This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2ELFfzzLgymBiSWkHFI-dugtiFc.roa File: 2ELFfzzLgymBiSWkHFI-dugtiFc.roa (raw, json) Hash identifier: sK6GOs8n8eI51e9fOjiUv0XaQsg63buSbRWuTAQ/EJY= Subject key identifier: D8:42:C5:7F:3C:CB:83:29:81:89:25:A4:1C:52:3E:76:E8:2D:88:57 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5D68CDBC05DE90FDF083B1B88CB491 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2ELFfzzLgymBiSWkHFI-dugtiFc.roa Signing time: Fri 02 Jan 2026 06:20:32 +0000 ROA not before: Fri 02 Jan 2026 06:20:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214147 IP address blocks: 2a0e:97c0:1a0::/44 maxlen: 48 2a0e:97c0:1a2::/48 maxlen: 48 2a0e:97c0:1a3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:68:cd:bc:05:de:90:fd:f0:83:b1:b8:8c:b4:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d842c57f3ccb8329818925a41c523e76e82d8857 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:2f:11:15:b4:e0:84:0c:53:f2:06:bd:56:f2: be:28:02:63:6b:de:98:e6:99:53:1c:c2:04:a1:55: 15:ae:c4:9e:98:1d:56:45:89:b2:b3:7e:28:d4:11: 6c:0d:15:54:fe:11:f4:61:ed:4c:40:92:10:b7:92: 78:47:61:43:0f:22:73:71:15:06:59:ba:49:78:26: 57:fe:42:6d:5a:1a:31:2d:6a:03:f8:f0:28:76:3d: 87:60:f3:4c:97:12:2a:39:f2:3f:cd:08:90:37:f1: b1:a9:d5:de:23:ab:3a:b9:6c:1c:83:a5:50:40:1c: b7:70:96:40:69:3e:00:94:ef:f8:26:2c:25:05:b8: f7:9d:06:36:cc:50:56:a7:d3:62:f3:8a:c1:23:d5: dd:09:bb:c0:93:85:f8:49:37:20:8e:e2:d5:41:30: b6:a2:cb:d6:53:80:29:f9:60:c2:f9:d7:f9:8d:00: 1e:3d:21:8f:73:30:f1:17:fc:c2:f0:c7:41:4b:e1: 24:ae:45:a5:35:06:54:ed:28:a0:0b:0c:db:02:4d: 4d:7f:66:81:bd:cc:9c:71:53:00:4c:5d:ea:19:0b: 6a:7c:ce:31:a7:e9:35:c7:17:43:11:14:7d:72:89: 57:2f:91:37:25:14:8a:91:84:c7:f2:33:eb:b2:d5: f9:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:42:C5:7F:3C:CB:83:29:81:89:25:A4:1C:52:3E:76:E8:2D:88:57 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2ELFfzzLgymBiSWkHFI-dugtiFc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:97c0:1a0::/44 Signature Algorithm: sha256WithRSAEncryption 6f:5f:52:8b:b7:78:38:a1:ee:ad:41:59:04:fe:40:2e:03:49: bf:1d:02:6c:1f:a4:14:5f:24:1e:f2:a1:33:70:c6:0e:6d:c8: e3:e3:98:40:f5:15:1d:9e:ab:fe:4f:4b:8c:c8:6d:e6:d6:ed: 06:c8:71:b1:5a:da:a6:64:0e:1d:e1:d8:d3:61:e1:a5:49:80: b4:40:05:bd:19:58:e6:be:f6:af:05:0a:40:81:c4:cb:c8:e9: 3f:2f:0c:f7:1c:6c:e5:c5:d4:03:c9:9b:a1:f8:8b:34:5b:fe: ce:a5:01:14:de:b3:e5:06:0b:29:dd:63:02:4c:b0:5a:2b:b5: e0:c7:cd:01:e2:01:5a:78:4e:f0:0e:ae:b4:12:fd:70:93:34: 48:05:09:9a:f3:12:68:75:4e:f6:67:cb:1b:cb:e6:d2:e6:69: 80:5e:70:98:63:8f:ce:5c:34:1d:55:43:22:6e:4a:cf:83:31: ba:00:bb:e4:c6:e7:06:88:cd:6e:98:4b:a2:7e:c3:82:c2:b4: 87:fd:74:f9:c9:61:e3:6e:4d:34:c6:32:69:76:65:d0:34:06: ae:49:48:a3:7a:5b:b9:b9:f7:47:2b:0b:71:5e:1f:9b:be:b9: 39:6e:da:79:37:47:c5:0a:85:87:5e:98:91:29:3b:59:fa:2d: 5a:55:84:59 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9XWjNvAXekP3wg7G4jLSRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkODQyYzU3ZjNjY2I4MzI5ODE4OTI1YTQxYzUyM2U3NmU4MmQ4ODU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwS8RFbTghAxT8ga9VvK+KAJja96Y 5plTHMIEoVUVrsSemB1WRYmys34o1BFsDRVU/hH0Ye1MQJIQt5J4R2FDDyJzcRUG WbpJeCZX/kJtWhoxLWoD+PAodj2HYPNMlxIqOfI/zQiQN/GxqdXeI6s6uWwcg6VQ QBy3cJZAaT4AlO/4JiwlBbj3nQY2zFBWp9Ni84rBI9XdCbvAk4X4STcgjuLVQTC2 osvWU4Ap+WDC+df5jQAePSGPczDxF/zC8MdBS+EkrkWlNQZU7SigCwzbAk1Nf2aB vcyccVMATF3qGQtqfM4xp+k1xxdDERR9colXL5E3JRSKkYTH8jPrstX5CwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFNhCxX88y4MpgYklpBxSPnboLYhXMB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvMkVMRmZ6ekxneW1CaVNXa0hGSS1kdWd0aUZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAGg MA0GCSqGSIb3DQEBCwUAA4IBAQBvX1KLt3g4oe6tQVkE/kAuA0m/HQJsH6QUXyQe 8qEzcMYObcjj45hA9RUdnqv+T0uMyG3m1u0GyHGxWtqmZA4d4djTYeGlSYC0QAW9 GVjmvvavBQpAgcTLyOk/Lwz3HGzlxdQDyZuh+Is0W/7OpQEU3rPlBgsp3WMCTLBa K7Xgx80B4gFaeE7wDq60Ev1wkzRIBQma8xJodU72Z8sby+bS5mmAXnCYY4/OXDQd VUMibkrPgzG6ALvkxucGiM1umEuifsOCwrSH/XT5yWHjbk00xjJpdmXQNAauSUij elu5ufdHKwtxXh+bvrk5btp5N0fFCoWHXpiRKTtZ+i1aVYRZ -----END CERTIFICATE-----Generated at Sun Jan 11 23:53:49 2026 by rpki-client