This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Kn2tulqJhrzrDcyvUFznt3n7bFQ.roa File: Kn2tulqJhrzrDcyvUFznt3n7bFQ.roa (raw, json) Hash identifier: Mq6OoF2Btww8FYND4P+q3DhkRxx/h7hhDqpph2gDXZM= Subject key identifier: 2A:7D:AD:BA:5A:89:86:BC:EB:0D:CC:AF:50:5C:E7:B7:79:FB:6C:54 Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Certificate serial: 019B7EA6D3F1E669C4819E42641576996E69 Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Kn2tulqJhrzrDcyvUFznt3n7bFQ.roa Signing time: Fri 02 Jan 2026 12:20:21 +0000 ROA not before: Fri 02 Jan 2026 12:20:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197715 IP address blocks: 2a0c:9a40:83e0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 02:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:d3:f1:e6:69:c4:81:9e:42:64:15:76:99:6e:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Validity Not Before: Jan 2 12:20:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a7dadba5a8986bceb0dccaf505ce7b779fb6c54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:6f:5c:c9:93:3d:86:f4:07:b5:5e:4c:47:ae: 2d:66:68:75:0a:23:57:13:e9:28:a7:24:72:26:b6: 2e:85:1f:b4:a0:05:71:87:6c:4d:6e:a7:0a:3a:43: b2:9d:fd:0d:9a:e8:c2:5d:bd:84:e9:5d:3d:95:4a: 85:a7:21:e2:5c:ff:5b:06:b7:2d:87:7f:e8:d0:df: ee:e5:d5:f6:29:a7:ac:8c:95:f9:6a:54:20:47:33: 1e:ee:97:6b:e6:86:be:d4:07:22:a5:9f:25:61:6c: 0a:ed:29:c5:a6:4b:94:b4:a6:19:6c:eb:5b:3a:28: ae:c3:67:09:40:80:8a:fc:f3:42:b2:2d:0b:2b:f1: 91:92:8d:8a:09:37:d5:9d:54:37:38:89:86:5a:2d: 0f:bc:37:97:dc:5e:28:f7:b3:13:d4:b1:9e:a5:41: fb:5f:9d:47:c6:47:19:8f:64:f3:ff:85:e6:8c:8c: 7e:52:78:ed:48:49:d7:c9:9b:52:5e:04:4f:db:b6: 89:61:de:e6:cd:ea:57:b7:30:8c:e6:27:f3:4c:97: 7e:fc:9c:aa:03:61:73:d2:69:b3:e9:6b:1b:59:5c: c4:08:38:d7:43:4b:c5:8c:1d:ae:8b:38:43:b3:b0: a8:96:9d:fa:14:19:1e:fd:b3:85:db:7d:d2:9d:97: ef:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:7D:AD:BA:5A:89:86:BC:EB:0D:CC:AF:50:5C:E7:B7:79:FB:6C:54 X509v3 Authority Key Identifier: keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Kn2tulqJhrzrDcyvUFznt3n7bFQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:9a40:83e0::/48 Signature Algorithm: sha256WithRSAEncryption cd:80:0a:1a:46:4a:d5:c7:7d:6a:4b:86:1e:ba:21:a4:4b:7c: 4d:bd:5e:24:43:38:fc:59:14:97:c2:af:70:f9:52:d6:d5:11: 73:ac:a4:a9:95:ca:ed:03:23:28:11:9e:53:50:b3:b7:e7:84: 82:ab:41:f4:17:9e:d1:6b:b7:03:f2:f7:56:10:17:84:7d:4b: 84:c7:aa:13:27:8b:10:79:40:39:83:3c:9d:17:e9:9f:8d:1f: 91:d2:46:0d:e4:ea:83:2f:f4:cc:67:ac:70:2f:24:2e:f1:71: 42:5e:76:d0:e1:c0:bd:35:b5:ec:67:54:f4:6b:59:e7:7d:c3: d3:d1:4f:8b:91:97:07:dd:8c:00:31:4d:63:b9:d4:2e:8b:ce: d9:c1:7c:27:42:8a:d7:3d:22:1b:03:b4:9d:f0:5f:2f:82:00: 5b:9b:05:45:67:e6:c5:c9:56:ba:df:c6:ac:36:e0:72:34:d9: 15:99:ac:64:a1:af:99:e0:d2:aa:1d:9a:ad:7e:5c:04:41:73: c9:04:c4:b8:e4:4f:49:cf:11:b2:cf:42:df:1a:2a:9a:9c:e0: 41:ed:44:9e:f7:6f:05:90:29:ed:42:90:5e:08:0b:e7:56:f8: 1c:60:68:1b:39:f8:07:5c:0a:e5:81:06:57:35:69:b9:b5:c0: ba:c9:b8:41 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+ptPx5mnEgZ5CZBV2mW5pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl NDgwMDgwHhcNMjYwMTAyMTIyMDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTdkYWRiYTVhODk4NmJjZWIwZGNjYWY1MDVjZTdiNzc5ZmI2YzU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG9cyZM9hvQHtV5MR64tZmh1CiNX E+kopyRyJrYuhR+0oAVxh2xNbqcKOkOynf0NmujCXb2E6V09lUqFpyHiXP9bBrct h3/o0N/u5dX2KaesjJX5alQgRzMe7pdr5oa+1AcipZ8lYWwK7SnFpkuUtKYZbOtb Oiiuw2cJQICK/PNCsi0LK/GRko2KCTfVnVQ3OImGWi0PvDeX3F4o97MT1LGepUH7 X51HxkcZj2Tz/4XmjIx+UnjtSEnXyZtSXgRP27aJYd7mzepXtzCM5ifzTJd+/Jyq A2Fz0mmz6WsbWVzECDjXQ0vFjB2uizhDs7Colp36FBke/bOF233SnZfvXQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFCp9rbpaiYa86w3Mr1Bc57d5+2xUMB8GA1UdIwQY MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt YmY0ZTUyN2I5ZmE4LzEvS24ydHVscUpocnpyRGN5dlVGem50M243YkZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4 LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIPg MA0GCSqGSIb3DQEBCwUAA4IBAQDNgAoaRkrVx31qS4YeuiGkS3xNvV4kQzj8WRSX wq9w+VLW1RFzrKSplcrtAyMoEZ5TULO354SCq0H0F57Ra7cD8vdWEBeEfUuEx6oT J4sQeUA5gzydF+mfjR+R0kYN5OqDL/TMZ6xwLyQu8XFCXnbQ4cC9NbXsZ1T0a1nn fcPT0U+LkZcH3YwAMU1judQui87ZwXwnQorXPSIbA7Sd8F8vggBbmwVFZ+bFyVa6 38asNuByNNkVmaxkoa+Z4NKqHZqtflwEQXPJBMS45E9JzxGyz0LfGiqanOBB7USe 928FkCntQpBeCAvnVvgcYGgbOfgHXArlgQZXNWm5tcC6ybhB -----END CERTIFICATE-----Generated at Tue Jan 20 09:07:47 2026 by rpki-client