This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/THy3rfZix-30Hd2KFBRNjiDOmzM.roa File: THy3rfZix-30Hd2KFBRNjiDOmzM.roa (raw, json) Hash identifier: pjMOlZf+cAAMXIMgTXAyfqROPMGHl+ItRpsFcvdT6uA= Subject key identifier: 4C:7C:B7:AD:F6:62:C7:ED:F4:1D:DD:8A:14:14:4D:8E:20:CE:9B:33 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5CEA1A7F1456B7DFB9520EA7C3858D Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/THy3rfZix-30Hd2KFBRNjiDOmzM.roa Signing time: Fri 02 Jan 2026 06:19:59 +0000 ROA not before: Fri 02 Jan 2026 06:19:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202000 IP address blocks: 2a0e:b107:1c20::/44 maxlen: 48 2a0e:b107:1ca0::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:ea:1a:7f:14:56:b7:df:b9:52:0e:a7:c3:85:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:19:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4c7cb7adf662c7edf41ddd8a14144d8e20ce9b33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:86:ea:99:ab:75:ef:56:1b:83:c0:d9:d8:62: f8:eb:a3:9e:d3:1a:1c:ab:ae:08:85:f4:b3:55:ec: 64:68:02:30:72:b8:63:45:47:4e:49:cc:86:78:41: 9d:e9:d9:17:11:23:af:b0:d7:72:3a:99:aa:47:b6: 70:1a:55:7c:7c:a2:83:4e:32:d7:6c:ad:2e:95:ef: 27:48:74:31:68:aa:b7:50:5a:42:a9:65:19:e2:e8: d1:27:a9:25:c5:13:66:a9:82:3c:ff:01:b1:0a:5e: dd:eb:6c:fa:c1:2b:b3:97:e8:50:a6:2d:74:a2:f0: 1f:84:e7:48:80:d1:0a:65:12:ab:f4:00:b2:09:e2: a9:10:85:32:ad:05:c1:4a:59:4a:08:d4:ef:91:8e: 6b:1c:e4:ee:ff:5a:9c:87:7e:b1:01:bd:b3:24:ee: 30:ea:e6:01:41:22:42:aa:93:c0:48:a0:bb:54:bd: c4:bd:8b:ad:4d:ba:aa:c0:51:87:2b:fe:4d:ac:4c: ba:37:e0:a3:0a:4b:4b:cb:6c:db:29:be:e3:b2:63: 4b:17:8d:2a:4f:01:fa:89:cd:d1:fb:2b:34:6c:cb: c9:73:dd:08:52:0f:1c:aa:87:8e:bd:2a:e5:a0:2f: 4a:25:63:37:03:9c:4e:51:64:14:0b:15:8d:dd:7e: ca:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:7C:B7:AD:F6:62:C7:ED:F4:1D:DD:8A:14:14:4D:8E:20:CE:9B:33 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/THy3rfZix-30Hd2KFBRNjiDOmzM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:b107:1c20::/44 2a0e:b107:1ca0::/44 Signature Algorithm: sha256WithRSAEncryption ba:0d:ca:86:bd:3a:c0:89:5c:d9:5c:00:f0:ae:57:22:8e:21: c3:52:69:e5:21:dc:01:22:ba:ad:46:22:11:e0:a7:46:1f:52: 07:13:9b:43:ca:76:34:28:df:cf:f7:82:06:70:7f:1d:fb:c7: 10:3b:a1:bb:52:1a:fc:dd:09:da:91:b7:8f:15:7e:b8:ef:74: 93:65:c6:cc:19:d7:24:d5:92:74:c7:d0:03:a2:97:d7:ae:d7: 2a:60:6f:77:90:3d:72:d4:77:63:12:96:1c:e8:a3:64:87:db: 3b:a6:49:62:6e:49:3d:31:34:95:df:df:32:51:0b:ec:69:44: 05:8b:c5:85:82:03:64:18:bb:ff:ba:fe:12:aa:5c:6d:06:0b: b8:77:9e:0b:21:0e:a9:97:09:9c:1f:f9:3c:cb:98:fc:04:c2: a0:45:64:97:0c:43:35:80:20:da:4d:c6:55:d5:9f:45:85:56: c5:29:b3:b0:2f:ce:2e:99:f9:af:08:46:67:1d:4d:8a:a4:db: c3:52:bc:c8:59:5f:81:73:84:27:77:46:5c:c8:d6:ae:01:a0: 6c:fe:62:26:52:dd:0e:31:1a:1f:f5:5e:66:e9:f0:ce:b0:ad: 41:f3:f7:c2:7c:fc:fc:da:0a:c8:b3:5d:f2:5f:6e:64:0f:5f: f6:d2:c6:04 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9XOoafxRWt9+5Ug6nw4WNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYxOTU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YzdjYjdhZGY2NjJjN2VkZjQxZGRkOGExNDE0NGQ4ZTIwY2U5YjMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyobqmat171Ybg8DZ2GL466Oe0xoc q64IhfSzVexkaAIwcrhjRUdOScyGeEGd6dkXESOvsNdyOpmqR7ZwGlV8fKKDTjLX bK0ule8nSHQxaKq3UFpCqWUZ4ujRJ6klxRNmqYI8/wGxCl7d62z6wSuzl+hQpi10 ovAfhOdIgNEKZRKr9ACyCeKpEIUyrQXBSllKCNTvkY5rHOTu/1qch36xAb2zJO4w 6uYBQSJCqpPASKC7VL3EvYutTbqqwFGHK/5NrEy6N+CjCktLy2zbKb7jsmNLF40q TwH6ic3R+ys0bMvJc90IUg8cqoeOvSrloC9KJWM3A5xOUWQUCxWN3X7KCQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFEx8t632Ysft9B3dihQUTY4gzpszMB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvVEh5M3JmWml4LTMwSGQyS0ZCUk5qaURPbXpNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBxwg AwcEKg6xBxygMA0GCSqGSIb3DQEBCwUAA4IBAQC6DcqGvTrAiVzZXADwrlcijiHD UmnlIdwBIrqtRiIR4KdGH1IHE5tDynY0KN/P94IGcH8d+8cQO6G7Uhr83QnakbeP FX6473STZcbMGdck1ZJ0x9ADopfXrtcqYG93kD1y1HdjEpYc6KNkh9s7pklibkk9 MTSV398yUQvsaUQFi8WFggNkGLv/uv4SqlxtBgu4d54LIQ6plwmcH/k8y5j8BMKg RWSXDEM1gCDaTcZV1Z9FhVbFKbOwL84umfmvCEZnHU2KpNvDUrzIWV+Bc4Qnd0Zc yNauAaBs/mImUt0OMRof9V5m6fDOsK1B8/fCfPz82grIs13yX25kD1/20sYE -----END CERTIFICATE-----Generated at Sun Jan 11 23:53:49 2026 by rpki-client