This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/KQt0bGNTmAqkKMpA808bq5qAorg.roa File: KQt0bGNTmAqkKMpA808bq5qAorg.roa (raw, json) Hash identifier: HfmKhmXTk452cgTDlSlUC3REiJ7+v52ou6kKwFAi23k= Subject key identifier: 29:0B:74:6C:63:53:98:0A:A4:28:CA:40:F3:4F:1B:AB:9A:80:A2:B8 Certificate issuer: /CN=69dbe1e7d9e87d68701a4035a76c51bfecd88d81 Certificate serial: 019B7EA6D2748CED8254A63522C23EDF39EE Authority key identifier: 69:DB:E1:E7:D9:E8:7D:68:70:1A:40:35:A7:6C:51:BF:EC:D8:8D:81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/advh59nofWhwGkA1p2xRv-zYjYE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/KQt0bGNTmAqkKMpA808bq5qAorg.roa Signing time: Fri 02 Jan 2026 12:20:20 +0000 ROA not before: Fri 02 Jan 2026 12:20:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215223 IP address blocks: 2a01:e281:a300::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/advh59nofWhwGkA1p2xRv-zYjYE.crl rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/advh59nofWhwGkA1p2xRv-zYjYE.mft rsync://rpki.ripe.net/repository/DEFAULT/advh59nofWhwGkA1p2xRv-zYjYE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:d2:74:8c:ed:82:54:a6:35:22:c2:3e:df:39:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69dbe1e7d9e87d68701a4035a76c51bfecd88d81 Validity Not Before: Jan 2 12:20:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=290b746c6353980aa428ca40f34f1bab9a80a2b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:16:cf:f7:c1:27:1a:09:8b:be:9e:76:92:56: 50:cc:44:2d:dc:a4:3b:9e:63:f6:7f:ae:70:88:40: 2c:6d:64:fe:d0:32:f4:a9:ef:ba:dd:41:6e:f7:88: 42:c6:5d:8c:c3:86:a6:60:e7:1f:31:c5:f1:a4:93: 72:7f:c6:7c:89:85:23:d6:cc:33:8f:ea:31:bf:ac: fb:50:1e:71:20:95:6f:67:96:fb:f5:40:ac:c6:16: ab:cf:4f:a7:18:71:d6:5b:14:fb:77:74:62:7d:a0: ab:6e:be:54:f7:82:e5:15:81:f8:4e:60:dd:a7:41: e4:22:c2:59:bc:19:86:4f:48:57:b3:c1:dd:bf:31: 2d:df:34:1d:a4:1a:60:a4:d3:64:79:4c:86:10:95: 29:b1:c2:63:84:d8:7e:24:48:e1:1a:b2:de:91:97: b6:d6:5a:75:30:05:4a:77:ad:ac:83:05:b9:d4:22: be:b3:7d:51:5d:99:fd:bd:5e:73:04:41:4f:1e:ba: 3c:66:8f:99:6f:37:7f:b8:52:9d:51:c5:8e:c9:a7: 5b:f3:67:1b:fc:12:f5:ae:c1:24:7a:61:76:73:62: 84:2e:43:59:4a:71:75:64:08:57:85:a2:9d:74:78: 71:81:b7:70:8d:7f:80:49:0b:36:75:b9:16:5d:25: 33:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:0B:74:6C:63:53:98:0A:A4:28:CA:40:F3:4F:1B:AB:9A:80:A2:B8 X509v3 Authority Key Identifier: keyid:69:DB:E1:E7:D9:E8:7D:68:70:1A:40:35:A7:6C:51:BF:EC:D8:8D:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/advh59nofWhwGkA1p2xRv-zYjYE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/KQt0bGNTmAqkKMpA808bq5qAorg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/advh59nofWhwGkA1p2xRv-zYjYE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:e281:a300::/40 