4e:2e:7e: 68:03:3b:56:7c:af:44:22:c1:b4:30:cd:f7:e7:8d:77:0e:ed: a0:b7:79:0e:b3:2e:b9:6c:23:6e:63:50:c9:cb:cd:0b:29:59: 13:bd:54:cc:5c:38:92:0d:c1:c8:43:53:a0:9f:7a:bc:a6:00: 23:7a:75:b2 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5fz5vv5ir6wMiUqNGb145MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0NWRlNjVmMzc1MTVkZjhjYzI0MmYzNmRiYmVmMzIwYzZk OTBiNGYwHhcNMjYwMTAxMTIxOTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZjVlZGU2ZmU2MWEzN2FmNzM5OTgwMTZiYmRhMWZlMGExYjkxM2M2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv47xIJOHA3VdWz+lxm+2jIi9auRQ xxNUgpX5tmSWjFEFNW4GCeFqIV3CebiUME8QThkAxjRU+aKL+V6C/H0g3LhqCFhT lFAc1liSFCRzraFR3h13s7of16CKA3g5nI4e1rO5ZYOrfpQ26exHpdBu+0r6XDC4 ZW2OPtZXcKBYou4EZmP2D7C+MbR+QYFWsN074dYITCIBhQ5UB7+nnyZnCvs6GCnv nHhCJKpZxhTDdLPxPoraVFOTrxOrxEPlkltZzGPFKfiUC5FbaADtttTFXCCYTnQf AeUDci6Aga4Vi5Vie5FgPomgH4GYFLIyohJk5t/RjuTqKbrbssThyZT2vwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFA9e3m/mGjevc5mAFrvaH+ChuRPGMB8GA1UdIwQY MBaAFCRd5l83UV34zCQvNtu+8yDG2QtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSkYzbVh6ZFJYZmpNSkM4MjI3N3pJTWJaQzA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9mNmUwOTktOWI2NC00MDQxLTlkMTkt MzE3Mjc5ODE4YWNjLzEvRDE3ZWItWWFONjl6bVlBV3U5b2Y0S0c1RThZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS9mNmUwOTktOWI2NC00MDQxLTlkMTktMzE3Mjc5ODE4YWNj LzEvSkYzbVh6ZFJYZmpNSkM4MjI3N3pJTWJaQzA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgOq4AD8 AwcBKgOq4PwAMA0GCSqGSIb3DQEBCwUAA4IBAQAU8z93p+Hweu8wla+9yEv0aEh1 mT3xmTXDC+0ktoNy6SEUDFQ76B910vIhHVatbqxX3o+fAA9EDGe2LTYFVeyATd0R fOmk112texF1Wz/lj64f2nOWs1Ce0p+QrCIFbVBbdcD4Uh9lyQ+dKKvdAXFxYb68 IiPn/a5TJhFvriodkPb27yTdv+KJU6CNl7U8Rb5HNE7rbTCRaSs2vD2t+moC2fPn AAyqV3ybICymoeZxBLpYHZ3MwJzdO5UwuOq/H3jjiWJOLn5oAztWfK9EIsG0MM33 5413Du2gt3kOsy65bCNuY1DJy80LKVkTvVTMXDiSDcHIQ1Ogn3q8pgAjenWy -----END CERTIFICATE-----Generated at Sun Jan 25 13:07:24 2026 by rpki-client