This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/LaR2tR9VELkIqYB1KayofzhugrQ.roa File: LaR2tR9VELkIqYB1KayofzhugrQ.roa (raw, json) Hash identifier: IhBsr0UP82ELR6sQ5NhU1p2TkFx8sUm8QDTn1ahLei0= Subject key identifier: 2D:A4:76:B5:1F:55:10:B9:08:A9:80:75:29:AC:A8:7F:38:6E:82:B4 Certificate issuer: /CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a Certificate serial: 019B77C71474B55A156092093DFBDC224F13 Authority key identifier: 6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/LaR2tR9VELkIqYB1KayofzhugrQ.roa Signing time: Thu 01 Jan 2026 04:18:14 +0000 ROA not before: Thu 01 Jan 2026 04:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41745 IP address blocks: 2a03:afc0:9::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.crl rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.mft rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 07:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:14:74:b5:5a:15:60:92:09:3d:fb:dc:22:4f:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a Validity Not Before: Jan 1 04:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2da476b51f5510b908a9807529aca87f386e82b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:f5:cd:eb:c7:e7:44:b5:83:85:82:44:2c:e3: 6d:4c:1e:09:2b:5f:d5:b2:13:9a:53:88:ce:9b:3a: 72:a9:2e:1f:2a:de:b1:dc:ad:bd:1d:ee:5c:59:da: 91:36:c2:74:6e:46:2b:a0:e8:bb:0d:3a:83:a6:68: 50:31:88:a8:e0:5d:29:36:ce:cd:45:c6:49:60:55: cc:b9:f6:64:5e:2d:97:ad:ae:0a:ec:9b:ba:31:48: 58:65:30:08:de:e7:96:0b:da:08:3f:f2:a1:12:a7: 94:d3:a4:40:46:46:59:f0:03:7e:8f:81:81:87:ab: 68:dc:df:f3:df:35:e4:f4:19:af:e7:ba:29:dd:2d: 22:71:cb:f9:2a:4e:37:ed:06:7f:eb:88:1d:8a:c5: 77:35:d6:cc:89:f1:e4:0c:cf:58:f4:b2:78:2c:eb: ea:c5:80:05:91:bc:7b:7e:ab:b6:02:4c:ad:54:f6: bf:cd:68:51:8e:c4:b8:eb:f2:3d:2f:6a:7a:8d:89: 0e:60:0c:d8:87:97:a2:2a:17:e7:7e:ee:af:72:c8: cd:78:30:2e:9f:17:78:f8:78:d3:53:da:a4:e8:11: b9:c3:66:8a:64:0b:02:04:ce:7e:ee:8f:17:45:04: 80:6b:87:de:81:2a:f3:1d:45:a4:9d:31:a5:f5:60: ea:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:A4:76:B5:1F:55:10:B9:08:A9:80:75:29:AC:A8:7F:38:6E:82:B4 X509v3 Authority Key Identifier: keyid:6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/LaR2tR9VELkIqYB1KayofzhugrQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:afc0:9::/48 Signature Algorithm: sha256WithRSAEncryption 66:87:c6:34:86:ac:40:62:b4:5f:99:b7:93:7e:f1:10:fa:c4: 53:1a:94:30:16:ed:58:42:9d:db:6b:d5:77:42:39:45:ef:e5: cc:cc:d0:88:58:fd:59:0c:55:91:4d:3c:6b:66:ab:a2:26:5e: 52:9e:f5:49:48:2d:b2:10:8e:c3:8c:ed:6b:1e:cf:c2:0e:f6: dd:1b:39:cb:0c:7d:83:05:77:09:96:b6:a7:54:9d:c9:ed:21: fc:f9:63:d9:fd:3e:2e:33:d5:4b:e8:20:dc:a0:11:90:88:84: 50:64:bd:62:01:c5:e9:12:f5:37:ed:5d:56:f5:b5:a6:02:e0: 29:2b:0c:e7:4f:16:ae:0e:2e:4f:67:c1:ce:ed:f8:b3:4c:70: d2:c3:82:0f:55:f7:10:e3:99:bb:df:2d:5f:10:5e:a0:2f:aa: 70:42:dd:c1:c4:4f:a0:8c:c0:32:19:c1:f2:c7:66:1c:26:41: a0:54:81:9c:47:e5:e3:30:17:fd:9c:f0:f1:a0:49:2d:2b:2a: 84:f5:26:32:d0:c8:57:d4:11:7a:6a:8b:2e:98:a6:4e:cb:7e: dc:88:b6:97:e0:17:c7:26:82:4d:5b:9e:cb:9b:e1:64:02:33: 14:0e:fe:4c:39:b8:38:68:c9:0d:cb:bf:f4:fd:19:65:69:6d: 53:b0:14:42 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt3xxR0tVoVYJIJPfvcIk8TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMzljZTRjMjlhYjNmODAyZjlkZTkzM2Y0NDk1MDI2YzRk MGVlNGEwHhcNMjYwMTAxMDQxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZGE0NzZiNTFmNTUxMGI5MDhhOTgwNzUyOWFjYTg3ZjM4NmU4MmI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/XN68fnRLWDhYJELONtTB4JK1/V shOaU4jOmzpyqS4fKt6x3K29He5cWdqRNsJ0bkYroOi7DTqDpmhQMYio4F0pNs7N RcZJYFXMufZkXi2Xra4K7Ju6MUhYZTAI3ueWC9oIP/KhEqeU06RARkZZ8AN+j4GB h6to3N/z3zXk9Bmv57op3S0iccv5Kk437QZ/64gdisV3NdbMifHkDM9Y9LJ4LOvq xYAFkbx7fqu2AkytVPa/zWhRjsS46/I9L2p6jYkOYAzYh5eiKhfnfu6vcsjNeDAu nxd4+HjTU9qk6BG5w2aKZAsCBM5+7o8XRQSAa4fegSrzHUWknTGl9WDq5wIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFC2kdrUfVRC5CKmAdSmsqH84boK0MB8GA1UdIwQY MBaAFG05zkwpqz+AL53pM/RJUCbE0O5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5Nzkt Y2RjMzFkNWZiOGE0LzEvTGFSMnRSOVZFTGtJcVlCMUtheW9memh1Z3JRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5NzktY2RjMzFkNWZiOGE0 LzEvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOvwAAJ MA0GCSqGSIb3DQEBCwUAA4IBAQBmh8Y0hqxAYrRfmbeTfvEQ+sRTGpQwFu1YQp3b a9V3QjlF7+XMzNCIWP1ZDFWRTTxrZquiJl5SnvVJSC2yEI7DjO1rHs/CDvbdGznL DH2DBXcJlranVJ3J7SH8+WPZ/T4uM9VL6CDcoBGQiIRQZL1iAcXpEvU37V1W9bWm AuApKwznTxauDi5PZ8HO7fizTHDSw4IPVfcQ45m73y1fEF6gL6pwQt3BxE+gjMAy GcHyx2YcJkGgVIGcR+XjMBf9nPDxoEktKyqE9SYy0MhX1BF6aosumKZOy37ciLaX 4BfHJoJNW57Lm+FkAjMUDv5MObg4aMkNy7/0/RllaW1TsBRC -----END CERTIFICATE-----Generated at Tue Jan 20 14:13:49 2026 by rpki-client