This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/IK9JbGwU_5OZ6FRgqAX6_xTKqek.roa File: IK9JbGwU_5OZ6FRgqAX6_xTKqek.roa (raw, json) Hash identifier: pNfeA6OcLlvCvqXtplaX7lmN0HS19Wmgk/DEiFXtwOk= Subject key identifier: 20:AF:49:6C:6C:14:FF:93:99:E8:54:60:A8:05:FA:FF:14:CA:A9:E9 Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5 Certificate serial: 019B7EA75C0878AE3E4DF31616D787A65CF9 Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/IK9JbGwU_5OZ6FRgqAX6_xTKqek.roa Signing time: Fri 02 Jan 2026 12:20:55 +0000 ROA not before: Fri 02 Jan 2026 12:20:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206847 IP address blocks: 2a10:b40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 04 Jan 2026 15:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:5c:08:78:ae:3e:4d:f3:16:16:d7:87:a6:5c:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5 Validity Not Before: Jan 2 12:20:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=20af496c6c14ff9399e85460a805faff14caa9e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:1a:9f:18:4f:a8:fb:a3:77:e8:37:37:43:69: 73:e3:31:8b:ad:a6:6a:41:2c:6e:94:b2:dd:b0:58: fc:a7:e1:69:5e:2b:3e:66:31:1e:b5:70:d1:8b:be: 8f:a7:0e:e9:b5:b5:d1:07:5e:37:3d:4c:aa:e7:da: a4:4f:43:e1:56:06:b8:6b:d2:7e:37:55:3e:7c:dd: aa:7c:23:07:ee:c3:74:c5:be:a3:d8:4e:56:67:53: 68:f9:fb:d1:a6:b3:85:82:b2:3e:25:84:2a:5b:3b: 4c:db:3e:03:5b:6e:eb:2a:fa:44:18:be:2a:15:ec: 1d:8b:d4:03:9c:f2:5f:25:90:a9:7e:dd:a1:fc:50: 72:2e:ea:06:73:36:85:d1:66:82:42:66:2d:47:15: be:e8:65:61:c0:e4:62:e1:8a:c1:b4:fc:b6:83:65: 25:87:56:98:8f:44:98:85:46:6b:a4:9b:75:dd:75: 18:f7:5d:6e:02:ef:57:67:0a:9e:92:fb:1d:a5:89: 61:5c:c3:d2:06:61:45:29:d1:76:dc:a7:84:ec:e4: 8a:d8:8d:68:59:57:88:fe:58:b7:5b:42:14:ad:b2: 3b:31:26:1c:c4:14:33:75:c2:87:94:bc:5b:27:f8: 30:d1:9a:ae:ce:75:a0:ad:31:0c:b6:c1:24:7b:30: 8d:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:AF:49:6C:6C:14:FF:93:99:E8:54:60:A8:05:FA:FF:14:CA:A9:E9 X509v3 Authority Key Identifier: keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/IK9JbGwU_5OZ6FRgqAX6_xTKqek.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:b40::/32 Signature Algorithm: sha256WithRSAEncryption df:63:4e:a7:72:bf:d7:a3:92:b2:54:3f:72:c5:17:07:01:82: a5:80:54:e0:fb:e4:25:1e:1a:e8:4b:a3:78:ad:f7:1a:3b:7f: 42:e4:1f:91:4d:dd:ef:70:45:50:b8:fb:73:a6:e1:ce:21:d4: 78:d1:b2:c2:a2:5e:fe:9f:27:be:cc:4a:68:9b:c0:93:6d:b2: e0:30:fd:b9:c2:0d:bc:86:81:f3:57:de:30:a5:92:3f:d4:3f: ed:6a:0d:1f:59:ae:9e:80:20:c8:35:a0:01:df:d7:1d:3e:da: 46:a7:d6:c9:f1:ab:b5:70:0e:75:d9:05:07:f4:7f:33:05:f7: ec:bf:3d:06:05:c2:98:54:71:90:dc:40:ed:68:4c:51:3d:82: 0c:01:20:34:7b:c3:16:e5:b6:25:28:8b:91:fc:54:e3:ce:2b: aa:ee:54:9b:47:5e:16:cd:b6:94:34:67:1c:d6:a3:ac:2b:50: 34:43:1b:f8:b2:31:99:3f:d4:5b:fb:bc:c8:f6:6e:1b:f4:43: 99:37:17:39:9d:2d:17:f4:2f:3b:11:77:f3:38:0c:8e:22:bd: 4a:53:11:da:c7:cb:b9:1e:0b:b8:07:8a:56:40:71:c0:3c:de: 26:16:88:07:af:82:86:59:10:12:46:5d:94:08:8a:45:b7:85: c0:73:0d:85 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt+p1wIeK4+TfMWFteHplz5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0 ZGIwYTUwHhcNMjYwMTAyMTIyMDU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMGFmNDk2YzZjMTRmZjkzOTllODU0NjBhODA1ZmFmZjE0Y2FhOWU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xqfGE+o+6N36Dc3Q2lz4zGLraZq QSxulLLdsFj8p+FpXis+ZjEetXDRi76Ppw7ptbXRB143PUyq59qkT0PhVga4a9J+ N1U+fN2qfCMH7sN0xb6j2E5WZ1No+fvRprOFgrI+JYQqWztM2z4DW27rKvpEGL4q Fewdi9QDnPJfJZCpft2h/FByLuoGczaF0WaCQmYtRxW+6GVhwORi4YrBtPy2g2Ul h1aYj0SYhUZrpJt13XUY911uAu9XZwqekvsdpYlhXMPSBmFFKdF23KeE7OSK2I1o WVeI/li3W0IUrbI7MSYcxBQzdcKHlLxbJ/gw0ZquznWgrTEMtsEkezCNzwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFCCvSWxsFP+TmehUYKgF+v8UyqnpMB8GA1UdIwQY MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt YmFmYmRmYzgxMzJhLzEvSUs5SmJHd1VfNU9aNkZSZ3FBWDZfeFRLcWVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhALQDAN BgkqhkiG9w0BAQsFAAOCAQEA32NOp3K/16OSslQ/csUXBwGCpYBU4PvkJR4a6Euj eK33Gjt/QuQfkU3d73BFULj7c6bhziHUeNGywqJe/p8nvsxKaJvAk22y4DD9ucIN vIaB81feMKWSP9Q/7WoNH1munoAgyDWgAd/XHT7aRqfWyfGrtXAOddkFB/R/MwX3 7L89BgXCmFRxkNxA7WhMUT2CDAEgNHvDFuW2JSiLkfxU484rqu5Um0deFs22lDRn HNajrCtQNEMb+LIxmT/UW/u8yPZuG/RDmTcXOZ0tF/QvOxF38zgMjiK9SlMR2sfL uR4LuAeKVkBxwDzeJhaIB6+ChlkQEkZdlAiKRbeFwHMNhQ== -----END CERTIFICATE-----Generated at Sat Jan 3 18:59:59 2026 by rpki-client