This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/2KkuFuA_KeYh2Hu1tmA_jlhzkBs.roa File: 2KkuFuA_KeYh2Hu1tmA_jlhzkBs.roa (raw, json) Hash identifier: Pg+KfvaQrjC/PksKu4Mhmpf6yym6kAfIXGygyPWlvC4= Subject key identifier: D8:A9:2E:16:E0:3F:29:E6:21:D8:7B:B5:B6:60:3F:8E:58:73:90:1B Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Certificate serial: 019B7EA6F692F33F14A002A269C0615FB9F2 Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/2KkuFuA_KeYh2Hu1tmA_jlhzkBs.roa Signing time: Fri 02 Jan 2026 12:20:29 +0000 ROA not before: Fri 02 Jan 2026 12:20:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209022 IP address blocks: 2a0c:9a40:8c40::/48 maxlen: 48 2a0c:9a40:c000::/36 maxlen: 48 2a0c:9a40:c000::/48 maxlen: 48 2a0c:9a40:c001::/48 maxlen: 48 2a0c:9a40:c002::/48 maxlen: 48 2a0c:9a40:c003::/48 maxlen: 48 2a0c:9a40:c004::/48 maxlen: 48 2a0c:9a44:beef::/48 maxlen: 48 2a10:a500:b00b::/48 maxlen: 48 2a10:a501:b00b::/48 maxlen: 48 2a10:a502:b00b::/48 maxlen: 48 2a10:a503:b00b::/48 maxlen: 48 2a10:a504:b00b::/48 maxlen: 48 2a10:a505:b00b::/48 maxlen: 48 2a10:a506:b00b::/48 maxlen: 48 2a10:a507:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 02:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:f6:92:f3:3f:14:a0:02:a2:69:c0:61:5f:b9:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Validity Not Before: Jan 2 12:20:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d8a92e16e03f29e621d87bb5b6603f8e5873901b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d8:92:a4:82:a1:22:9a:2d:5b:6a:74:fb:4a: 5e:07:73:a0:8b:88:23:ad:7f:2f:e6:9d:83:8a:76: 5b:32:af:a3:b4:02:bf:8e:84:02:32:26:33:e6:08: 54:29:ce:ec:32:45:c4:3e:df:03:f1:48:56:e5:16: 09:36:9f:d1:16:5b:1a:55:1b:de:c0:aa:3d:44:d1: 39:e6:81:e3:a9:9c:80:ec:09:5e:ba:4b:80:b8:8a: c1:50:1d:6b:4a:41:37:ec:9b:17:b1:8b:f0:97:90: 1c:78:bc:43:53:bf:1c:4d:d1:db:32:48:8c:f4:75: 78:d4:ca:e7:da:b6:39:cc:cf:cd:6d:63:10:f8:3d: 09:27:d1:95:c3:60:11:fe:ba:67:b8:61:21:b7:50: cf:4e:1a:2a:71:a9:1b:50:57:08:d6:a9:7d:6e:18: fd:a6:04:9a:b8:2c:52:7a:b2:0d:f3:ef:96:9a:49: 7d:6b:cd:44:79:0b:5a:ee:d4:50:51:e4:28:6a:5f: e9:e8:66:b0:0a:b6:6f:88:3a:34:38:6a:f9:4d:78: 8e:ca:04:2f:e5:9a:49:53:33:e1:fe:e6:7b:ae:7d: 07:6b:27:3e:73:84:24:92:bd:06:e6:63:6a:8e:92: cc:fc:cb:9d:00:9e:d3:f7:b8:ca:46:d6:b9:88:15: 37:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:A9:2E:16:E0:3F:29:E6:21:D8:7B:B5:B6:60:3F:8E:58:73:90:1B X509v3 Authority Key Identifier: keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/2KkuFuA_KeYh2Hu1tmA_jlhzkBs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:9a40:8c40::/48 