This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/1AaGajGK39FJ1DfqM02pviOUgxE.roa File: 1AaGajGK39FJ1DfqM02pviOUgxE.roa (raw, json) Hash identifier: REcEZv2mwfjfjwH6vxcx0ox6WJ+EFSfiMB5BRMtnFng= Subject key identifier: D4:06:86:6A:31:8A:DF:D1:49:D4:37:EA:33:4D:A9:BE:23:94:83:11 Certificate issuer: /CN=90fd8aae1b6e159a2fa8f03d7a3188a1e18072a0 Certificate serial: 019B865CA7A5C339775430BD54288B659B28 Authority key identifier: 90:FD:8A:AE:1B:6E:15:9A:2F:A8:F0:3D:7A:31:88:A1:E1:80:72:A0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/1AaGajGK39FJ1DfqM02pviOUgxE.roa Signing time: Sun 04 Jan 2026 00:16:17 +0000 ROA not before: Sun 04 Jan 2026 00:16:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214913 IP address blocks: 2a0f:c442:8000::/48 maxlen: 48 2a0f:c442:c000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/kP2KrhtuFZovqPA9ejGIoeGAcqA.crl rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/kP2KrhtuFZovqPA9ejGIoeGAcqA.mft rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:86:5c:a7:a5:c3:39:77:54:30:bd:54:28:8b:65:9b:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90fd8aae1b6e159a2fa8f03d7a3188a1e18072a0 Validity Not Before: Jan 4 00:16:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d406866a318adfd149d437ea334da9be23948311 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:1a:ce:b9:14:48:f0:d8:df:22:51:bc:49:78: 42:31:52:1e:fc:09:cb:0e:d3:83:82:b9:79:5a:51: fe:b2:5d:c9:0b:92:3e:c0:10:fc:1a:39:45:d2:cf: a5:a0:ce:3c:24:20:9c:e4:d1:90:d9:77:10:cc:cf: 10:f8:6e:64:1a:c0:08:ed:dd:74:05:f5:6b:4d:a1: 49:ec:e8:35:fe:b7:d0:e9:e8:09:74:48:f9:c9:be: d3:fa:49:fd:87:41:3e:6d:71:68:d2:f2:8c:d6:3f: 9c:11:47:81:b0:e5:ef:49:e8:dc:0d:03:fc:48:d6: 64:05:02:ec:5f:88:c6:1a:7a:45:77:46:b5:40:5c: db:d6:83:ca:2f:0c:d5:fb:4c:60:88:e3:86:e2:f8: 42:66:42:94:57:38:c5:f4:61:48:f1:63:d2:97:38: 75:6f:3d:55:b8:a2:17:a7:3f:4f:31:9f:97:6c:4b: 85:9f:a5:14:09:a1:cc:c4:0f:b1:3c:ac:fb:af:d6: 00:56:6a:a6:6d:f5:8e:0f:fa:54:3c:71:b9:25:84: 52:23:16:a1:f1:1d:cc:a7:54:c6:25:c6:b0:ae:f5: d7:77:f8:02:6a:90:91:88:cc:a5:fa:60:92:24:37: a3:03:e8:a0:13:16:7c:e7:3e:fb:7c:e4:ca:d1:fb: 16:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:06:86:6A:31:8A:DF:D1:49:D4:37:EA:33:4D:A9:BE:23:94:83:11 X509v3 Authority Key Identifier: keyid:90:FD:8A:AE:1B:6E:15:9A:2F:A8:F0:3D:7A:31:88:A1:E1:80:72:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/1AaGajGK39FJ1DfqM02pviOUgxE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/kP2KrhtuFZovqPA9ejGIoeGAcqA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:c442:8000::/48 