This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/0a60ce-bb37-4337-bf50-5eca36e19f5d/1/y0urSuZI8k80qDTQJ3kG5eohDE0.roa File: y0urSuZI8k80qDTQJ3kG5eohDE0.roa (raw, json) Hash identifier: Y9liF5XubPckrTgkSr37iUFqjTSMFsZSlRvzu6Hk6eI= Subject key identifier: CB:4B:AB:4A:E6:48:F2:4F:34:A8:34:D0:27:79:06:E5:EA:21:0C:4D Certificate issuer: /CN=b02a9af2fc5fe93c43148aacb13c51be904c8e4c Certificate serial: 019B7F13937BCE492B49F2A4CAEB4BA3B99A Authority key identifier: B0:2A:9A:F2:FC:5F:E9:3C:43:14:8A:AC:B1:3C:51:BE:90:4C:8E:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqa8vxf6TxDFIqssTxRvpBMjkw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/0a60ce-bb37-4337-bf50-5eca36e19f5d/1/y0urSuZI8k80qDTQJ3kG5eohDE0.roa Signing time: Fri 02 Jan 2026 14:19:07 +0000 ROA not before: Fri 02 Jan 2026 14:19:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51395 IP address blocks: 2001:67c:500::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/0a60ce-bb37-4337-bf50-5eca36e19f5d/1/sCqa8vxf6TxDFIqssTxRvpBMjkw.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/0a60ce-bb37-4337-bf50-5eca36e19f5d/1/sCqa8vxf6TxDFIqssTxRvpBMjkw.mft rsync://rpki.ripe.net/repository/DEFAULT/sCqa8vxf6TxDFIqssTxRvpBMjkw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:93:7b:ce:49:2b:49:f2:a4:ca:eb:4b:a3:b9:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b02a9af2fc5fe93c43148aacb13c51be904c8e4c Validity Not Before: Jan 2 14:19:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb4bab4ae648f24f34a834d0277906e5ea210c4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a9:c4:ee:f1:2f:c8:98:df:af:9c:24:82:1e: 1c:0c:cd:75:4d:6a:ec:e8:99:ba:1c:93:b2:5a:26: 7e:36:3c:74:fd:9f:02:e9:e3:12:7e:ca:42:c9:8f: f5:eb:b5:25:96:6d:45:11:fd:d6:86:41:3d:7f:9a: 6f:dc:f7:5d:b9:ce:f4:9b:ac:e2:39:d0:d7:57:e1: 1b:ad:a1:9e:b3:a5:0b:79:51:f8:2f:2b:f0:26:5b: 9a:8c:8c:19:12:dd:8d:23:6a:35:c2:5e:cb:3b:91: 5e:8a:4a:42:39:c7:14:0b:86:ef:5a:62:e5:a6:b8: 13:48:d0:51:63:c7:a8:2c:7c:1c:b4:c4:6e:04:be: 73:b8:2e:6f:0f:00:bc:6c:e4:fb:8c:b7:b5:53:6e: 2c:7b:ed:0f:49:f0:4b:14:3b:a3:75:6e:a3:4b:9c: 92:2f:0d:ce:90:83:3f:17:ed:fb:42:e7:33:35:1a: f0:cb:c9:e5:ca:4d:8b:07:4d:39:ee:52:81:fb:42: e8:06:1d:a3:15:3c:0c:7d:fc:10:53:d0:53:b5:29: dc:a6:a3:a8:e9:9d:06:22:bb:4f:ea:d9:b0:ff:da: 60:49:2c:67:af:32:c7:3d:93:b0:b8:03:36:e4:96: ef:6b:00:30:eb:ed:cd:b5:36:a3:a7:6b:fc:8f:11: 8d:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:4B:AB:4A:E6:48:F2:4F:34:A8:34:D0:27:79:06:E5:EA:21:0C:4D X509v3 Authority Key Identifier: keyid:B0:2A:9A:F2:FC:5F:E9:3C:43:14:8A:AC:B1:3C:51:BE:90:4C:8E:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqa8vxf6TxDFIqssTxRvpBMjkw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/0a60ce-bb37-4337-bf50-5eca36e19f5d/1/y0urSuZI8k80qDTQJ3kG5eohDE0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/0a60ce-bb37-4337-bf50-5eca36e19f5d/1/sCqa8vxf6TxDFIqssTxRvpBMjkw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:500::/48 