This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/XmK5W8q84sjpWIgKUW3lHxn2kqA.roa File: XmK5W8q84sjpWIgKUW3lHxn2kqA.roa (raw, json) Hash identifier: oViwhVsbRYdwAJk45B0F5Tjd3hY0Cdg94l4FgJaEAKI= Subject key identifier: 5E:62:B9:5B:CA:BC:E2:C8:E9:58:88:0A:51:6D:E5:1F:19:F6:92:A0 Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a Certificate serial: 019B373F8C4EAE402CECDC3598E0769E6DFC Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/XmK5W8q84sjpWIgKUW3lHxn2kqA.roa Signing time: Fri 19 Dec 2025 15:34:30 +0000 ROA not before: Fri 19 Dec 2025 15:34:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 51720 IP address blocks: 2a0b:7780::/29 maxlen: 29 2a0b:da00::/29 maxlen: 29 2a0c:77c0::/29 maxlen: 29 2a0c:aa40::/29 maxlen: 29 2a0d:2dc0::/29 maxlen: 29 2a0d:3880::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:3f:8c:4e:ae:40:2c:ec:dc:35:98:e0:76:9e:6d:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a Validity Not Before: Dec 19 15:34:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5e62b95bcabce2c8e958880a516de51f19f692a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:0f:9e:a3:2f:c8:4d:bc:95:20:1e:be:09:42: ff:06:9d:d7:be:86:b4:35:cf:5a:5f:99:24:9e:c7: 5b:0b:54:bc:e5:bb:92:32:27:9c:62:12:1d:59:6e: aa:33:ed:bc:24:5d:15:ec:06:e5:73:b2:65:ed:10: 9f:03:39:09:56:3b:28:ef:20:e0:f5:4d:58:12:1b: c6:8a:14:62:df:7f:1c:56:c1:08:cc:66:c3:c4:20: fc:12:ff:68:75:36:88:4f:a9:a2:8b:79:6d:df:1b: 21:1d:7c:0c:62:ab:9a:da:25:a0:8d:50:86:3b:61: 7e:d0:9b:01:41:2e:65:a1:50:fe:98:e0:b3:fd:1d: c6:2e:0c:61:16:03:af:29:ee:7a:69:bc:6c:b7:b3: f6:03:e7:3b:9e:09:3f:80:b8:b8:bc:ab:43:2a:bc: 82:47:30:85:f4:77:61:f4:a9:5a:d4:b4:fc:e3:5b: b1:2b:f8:96:28:78:3a:5c:0b:69:85:c1:55:66:eb: ac:2e:52:a4:68:33:44:15:7c:41:5b:fc:25:f0:bb: e0:2b:3d:dc:f7:99:7e:d6:e1:ab:92:b9:78:83:87: 5e:ab:bd:d0:99:07:02:1e:53:5b:05:91:11:33:ee: 29:93:80:23:74:20:d1:71:18:17:16:c6:a3:83:e2: a3:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:62:B9:5B:CA:BC:E2:C8:E9:58:88:0A:51:6D:E5:1F:19:F6:92:A0 X509v3 Authority Key Identifier: keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/XmK5W8q84sjpWIgKUW3lHxn2kqA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:7780::/29 2a0b:da00::/29 2a0c:77c0::/29 2a0c:aa40::/29 2a0d:2dc0::/29 2a0d:3880::/29 Signature Algorithm: sha256WithRSAEncryption 51:c3:12:fc:2f:db:92:2f:cd:c6:27:2e:5c:44:c7:0c:1e:1e: b3:e4:a8:bd:da:97:14:55:96:97:dd:7f:ca:72:6a:e3:99:dd: 15:45:a2:5a:77:4d:00:dd:19:0e:91:fd:0d:37:75:da:2b:e1: 43:57:5c:2a:40:d2:87:84:d2:98:9a:57:72:74:2f:98:d7:25: 86:8d:38:5c:e2:26:20:d7:1b:86:9a:36:4a:9f:30:be:90:0f: 15:1b:f4:c1:2d:00:ca:da:de:e0:7a:dc:de:c3:22:47:d2:b1: f5:9d:25:8e:a6:c1:7d:bc:db:4b:dd:d4:e3:1b:db:c2:28:d8: 4e:f0:81:db:1a:11:08:27:cb:08:74:e0:e5:26:6d:09:7a:1e: 2a:a9:aa:a1:42:c6:b9:28:4a:9d:7e:21:a0:b9:14:80:30:fc: 30:a3:c9:94:9f:5d:5a:61:74:c9:6f:f8:de:33:27:03:b6:ab: 60:d8:0b:95:4c:d1:83:61:7f:2e:2a:2e:a9:df:7a:0e:f0:9a: f4:21:ac:67:51:e7:06:0e:8a:83:b5:52:3e:1d:c8:b6:72:4a: d5:cf:48:b9:89:d7:d1:1c:53:26:3d:f7:6c:5f:3d:c7:a7:c7: b7:12:88:77:4e:0d:d2:67:12:f8:0e:68:cf:95:fc:02:23:b3: dc:c9:fe:e7 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZs3P4xOrkAs7Nw1mOB2nm38MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3 Mjc4MmEwHhcNMjUxMjE5MTUzNDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTYyYjk1YmNhYmNlMmM4ZTk1ODg4MGE1MTZkZTUxZjE5ZjY5MmEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA+eoy/ITbyVIB6+CUL/Bp3Xvoa0 Nc9aX5kknsdbC1S85buSMiecYhIdWW6qM+28JF0V7Ablc7Jl7RCfAzkJVjso7yDg 9U1YEhvGihRi338cVsEIzGbDxCD8Ev9odTaIT6mii3lt3xshHXwMYqua2iWgjVCG O2F+0JsBQS5loVD+mOCz/R3GLgxhFgOvKe56abxst7P2A+c7ngk/gLi4vKtDKryC RzCF9Hdh9Kla1LT841uxK/iWKHg6XAtphcFVZuusLlKkaDNEFXxBW/wl8LvgKz3c 95l+1uGrkrl4g4deq73QmQcCHlNbBZERM+4pk4AjdCDRcRgXFsajg+KjNwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFF5iuVvKvOLI6ViIClFt5R8Z9pKgMB8GA1UdIwQY MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt YjU3YTM2ZjJhZmNkLzEvWG1LNVc4cTg0c2pwV0lnS1VXM2xIeG4ya3FBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgt3gAMF AyoL2gADBQMqDHfAAwUDKgyqQAMFAyoNLcADBQMqDTiAMA0GCSqGSIb3DQEBCwUA A4IBAQBRwxL8L9uSL83GJy5cRMcMHh6z5Ki92pcUVZaX3X/Kcmrjmd0VRaJad00A 3RkOkf0NN3XaK+FDV1wqQNKHhNKYmldydC+Y1yWGjThc4iYg1xuGmjZKnzC+kA8V G/TBLQDK2t7getzewyJH0rH1nSWOpsF9vNtL3dTjG9vCKNhO8IHbGhEIJ8sIdODl Jm0Jeh4qqaqhQsa5KEqdfiGguRSAMPwwo8mUn11aYXTJb/jeMycDtqtg2AuVTNGD YX8uKi6p33oO8Jr0IaxnUecGDoqDtVI+Hci2ckrVz0i5idfRHFMmPfdsXz3Hp8e3 Eoh3Tg3SZxL4DmjPlfwCI7Pcyf7n -----END CERTIFICATE-----Generated at Sat Dec 20 05:28:36 2025 by rpki-client