This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ahCURLlPO-w-50PruX6Yx9SnzW0.roa File: ahCURLlPO-w-50PruX6Yx9SnzW0.roa (raw, json) Hash identifier: tLwPYL2UtEvcGU/DLZxNexqirm4dqDl0WuZXI82WvMQ= Subject key identifier: 6A:10:94:44:B9:4F:3B:EC:3E:E7:43:EB:B9:7E:98:C7:D4:A7:CD:6D Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Certificate serial: 019B9559F631D00E03DE52E90AE050717A9C Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ahCURLlPO-w-50PruX6Yx9SnzW0.roa Signing time: Tue 06 Jan 2026 22:07:39 +0000 ROA not before: Tue 06 Jan 2026 22:07:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209477 IP address blocks: 2a0c:9a40:8e40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 02:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:95:59:f6:31:d0:0e:03:de:52:e9:0a:e0:50:71:7a:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Validity Not Before: Jan 6 22:07:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a109444b94f3bec3ee743ebb97e98c7d4a7cd6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:95:3d:f5:42:31:c7:a1:49:8d:62:d4:26:6d: 1a:7b:9f:1c:c2:53:7e:9c:f8:72:e1:1b:23:5e:e6: 29:8c:89:56:68:c8:a4:c5:de:cb:1b:bf:27:67:9f: f7:a7:a5:a7:b1:d5:7a:c5:ce:bd:ef:ed:c0:a2:ff: 66:c0:bb:5e:6b:94:0d:14:9f:2a:be:09:4b:4c:c2: 7a:c2:bc:1a:90:14:05:51:7d:9f:5c:05:a3:4e:14: 8b:cf:7a:d1:6f:96:28:dc:2c:10:41:96:aa:bc:55: b8:97:1f:73:06:63:70:b0:68:63:aa:0e:cf:31:aa: 07:72:a6:c8:9f:f9:39:e1:21:21:4d:49:ea:fa:6b: 8b:0f:81:c5:14:7b:d0:9c:41:2b:bc:59:75:05:f4: 10:fd:38:d5:5e:78:3e:92:4b:8a:d6:c3:c9:dc:12: 19:a1:8d:84:e4:68:fd:5f:01:36:80:e9:d5:2a:c0: 78:2d:de:ad:80:d7:64:50:f7:9c:d3:a2:e3:c8:f4: 5f:23:ad:e2:06:95:f8:04:37:3f:e2:44:0a:5c:1e: dd:f0:95:bd:33:8a:58:31:71:32:1a:ec:a6:6c:ba: 9a:f0:b7:b4:4f:71:d5:e7:9c:5e:a9:8a:c4:23:fb: 86:b1:26:19:d1:f0:bf:66:83:86:21:6d:55:39:ec: af:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:10:94:44:B9:4F:3B:EC:3E:E7:43:EB:B9:7E:98:C7:D4:A7:CD:6D X509v3 Authority Key Identifier: keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ahCURLlPO-w-50PruX6Yx9SnzW0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:9a40:8e40::/48 Signature Algorithm: sha256WithRSAEncryption 3a:c7:02:48:cf:b4:dc:a9:63:fd:25:13:38:70:0c:69:54:a7: 3d:6b:a1:12:0b:3b:3e:4d:bf:2e:42:5d:d0:3c:2e:c7:5f:63: e6:3c:d5:bf:79:28:ea:21:3f:67:7b:2e:10:57:a5:92:68:d9: 6b:39:c5:f6:07:64:33:e0:12:9f:34:05:d6:60:0e:10:9b:0b: d0:8f:dd:8f:00:a9:29:6a:42:d5:6f:6e:f4:fb:4e:83:8e:69: 6a:94:f0:bf:d9:35:85:86:1a:02:97:0c:de:4f:6a:bc:f0:de: a1:1d:91:04:4c:b1:9a:76:e6:89:70:6f:db:1f:b4:5f:d3:41: 0f:da:d2:3d:87:1d:5f:3f:f9:be:34:66:9d:0b:0f:01:20:98: dd:91:45:ec:1b:69:4a:c4:e1:51:03:b1:74:ce:be:48:02:c2: 5c:37:8d:4e:da:e6:98:e7:ee:82:26:5f:07:38:c6:bb:48:e8: 12:17:5d:1f:24:2f:34:cd:b3:e7:df:59:fc:23:6a:a4:7b:11: 88:09:66:33:bd:d6:a5:dd:64:7c:d6:22:36:e2:14:94:4e:dd: c3:c0:37:d0:19:dc:5d:7f:62:f3:32:fb:c8:0a:cc:7f:09:7b: d9:49:cb:7e:32:7c:8b:19:39:38:89:da:2c:da:56:be:42:c5: 70:5d:f6:9a -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZuVWfYx0A4D3lLpCuBQcXqcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl NDgwMDgwHhcNMjYwMTA2MjIwNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YTEwOTQ0NGI5NGYzYmVjM2VlNzQzZWJiOTdlOThjN2Q0YTdjZDZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5U99UIxx6FJjWLUJm0ae58cwlN+ nPhy4RsjXuYpjIlWaMikxd7LG78nZ5/3p6WnsdV6xc697+3Aov9mwLtea5QNFJ8q vglLTMJ6wrwakBQFUX2fXAWjThSLz3rRb5Yo3CwQQZaqvFW4lx9zBmNwsGhjqg7P MaoHcqbIn/k54SEhTUnq+muLD4HFFHvQnEErvFl1BfQQ/TjVXng+kkuK1sPJ3BIZ oY2E5Gj9XwE2gOnVKsB4Ld6tgNdkUPec06LjyPRfI63iBpX4BDc/4kQKXB7d8JW9 M4pYMXEyGuymbLqa8Le0T3HV55xeqYrEI/uGsSYZ0fC/ZoOGIW1VOeyvWwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFGoQlES5TzvsPudD67l+mMfUp81tMB8GA1UdIwQY MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt YmY0ZTUyN2I5ZmE4LzEvYWhDVVJMbFBPLXctNTBQcnVYNll4OVNuelcwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4 LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQI5A MA0GCSqGSIb3DQEBCwUAA4IBAQA6xwJIz7TcqWP9JRM4cAxpVKc9a6ESCzs+Tb8u Ql3QPC7HX2PmPNW/eSjqIT9ney4QV6WSaNlrOcX2B2Qz4BKfNAXWYA4QmwvQj92P AKkpakLVb270+06DjmlqlPC/2TWFhhoClwzeT2q88N6hHZEETLGaduaJcG/bH7Rf 00EP2tI9hx1fP/m+NGadCw8BIJjdkUXsG2lKxOFRA7F0zr5IAsJcN41O2uaY5+6C Jl8HOMa7SOgSF10fJC80zbPn31n8I2qkexGICWYzvdal3WR81iI24hSUTt3DwDfQ Gdxdf2LzMvvICsx/CXvZSct+MnyLGTk4idos2la+QsVwXfaa -----END CERTIFICATE-----Generated at Tue Jan 20 09:04:38 2026 by rpki-client