This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/1-BTuYEiDE2mEIP2dyXdE1PSMv3c.roa File: 1-BTuYEiDE2mEIP2dyXdE1PSMv3c.roa (raw, json) Hash identifier: tBxS565NzZV2f/vbdXm3F39V84JJovJ6zXMOf+itJ6Q= Subject key identifier: F8:14:EE:60:48:83:13:69:84:20:FD:9D:C9:77:44:D4:F4:8C:BF:77 Certificate issuer: /CN=d843f1aa0498d84f795323c1ff6bae3af40206d1 Certificate serial: 019B7834B208BB84E80A8BD9EA3D5EC836C0 Authority key identifier: D8:43:F1:AA:04:98:D8:4F:79:53:23:C1:FF:6B:AE:3A:F4:02:06:D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/1-BTuYEiDE2mEIP2dyXdE1PSMv3c.roa Signing time: Thu 01 Jan 2026 06:17:57 +0000 ROA not before: Thu 01 Jan 2026 06:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208584 IP address blocks: 2001:678:ab4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.crl rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 06:19:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:b2:08:bb:84:e8:0a:8b:d9:ea:3d:5e:c8:36:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d843f1aa0498d84f795323c1ff6bae3af40206d1 Validity Not Before: Jan 1 06:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f814ee60488313698420fd9dc97744d4f48cbf77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:a3:06:d1:4e:ef:1f:45:4e:94:c3:5d:05:1f: 57:a6:5b:7b:c0:ed:b4:34:f9:52:f6:3d:39:76:21: fd:29:5e:d6:34:91:3a:20:aa:03:de:b7:6d:b3:14: 83:89:43:80:d6:f3:bb:ba:69:ca:79:06:cf:46:48: 38:c8:04:a0:04:66:16:11:be:54:c9:c2:3f:47:8a: 0f:ee:2a:14:c7:67:c2:3b:e8:3d:2d:47:38:49:df: a5:45:1e:ac:8e:4c:6f:d8:f5:37:21:71:db:9d:28: 2e:68:b8:d6:78:fb:df:ac:f1:6c:16:83:5d:7f:0d: 2d:08:d1:c4:39:3b:d3:70:35:16:ba:f9:e5:3b:e7: 85:18:99:94:70:cb:57:57:d8:2f:66:64:b6:3d:ce: 5d:1a:37:0d:55:73:77:f9:c6:26:1b:d7:b3:f6:f7: c8:10:6a:e1:56:e9:1d:6a:f5:de:e7:d3:6e:cf:4e: ce:64:af:3f:74:54:c2:24:2b:08:70:7d:a0:8c:37: 4a:7e:dc:cc:bf:1a:27:28:b6:99:01:62:ed:a3:ef: f1:7d:07:57:a8:84:09:95:5c:2c:4c:b1:44:1a:4b: 79:a8:c0:2a:62:81:c0:de:b8:a5:cb:42:fe:05:e3: ba:03:6f:53:54:86:69:8f:0d:1b:5e:a8:ef:e8:d8: 4c:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:14:EE:60:48:83:13:69:84:20:FD:9D:C9:77:44:D4:F4:8C:BF:77 X509v3 Authority Key Identifier: keyid:D8:43:F1:AA:04:98:D8:4F:79:53:23:C1:FF:6B:AE:3A:F4:02:06:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/1-BTuYEiDE2mEIP2dyXdE1PSMv3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:ab4::/48 Signature Algorithm: