This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NYChO2vtEH8vKLo-aMSW9-kWsLQ.roa File: NYChO2vtEH8vKLo-aMSW9-kWsLQ.roa (raw, json) Hash identifier: Z9YcSyY9O5Yl8OtY/5bjeUN5fiP+ri8BWelsmWGkX4s= Subject key identifier: 35:80:A1:3B:6B:ED:10:7F:2F:28:BA:3E:68:C4:96:F7:E9:16:B0:B4 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5D1744923E14967CF9C16EF5021F25 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NYChO2vtEH8vKLo-aMSW9-kWsLQ.roa Signing time: Fri 02 Jan 2026 06:20:11 +0000 ROA not before: Fri 02 Jan 2026 06:20:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208755 IP address blocks: 2a0e:b107:3a7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:17:44:92:3e:14:96:7c:f9:c1:6e:f5:02:1f:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3580a13b6bed107f2f28ba3e68c496f7e916b0b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:b4:8b:f1:ee:35:ca:c9:cd:2e:2b:8d:0a:ca: 23:47:68:06:16:a5:2e:92:4b:cd:c0:bc:37:92:f0: 78:5c:24:b0:f0:48:47:7f:fc:74:ad:db:b5:10:98: 68:6d:b8:fc:9d:90:55:65:b6:48:da:74:dd:32:99: f6:63:d5:f2:17:2d:4c:5e:eb:6b:33:01:4a:a3:4e: 57:87:d5:f1:ce:63:a5:0b:6f:33:63:ed:49:c4:5a: 55:8c:b3:9d:f7:27:59:a7:9b:72:a8:ec:80:a3:45: 96:ee:49:35:0f:2f:f8:15:e6:51:c6:be:92:6a:32: b2:ef:98:fe:40:dd:42:e4:f0:10:c3:7c:86:43:f9: 3d:39:ed:a4:8b:78:69:79:0c:d0:b8:0d:bc:c6:71: b9:dd:54:c6:ca:6c:b5:56:ea:fd:56:49:0b:0a:3c: 35:19:8e:7c:63:8f:c1:97:5b:7b:c7:02:c1:ff:2f: 44:ba:52:aa:b3:52:a8:dd:6b:13:b8:bd:a7:0c:04: 4d:6b:f6:02:06:2d:72:a9:7f:c3:3f:b7:f9:0b:dc: a0:db:76:0b:29:54:44:05:00:95:77:e7:7e:02:a3: 4a:ac:96:ee:25:62:7e:3c:47:d1:ac:d9:61:8b:15: 75:5e:69:15:ca:a2:a1:62:5f:22:ea:1f:7d:8c:33: a2:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:80:A1:3B:6B:ED:10:7F:2F:28:BA:3E:68:C4:96:F7:E9:16:B0:B4 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NYChO2vtEH8vKLo-aMSW9-kWsLQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:b107:3a7::/48 Signature Algorithm: sha256WithRSAEncryption b0:50:bd:a2:84:c2:3e:36:fb:3b:ee:d2:74:86:78:d3:5c:e8: 50:b0:be:02:b2:98:c8:f7:78:16:a6:d1:89:0f:58:4f:37:de: c7:31:3b:c1:63:ec:4f:50:f1:f7:25:c3:11:76:04:47:ad:66: 5a:a2:06:14:17:08:34:f5:0c:19:15:81:87:1e:70:8f:21:d3: 69:f2:03:ea:b3:7e:0f:56:61:77:f6:24:e0:3b:c6:6d:2d:1e: 7a:3f:8d:ab:87:b5:31:55:db:c2:0e:fe:25:4e:6d:fe:37:02: 67:8d:d2:bc:a2:b9:8c:67:5d:90:b0:d9:b7:23:73:92:20:b2: 86:6a:33:f2:c7:f1:25:26:fb:b6:36:58:a9:b4:bf:da:86:ac: eb:cb:73:62:c5:2d:80:12:b5:f2:66:ea:b0:af:c5:2e:52:b5: ac:34:76:cb:27:37:da:e3:68:fb:71:a4:ca:af:8f:ec:b7:0b: 6f:89:17:ad:f2:6f:09:38:98:84:b3:f4:6a:79:14:fe:a6:27: 26:92:2d:1f:70:d1:7a:e3:ce:b1:4d:fb:41:59:01:ff:68:05: af:b9:0b:26:27:ee:f4:cf:09:87:0f:cd:15:23:c4:e2:9a:52: e8:4a:4b:de:52:55:68:e1:37:47:12:7a:35:81:58:95:46:ee: bd:49:c4:b4 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9XRdEkj4Ulnz5wW71Ah8lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTgwYTEzYjZiZWQxMDdmMmYyOGJhM2U2OGM0OTZmN2U5MTZiMGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLSL8e41ysnNLiuNCsojR2gGFqUu kkvNwLw3kvB4XCSw8EhHf/x0rdu1EJhobbj8nZBVZbZI2nTdMpn2Y9XyFy1MXutr MwFKo05Xh9XxzmOlC28zY+1JxFpVjLOd9ydZp5tyqOyAo0WW7kk1Dy/4FeZRxr6S ajKy75j+QN1C5PAQw3yGQ/k9Oe2ki3hpeQzQuA28xnG53VTGymy1Vur9VkkLCjw1 GY58Y4/Bl1t7xwLB/y9EulKqs1Ko3WsTuL2nDARNa/YCBi1yqX/DP7f5C9yg23YL KVREBQCVd+d+AqNKrJbuJWJ+PEfRrNlhixV1XmkVyqKhYl8i6h99jDOiSQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDWAoTtr7RB/Lyi6PmjElvfpFrC0MB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvTllDaE8ydnRFSDh2S0xvLWFNU1c5LWtXc0xRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwOn MA0GCSqGSIb3DQEBCwUAA4IBAQCwUL2ihMI+Nvs77tJ0hnjTXOhQsL4CspjI93gW ptGJD1hPN97HMTvBY+xPUPH3JcMRdgRHrWZaogYUFwg09QwZFYGHHnCPIdNp8gPq s34PVmF39iTgO8ZtLR56P42rh7UxVdvCDv4lTm3+NwJnjdK8ormMZ12QsNm3I3OS ILKGajPyx/ElJvu2NliptL/ahqzry3NixS2AErXyZuqwr8UuUrWsNHbLJzfa42j7 caTKr4/stwtviRet8m8JOJiEs/RqeRT+picmki0fcNF6486xTftBWQH/aAWvuQsm J+70zwmHD80VI8TimlLoSkveUlVo4TdHEno1gViVRu69ScS0 -----END CERTIFICATE-----Generated at Sun Jan 11 23:53:59 2026 by rpki-client