This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0kA9cbcvZHbDat-9S6KI03zwjvc.roa File: 0kA9cbcvZHbDat-9S6KI03zwjvc.roa (raw, json) Hash identifier: 14GitWlCV/+fEn844mpR8Oc5WTCzpNO9VmyN+/75Tnc= Subject key identifier: D2:40:3D:71:B7:2F:64:76:C3:6A:DF:BD:4B:A2:88:D3:7C:F0:8E:F7 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5CA0D70958F634CB54A235F784B3BC Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0kA9cbcvZHbDat-9S6KI03zwjvc.roa Signing time: Fri 02 Jan 2026 06:19:41 +0000 ROA not before: Fri 02 Jan 2026 06:19:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 2a0e:97c0:411::/48 maxlen: 48 2a0e:b107:19a0::/48 maxlen: 48 2a0e:b107:1a63::/48 maxlen: 48 2a0e:b107:1a64::/48 maxlen: 48 2a0e:b107:2880::/46 maxlen: 48 2a10:cc40:216::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:a0:d7:09:58:f6:34:cb:54:a2:35:f7:84:b3:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:19:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d2403d71b72f6476c36adfbd4ba288d37cf08ef7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:c7:e3:da:38:b1:fb:a4:6d:86:a0:71:f2:0b: e4:49:c7:2e:db:12:7e:56:04:f9:db:62:a9:a8:69: ff:14:ba:f1:d7:66:4a:ad:41:cb:b3:ab:d4:48:c2: 25:13:d9:56:32:9d:e7:7b:08:3e:b3:9a:ad:a8:4a: 64:3e:ff:64:a4:0c:62:2b:1a:48:4b:08:43:c8:69: 51:d5:6c:33:2b:b9:98:c1:f8:9e:ce:de:24:53:52: ba:60:fe:54:13:60:67:b7:5b:e5:73:9b:0a:d0:51: 69:8c:8b:0d:05:49:8c:79:71:c0:a7:b6:39:a1:00: 69:19:3f:d3:5e:4f:de:3d:fa:81:6d:be:9d:e5:bc: 57:e5:a7:9c:d6:7e:39:c3:20:8f:7a:41:32:de:c3: 15:7a:e2:50:b2:23:a5:31:11:0a:57:77:93:8b:3f: 16:a4:7f:02:5e:e9:59:f1:b0:97:b2:a0:f1:f9:a4: 5a:d4:bc:39:f8:f3:f8:36:bc:f7:e9:23:55:bf:9e: 19:e4:34:d9:71:03:3d:7a:c4:0f:88:54:b0:f7:a5: a2:de:0f:c0:92:62:9c:05:31:4b:59:6f:e7:82:8a: 4e:5c:6d:41:6c:a6:63:cf:04:7c:7f:02:d5:dd:75: 57:a9:c2:39:9f:61:d7:ba:02:a0:12:91:1e:d1:34: dd:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:40:3D:71:B7:2F:64:76:C3:6A:DF:BD:4B:A2:88:D3:7C:F0:8E:F7 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0kA9cbcvZHbDat-9S6KI03zwjvc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:97c0:411::/48 2a0e:b107:19a0::/48 2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff 2a0e:b107:2880::/46 2a10:cc40:216::/48 Signature Algorithm: sha256WithRSAEncryption 86:dc:61:d9:63:c7:4d:57:33:61:77:c6:a9:ea:31:b4:59:0e: 8c:17:bb:eb:36:e1:2f:85:19:6a:e7:11:33:84:79:e2:d5:0f: 8b:ac:88:02:3c:2a:d5:6e:c0:66:8f:d0:61:f0:a0:1e:86:79: f5:96:ff:a1:e3:de:a5:ed:7a:9b:3a:8f:89:2d:bc:87:b0:a3: 55:1c:c9:68:5a:ff:5e:9d:18:a5:a8:20:4e:87:0d:fe:8b:5c: 11:74:d7:14:08:31:43:47:1c:ec:5f:00:95:a9:73:c5:64:72: cd:42:31:ca:b5:bd:53:d4:2d:e0:8e:a1:d0:fd:1c:a8:9a:96: 86:37:95:f6:67:37:71:01:d9:a7:52:55:a7:25:12:a1:3e:68: b8:ec:4d:4b:7e:57:49:76:26:2b:3f:e2:75:38:3d:5d:06:45: c4:62:15:44:50:ea:46:60:11:3b:10:20:9a:43:a1:c2:12:04: 60:62:c7:7f:68:61:59:50:fb:a8:b8:da:d1:47:ba:f2:08:3e: 2f:17:3e:82:9f:b1:86:d7:fe:38:12:d8:ce:af:44:4d:10:fb: 37:5d:73:30:aa:bc:c1:c6:e2:62:cf:a2:38:df:9c:90:92:5e: d4:34:09:e1:60:6f:ff:e3:f1:82:00:5b:74:3b:f7:18:90:9b: 7a:82:f2:36 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgISAZt9XKDXCVj2NMtUojX3hLO8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYxOTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMjQwM2Q3MWI3MmY2NDc2YzM2YWRmYmQ0YmEyODhkMzdjZjA4ZWY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcfj2jix+6RthqBx8gvkSccu2xJ+ VgT522KpqGn/FLrx12ZKrUHLs6vUSMIlE9lWMp3newg+s5qtqEpkPv9kpAxiKxpI SwhDyGlR1WwzK7mYwfiezt4kU1K6YP5UE2Bnt1vlc5sK0FFpjIsNBUmMeXHAp7Y5 oQBpGT/TXk/ePfqBbb6d5bxX5aec1n45wyCPekEy3sMVeuJQsiOlMREKV3eTiz8W pH8CXulZ8bCXsqDx+aRa1Lw5+PP4Nrz36SNVv54Z5DTZcQM9esQPiFSw96Wi3g/A kmKcBTFLWW/ngopOXG1BbKZjzwR8fwLV3XVXqcI5n2HXugKgEpEe0TTd3wIDAQAB o4ICOzCCAjcwHQYDVR0OBBYEFNJAPXG3L2R2w2rfvUuiiNN88I73MB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvMGtBOWNiY3ZaSGJEYXQtOVM2S0kwM3p3anZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwcAKg6XwAQR AwcAKg6xBxmgMBIDBwAqDrEHGmMDBwAqDrEHGmQDBwIqDrEHKIADBwAqEMxAAhYw DQYJKoZIhvcNAQELBQADggEBAIbcYdljx01XM2F3xqnqMbRZDowXu+s24S+FGWrn ETOEeeLVD4usiAI8KtVuwGaP0GHwoB6GefWW/6Hj3qXteps6j4ktvIewo1UcyWha /16dGKWoIE6HDf6LXBF01xQIMUNHHOxfAJWpc8Vkcs1CMcq1vVPULeCOodD9HKia loY3lfZnN3EB2adSVaclEqE+aLjsTUt+V0l2Jis/4nU4PV0GRcRiFURQ6kZgETsQ IJpDocISBGBix39oYVlQ+6i42tFHuvIIPi8XPoKfsYbX/jgS2M6vRE0Q+zddczCq vMHG4mLPojjfnJCSXtQ0CeFgb//j8YIAW3Q79xiQm3qC8jY= -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:25 2026 by rpki-client