sha256WithRSAEncryption 29:d9:2a:af:8f:52:db:36:7d:8f:ad:44:66:b6:57:c7:36:87: b0:a7:89:c3:9c:7b:91:85:fa:82:08:2d:d7:d2:82:41:79:0d: 69:3b:64:4c:af:cd:87:2e:df:c8:a4:54:90:62:7d:b5:53:f2: 4e:73:45:9b:94:4d:3d:e2:e0:e4:7e:ec:6e:fb:23:bf:ca:a2: 86:5a:2f:93:05:68:d9:c0:bf:6e:66:98:97:4e:e0:fc:f2:1a: 21:c7:da:bc:3d:90:c6:62:f8:62:94:f0:09:aa:cd:65:c1:e4: 25:25:2b:78:5d:4d:72:f6:92:a8:d4:74:ed:62:c4:60:de:e3: 1d:71:11:66:27:5b:92:c5:d5:12:7d:04:57:e2:01:86:97:2c: e0:1c:cd:42:50:e4:9a:d0:4c:64:a2:5f:c3:12:0d:40:f8:f5: 72:73:7f:19:09:bf:fc:80:3f:43:21:44:8e:f4:e3:8c:68:88: a0:90:e7:d2:19:66:90:94:71:dc:81:3e:fe:37:e4:0a:f5:06: 03:10:53:a2:67:18:77:ff:b1:d5:2f:23:5f:77:64:fc:ff:35: 0d:76:77:a8:65:72:85:4a:1b:34:24:54:fe:5a:d5:e4:26:03: 42:57:5f:70:d9:0b:24:d4:5a:d9:12:1a:21:96:a5:77:84:92: 86:89:7b:88 -----BEGIN CERTIFICATE----- MIIFATCCA+mgAwIBAgISAZt4NLIIu4ToCovZ6j1eyDbAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NDNmMWFhMDQ5OGQ4NGY3OTUzMjNjMWZmNmJhZTNhZjQw MjA2ZDEwHhcNMjYwMTAxMDYxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmODE0ZWU2MDQ4ODMxMzY5ODQyMGZkOWRjOTc3NDRkNGY0OGNiZjc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qMG0U7vH0VOlMNdBR9Xplt7wO20 NPlS9j05diH9KV7WNJE6IKoD3rdtsxSDiUOA1vO7umnKeQbPRkg4yASgBGYWEb5U ycI/R4oP7ioUx2fCO+g9LUc4Sd+lRR6sjkxv2PU3IXHbnSguaLjWePvfrPFsFoNd fw0tCNHEOTvTcDUWuvnlO+eFGJmUcMtXV9gvZmS2Pc5dGjcNVXN3+cYmG9ez9vfI EGrhVukdavXe59Nuz07OZK8/dFTCJCsIcH2gjDdKftzMvxonKLaZAWLto+/xfQdX qIQJlVwsTLFEGkt5qMAqYoHA3rily0L+BeO6A29TVIZpjw0bXqjv6NhM7QIDAQAB o4ICDTCCAgkwHQYDVR0OBBYEFPgU7mBIgxNphCD9ncl3RNT0jL93MB8GA1UdIwQY MBaAFNhD8aoEmNhPeVMjwf9rrjr0AgbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kYTRkZDktNTk0ZC00NTZjLTlmNzEt NzZhMTk0NTU0YjA1LzEvMS1CVHVZRWlERTJtRUlQMmR5WGRFMVBTTXYzYy5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMTQvZGE0ZGQ5LTU5NGQtNDU2Yy05ZjcxLTc2YTE5NDU1NGIw NS8xLzJFUHhxZ1NZMkU5NVV5UEJfMnV1T3ZRQ0J0RS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngK tDANBgkqhkiG9w0BAQsFAAOCAQEAKdkqr49S2zZ9j61EZrZXxzaHsKeJw5x7kYX6 gggt19KCQXkNaTtkTK/Nhy7fyKRUkGJ9tVPyTnNFm5RNPeLg5H7sbvsjv8qihlov kwVo2cC/bmaYl07g/PIaIcfavD2QxmL4YpTwCarNZcHkJSUreF1NcvaSqNR07WLE YN7jHXERZidbksXVEn0EV+IBhpcs4BzNQlDkmtBMZKJfwxINQPj1cnN/GQm//IA/ QyFEjvTjjGiIoJDn0hlmkJRx3IE+/jfkCvUGAxBTomcYd/+x1S8jX3dk/P81DXZ3 qGVyhUobNCRU/lrV5CYDQldfcNkLJNRa2RIaIZald4SShol7iA== -----END CERTIFICATE-----Generated at Thu Jan 1 14:06:43 2026 by rpki-client