This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mX5w9ZYONuYG5zasHE7dbaA2GTg.roa File: mX5w9ZYONuYG5zasHE7dbaA2GTg.roa (raw, json) Hash identifier: XOhK9RBRMMfk7S/f62m5CSJnvqEZJjteZw5UsXG8j3U= Subject key identifier: 99:7E:70:F5:96:0E:36:E6:06:E7:36:AC:1C:4E:DD:6D:A0:36:19:38 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5D4A163D8EA03790938C94EA8DC700 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mX5w9ZYONuYG5zasHE7dbaA2GTg.roa Signing time: Fri 02 Jan 2026 06:20:24 +0000 ROA not before: Fri 02 Jan 2026 06:20:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212129 IP address blocks: 2a0e:b107:eff::/48 maxlen: 48 2a10:2f00:160::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:4a:16:3d:8e:a0:37:90:93:8c:94:ea:8d:c7:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=997e70f5960e36e606e736ac1c4edd6da0361938 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:77:3f:56:52:f7:46:f5:a1:8c:9d:ed:8d:72: 49:0a:6b:62:72:5d:6d:26:a2:f2:b9:9c:c5:85:b7: c0:86:a9:d9:c5:e2:04:f3:c7:92:b1:89:e5:47:db: a1:d8:c1:27:bd:31:f1:e4:7a:73:5a:79:6b:38:97: b8:7a:66:b6:93:3e:75:74:67:6d:b7:5f:f3:f3:15: fd:f4:d3:20:1f:2a:74:63:4a:81:81:5e:86:7b:6b: a4:02:88:76:de:8a:b4:a5:5f:d1:a9:aa:9d:87:32: 5b:71:0a:46:7b:8a:48:38:ca:a7:42:4e:80:b0:d3: ad:78:ef:bb:85:3c:c2:ff:7e:6c:94:19:2e:8e:e9: a7:92:c6:88:c0:ed:e0:2f:59:5c:97:48:67:75:a7: b5:47:07:b5:1a:22:b7:54:0e:a5:d2:e1:11:62:0c: 3f:94:5c:70:4a:2f:5d:eb:34:54:02:42:6a:0f:71: d3:e8:f7:6f:2a:3b:20:84:24:a1:64:20:a2:6b:c9: 94:45:11:d7:41:83:bc:4f:1e:e7:30:a7:12:48:bb: 82:ba:2d:c7:26:a0:ba:4e:93:b7:8d:86:dd:b4:66: 71:85:0d:0e:f6:0b:56:5a:3c:b1:b8:34:5e:31:29: 08:aa:fb:c3:ff:21:28:ab:c4:35:9d:43:bd:97:6f: 39:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:7E:70:F5:96:0E:36:E6:06:E7:36:AC:1C:4E:DD:6D:A0:36:19:38 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mX5w9ZYONuYG5zasHE7dbaA2GTg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:b107:eff::/48 2a10:2f00:160::/48 Signature Algorithm: sha256WithRSAEncryption 3f:f3:b9:c3:be:8b:69:e2:70:19:8d:97:4c:2f:6c:b9:c1:d3: 2a:1c:41:2d:f9:b2:3b:46:2a:0c:8c:35:90:46:f9:1a:75:87: 74:1e:bd:8b:dd:b2:11:2f:14:3e:61:11:f3:71:f4:b4:54:65: 31:9f:00:97:e6:5c:e8:9c:06:25:f8:71:40:df:c7:70:0b:4a: 0e:61:0d:7a:0e:a5:4a:cf:54:68:b4:28:f4:5f:49:de:30:42: a4:bf:72:e5:b2:61:d4:0a:c3:39:79:b2:f0:cd:e2:58:1b:b2: 19:3e:3c:2e:b6:d0:70:42:f6:e0:9e:f7:dc:27:82:5c:8b:7a: c2:3f:85:c9:1e:91:f7:67:cd:da:16:6b:a3:75:33:a4:b2:92: c7:32:d5:f8:e1:32:bf:e0:af:40:a7:f0:0d:b6:ef:ef:73:15: de:a0:dc:d9:87:7f:b8:e0:33:e8:2a:e7:79:49:5c:82:5c:9e: 34:38:db:b6:96:dc:04:e2:e1:2c:34:d3:50:f7:6f:4d:ca:11: 75:37:7c:df:c4:a4:64:ec:74:00:b3:1a:0d:c9:07:9f:74:8a: f5:7f:29:56:b3:df:e0:59:c2:c4:83:1a:d8:c3:9e:60:5a:f0: 0b:96:31:33:53:90:2a:85:99:92:7b:56:11:99:73:98:10:80: e4:b7:cc:00 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9XUoWPY6gN5CTjJTqjccAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OTdlNzBmNTk2MGUzNmU2MDZlNzM2YWMxYzRlZGQ2ZGEwMzYxOTM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnc/VlL3RvWhjJ3tjXJJCmticl1t JqLyuZzFhbfAhqnZxeIE88eSsYnlR9uh2MEnvTHx5HpzWnlrOJe4ema2kz51dGdt t1/z8xX99NMgHyp0Y0qBgV6Ge2ukAoh23oq0pV/RqaqdhzJbcQpGe4pIOMqnQk6A sNOteO+7hTzC/35slBkujumnksaIwO3gL1lcl0hndae1Rwe1GiK3VA6l0uERYgw/ lFxwSi9d6zRUAkJqD3HT6PdvKjsghCShZCCia8mURRHXQYO8Tx7nMKcSSLuCui3H JqC6TpO3jYbdtGZxhQ0O9gtWWjyxuDReMSkIqvvD/yEoq8Q1nUO9l285jQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFJl+cPWWDjbmBuc2rBxO3W2gNhk4MB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvbVg1dzlaWU9OdVlHNXphc0hFN2RiYUEyR1RnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBw7/ AwcAKhAvAAFgMA0GCSqGSIb3DQEBCwUAA4IBAQA/87nDvotp4nAZjZdML2y5wdMq HEEt+bI7RioMjDWQRvkadYd0Hr2L3bIRLxQ+YRHzcfS0VGUxnwCX5lzonAYl+HFA 38dwC0oOYQ16DqVKz1RotCj0X0neMEKkv3LlsmHUCsM5ebLwzeJYG7IZPjwuttBw QvbgnvfcJ4Jci3rCP4XJHpH3Z83aFmujdTOkspLHMtX44TK/4K9Ap/ANtu/vcxXe oNzZh3+44DPoKud5SVyCXJ40ONu2ltwE4uEsNNNQ929NyhF1N3zfxKRk7HQAsxoN yQefdIr1fylWs9/gWcLEgxrYw55gWvALljEzU5AqhZmSe1YRmXOYEIDkt8wA -----END CERTIFICATE-----Generated at Sun Jan 11 23:53:28 2026 by rpki-client