2a0f:c442:c000::/48 Signature Algorithm: sha256WithRSAEncryption 7a:e5:bb:b9:0e:63:63:bd:46:c2:1b:23:45:70:f3:94:9a:3f: 87:93:01:8b:e9:0d:40:3d:3d:09:c4:ad:7e:fc:12:65:26:03: 61:4e:ea:ab:04:f2:3a:35:eb:a2:24:28:69:f9:c9:b0:d6:a5: 87:b7:ad:8c:a7:d8:a9:b0:13:0d:b9:5a:de:f1:1f:e5:3c:ea: f3:cf:ad:5b:bb:3e:c4:ad:e6:04:8d:65:76:ee:68:8b:bf:06: f7:95:b4:8e:18:91:8b:23:fe:1a:07:34:27:60:70:68:a4:52: e7:c7:45:d1:dd:92:c2:4c:d3:ec:29:2b:69:37:00:d6:8c:33: 51:1a:3b:b4:56:8d:7a:75:88:c3:9b:b0:96:fd:5d:76:ac:50: d5:db:72:db:1b:33:be:b0:76:24:f0:fe:7c:62:ab:ad:0a:b7: 2d:5c:af:32:bd:44:5d:55:8d:7a:9d:74:3e:68:67:c4:d9:e5: 62:d1:ca:97:c7:7e:63:53:e6:1b:96:a5:de:fa:e7:c4:4e:c7: 98:a9:f8:ab:6a:f8:ba:6d:a3:e2:8d:6b:69:26:aa:5b:62:d9: 5e:45:ac:30:d0:96:9a:69:5a:dc:16:b7:04:4a:ae:db:d5:5e: 9d:c5:5f:a7:26:f1:ad:1f:51:fc:d4:62:af:e0:f7:a1:a7:28: a7:74:d5:47 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZuGXKelwzl3VDC9VCiLZZsoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZmQ4YWFlMWI2ZTE1OWEyZmE4ZjAzZDdhMzE4OGExZTE4 MDcyYTAwHhcNMjYwMTA0MDAxNjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNDA2ODY2YTMxOGFkZmQxNDlkNDM3ZWEzMzRkYTliZTIzOTQ4MzExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxrOuRRI8NjfIlG8SXhCMVIe/AnL DtODgrl5WlH+sl3JC5I+wBD8GjlF0s+loM48JCCc5NGQ2XcQzM8Q+G5kGsAI7d10 BfVrTaFJ7Og1/rfQ6egJdEj5yb7T+kn9h0E+bXFo0vKM1j+cEUeBsOXvSejcDQP8 SNZkBQLsX4jGGnpFd0a1QFzb1oPKLwzV+0xgiOOG4vhCZkKUVzjF9GFI8WPSlzh1 bz1VuKIXpz9PMZ+XbEuFn6UUCaHMxA+xPKz7r9YAVmqmbfWOD/pUPHG5JYRSIxah 8R3Mp1TGJcawrvXXd/gCapCRiMyl+mCSJDejA+igExZ85z77fOTK0fsW2wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFNQGhmoxit/RSdQ36jNNqb4jlIMRMB8GA1UdIwQY MBaAFJD9iq4bbhWaL6jwPXoxiKHhgHKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1AyS3JodHVGWm92cVBBOWVqR0lvZUdBY3FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi81ZGZjNzYtZTdlYi00ZDM1LThhZDct Nzk5MzU5MTExM2U0LzEvMUFhR2FqR0szOUZKMURmcU0wMnB2aU9VZ3hFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi81ZGZjNzYtZTdlYi00ZDM1LThhZDctNzk5MzU5MTExM2U0 LzEva1AyS3JodHVGWm92cVBBOWVqR0lvZUdBY3FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg/EQoAA AwcAKg/EQsAAMA0GCSqGSIb3DQEBCwUAA4IBAQB65bu5DmNjvUbCGyNFcPOUmj+H kwGL6Q1APT0JxK1+/BJlJgNhTuqrBPI6NeuiJChp+cmw1qWHt62Mp9ipsBMNuVre 8R/lPOrzz61buz7EreYEjWV27miLvwb3lbSOGJGLI/4aBzQnYHBopFLnx0XR3ZLC TNPsKStpNwDWjDNRGju0Vo16dYjDm7CW/V12rFDV23LbGzO+sHYk8P58YqutCrct XK8yvURdVY16nXQ+aGfE2eVi0cqXx35jU+YblqXe+ufETseYqfiravi6baPijWtp JqpbYtleRaww0JaaaVrcFrcESq7b1V6dxV+nJvGtH1H81GKv4PehpyindNVH -----END CERTIFICATE-----Generated at Mon Feb 9 18:38:08 2026 by rpki-client