This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/98aa0b-d8b3-4109-8f8b-20e59cf92686/1/YJtWWkd40LeFmgY7B3XEmPng2QU.roa File: YJtWWkd40LeFmgY7B3XEmPng2QU.roa (raw, json) Hash identifier: rjscWRDiq39+sDx2H9BVMRCDWFFnJdKD35VGGtGde4k= Subject key identifier: 60:9B:56:5A:47:78:D0:B7:85:9A:06:3B:07:75:C4:98:F9:E0:D9:05 Certificate issuer: /CN=b6bde8794b0a0d88f92967f5084e4c38199613a0 Certificate serial: 019B21FDD48A5B2343087D0CA0EDE970CD3B Authority key identifier: B6:BD:E8:79:4B:0A:0D:88:F9:29:67:F5:08:4E:4C:38:19:96:13:A0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tr3oeUsKDYj5KWf1CE5MOBmWE6A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/98aa0b-d8b3-4109-8f8b-20e59cf92686/1/YJtWWkd40LeFmgY7B3XEmPng2QU.roa Signing time: Mon 15 Dec 2025 12:30:41 +0000 ROA not before: Mon 15 Dec 2025 12:30:41 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 29322 IP address blocks: 2a0d:2280::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/98aa0b-d8b3-4109-8f8b-20e59cf92686/1/tr3oeUsKDYj5KWf1CE5MOBmWE6A.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/98aa0b-d8b3-4109-8f8b-20e59cf92686/1/tr3oeUsKDYj5KWf1CE5MOBmWE6A.mft rsync://rpki.ripe.net/repository/DEFAULT/tr3oeUsKDYj5KWf1CE5MOBmWE6A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:fd:d4:8a:5b:23:43:08:7d:0c:a0:ed:e9:70:cd:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6bde8794b0a0d88f92967f5084e4c38199613a0 Validity Not Before: Dec 15 12:30:41 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=609b565a4778d0b7859a063b0775c498f9e0d905 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:c2:f4:5e:71:de:d7:09:74:65:1a:18:c4:23: 0b:bf:e1:68:68:44:7a:66:37:08:57:51:ab:98:98: 78:9d:42:22:33:45:f9:8f:d8:ea:9c:5c:c6:d2:99: 6c:ad:cd:83:cf:e7:7d:1c:57:4e:bd:5c:c5:ba:6e: ce:61:c2:08:4c:09:22:37:48:06:a1:d4:fd:35:38: 8b:14:93:f3:64:48:d6:f1:d2:07:00:29:a4:01:4d: e3:37:b3:23:eb:4c:cd:89:07:36:2e:28:7d:72:cd: c6:9c:11:f9:93:18:cb:61:34:19:40:9f:68:66:92: d8:83:83:75:93:17:65:a0:ea:2d:48:19:61:11:74: 60:cf:86:08:0f:c6:33:d4:36:e2:dd:40:7e:62:ee: 4e:f0:9e:83:c3:3b:da:ca:67:10:71:6c:0f:ce:eb: ea:04:2e:e4:f9:74:7a:ff:af:6e:5e:de:ba:b9:35: db:d9:13:78:80:b4:2b:2c:c7:c2:66:92:a4:3e:b0: e6:4c:fb:19:df:d1:3e:65:e2:b3:ce:99:78:90:a5: 67:83:01:7a:d0:4d:cb:ad:fe:8f:a1:64:9f:a2:b9: 19:97:36:54:5b:fe:d2:c2:c7:bf:4c:6b:a0:70:e3: 51:f4:a8:d2:e8:d8:4f:a5:2a:71:c3:42:51:bd:28: b9:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:9B:56:5A:47:78:D0:B7:85:9A:06:3B:07:75:C4:98:F9:E0:D9:05 X509v3 Authority Key Identifier: keyid:B6:BD:E8:79:4B:0A:0D:88:F9:29:67:F5:08:4E:4C:38:19:96:13:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tr3oeUsKDYj5KWf1CE5MOBmWE6A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/98aa0b-d8b3-4109-8f8b-20e59cf92686/1/YJtWWkd40LeFmgY7B3XEmPng2QU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/98aa0b-d8b3-4109-8f8b-20e59cf92686/1/tr3oeUsKDYj5KWf1CE5MOBmWE6A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:2280::/29 