This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/jTk2ghaEMDC7CYJ_QaO8Kuls2VI.roa File: jTk2ghaEMDC7CYJ_QaO8Kuls2VI.roa (raw, json) Hash identifier: wXuTm3VvMxF7Fy+o/HgTRq0XIiaxh+LU1Nqi3XYzQ+w= Subject key identifier: 8D:39:36:82:16:84:30:30:BB:09:82:7F:41:A3:BC:2A:E9:6C:D9:52 Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f Certificate serial: 019B7C12BBA25DA266D384A7AAA62EF8C651 Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/jTk2ghaEMDC7CYJ_QaO8Kuls2VI.roa Signing time: Fri 02 Jan 2026 00:19:21 +0000 ROA not before: Fri 02 Jan 2026 00:19:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208022 IP address blocks: 2a0a:280::/29 maxlen: 32 2a11:3780::/29 maxlen: 32 2a12:ef40::/29 maxlen: 32 2a13:63c0::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.mft rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 12:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:bb:a2:5d:a2:66:d3:84:a7:aa:a6:2e:f8:c6:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f Validity Not Before: Jan 2 00:19:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8d39368216843030bb09827f41a3bc2ae96cd952 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:3d:c7:bc:67:87:8d:fb:42:94:96:bc:5d:00: 9a:28:77:74:74:a9:3e:ab:a3:67:4b:80:7f:d4:cc: 0f:47:32:a0:5f:97:47:14:00:a8:38:f0:e5:52:f3: 10:05:09:08:57:5d:7a:70:5b:44:3d:9b:eb:64:e4: de:04:7c:f6:97:8e:67:2d:85:ee:9d:11:6f:46:29: 3f:cf:97:b1:61:5a:7b:09:0b:11:cc:df:05:76:30: f7:8a:f6:9b:96:d0:b2:36:1f:fd:b4:99:5e:5c:1b: 53:7d:f9:9a:66:69:a0:dc:70:5e:bf:11:78:e6:96: 18:6e:b6:d4:99:37:e7:72:8a:1d:25:d2:fd:38:55: 09:b4:11:f4:76:0d:e6:eb:d1:e1:c5:df:5b:70:b4: b1:ef:b2:04:4a:da:84:d7:69:84:c4:fb:22:2b:1f: 04:ad:5d:e6:c5:ab:a3:26:07:58:21:ca:ca:a2:02: 0b:cd:b6:3f:b6:67:19:c3:2d:a4:b5:46:06:fa:5a: 42:2b:95:71:25:af:dc:6b:61:18:d4:e7:6a:ca:53: eb:51:0e:74:d8:5d:d5:99:f3:ee:6d:ae:79:50:38: de:98:68:15:56:bf:a3:8d:07:98:55:f7:c3:e9:38: 60:02:2e:58:bb:c9:35:28:8c:79:9f:24:18:4b:49: de:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:39:36:82:16:84:30:30:BB:09:82:7F:41:A3:BC:2A:E9:6C:D9:52 X509v3 Authority Key Identifier: keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/jTk2ghaEMDC7CYJ_QaO8Kuls2VI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:280::/29 2a11:3780::/29 2a12:ef40::/29 2a13:63c0::/29 Signature Algorithm: sha256WithRSAEncryption 14:0b:52:5c:da:68:cb:4a:3d:45:8a:dc:1b:99:54:6c:31:86: 62:6b:62:b1:ba:d5:29:b1:a3:94:5f:a0:51:3a:d3:d6:f0:79: 79:92:5d:4e:59:a7:fd:55:e9:45:92:1b:78:79:ad:91:80:49: bd:fe:f7:c5:49:43:ce:35:a9:b1:4c:a6:3d:68:41:ad:35:bf: dc:1c:43:b1:3c:fd:40:72:20:da:cc:54:b3:0e:da:93:f0:5e: 13:64:9b:20:47:15:3a:2b:01:23:54:94:4c:95:c6:33:90:0f: 09:59:59:f0:1b:11:a4:59:fc:4c:51:86:18:4b:43:bf:2b:aa: 39:1f:b2:2a:8f:20:81:cd:f4:d9:a5:c3:17:8b:3f:71:62:6e: de:18:3b:eb:12:d7:4d:47:3a:91:03:75:de:6c:6b:6e:cd:cd: de:e6:ec:4d:ce:f7:fd:f4:36:66:c3:ba:5c:ae:e0:a5:d4:8b: 60:74:ec:90:09:ac:d4:82:41:66:5a:e6:be:2f:3d:96:3a:e6: 50:7e:55:6a:b0:f7:b7:34:c6:f3:1c:06:0c:c6:56:09:cc:fd: 38:9d:03:a9:0c:82:bc:a9:4c:8a:87:c0:72:eb:14:9f:c4:4d: 71:c6:8c:33:4e:27:84:a3:7a:90:0d:17:41:31:65:87:27:c7: fa:80:21:08 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt8EruiXaJm04SnqqYu+MZRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi MzM2OWYwHhcNMjYwMTAyMDAxOTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZDM5MzY4MjE2ODQzMDMwYmIwOTgyN2Y0MWEzYmMyYWU5NmNkOTUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3T3HvGeHjftClJa8XQCaKHd0dKk+ q6NnS4B/1MwPRzKgX5dHFACoOPDlUvMQBQkIV116cFtEPZvrZOTeBHz2l45nLYXu nRFvRik/z5exYVp7CQsRzN8FdjD3ivabltCyNh/9tJleXBtTffmaZmmg3HBevxF4 5pYYbrbUmTfncoodJdL9OFUJtBH0dg3m69Hhxd9bcLSx77IEStqE12mExPsiKx8E rV3mxaujJgdYIcrKogILzbY/tmcZwy2ktUYG+lpCK5VxJa/ca2EY1OdqylPrUQ50 2F3VmfPuba55UDjemGgVVr+jjQeYVffD6ThgAi5Yu8k1KIx5nyQYS0neMQIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFI05NoIWhDAwuwmCf0GjvCrpbNlSMB8GA1UdIwQY MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt ZjUxYzVmYjNkZjlhLzEvalRrMmdoYUVNREM3Q1lKX1FhTzhLdWxzMlZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgoCgAMF AyoRN4ADBQMqEu9AAwUDKhNjwDANBgkqhkiG9w0BAQsFAAOCAQEAFAtSXNpoy0o9 RYrcG5lUbDGGYmtisbrVKbGjlF+gUTrT1vB5eZJdTlmn/VXpRZIbeHmtkYBJvf73 xUlDzjWpsUymPWhBrTW/3BxDsTz9QHIg2sxUsw7ak/BeE2SbIEcVOisBI1SUTJXG M5APCVlZ8BsRpFn8TFGGGEtDvyuqOR+yKo8ggc302aXDF4s/cWJu3hg76xLXTUc6 kQN13mxrbs3N3ubsTc73/fQ2ZsO6XK7gpdSLYHTskAms1IJBZlrmvi89ljrmUH5V arD3tzTG8xwGDMZWCcz9OJ0DqQyCvKlMiofAcusUn8RNccaMM04nhKN6kA0XQTFl hyfH+oAhCA== -----END CERTIFICATE-----Generated at Wed Jan 21 17:32:40 2026 by rpki-client