This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/JTe6rZdralZYMfrallY8D9l18pI.roa File: JTe6rZdralZYMfrallY8D9l18pI.roa (raw, json) Hash identifier: nAhU2MmHuPgFOMieOuqyCTSQGexpWdZSuDuOtmxyLp0= Subject key identifier: 25:37:BA:AD:97:6B:6A:56:58:31:FA:DA:96:56:3C:0F:D9:75:F2:92 Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01 Certificate serial: 019B7F84F5E4BE18DA6849BC9BB3054134B8 Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/JTe6rZdralZYMfrallY8D9l18pI.roa Signing time: Fri 02 Jan 2026 16:22:58 +0000 ROA not before: Fri 02 Jan 2026 16:22:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201148 IP address blocks: 2a13:3f40::/29 maxlen: 29 2a13:3f40:1000::/48 maxlen: 48 2a13:3f40:1001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:f5:e4:be:18:da:68:49:bc:9b:b3:05:41:34:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01 Validity Not Before: Jan 2 16:22:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2537baad976b6a565831fada96563c0fd975f292 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:d9:e3:08:a3:4f:f2:c1:23:ae:5d:1b:33:8f: be:39:11:d5:fe:c8:bd:4b:8b:7e:0b:dc:10:d8:a4: 1d:6f:41:b5:a0:c9:2a:3c:10:f7:14:87:3d:f7:3d: 3f:72:3e:2b:92:b1:16:c2:b0:ec:77:c6:d7:4f:19: c7:84:11:31:0a:a4:e9:a8:d5:85:f5:54:a5:d8:0a: 27:b0:11:c8:28:e7:92:6f:6e:a5:2e:21:de:c6:ff: 67:93:70:fc:e8:61:90:4b:f0:55:b1:da:04:e4:83: df:21:c1:47:4a:91:3c:7f:1e:2b:e5:15:2d:23:8a: 05:fd:05:95:1d:96:12:ea:0e:60:61:86:d5:84:90: 9d:f2:67:d9:e5:85:4e:b0:75:12:f0:f2:d7:90:12: 1e:e2:e8:62:c5:a9:d9:46:d5:50:80:76:33:be:87: a2:5b:82:be:75:e3:ec:a1:48:5d:49:e3:99:42:21: 00:0e:49:78:76:70:1c:df:44:d1:07:2f:c0:9b:ff: 20:a8:2d:03:39:e7:3c:dc:2a:7c:9d:07:17:77:bf: e0:6b:34:5e:a2:30:3c:51:cf:fc:5d:1c:42:d4:fd: 5b:fb:72:20:33:d3:ff:6d:36:be:dd:b1:be:fc:8e: 39:72:9e:ab:4a:33:e1:27:f8:d7:31:87:97:39:62: c9:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:37:BA:AD:97:6B:6A:56:58:31:FA:DA:96:56:3C:0F:D9:75:F2:92 X509v3 Authority Key Identifier: keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/JTe6rZdralZYMfrallY8D9l18pI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:3f40::/29 Signature Algorithm: sha256WithRSAEncryption 7e:c1:b7:ac:27:46:e2:54:06:e7:f6:92:d4:b0:82:2d:68:1e: ee:4a:f9:26:13:d6:d0:a0:9f:64:a1:4c:13:26:ef:31:76:4d: 27:79:72:59:14:d2:a4:6c:78:3a:84:f2:c3:e8:aa:2f:67:e5: 0c:c2:46:d8:e2:88:19:03:c8:d2:37:aa:c3:01:5d:ef:c6:c4: 03:24:0a:3b:d5:f2:da:98:ce:5b:ab:b7:ce:73:32:f9:f9:3d: aa:0d:c6:f1:87:80:47:2a:e3:50:44:3f:7e:28:c3:54:31:8b: 05:2e:6c:c9:fd:41:9c:84:43:f2:b0:6e:02:36:90:0c:00:48: d7:80:e1:7a:cc:d3:cd:03:19:31:75:ef:f9:54:fd:f3:52:c1: 52:39:00:65:92:dd:b6:7e:f1:64:a1:04:6d:9c:45:79:72:fd: 9d:9f:d6:ae:5e:a4:a9:07:ce:8c:29:74:fc:6e:ce:10:14:d6: e1:48:78:76:ed:38:93:77:96:0e:96:29:d0:20:92:23:62:79: f2:bf:98:b1:3f:6a:d6:cc:59:d2:ec:e6:9f:25:41:b6:06:7d: 50:48:ce:b8:b8:cc:cd:95:f3:e8:dd:3b:23:c4:4f:62:07:28: 31:c4:4b:3d:30:76:b1:92:b7:65:32:bb:11:d6:b7:66:77:18: 23:24:76:28 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt/hPXkvhjaaEm8m7MFQTS4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj MmRjMDEwHhcNMjYwMTAyMTYyMjU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNTM3YmFhZDk3NmI2YTU2NTgzMWZhZGE5NjU2M2MwZmQ5NzVmMjkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNnjCKNP8sEjrl0bM4++ORHV/si9 S4t+C9wQ2KQdb0G1oMkqPBD3FIc99z0/cj4rkrEWwrDsd8bXTxnHhBExCqTpqNWF 9VSl2AonsBHIKOeSb26lLiHexv9nk3D86GGQS/BVsdoE5IPfIcFHSpE8fx4r5RUt I4oF/QWVHZYS6g5gYYbVhJCd8mfZ5YVOsHUS8PLXkBIe4uhixanZRtVQgHYzvoei W4K+dePsoUhdSeOZQiEADkl4dnAc30TRBy/Am/8gqC0DOec83Cp8nQcXd7/gazRe ojA8Uc/8XRxC1P1b+3IgM9P/bTa+3bG+/I45cp6rSjPhJ/jXMYeXOWLJ1QIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFCU3uq2Xa2pWWDH62pZWPA/ZdfKSMB8GA1UdIwQY MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt ZWFhMDkwNTE0YjUyLzEvSlRlNnJaZHJhbFpZTWZyYWxsWThEOWwxOHBJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhM/QDAN BgkqhkiG9w0BAQsFAAOCAQEAfsG3rCdG4lQG5/aS1LCCLWge7kr5JhPW0KCfZKFM EybvMXZNJ3lyWRTSpGx4OoTyw+iqL2flDMJG2OKIGQPI0jeqwwFd78bEAyQKO9Xy 2pjOW6u3znMy+fk9qg3G8YeARyrjUEQ/fijDVDGLBS5syf1BnIRD8rBuAjaQDABI 14DheszTzQMZMXXv+VT981LBUjkAZZLdtn7xZKEEbZxFeXL9nZ/Wrl6kqQfOjCl0 /G7OEBTW4Uh4du04k3eWDpYp0CCSI2J58r+YsT9q1sxZ0uzmnyVBtgZ9UEjOuLjM zZXz6N07I8RPYgcoMcRLPTB2sZK3ZTK7Eda3ZncYIyR2KA== -----END CERTIFICATE-----Generated at Tue Jan 20 02:45:52 2026 by rpki-client