This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/rCdSMHl_MQkXsCMjaJHcbODJw2o.roa File: rCdSMHl_MQkXsCMjaJHcbODJw2o.roa (raw, json) Hash identifier: 4vmCTmElsasDZ6+bHHV7rgldYY54+a6c2EhUWeca6UQ= Subject key identifier: AC:27:52:30:79:7F:31:09:17:B0:23:23:68:91:DC:6C:E0:C9:C3:6A Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Certificate serial: 019B88284039D645A90C4978AB6B922899AA Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/rCdSMHl_MQkXsCMjaJHcbODJw2o.roa Signing time: Sun 04 Jan 2026 08:38:17 +0000 ROA not before: Sun 04 Jan 2026 08:38:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 2a14:67c1:a128::/48 maxlen: 48 2a14:67c1:a129::/48 maxlen: 48 2a14:67c2:510::/48 maxlen: 48 2a14:67c2:576::/48 maxlen: 48 2a14:67c3:30::/44 maxlen: 44 2a14:67c3:cafe::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:88:28:40:39:d6:45:a9:0c:49:78:ab:6b:92:28:99:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Validity Not Before: Jan 4 08:38:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ac275230797f310917b023236891dc6ce0c9c36a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e8:42:80:a4:7c:82:6a:83:13:96:ea:a4:ff: 52:55:9f:4e:58:c9:1c:2c:fd:e5:90:d0:c4:8e:50: 6e:b6:39:2e:96:88:04:7b:56:01:d9:9d:25:cf:03: 87:b4:5a:98:cc:64:85:1a:b2:2e:d9:62:78:d6:b2: 33:05:40:33:76:cd:5b:0a:50:8e:63:01:84:47:a2: 60:68:0b:4f:6e:df:7b:f0:4e:7b:9f:f9:31:c0:39: d7:96:29:87:30:1a:8d:b3:1b:be:c1:8e:26:7a:e8: b7:cb:cc:e7:a5:ed:46:45:9d:32:1e:d4:64:da:ae: 2c:9c:74:7e:0e:ed:a1:84:79:26:c8:1b:6c:11:d4: 3f:fb:30:fa:e4:cc:da:02:7d:e1:b5:ee:81:79:aa: 8f:2c:dd:8b:51:22:fe:99:d8:e9:87:cb:ea:c5:1a: f9:f4:c1:38:ab:43:4d:b1:38:7d:31:a3:4c:d5:e6: 1b:ae:41:f3:92:21:5c:e5:67:fa:1b:8a:de:c3:18: 1a:d8:46:17:49:86:09:9d:3b:78:5b:c4:aa:f5:3f: 99:2d:8e:a9:03:97:0d:43:9c:99:e2:29:9c:bc:88: 20:33:67:15:44:ce:89:56:ed:33:f3:78:1c:d9:4a: 86:3f:f8:b1:96:f9:fb:dd:7b:fa:cf:98:3a:d4:bf: fa:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:27:52:30:79:7F:31:09:17:B0:23:23:68:91:DC:6C:E0:C9:C3:6A X509v3 Authority Key Identifier: keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/rCdSMHl_MQkXsCMjaJHcbODJw2o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:67c1:a128::/47 2a14:67c2:510::/48 2a14:67c2:576::/48 2a14:67c3:30::/44 2a14:67c3:cafe::/48 Signature Algorithm: sha256WithRSAEncryption 54:78:81:71:2e:1d:d2:4a:a6:8d:b2:93:35:64:7a:76:30:2f: cc:8d:4a:aa:d2:47:63:d1:b5:08:60:24:7a:23:31:38:8b:d1: 8f:c4:12:68:44:06:71:68:3c:5a:78:68:e5:79:af:f6:26:14: c3:1e:30:ee:4a:6b:11:33:b7:13:65:ec:f6:f5:37:ca:6f:02: 92:c4:9f:95:05:57:fa:80:27:d9:0b:69:31:3e:3d:97:cb:41: 92:93:eb:1e:c9:40:ab:60:4a:f8:a7:dc:3a:1f:b0:5a:32:f3: e2:38:c9:04:94:b8:1b:e4:49:51:b1:23:c6:6d:a3:cc:6d:88: 87:5a:4d:2f:3f:d7:44:5c:22:0d:f6:c3:ac:14:81:f2:52:a5: 76:18:27:2d:c1:1f:22:c0:3a:4a:4f:cc:d7:99:cc:0a:24:eb: 6a:11:68:f2:d6:11:80:16:cb:11:15:b6:8c:b4:6a:c3:48:46: 5b:e0:d4:95:3b:44:ad:a5:96:cf:38:ab:02:dd:86:11:be:20: 6d:4d:73:4e:46:f4:ff:45:1c:de:3b:18:f2:be:09:68:8c:15: e8:31:f2:28:6e:3e:91:06:66:65:70:d0:76:4e:dc:83:a1:79: d5:ab:2e:8a:93:ea:f2:74:6c:8a:55:66:9c:68:15:a1:de:f0: 04:a4:76:84 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZuIKEA51kWpDEl4q2uSKJmqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll NGUwZTAwHhcNMjYwMTA0MDgzODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYzI3NTIzMDc5N2YzMTA5MTdiMDIzMjM2ODkxZGM2Y2UwYzljMzZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuhCgKR8gmqDE5bqpP9SVZ9OWMkc LP3lkNDEjlButjkulogEe1YB2Z0lzwOHtFqYzGSFGrIu2WJ41rIzBUAzds1bClCO YwGER6JgaAtPbt978E57n/kxwDnXlimHMBqNsxu+wY4meui3y8znpe1GRZ0yHtRk 2q4snHR+Du2hhHkmyBtsEdQ/+zD65MzaAn3hte6BeaqPLN2LUSL+mdjph8vqxRr5 9ME4q0NNsTh9MaNM1eYbrkHzkiFc5Wf6G4rewxga2EYXSYYJnTt4W8Sq9T+ZLY6p A5cNQ5yZ4imcvIggM2cVRM6JVu0z83gc2UqGP/ixlvn73Xv6z5g61L/6hwIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFKwnUjB5fzEJF7AjI2iR3GzgycNqMB8GA1UdIwQY MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt ZjZjYzRlZjBmN2RmLzEvckNkU01IbF9NUWtYc0NNamFKSGNiT0RKdzJvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcBKhRnwaEo AwcAKhRnwgUQAwcAKhRnwgV2AwcEKhRnwwAwAwcAKhRnw8r+MA0GCSqGSIb3DQEB CwUAA4IBAQBUeIFxLh3SSqaNspM1ZHp2MC/MjUqq0kdj0bUIYCR6IzE4i9GPxBJo RAZxaDxaeGjlea/2JhTDHjDuSmsRM7cTZez29TfKbwKSxJ+VBVf6gCfZC2kxPj2X y0GSk+seyUCrYEr4p9w6H7BaMvPiOMkElLgb5ElRsSPGbaPMbYiHWk0vP9dEXCIN 9sOsFIHyUqV2GCctwR8iwDpKT8zXmcwKJOtqEWjy1hGAFssRFbaMtGrDSEZb4NSV O0StpZbPOKsC3YYRviBtTXNORvT/RRzeOxjyvglojBXoMfIobj6RBmZlcNB2TtyD oXnVqy6Kk+rydGyKVWacaBWh3vAEpHaE -----END CERTIFICATE-----Generated at Wed Jan 7 23:51:46 2026 by rpki-client