This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XCtZ0z0HsIJz1uIEkCHsMfLDTBk.roa File: XCtZ0z0HsIJz1uIEkCHsMfLDTBk.roa (raw, json) Hash identifier: NhmpGmnyfsx3C90wDnFQOeRjgPm5+UVc6Z/WODdzhh0= Subject key identifier: 5C:2B:59:D3:3D:07:B0:82:73:D6:E2:04:90:21:EC:31:F2:C3:4C:19 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5D5BBF1217A60B6DF50EB85CB68266 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XCtZ0z0HsIJz1uIEkCHsMfLDTBk.roa Signing time: Fri 02 Jan 2026 06:20:28 +0000 ROA not before: Fri 02 Jan 2026 06:20:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213164 IP address blocks: 2a10:2f00:18a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:5b:bf:12:17:a6:0b:6d:f5:0e:b8:5c:b6:82:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c2b59d33d07b08273d6e2049021ec31f2c34c19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:a7:64:bf:84:2b:5b:4b:83:26:c8:5f:1e:dc: 3c:59:1a:32:7c:2c:6c:da:ea:3c:13:50:2a:01:7d: 4d:ab:01:8e:95:7d:61:03:f0:27:a5:53:7a:cd:a1: 7a:98:44:45:28:c0:41:cd:b6:49:3b:18:c7:64:19: 5a:df:64:10:c8:67:74:90:77:a9:48:e4:a4:bc:3a: f4:0e:b2:20:12:55:dc:3a:ef:b6:7d:7d:50:5e:4f: 0c:5a:f2:ca:e4:46:b7:88:64:e4:07:40:87:0e:d4: bd:af:b9:51:b1:98:56:68:f7:08:b1:5e:83:2d:3e: ce:41:21:81:50:02:3b:46:8c:66:c7:64:be:c1:78: 85:66:24:76:d1:00:9b:7e:6b:59:fd:66:31:0c:1f: 2c:4c:50:bf:57:d0:1b:c9:91:80:59:92:d3:e9:ac: 1b:2b:de:18:69:e5:32:88:65:30:9b:c9:e7:ba:3a: 83:33:09:5a:ac:4a:5d:f8:0f:90:cc:e6:19:7b:08: 75:52:fe:97:b8:2a:85:b2:b7:2d:d8:86:7d:05:c9: 12:fd:b0:99:ad:be:53:02:77:9f:b7:e8:8e:4e:4d: 4e:a0:f6:3a:7a:ec:81:1d:10:ef:45:4e:d9:bd:3a: 40:34:c8:de:e2:b7:ad:1b:97:8f:b1:9f:d8:1d:6c: 66:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:2B:59:D3:3D:07:B0:82:73:D6:E2:04:90:21:EC:31:F2:C3:4C:19 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XCtZ0z0HsIJz1uIEkCHsMfLDTBk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:2f00:18a::/48 Signature Algorithm: sha256WithRSAEncryption 58:9e:a0:21:c9:fe:b4:fa:af:25:9c:22:b5:76:d9:45:d2:72: 75:45:89:1c:91:ad:2e:d5:7f:d6:c9:ca:48:48:78:47:47:ac: 0a:6a:81:43:6a:b7:ed:b4:e3:c3:a8:ed:0f:28:b5:19:d1:8d: 81:be:0f:06:32:50:2a:80:eb:56:76:30:6b:ea:ee:c1:21:04: ec:90:7e:4f:18:25:73:7a:eb:35:8a:6e:c9:e7:0c:26:b1:8f: 22:2e:ea:7d:d2:2b:12:76:f7:6d:c9:e0:d7:ce:dd:f9:20:48: 5f:e3:a5:14:86:d9:f0:c8:ec:16:66:a1:62:e3:f7:5d:46:5d: 7e:21:11:89:fb:93:a1:b9:0d:8e:f2:8e:50:89:42:0d:85:d0: 75:5a:22:57:8a:e3:c5:cb:31:08:7d:16:94:86:0e:03:72:b2: 57:10:18:df:11:c8:f5:76:ad:0f:8c:34:c4:5f:a9:94:b0:cd: dd:66:06:b7:ed:7f:dc:c5:33:24:05:77:1a:23:9c:15:cf:3f: 57:ef:6a:c6:4e:fd:cf:20:23:6c:a1:48:90:e1:45:8a:6d:11: 5b:b4:fa:7e:13:af:45:e4:70:3e:e8:3c:f8:ec:ed:7c:4d:b9: fc:93:0a:84:c2:81:27:2f:19:2b:4e:66:cb:ae:d2:fd:9b:12: 96:02:2f:db -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9XVu/EhemC231DrhctoJmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzJiNTlkMzNkMDdiMDgyNzNkNmUyMDQ5MDIxZWMzMWYyYzM0YzE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKdkv4QrW0uDJshfHtw8WRoyfCxs 2uo8E1AqAX1NqwGOlX1hA/AnpVN6zaF6mERFKMBBzbZJOxjHZBla32QQyGd0kHep SOSkvDr0DrIgElXcOu+2fX1QXk8MWvLK5Ea3iGTkB0CHDtS9r7lRsZhWaPcIsV6D LT7OQSGBUAI7Roxmx2S+wXiFZiR20QCbfmtZ/WYxDB8sTFC/V9AbyZGAWZLT6awb K94YaeUyiGUwm8nnujqDMwlarEpd+A+QzOYZewh1Uv6XuCqFsrct2IZ9BckS/bCZ rb5TAneft+iOTk1OoPY6euyBHRDvRU7ZvTpANMje4retG5ePsZ/YHWxmmQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFFwrWdM9B7CCc9biBJAh7DHyw0wZMB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvWEN0WjB6MEhzSUp6MXVJRWtDSHNNZkxEVEJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAGK MA0GCSqGSIb3DQEBCwUAA4IBAQBYnqAhyf60+q8lnCK1dtlF0nJ1RYkcka0u1X/W ycpISHhHR6wKaoFDarfttOPDqO0PKLUZ0Y2Bvg8GMlAqgOtWdjBr6u7BIQTskH5P GCVzeus1im7J5wwmsY8iLup90isSdvdtyeDXzt35IEhf46UUhtnwyOwWZqFi4/dd Rl1+IRGJ+5OhuQ2O8o5QiUINhdB1WiJXiuPFyzEIfRaUhg4DcrJXEBjfEcj1dq0P jDTEX6mUsM3dZga37X/cxTMkBXcaI5wVzz9X72rGTv3PICNsoUiQ4UWKbRFbtPp+ E69F5HA+6Dz47O18Tbn8kwqEwoEnLxkrTmbLrtL9mxKWAi/b -----END CERTIFICATE-----Generated at Mon Jan 12 01:58:39 2026 by rpki-client