This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2d5WLiAh1QiMdCsCsD8Ksu2xXTU.roa File: 2d5WLiAh1QiMdCsCsD8Ksu2xXTU.roa (raw, json) Hash identifier: tDSGchrPFZCFWiw5mPuJQlpqng2xl3PBixZWxCWH1Bs= Subject key identifier: D9:DE:56:2E:20:21:D5:08:8C:74:2B:02:B0:3F:0A:B2:ED:B1:5D:35 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5D120A30F8DD948D3FB5E3E11BB9C5 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2d5WLiAh1QiMdCsCsD8Ksu2xXTU.roa Signing time: Fri 02 Jan 2026 06:20:09 +0000 ROA not before: Fri 02 Jan 2026 06:20:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208068 IP address blocks: 2a0e:97c0:520::/44 maxlen: 48 2a0e:97c0:520::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:12:0a:30:f8:dd:94:8d:3f:b5:e3:e1:1b:b9:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9de562e2021d5088c742b02b03f0ab2edb15d35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:4b:40:05:b7:4e:f5:17:f2:14:4d:ed:d2:63: 50:af:ac:fd:a5:e3:cb:b6:f0:23:9d:b2:9f:fd:05: ab:01:e1:0f:fe:09:19:b9:4e:47:57:a9:4b:d8:52: 65:d1:46:2d:81:91:03:d8:43:89:12:a4:5c:c0:35: 0c:10:f0:0e:cd:02:35:fe:8c:d0:68:91:c9:e9:69: 29:8e:61:0e:9b:1b:dd:48:a2:cf:9f:e4:d5:a7:83: ea:ad:6a:50:6b:0f:5d:01:4b:18:fd:b2:8a:1f:e9: f4:f1:b3:0d:58:9a:38:a8:a8:76:de:ae:c5:20:4e: ae:c0:54:cc:31:e7:12:19:40:06:45:da:36:44:60: da:85:be:0f:ca:66:f1:cc:fb:86:de:6d:4a:23:93: 4b:20:bf:b8:b0:73:d8:09:d1:03:cd:6c:3e:d1:ff: 86:bd:43:c5:93:9e:75:0c:d8:fc:f8:fe:67:69:09: 63:84:73:c4:a4:88:2b:0e:55:c4:53:21:35:1c:13: bb:34:94:f6:f8:52:8f:26:c7:ff:85:74:87:35:89: d7:7b:e5:23:41:2b:b2:73:31:8c:c8:40:08:30:7f: f7:7b:3d:84:8f:b5:9d:64:96:5e:ed:de:58:e3:67: ae:b5:37:81:ba:de:c4:31:b5:28:2e:5d:fa:43:dc: 4c:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:DE:56:2E:20:21:D5:08:8C:74:2B:02:B0:3F:0A:B2:ED:B1:5D:35 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2d5WLiAh1QiMdCsCsD8Ksu2xXTU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:97c0:520::/44 Signature Algorithm: sha256WithRSAEncryption 5c:a4:e3:43:f9:f4:5b:c5:b1:66:b9:6b:e8:4e:6f:a2:da:db: d1:82:a7:c4:f1:16:50:c0:c0:22:b2:44:6e:52:9c:53:c9:b8: de:23:b5:eb:e8:cb:3c:26:3b:2e:47:e9:a5:73:f8:e2:80:a7: 9a:a5:ae:d2:85:7e:03:8b:c6:94:11:d8:6c:71:41:82:bb:98: 44:bd:74:99:21:fc:74:3d:d6:de:cf:22:b4:06:72:51:9d:67: f2:51:6f:45:af:ff:bc:c8:53:ee:1e:ad:9c:c0:30:60:2d:46: e5:0a:a5:f5:4a:f4:8f:a7:f6:be:90:c0:33:06:98:c9:42:20: dd:27:58:2b:2e:46:1f:ec:0d:6d:25:73:f4:28:88:0a:16:c8: ae:9f:38:c8:0c:14:8f:36:45:58:ef:24:ce:bc:c5:64:08:40: e7:78:19:1b:dc:a7:88:8a:d9:1f:1f:e4:0e:f8:8f:d7:2e:5f: 0d:68:dd:cf:75:37:60:d2:dc:21:a3:af:1e:78:26:59:35:a2: fd:89:d4:11:fe:86:ff:3e:32:d5:49:ee:3d:e2:76:c3:42:da: fc:92:7c:6c:da:bb:d6:3e:47:7d:7e:2c:52:5a:c8:ad:e0:74: 0c:96:35:0c:75:0d:64:1c:31:08:df:4d:27:f6:9e:fe:e6:96: c8:6d:81:fc -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9XRIKMPjdlI0/tePhG7nFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOWRlNTYyZTIwMjFkNTA4OGM3NDJiMDJiMDNmMGFiMmVkYjE1ZDM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20tABbdO9RfyFE3t0mNQr6z9pePL tvAjnbKf/QWrAeEP/gkZuU5HV6lL2FJl0UYtgZED2EOJEqRcwDUMEPAOzQI1/ozQ aJHJ6WkpjmEOmxvdSKLPn+TVp4PqrWpQaw9dAUsY/bKKH+n08bMNWJo4qKh23q7F IE6uwFTMMecSGUAGRdo2RGDahb4PymbxzPuG3m1KI5NLIL+4sHPYCdEDzWw+0f+G vUPFk551DNj8+P5naQljhHPEpIgrDlXEUyE1HBO7NJT2+FKPJsf/hXSHNYnXe+Uj QSuyczGMyEAIMH/3ez2Ej7WdZJZe7d5Y42eutTeBut7EMbUoLl36Q9xMZwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFNneVi4gIdUIjHQrArA/CrLtsV01MB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvMmQ1V0xpQWgxUWlNZENzQ3NEOEtzdTJ4WFRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAUg MA0GCSqGSIb3DQEBCwUAA4IBAQBcpOND+fRbxbFmuWvoTm+i2tvRgqfE8RZQwMAi skRuUpxTybjeI7Xr6Ms8JjsuR+mlc/jigKeapa7ShX4Di8aUEdhscUGCu5hEvXSZ Ifx0PdbezyK0BnJRnWfyUW9Fr/+8yFPuHq2cwDBgLUblCqX1SvSPp/a+kMAzBpjJ QiDdJ1grLkYf7A1tJXP0KIgKFsiunzjIDBSPNkVY7yTOvMVkCEDneBkb3KeIitkf H+QO+I/XLl8NaN3PdTdg0twho68eeCZZNaL9idQR/ob/PjLVSe494nbDQtr8knxs 2rvWPkd9fixSWsit4HQMljUMdQ1kHDEI300n9p7+5pbIbYH8 -----END CERTIFICATE-----Generated at Sun Jan 11 23:53:50 2026 by rpki-client