This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/KsFOJDttqy_VpUv2R0gz7Gxx5hY.roa File: KsFOJDttqy_VpUv2R0gz7Gxx5hY.roa (raw, json) Hash identifier: YswPe/O5Azk6ROeO91VP12JoIIylqp2zfZQX3SqmIMA= Subject key identifier: 2A:C1:4E:24:3B:6D:AB:2F:D5:A5:4B:F6:47:48:33:EC:6C:71:E6:16 Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Certificate serial: 019B7ED3A3F629C2FA2F1367F694290364F4 Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/KsFOJDttqy_VpUv2R0gz7Gxx5hY.roa Signing time: Fri 02 Jan 2026 13:09:17 +0000 ROA not before: Fri 02 Jan 2026 13:09:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213529 IP address blocks: 2a0d:d940:2008::/48 maxlen: 48 2a0d:d940:9006::/48 maxlen: 48 2a0d:d940:900e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 15:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:d3:a3:f6:29:c2:fa:2f:13:67:f6:94:29:03:64:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Validity Not Before: Jan 2 13:09:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2ac14e243b6dab2fd5a54bf6474833ec6c71e616 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:7d:a7:ba:ed:75:a4:75:04:42:51:f6:67:0a: a6:96:59:69:b8:6d:8a:19:a4:56:ae:e1:e7:ff:16: 77:de:3c:e1:1d:7c:24:29:ee:be:70:70:20:dc:09: bf:46:91:87:b9:bf:73:12:41:39:df:da:89:c5:39: 2a:2c:37:7f:ec:10:76:88:bb:28:32:09:b8:69:ad: 1f:d5:0e:f3:10:dc:e5:17:a0:e4:db:9d:c0:eb:90: 54:c2:85:8e:3f:40:a1:14:b2:a0:51:bd:66:5c:fd: 47:c2:c7:92:b6:80:09:8f:77:ec:01:8e:7d:17:f6: 10:9b:ff:8c:36:22:db:35:bc:7c:bf:d8:b2:2e:07: 15:41:df:02:2e:97:ac:11:50:47:c2:4d:3d:d4:83: bf:37:2c:7d:49:27:6e:be:01:96:d3:e9:66:4c:c1: 98:68:78:f8:d5:95:5d:0c:3e:85:9c:eb:46:14:21: 1a:a8:0e:e0:70:6e:29:c9:c1:f8:7e:08:f7:da:b7: ee:d5:4c:bc:e6:77:4a:8e:23:97:fb:0b:1e:63:87: 77:44:82:13:14:73:51:66:d2:97:f0:5c:9f:5c:91: 9b:cf:97:b8:9f:36:99:2a:57:82:97:22:36:5d:2f: aa:48:d2:a6:f2:a1:69:ab:dd:8f:bb:85:08:28:c6: 0f:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:C1:4E:24:3B:6D:AB:2F:D5:A5:4B:F6:47:48:33:EC:6C:71:E6:16 X509v3 Authority Key Identifier: keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/KsFOJDttqy_VpUv2R0gz7Gxx5hY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:d940:2008::/48 2a0d:d940:9006::/48 2a0d:d940:900e::/48 Signature Algorithm: sha256WithRSAEncryption 11:6b:95:a3:fc:9f:0c:d6:bd:77:ba:42:18:64:f0:ca:bf:f5: fe:65:a3:82:b0:9b:40:aa:eb:87:97:10:41:47:28:c3:95:0b: c2:f9:32:04:9e:51:83:55:df:13:f8:0d:0f:aa:0b:39:b6:dc: 61:35:28:63:ed:06:dc:b3:4f:cd:34:93:e1:0b:a8:9c:28:88: b8:28:ca:55:77:a5:17:f7:56:cd:7c:1a:7a:32:87:14:58:34: c2:70:87:72:2f:97:c1:50:89:be:ad:ba:23:d8:9e:31:6f:bd: ac:55:1c:94:21:8a:c0:5a:7b:69:a6:83:84:cc:30:47:d8:17: 55:f1:79:c0:5a:91:25:e4:75:8c:87:d9:9b:fe:17:79:78:59: bb:3d:43:a1:86:d8:45:9b:59:fe:92:df:5e:32:89:a3:08:b3: ee:a2:ed:b9:fa:b4:c5:0f:4a:39:78:09:44:fe:da:51:94:1f: fa:e1:ac:29:c6:42:1e:38:fa:4f:08:12:f6:a8:b0:2a:71:61: c9:1d:46:69:9b:b7:fb:e5:a1:ff:36:40:4e:d0:60:a0:be:a3: d5:fb:1f:93:4b:be:46:7b:9e:86:88:33:e8:5c:6f:b2:8d:fe: 7e:5f:cf:7d:36:4c:37:53:74:f6:8f:81:90:32:14:29:92:ec: 70:aa:52:94 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+06P2KcL6LxNn9pQpA2T0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj YmJjNzQwHhcNMjYwMTAyMTMwOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYWMxNGUyNDNiNmRhYjJmZDVhNTRiZjY0NzQ4MzNlYzZjNzFlNjE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl32nuu11pHUEQlH2ZwqmlllpuG2K GaRWruHn/xZ33jzhHXwkKe6+cHAg3Am/RpGHub9zEkE539qJxTkqLDd/7BB2iLso Mgm4aa0f1Q7zENzlF6Dk253A65BUwoWOP0ChFLKgUb1mXP1HwseStoAJj3fsAY59 F/YQm/+MNiLbNbx8v9iyLgcVQd8CLpesEVBHwk091IO/Nyx9SSduvgGW0+lmTMGY aHj41ZVdDD6FnOtGFCEaqA7gcG4pycH4fgj32rfu1Uy85ndKjiOX+wseY4d3RIIT FHNRZtKX8FyfXJGbz5e4nzaZKleClyI2XS+qSNKm8qFpq92Pu4UIKMYPCQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFCrBTiQ7basv1aVL9kdIM+xsceYWMB8GA1UdIwQY MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt MTRkMjM4NTI3ODM1LzEvS3NGT0pEdHRxeV9WcFV2MlIwZ3o3R3h4NWhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1 LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg3ZQCAI AwcAKg3ZQJAGAwcAKg3ZQJAOMA0GCSqGSIb3DQEBCwUAA4IBAQARa5Wj/J8M1r13 ukIYZPDKv/X+ZaOCsJtAquuHlxBBRyjDlQvC+TIEnlGDVd8T+A0Pqgs5ttxhNShj 7Qbcs0/NNJPhC6icKIi4KMpVd6UX91bNfBp6MocUWDTCcIdyL5fBUIm+rboj2J4x b72sVRyUIYrAWntppoOEzDBH2BdV8XnAWpEl5HWMh9mb/hd5eFm7PUOhhthFm1n+ kt9eMomjCLPuou25+rTFD0o5eAlE/tpRlB/64awpxkIeOPpPCBL2qLAqcWHJHUZp m7f75aH/NkBO0GCgvqPV+x+TS75Ge56GiDPoXG+yjf5+X899Nkw3U3T2j4GQMhQp kuxwqlKU -----END CERTIFICATE-----Generated at Wed Jan 21 17:00:57 2026 by rpki-client