Signature Algorithm: sha256WithRSAEncryption 91:ac:22:1b:8c:35:af:9f:1f:59:8a:7f:df:6f:49:39:43:d9: de:11:a1:c5:6a:ac:73:b9:1f:8e:06:57:d0:da:a7:cb:0d:86: 80:ea:df:8b:af:3e:ae:3f:5d:67:3d:e6:28:2c:4b:8f:49:bb: 5a:e9:31:59:3c:3d:aa:ef:04:e5:38:04:ad:34:b0:d2:bc:1f: 0f:a2:4d:29:d6:4d:4e:12:e8:f7:d4:4a:45:f7:c3:98:7e:64: 83:0b:d5:83:e7:7c:b4:dd:9e:f3:03:7f:59:47:a5:af:71:08: e8:72:bd:db:84:ec:9c:43:0f:eb:03:57:2f:78:e9:a8:9a:7e: bb:8b:46:f0:3a:b4:f0:59:a7:5b:6c:71:70:11:47:a1:e0:f9: e8:3d:9a:0f:ba:88:ba:0c:f2:db:6a:31:87:60:2f:77:42:4b: 62:8b:6f:b2:64:64:64:bd:b2:a0:e8:48:2e:c3:dc:9a:a4:47: c9:00:ae:48:0a:b7:a3:4a:7b:8e:e0:be:6c:61:00:6c:54:60: 50:c2:6a:82:a2:c8:3d:61:4c:19:3e:77:f4:85:32:e2:d0:72: b8:e5:c5:59:d6:3f:31:74:7e:26:50:ff:a5:3f:6b:1d:ef:f5: 79:3c:cc:46:e0:38:23:44:71:ce:75:65:41:b8:d1:75:5f:f3: 9f:b5:95:40 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/E5N7zkkrSfKkyutLo7maMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwMmE5YWYyZmM1ZmU5M2M0MzE0OGFhY2IxM2M1MWJlOTA0 YzhlNGMwHhcNMjYwMTAyMTQxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjRiYWI0YWU2NDhmMjRmMzRhODM0ZDAyNzc5MDZlNWVhMjEwYzRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6nE7vEvyJjfr5wkgh4cDM11TWrs 6Jm6HJOyWiZ+Njx0/Z8C6eMSfspCyY/167Ullm1FEf3WhkE9f5pv3Pdduc70m6zi OdDXV+EbraGes6ULeVH4LyvwJluajIwZEt2NI2o1wl7LO5FeikpCOccUC4bvWmLl prgTSNBRY8eoLHwctMRuBL5zuC5vDwC8bOT7jLe1U24se+0PSfBLFDujdW6jS5yS Lw3OkIM/F+37QuczNRrwy8nlyk2LB0057lKB+0LoBh2jFTwMffwQU9BTtSncpqOo 6Z0GIrtP6tmw/9pgSSxnrzLHPZOwuAM25JbvawAw6+3NtTajp2v8jxGNYQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFMtLq0rmSPJPNKg00Cd5BuXqIQxNMB8GA1UdIwQY MBaAFLAqmvL8X+k8QxSKrLE8Ub6QTI5MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0NxYTh2eGY2VHhERklxc3NUeFJ2cEJNamt3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8wYTYwY2UtYmIzNy00MzM3LWJmNTAt NWVjYTM2ZTE5ZjVkLzEveTB1clN1Wkk4azgwcURUUUoza0c1ZW9oREUwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi8wYTYwY2UtYmIzNy00MzM3LWJmNTAtNWVjYTM2ZTE5ZjVk LzEvc0NxYTh2eGY2VHhERklxc3NUeFJ2cEJNamt3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAUA MA0GCSqGSIb3DQEBCwUAA4IBAQCRrCIbjDWvnx9Zin/fb0k5Q9neEaHFaqxzuR+O BlfQ2qfLDYaA6t+Lrz6uP11nPeYoLEuPSbta6TFZPD2q7wTlOAStNLDSvB8Pok0p 1k1OEuj31EpF98OYfmSDC9WD53y03Z7zA39ZR6WvcQjocr3bhOycQw/rA1cveOmo mn67i0bwOrTwWadbbHFwEUeh4PnoPZoPuoi6DPLbajGHYC93Qktii2+yZGRkvbKg 6Eguw9yapEfJAK5ICrejSnuO4L5sYQBsVGBQwmqCosg9YUwZPnf0hTLi0HK45cVZ 1j8xdH4mUP+lP2sd7/V5PMxG4DgjRHHOdWVBuNF1X/OftZVA -----END CERTIFICATE-----Generated at Sun Jan 25 18:06:54 2026 by rpki-client