This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QRdU6054DZ4IwOxLojpdywWSE_M.roa File: QRdU6054DZ4IwOxLojpdywWSE_M.roa (raw, json) Hash identifier: mkL9eap4B+folG8CqYjhU8NMhOAwoOdT6Chyi/0EI+w= Subject key identifier: 41:17:54:EB:4E:78:0D:9E:08:C0:EC:4B:A2:3A:5D:CB:05:92:13:F3 Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Certificate serial: 019B7EA6E4C4D0F05E3713004887A576D234 Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QRdU6054DZ4IwOxLojpdywWSE_M.roa Signing time: Fri 02 Jan 2026 12:20:25 +0000 ROA not before: Fri 02 Jan 2026 12:20:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203333 IP address blocks: 2a0c:9a40:8340::/48 maxlen: 48 2a0c:9a40:8640::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 02:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:e4:c4:d0:f0:5e:37:13:00:48:87:a5:76:d2:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Validity Not Before: Jan 2 12:20:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=411754eb4e780d9e08c0ec4ba23a5dcb059213f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:9b:7b:6a:ff:b9:3a:98:08:67:fa:e9:99:fd: 0d:de:15:48:82:28:73:eb:79:a7:3f:a2:37:1f:fa: 56:97:ea:a5:d4:ef:7a:e1:18:c1:5f:81:c4:34:47: ad:a0:37:0a:ea:da:7f:c5:a5:24:a2:e9:01:c0:e0: f0:28:aa:5c:46:d3:52:47:fc:ce:7b:f9:be:92:f9: 6b:44:c8:a0:ee:11:cc:1d:b6:d5:68:ba:69:6d:62: 94:5a:21:1f:c3:ef:77:91:e4:1f:88:32:3e:22:c5: de:c1:59:92:1b:65:a7:2d:88:3a:1f:b6:56:13:52: 86:30:f1:87:0c:66:2a:e6:5e:b7:d6:8a:c5:18:86: 87:e7:67:40:e0:30:59:30:d3:16:ba:8d:25:54:61: ae:8c:d5:8a:ed:c3:35:26:b6:80:ce:9b:e1:ab:9e: 64:9c:7c:e4:a7:93:5c:fd:6e:66:27:ae:7c:ed:67: 8e:56:4a:48:a9:26:89:34:bd:ad:a7:9b:61:0a:c2: f7:ee:53:cd:14:62:e1:56:41:b3:54:61:72:d9:f0: ac:4a:d2:43:c3:48:ce:9b:34:57:b1:a0:a2:71:eb: 73:d3:a1:75:59:cc:67:66:7b:6d:70:cd:ef:16:b5: ee:c7:65:88:ae:eb:35:3b:4f:9c:8b:3b:ac:f3:30: 6a:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:17:54:EB:4E:78:0D:9E:08:C0:EC:4B:A2:3A:5D:CB:05:92:13:F3 X509v3 Authority Key Identifier: keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QRdU6054DZ4IwOxLojpdywWSE_M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:9a40:8340::/48 2a0c:9a40:8640::/44 Signature Algorithm: sha256WithRSAEncryption bf:1c:7f:8a:d4:e7:57:93:d2:8e:30:e1:e4:0e:b3:e5:58:6d: 41:33:d0:27:4a:3c:48:1e:67:d2:2b:1e:6a:cd:df:e1:74:b8: c7:cf:58:a6:a2:39:d6:30:a5:75:20:74:ec:d0:b0:50:b1:91: e3:b1:ab:09:0d:6d:a8:5b:26:8f:95:b2:da:36:85:2a:27:53: 41:38:ad:83:2f:e8:c4:f6:39:db:37:21:45:80:49:c6:1c:57: 62:da:79:0e:ee:3a:de:f9:41:42:14:ea:65:ac:1c:9d:c4:3e: ef:9a:60:b3:05:26:27:52:58:44:ac:6b:17:6a:55:3a:b5:88: 74:ae:b2:2c:6f:50:1b:a0:60:84:2d:03:18:f6:58:9e:67:b0: d5:de:8a:7d:cd:16:b6:20:4e:2b:3f:6c:ce:bf:77:35:ca:d8: 05:69:d9:25:c7:91:d9:07:1e:4d:c5:2a:5e:b0:dc:45:6b:2a: bb:3d:da:fa:de:ee:17:c4:40:31:35:eb:ce:1f:c8:fa:a4:a5: 55:7d:a8:95:85:e5:88:17:86:1e:19:45:c8:eb:03:10:c5:41: 4c:e5:9b:17:ac:62:71:9c:51:1b:41:66:ea:17:e9:f7:c9:f9: 8a:1c:aa:7a:8f:b6:f6:2a:84:a1:75:41:d6:1b:69:0c:68:6b: d2:82:fb:26 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+puTE0PBeNxMASIeldtI0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl NDgwMDgwHhcNMjYwMTAyMTIyMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MTE3NTRlYjRlNzgwZDllMDhjMGVjNGJhMjNhNWRjYjA1OTIxM2YzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspt7av+5OpgIZ/rpmf0N3hVIgihz 63mnP6I3H/pWl+ql1O964RjBX4HENEetoDcK6tp/xaUkoukBwODwKKpcRtNSR/zO e/m+kvlrRMig7hHMHbbVaLppbWKUWiEfw+93keQfiDI+IsXewVmSG2WnLYg6H7ZW E1KGMPGHDGYq5l631orFGIaH52dA4DBZMNMWuo0lVGGujNWK7cM1JraAzpvhq55k nHzkp5Nc/W5mJ6587WeOVkpIqSaJNL2tp5thCsL37lPNFGLhVkGzVGFy2fCsStJD w0jOmzRXsaCicetz06F1WcxnZnttcM3vFrXux2WIrus1O0+cizus8zBq7wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFEEXVOtOeA2eCMDsS6I6XcsFkhPzMB8GA1UdIwQY MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt YmY0ZTUyN2I5ZmE4LzEvUVJkVTYwNTREWjRJd094TG9qcGR5d1dTRV9NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4 LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgyaQINA AwcEKgyaQIZAMA0GCSqGSIb3DQEBCwUAA4IBAQC/HH+K1OdXk9KOMOHkDrPlWG1B M9AnSjxIHmfSKx5qzd/hdLjHz1imojnWMKV1IHTs0LBQsZHjsasJDW2oWyaPlbLa NoUqJ1NBOK2DL+jE9jnbNyFFgEnGHFdi2nkO7jre+UFCFOplrBydxD7vmmCzBSYn UlhErGsXalU6tYh0rrIsb1AboGCELQMY9lieZ7DV3op9zRa2IE4rP2zOv3c1ytgF adklx5HZBx5NxSpesNxFayq7Pdr63u4XxEAxNevOH8j6pKVVfaiVheWIF4YeGUXI 6wMQxUFM5ZsXrGJxnFEbQWbqF+n3yfmKHKp6j7b2KoShdUHWG2kMaGvSgvsm -----END CERTIFICATE-----Generated at Tue Jan 20 09:04:42 2026 by rpki-client