This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/68knDJGjPijqH6qKCVegwh9rA7Y.roa File: 68knDJGjPijqH6qKCVegwh9rA7Y.roa (raw, json) Hash identifier: cnTJylZy0djEXnJbABAw1Wq8AHsDzcay1igtsg25Vmc= Subject key identifier: EB:C9:27:0C:91:A3:3E:28:EA:1F:AA:8A:09:57:A0:C2:1F:6B:03:B6 Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034 Certificate serial: 019B7F82CE9078CFAFC362CEF055E9C9F3E4 Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/68knDJGjPijqH6qKCVegwh9rA7Y.roa Signing time: Fri 02 Jan 2026 16:20:37 +0000 ROA not before: Fri 02 Jan 2026 16:20:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207892 IP address blocks: 2a0b:b87:ffdb::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 07:01:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:ce:90:78:cf:af:c3:62:ce:f0:55:e9:c9:f3:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034 Validity Not Before: Jan 2 16:20:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ebc9270c91a33e28ea1faa8a0957a0c21f6b03b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:e0:4b:7b:72:d2:2d:51:18:80:ad:27:b0:5e: 73:2e:79:31:8a:11:b2:08:91:f2:23:2d:ec:79:4b: 0c:c6:2d:56:69:e2:4b:bf:f1:1d:aa:30:88:87:a0: 35:3c:d7:90:83:1b:10:bc:31:0e:11:63:eb:52:63: a7:21:6e:f1:29:00:af:8e:1e:a2:9a:6d:b6:54:55: b7:c8:e2:ff:a5:13:8a:dc:0e:f8:a9:29:b4:9a:31: a5:6d:21:a9:43:c5:53:b0:e1:7f:c6:01:81:89:05: 9c:01:ed:7e:40:fc:e9:ed:d7:0b:a2:d7:a9:81:90: cd:88:92:eb:59:f8:48:65:e9:03:86:a6:b1:7a:77: 98:2e:25:1e:24:52:bf:c3:33:e6:02:ab:0b:3f:32: 68:e9:ff:03:2d:72:4f:8c:4f:10:16:09:ee:31:0a: 09:ef:b2:80:18:39:e7:aa:1a:a5:5e:71:e1:01:ac: 56:fb:21:db:43:d9:77:a2:c1:a3:4b:cf:a7:8e:7f: ad:d5:c5:9b:5a:af:c8:1d:c6:bb:32:dd:0d:41:e8: 7e:f3:01:4c:7a:75:75:e3:4d:ef:90:88:c6:59:b2: 89:ec:1a:eb:81:b8:da:37:d0:a4:01:4d:47:1c:9f: 92:4d:f2:cc:7d:63:13:c7:17:90:ce:09:6c:a6:c2: cf:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:C9:27:0C:91:A3:3E:28:EA:1F:AA:8A:09:57:A0:C2:1F:6B:03:B6 X509v3 Authority Key Identifier: keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/68knDJGjPijqH6qKCVegwh9rA7Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:b87:ffdb::/48 Signature Algorithm: sha256WithRSAEncryption 48:f9:76:d9:63:79:fd:cf:85:bd:4e:18:22:c2:5b:d2:c9:c2: f3:e6:44:8c:e1:33:5f:ab:66:92:53:fc:54:77:96:1c:bc:51: ec:a3:16:7c:96:d6:79:1d:b1:da:9e:ce:13:ed:50:19:10:77: 01:80:5e:5f:9b:d4:7e:89:55:21:f5:dd:ce:f6:cc:2f:6a:fc: 8e:c4:ed:b4:eb:d9:97:77:e6:eb:aa:83:1d:2a:95:69:3f:09: 56:3e:ba:78:f5:b7:e4:60:81:2f:e4:7c:34:1d:79:18:f0:9f: 13:70:30:ab:5e:b6:95:f5:66:82:75:75:4a:2e:37:8a:85:4f: 19:1b:8a:82:10:d9:7e:1b:64:59:00:a3:8b:e8:38:c5:17:8f: bc:ff:de:92:28:14:92:c6:af:9d:4c:67:8f:fb:19:9e:e0:d9: 58:b8:2c:13:84:52:ff:78:5a:ef:5e:58:bb:34:ea:ec:b4:e5: 71:cd:7e:e0:7b:15:06:15:42:b9:48:bb:fa:55:51:f8:f0:f4: e1:91:bb:12:c8:76:01:53:25:3c:aa:b3:52:c3:14:0c:7c:53: a9:75:69:16:ea:64:6d:2e:d9:b7:75:ba:65:49:13:ba:f5:65: e2:a8:76:90:6d:79:95:ef:a9:9d:f3:c6:66:7e:d9:c0:b6:bb: 7c:8a:3b:6e -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/gs6QeM+vw2LO8FXpyfPkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz YjUwMzQwHhcNMjYwMTAyMTYyMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlYmM5MjcwYzkxYTMzZTI4ZWExZmFhOGEwOTU3YTBjMjFmNmIwM2I2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleBLe3LSLVEYgK0nsF5zLnkxihGy CJHyIy3seUsMxi1WaeJLv/EdqjCIh6A1PNeQgxsQvDEOEWPrUmOnIW7xKQCvjh6i mm22VFW3yOL/pROK3A74qSm0mjGlbSGpQ8VTsOF/xgGBiQWcAe1+QPzp7dcLotep gZDNiJLrWfhIZekDhqaxeneYLiUeJFK/wzPmAqsLPzJo6f8DLXJPjE8QFgnuMQoJ 77KAGDnnqhqlXnHhAaxW+yHbQ9l3osGjS8+njn+t1cWbWq/IHca7Mt0NQeh+8wFM enV1403vkIjGWbKJ7BrrgbjaN9CkAU1HHJ+STfLMfWMTxxeQzglspsLPyQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFOvJJwyRoz4o6h+qiglXoMIfawO2MB8GA1UdIwQY MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It Mzk0YWNkMjFmMzliLzEvNjhrbkRKR2pQaWpxSDZxS0NWZWd3aDlyQTdZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//b MA0GCSqGSIb3DQEBCwUAA4IBAQBI+XbZY3n9z4W9ThgiwlvSycLz5kSM4TNfq2aS U/xUd5YcvFHsoxZ8ltZ5HbHans4T7VAZEHcBgF5fm9R+iVUh9d3O9swvavyOxO20 69mXd+brqoMdKpVpPwlWPrp49bfkYIEv5Hw0HXkY8J8TcDCrXraV9WaCdXVKLjeK hU8ZG4qCENl+G2RZAKOL6DjFF4+8/96SKBSSxq+dTGeP+xme4NlYuCwThFL/eFrv Xli7NOrstOVxzX7gexUGFUK5SLv6VVH48PThkbsSyHYBUyU8qrNSwxQMfFOpdWkW 6mRtLtm3dbplSRO69WXiqHaQbXmV76md88ZmftnAtrt8ijtu -----END CERTIFICATE-----Generated at Tue Jan 20 15:20:21 2026 by rpki-client