2a0c:9a40:c000::/36 2a0c:9a44:beef::/48 2a10:a500:b00b::/48 2a10:a501:b00b::/48 2a10:a502:b00b::/48 2a10:a503:b00b::/48 2a10:a504:b00b::/48 2a10:a505:b00b::/48 2a10:a506:b00b::/48 2a10:a507:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 9b:ff:b0:7b:b4:67:e1:2b:6b:b3:56:29:cd:8a:c3:92:b3:21: 1f:e6:ec:18:b6:09:39:76:6d:5d:3f:1e:59:0f:3f:7b:b7:38: fc:4a:00:b0:9c:46:d7:17:19:b1:99:93:6a:85:04:a5:fa:99: b7:14:36:b4:44:08:dc:9e:1c:c4:c2:e2:1b:10:24:dd:a6:70: f3:fb:4f:b3:2c:9d:a0:93:41:3f:89:9e:69:44:62:65:73:22: 3a:6c:a9:49:33:93:bb:0d:64:c3:51:a8:51:41:00:49:f1:61: 9a:f6:14:b1:9c:31:ab:72:91:ba:b0:e5:fd:84:f7:c6:83:e9: 64:58:b2:9a:5d:3c:72:b1:1a:82:7a:5c:5c:01:9f:84:af:fe: 68:d4:90:f9:d5:80:98:25:05:8b:90:af:85:bf:97:6d:8f:11: 18:a1:24:e4:01:46:fe:f5:4a:b6:87:f1:cc:22:17:ba:11:c1: f8:db:59:9e:48:64:19:43:4f:80:e7:74:43:98:38:bd:9a:08: b3:c3:5d:8e:32:9a:bb:de:dc:6c:16:1d:27:ef:48:b2:b5:f5: 9f:7b:9d:e6:c9:bc:8c:40:e1:79:38:89:ba:f8:09:ae:2c:82: cf:3a:37:e5:f4:8f:db:02:c9:a4:c5:4c:52:4b:0d:13:b6:cd: 52:ea:70:65 -----BEGIN CERTIFICATE----- MIIFWTCCBEGgAwIBAgISAZt+pvaS8z8UoAKiacBhX7nyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl NDgwMDgwHhcNMjYwMTAyMTIyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOGE5MmUxNmUwM2YyOWU2MjFkODdiYjViNjYwM2Y4ZTU4NzM5MDFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutiSpIKhIpotW2p0+0peB3Ogi4gj rX8v5p2DinZbMq+jtAK/joQCMiYz5ghUKc7sMkXEPt8D8UhW5RYJNp/RFlsaVRve wKo9RNE55oHjqZyA7AleukuAuIrBUB1rSkE37JsXsYvwl5AceLxDU78cTdHbMkiM 9HV41Mrn2rY5zM/NbWMQ+D0JJ9GVw2AR/rpnuGEht1DPThoqcakbUFcI1ql9bhj9 pgSauCxSerIN8++Wmkl9a81EeQta7tRQUeQoal/p6GawCrZviDo0OGr5TXiOygQv 5ZpJUzPh/uZ7rn0Hayc+c4Qkkr0G5mNqjpLM/MudAJ7T97jKRta5iBU3xQIDAQAB o4ICZTCCAmEwHQYDVR0OBBYEFNipLhbgPynmIdh7tbZgP45Yc5AbMB8GA1UdIwQY MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt YmY0ZTUyN2I5ZmE4LzEvMktrdUZ1QV9LZVloMkh1MXRtQV9qbGh6a0JzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4 LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAAjBiAwcAKgyaQIxA AwYEKgyaQMADBwAqDJpEvu8DBwAqEKUAsAsDBwAqEKUBsAsDBwAqEKUCsAsDBwAq EKUDsAsDBwAqEKUEsAsDBwAqEKUFsAsDBwAqEKUGsAsDBwAqEKUHsAswDQYJKoZI hvcNAQELBQADggEBAJv/sHu0Z+Era7NWKc2Kw5KzIR/m7Bi2CTl2bV0/HlkPP3u3 OPxKALCcRtcXGbGZk2qFBKX6mbcUNrRECNyeHMTC4hsQJN2mcPP7T7MsnaCTQT+J nmlEYmVzIjpsqUkzk7sNZMNRqFFBAEnxYZr2FLGcMatykbqw5f2E98aD6WRYsppd PHKxGoJ6XFwBn4Sv/mjUkPnVgJglBYuQr4W/l22PERihJOQBRv71SraH8cwiF7oR wfjbWZ5IZBlDT4DndEOYOL2aCLPDXY4ymrve3GwWHSfvSLK19Z97nebJvIxA4Xk4 ibr4Ca4sgs86N+X0j9sCyaTFTFJLDRO2zVLqcGU= -----END CERTIFICATE-----Generated at Tue Jan 20 09:05:16 2026 by rpki-client