This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/IyUD0cTbm163_nE6Z_KQkHMo9a0.roa File: IyUD0cTbm163_nE6Z_KQkHMo9a0.roa (raw, json) Hash identifier: ckmuLvsLe1WHUbDkzeJOW8KVL9BpPwjboxRuotk+r7Y= Subject key identifier: 23:25:03:D1:C4:DB:9B:5E:B7:FE:71:3A:67:F2:90:90:73:28:F5:AD Certificate issuer: /CN=868461e060fdf48cd41d33ad9271c807d424eb42 Certificate serial: 019B7C1292F3B45B336B992F0EC6B577FD2D Authority key identifier: 86:84:61:E0:60:FD:F4:8C:D4:1D:33:AD:92:71:C8:07:D4:24:EB:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/IyUD0cTbm163_nE6Z_KQkHMo9a0.roa Signing time: Fri 02 Jan 2026 00:19:10 +0000 ROA not before: Fri 02 Jan 2026 00:19:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215542 IP address blocks: 2001:678:1060::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.crl rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 06 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:92:f3:b4:5b:33:6b:99:2f:0e:c6:b5:77:fd:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=868461e060fdf48cd41d33ad9271c807d424eb42 Validity Not Before: Jan 2 00:19:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=232503d1c4db9b5eb7fe713a67f290907328f5ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:29:1c:a0:ed:d5:c3:5c:db:d6:b6:b5:5c:bf: 7b:8a:8d:d2:a6:ff:29:f5:01:0c:fb:4d:36:1a:89: b6:bc:e3:71:87:42:68:82:66:a8:0b:ad:da:c4:a6: 49:c8:09:fa:eb:3b:66:f2:f4:a3:46:24:c4:d4:71: 72:a6:b9:25:d2:e8:e9:29:44:a9:ce:93:d2:49:9a: d9:72:46:ed:c4:eb:77:91:1f:e7:2e:60:46:91:81: 2f:9c:1c:2c:17:90:b8:a7:3e:d7:2e:fd:00:1b:d2: f5:0e:f4:74:99:5e:7a:bb:34:a9:fb:8f:60:03:fe: fe:ec:38:65:84:2a:f4:7d:9a:ff:10:04:51:cb:7a: 08:60:d8:28:6e:57:57:ba:c8:c2:62:14:4b:6b:51: 6c:79:b1:63:0e:f3:83:0d:78:cd:b4:03:54:2d:3a: af:68:e4:a9:81:97:e6:83:52:84:20:80:c3:aa:1b: b7:83:c3:45:3c:39:c3:31:26:7a:cf:b7:7a:f1:3b: 82:a5:7f:f8:6c:6f:51:84:25:e4:eb:b8:06:eb:e8: 09:6a:dc:b4:07:d8:e8:75:98:47:12:d5:8f:ea:00: b8:7d:76:c4:15:d1:f4:32:75:d2:bf:b8:1b:8e:04: 39:95:c6:b0:24:dd:75:d7:69:dc:18:86:1e:51:19: 13:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:25:03:D1:C4:DB:9B:5E:B7:FE:71:3A:67:F2:90:90:73:28:F5:AD X509v3 Authority Key Identifier: keyid:86:84:61:E0:60:FD:F4:8C:D4:1D:33:AD:92:71:C8:07:D4:24:EB:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/IyUD0cTbm163_nE6Z_KQkHMo9a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:1060::/48 Signature Algorithm: sha256WithRSAEncryption 03:c6:bb:31:51:2c:07:69:84:80:87:65:06:ea:54:49:dd:5f: