This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nkjFlwwRSrq79nueq6Wypew12iA.roa File: nkjFlwwRSrq79nueq6Wypew12iA.roa (raw, json) Hash identifier: hLtJzvdl7KBC8bRAj6hsRHZaapsNnHTxCW8gmVekM8o= Subject key identifier: 9E:48:C5:97:0C:11:4A:BA:BB:F6:7B:9E:AB:A5:B2:A5:EC:35:DA:20 Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034 Certificate serial: 019B7F82D71D718E17935CAC7EFFC33EE6CF Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nkjFlwwRSrq79nueq6Wypew12iA.roa Signing time: Fri 02 Jan 2026 16:20:39 +0000 ROA not before: Fri 02 Jan 2026 16:20:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210977 IP address blocks: 2a0e:c7c1::/45 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 07:01:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:d7:1d:71:8e:17:93:5c:ac:7e:ff:c3:3e:e6:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034 Validity Not Before: Jan 2 16:20:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9e48c5970c114ababbf67b9eaba5b2a5ec35da20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:6c:55:8a:13:05:f3:9c:1c:65:bb:35:41:6a: 50:1a:a8:7e:7a:bf:1f:9c:4e:f8:de:82:f5:86:ba: 83:dc:3a:11:db:81:91:82:f3:bc:aa:f2:8e:9f:ce: 7c:af:6c:1f:5e:1b:f9:98:cb:93:34:cc:05:a3:55: 23:ab:c5:28:1c:f9:45:03:ae:20:c4:c4:74:6a:56: 65:ff:f1:02:9c:49:55:47:8f:d2:f1:7f:1e:39:93: 42:04:89:6a:c6:07:5f:18:54:3b:66:34:a2:3f:61: 04:99:b1:0d:a4:f5:14:ff:9f:91:74:e2:81:e4:93: 76:75:c2:39:34:39:e9:0a:d5:d6:bf:a4:e9:b9:2a: d4:97:f2:09:1c:45:8c:64:7a:4c:b9:e3:13:6e:d2: 38:a7:40:a1:d6:fe:61:01:d2:fd:67:82:6c:de:01: 5b:8d:90:c0:85:18:02:ff:91:f9:e9:40:d9:71:a1: fa:29:e7:6a:e7:40:ba:8f:f2:7d:0e:df:db:9b:9c: f4:fb:c4:ea:7f:da:49:f8:5b:4c:57:e4:45:41:5c: 61:37:97:0b:dc:6e:32:3e:25:1d:6d:db:c5:f1:9e: 0d:4d:79:3e:b0:d7:4e:80:f2:9f:c9:e8:a9:ae:2d: 00:21:35:67:7d:b9:d0:a6:01:10:94:38:d4:48:9b: 37:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:48:C5:97:0C:11:4A:BA:BB:F6:7B:9E:AB:A5:B2:A5:EC:35:DA:20 X509v3 Authority Key Identifier: keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nkjFlwwRSrq79nueq6Wypew12iA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:c7c1::/45 Signature Algorithm: sha256WithRSAEncryption 6b:76:7c:53:28:47:81:62:bc:a5:e2:3f:2e:de:c7:e3:a1:ea: 5b:32:8c:4f:fe:1a:17:71:a4:b2:7a:71:73:bd:50:26:43:73: 80:f5:ee:60:49:ba:a8:8e:36:c5:a4:eb:bc:30:a3:c1:3a:fd: e6:52:3e:89:dc:71:63:88:57:5f:e5:61:3e:09:4f:ce:b5:a3: f9:b1:32:13:3d:cd:7a:2b:a0:af:b1:2d:62:0f:e4:ac:2e:d7: fc:eb:06:ca:91:d5:b8:d8:78:2d:91:cf:ea:2d:75:05:cb:64: 4c:eb:2c:c4:af:9c:14:d7:cd:67:be:f0:be:89:ae:60:e0:9a: d7:ef:a4:b2:0c:46:ee:9e:14:d7:dd:d5:af:fc:52:ae:ff:a3: 5e:7a:73:64:50:08:73:77:32:af:c2:e8:f2:a7:03:7d:12:ee: 37:c5:24:28:38:18:20:7e:7f:ce:d2:f0:4b:fa:8b:78:8e:98: dd:94:24:1e:ee:62:56:45:d0:74:66:f5:5d:da:ed:af:b1:fe: b3:04:1b:a9:a4:e9:ca:40:d1:d4:33:02:c0:ac:e4:b8:c0:f0: 80:79:99:4f:22:7f:45:a6:80:ac:57:f5:81:3d:ae:f4:a8:9b: 4a:06:e9:3e:62:06:6f:4b:85:09:a8:63:17:8f:9b:8b:45:e3: 40:de:46:d8 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/gtcdcY4Xk1ysfv/DPubPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz YjUwMzQwHhcNMjYwMTAyMTYyMDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZTQ4YzU5NzBjMTE0YWJhYmJmNjdiOWVhYmE1YjJhNWVjMzVkYTIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGxVihMF85wcZbs1QWpQGqh+er8f nE743oL1hrqD3DoR24GRgvO8qvKOn858r2wfXhv5mMuTNMwFo1Ujq8UoHPlFA64g xMR0alZl//ECnElVR4/S8X8eOZNCBIlqxgdfGFQ7ZjSiP2EEmbENpPUU/5+RdOKB 5JN2dcI5NDnpCtXWv6TpuSrUl/IJHEWMZHpMueMTbtI4p0Ch1v5hAdL9Z4Js3gFb jZDAhRgC/5H56UDZcaH6Kedq50C6j/J9Dt/bm5z0+8Tqf9pJ+FtMV+RFQVxhN5cL 3G4yPiUdbdvF8Z4NTXk+sNdOgPKfyeipri0AITVnfbnQpgEQlDjUSJs3uwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJ5IxZcMEUq6u/Z7nqulsqXsNdogMB8GA1UdIwQY MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It Mzk0YWNkMjFmMzliLzEvbmtqRmx3d1JTcnE3OW51ZXE2V3lwZXcxMmlBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKg7HwQAA MA0GCSqGSIb3DQEBCwUAA4IBAQBrdnxTKEeBYryl4j8u3sfjoepbMoxP/hoXcaSy enFzvVAmQ3OA9e5gSbqojjbFpOu8MKPBOv3mUj6J3HFjiFdf5WE+CU/OtaP5sTIT Pc16K6CvsS1iD+SsLtf86wbKkdW42Hgtkc/qLXUFy2RM6yzEr5wU181nvvC+ia5g 4JrX76SyDEbunhTX3dWv/FKu/6NeenNkUAhzdzKvwujypwN9Eu43xSQoOBggfn/O 0vBL+ot4jpjdlCQe7mJWRdB0ZvVd2u2vsf6zBBuppOnKQNHUMwLArOS4wPCAeZlP In9FpoCsV/WBPa70qJtKBuk+YgZvS4UJqGMXj5uLReNA3kbY -----END CERTIFICATE-----Generated at Tue Jan 20 15:20:55 2026 by rpki-client