Signature Algorithm: sha256WithRSAEncryption c2:12:06:42:5a:98:6d:f8:ec:7e:76:69:56:26:48:4a:7c:07: de:e4:0a:0d:81:96:a3:62:56:95:e3:7f:dc:a9:97:13:23:2c: 8a:b8:b1:0d:e4:60:e2:5a:91:3b:8a:c1:68:c9:c4:0e:6e:80: 42:9e:82:f1:fc:e4:d0:f0:32:58:57:1b:7b:49:0e:60:0a:86: e2:a7:98:5b:a3:58:05:bb:de:79:5b:39:79:08:8f:0a:5b:13: a6:49:e6:4b:3b:13:66:90:00:e8:6b:74:5a:72:61:f6:72:49: 0a:1e:04:a8:1c:70:f0:15:84:36:b6:6d:c6:e7:d6:f3:01:25: e8:b7:fe:82:10:61:a0:e8:3c:6e:02:62:dd:a2:03:d1:91:ed: a7:f8:f7:51:ff:4e:4c:6b:bc:ed:be:8b:f8:2f:c4:de:1e:a8: c1:74:3f:a1:64:8c:9c:aa:d2:57:9f:0d:4d:b7:49:58:61:8c: de:f2:8a:a0:86:e3:35:38:64:35:d5:99:45:cc:33:a7:aa:c6: 4f:1a:f1:04:13:69:fc:39:62:64:8a:ec:9a:7d:a1:ed:31:77: 42:c6:17:2a:dc:b1:c1:e2:cb:42:85:0a:b7:7f:be:eb:54:57: 2d:51:52:ae:e5:be:4c:3f:c4:1f:16:24:e3:12:0e:28:62:94: 3c:cc:92:e4 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt+ptJ0jO2CVKY1IsI+3znuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5ZGJlMWU3ZDllODdkNjg3MDFhNDAzNWE3NmM1MWJmZWNk ODhkODEwHhcNMjYwMTAyMTIyMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTBiNzQ2YzYzNTM5ODBhYTQyOGNhNDBmMzRmMWJhYjlhODBhMmI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBbP98EnGgmLvp52klZQzEQt3KQ7 nmP2f65wiEAsbWT+0DL0qe+63UFu94hCxl2Mw4amYOcfMcXxpJNyf8Z8iYUj1swz j+oxv6z7UB5xIJVvZ5b79UCsxharz0+nGHHWWxT7d3RifaCrbr5U94LlFYH4TmDd p0HkIsJZvBmGT0hXs8HdvzEt3zQdpBpgpNNkeUyGEJUpscJjhNh+JEjhGrLekZe2 1lp1MAVKd62sgwW51CK+s31RXZn9vV5zBEFPHro8Zo+Zbzd/uFKdUcWOyadb82cb /BL1rsEkemF2c2KELkNZSnF1ZAhXhaKddHhxgbdwjX+ASQs2dbkWXSUzzQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFCkLdGxjU5gKpCjKQPNPG6uagKK4MB8GA1UdIwQY MBaAFGnb4efZ6H1ocBpANadsUb/s2I2BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWR2aDU5bm9mV2h3R2tBMXAyeFJ2LXpZallFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83MjcwMTUtZTE0ZS00ZDQxLWIwNWIt OGQ5NDU1M2I3NWUxLzEvS1F0MGJHTlRtQXFrS01wQTgwOGJxNXFBb3JnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC83MjcwMTUtZTE0ZS00ZDQxLWIwNWItOGQ5NDU1M2I3NWUx LzEvYWR2aDU5bm9mV2h3R2tBMXAyeFJ2LXpZallFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgHigaMw DQYJKoZIhvcNAQELBQADggEBAMISBkJamG347H52aVYmSEp8B97kCg2BlqNiVpXj f9yplxMjLIq4sQ3kYOJakTuKwWjJxA5ugEKegvH85NDwMlhXG3tJDmAKhuKnmFuj WAW73nlbOXkIjwpbE6ZJ5ks7E2aQAOhrdFpyYfZySQoeBKgccPAVhDa2bcbn1vMB Jei3/oIQYaDoPG4CYt2iA9GR7af491H/TkxrvO2+i/gvxN4eqMF0P6FkjJyq0lef DU23SVhhjN7yiqCG4zU4ZDXVmUXMM6eqxk8a8QQTafw5YmSK7Jp9oe0xd0LGFyrc scHiy0KFCrd/vutUVy1RUq7lvkw/xB8WJOMSDihilDzMkuQ= -----END CERTIFICATE-----Generated at Mon Jan 26 14:17:26 2026 by rpki-client