d8:66:e0:92:9e:42:e7:81:99:1a:bd:c6:09:83:86:2d:8f:43: ec:72:db:24:55:8c:57:ad:fb:b3:71:61:df:18:03:e0:eb:ec: 38:e0:b4:ee:6f:9c:a5:e4:b6:3c:84:e4:31:cd:b5:d0:d0:f6: 65:0e:42:a7:85:57:ff:fd:f0:02:92:c5:87:8e:bf:0f:cb:16: c1:37:c1:06:e3:5d:9c:80:26:f9:7e:e4:04:59:2b:b8:b0:98: 44:ff:5c:78:ba:27:24:0b:08:8c:59:6e:5f:58:c0:6e:43:d2: 3b:82:4d:99:26:cf:cd:7f:58:07:48:61:37:82:64:05:c3:bc: 68:ea:18:77:08:39:a8:4c:39:f6:ce:e2:72:2e:50:8c:46:78: 10:8b:d9:10:4d:7a:bd:a7:da:1d:c6:b0:da:28:37:ff:3d:cf: 38:e8:51:44:15:24:6c:f2:39:50:6b:a9:0f:cc:61:d8:08:df: ca:9a:be:97:78:61:35:93:fc:f7:e8:ca:a6:d3:97:fc:a6:84: 65:11:ea:6d:27:a7:ab:f7:d9:03:e3:44:43:f8:79:92:cf:d1: 84:ca:b8:c6:32:44:87:e9:8a:eb:92:94:16:fc:72:29:30:dc: 21:cd:c1:fc -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt8EpLztFsza5kvDsa1d/0tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2ODQ2MWUwNjBmZGY0OGNkNDFkMzNhZDkyNzFjODA3ZDQy NGViNDIwHhcNMjYwMTAyMDAxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzI1MDNkMWM0ZGI5YjVlYjdmZTcxM2E2N2YyOTA5MDczMjhmNWFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9CkcoO3Vw1zb1ra1XL97io3Spv8p 9QEM+002Gom2vONxh0JogmaoC63axKZJyAn66ztm8vSjRiTE1HFyprkl0ujpKUSp zpPSSZrZckbtxOt3kR/nLmBGkYEvnBwsF5C4pz7XLv0AG9L1DvR0mV56uzSp+49g A/7+7DhlhCr0fZr/EARRy3oIYNgobldXusjCYhRLa1FsebFjDvODDXjNtANULTqv aOSpgZfmg1KEIIDDqhu3g8NFPDnDMSZ6z7d68TuCpX/4bG9RhCXk67gG6+gJaty0 B9jodZhHEtWP6gC4fXbEFdH0MnXSv7gbjgQ5lcawJN1112ncGIYeURkTvwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFCMlA9HE25tet/5xOmfykJBzKPWtMB8GA1UdIwQY MBaAFIaEYeBg/fSM1B0zrZJxyAfUJOtCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaG9SaDRHRDk5SXpVSFRPdGtuSElCOVFrNjBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My80YWY0YmUtNzBmMS00MTk0LTkxMWYt NTlhYjk2YmMzNWM2LzEvSXlVRDBjVGJtMTYzX25FNlpfS1FrSE1vOWEwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My80YWY0YmUtNzBmMS00MTk0LTkxMWYtNTlhYjk2YmMzNWM2 LzEvaG9SaDRHRDk5SXpVSFRPdGtuSElCOVFrNjBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeBBg MA0GCSqGSIb3DQEBCwUAA4IBAQADxrsxUSwHaYSAh2UG6lRJ3V/YZuCSnkLngZka vcYJg4Ytj0PsctskVYxXrfuzcWHfGAPg6+w44LTub5yl5LY8hOQxzbXQ0PZlDkKn hVf//fACksWHjr8PyxbBN8EG412cgCb5fuQEWSu4sJhE/1x4uickCwiMWW5fWMBu Q9I7gk2ZJs/Nf1gHSGE3gmQFw7xo6hh3CDmoTDn2zuJyLlCMRngQi9kQTXq9p9od xrDaKDf/Pc846FFEFSRs8jlQa6kPzGHYCN/Kmr6XeGE1k/z36Mqm05f8poRlEept J6er99kD40RD+HmSz9GEyrjGMkSH6YrrkpQW/HIpMNwhzcH8 -----END CERTIFICATE-----Generated at Mon Jan 5 11:37:50 2026 by rpki-client