Signature Algorithm: sha256WithRSAEncryption 2a:fb:21:83:ac:da:64:4d:02:d0:fa:64:17:69:08:57:63:19: c0:9e:e4:ca:cc:f4:7b:b0:98:93:17:6b:33:60:84:e4:57:19: b7:b2:87:79:83:a3:99:be:65:c5:f0:21:c4:72:d1:66:53:15: b6:27:bd:e1:aa:b2:0c:7e:fa:7e:c8:91:00:79:3c:a9:ae:a6: 32:6c:1f:fd:18:29:04:cd:4b:07:68:61:5c:8f:c9:5c:8a:c3: 08:c1:39:44:29:2b:ff:8f:c2:0e:a3:25:20:fc:8b:14:4e:29: 0a:5a:ab:e1:12:ff:61:3c:2c:87:93:9f:7f:af:64:f9:a8:1a: 80:ca:1e:0d:6f:37:48:8d:0e:b7:c1:f4:b6:9f:e5:4e:78:8b: ba:ea:3f:40:cc:27:c4:dc:a6:d8:29:94:f0:f1:cd:80:48:5b: ed:fa:54:cf:72:1d:bc:9b:10:f9:78:45:df:5b:b2:8f:03:01: 61:16:f0:8a:75:22:11:ad:6b:c5:5b:ca:73:6f:02:f5:9a:97: c7:d4:3a:fd:5b:c5:cb:23:9d:5d:da:dd:f9:6d:d8:66:1d:30: e9:56:3c:95:8b:49:29:fb:6b:ae:9c:31:a3:18:a1:c1:28:8c: a5:e9:e7:02:66:70:99:a0:a7:df:37:d4:bc:ce:d9:f1:fa:7b: fc:77:28:51 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZsh/dSKWyNDCH0MoO3pcM07MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2YmRlODc5NGIwYTBkODhmOTI5NjdmNTA4NGU0YzM4MTk5 NjEzYTAwHhcNMjUxMjE1MTIzMDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MDliNTY1YTQ3NzhkMGI3ODU5YTA2M2IwNzc1YzQ5OGY5ZTBkOTA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwML0XnHe1wl0ZRoYxCMLv+FoaER6 ZjcIV1GrmJh4nUIiM0X5j9jqnFzG0plsrc2Dz+d9HFdOvVzFum7OYcIITAkiN0gG odT9NTiLFJPzZEjW8dIHACmkAU3jN7Mj60zNiQc2Lih9cs3GnBH5kxjLYTQZQJ9o ZpLYg4N1kxdloOotSBlhEXRgz4YID8Yz1Dbi3UB+Yu5O8J6DwzvaymcQcWwPzuvq BC7k+XR6/69uXt66uTXb2RN4gLQrLMfCZpKkPrDmTPsZ39E+ZeKzzpl4kKVngwF6 0E3Lrf6PoWSforkZlzZUW/7Swse/TGugcONR9KjS6NhPpSpxw0JRvSi5VwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFGCbVlpHeNC3hZoGOwd1xJj54NkFMB8GA1UdIwQY MBaAFLa96HlLCg2I+Sln9QhOTDgZlhOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHIzb2VVc0tEWWo1S1dmMUNFNU1PQm1XRTZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85OGFhMGItZDhiMy00MTA5LThmOGIt MjBlNTljZjkyNjg2LzEvWUp0V1drZDQwTGVGbWdZN0IzWEVtUG5nMlFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS85OGFhMGItZDhiMy00MTA5LThmOGItMjBlNTljZjkyNjg2 LzEvdHIzb2VVc0tEWWo1S1dmMUNFNU1PQm1XRTZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg0igDAN BgkqhkiG9w0BAQsFAAOCAQEAKvshg6zaZE0C0PpkF2kIV2MZwJ7kysz0e7CYkxdr M2CE5FcZt7KHeYOjmb5lxfAhxHLRZlMVtie94aqyDH76fsiRAHk8qa6mMmwf/Rgp BM1LB2hhXI/JXIrDCME5RCkr/4/CDqMlIPyLFE4pClqr4RL/YTwsh5Off69k+aga gMoeDW83SI0Ot8H0tp/lTniLuuo/QMwnxNym2CmU8PHNgEhb7fpUz3IdvJsQ+XhF 31uyjwMBYRbwinUiEa1rxVvKc28C9ZqXx9Q6/VvFyyOdXdrd+W3YZh0w6VY8lYtJ KftrrpwxoxihwSiMpennAmZwmaCn3zfUvM7Z8fp7/HcoUQ== -----END CERTIFICATE-----Generated at Sun Dec 21 07:17:20 2025 by rpki-client