This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/kN99vFdbAempQ2A2_gxGNJ7ed64.roa File: kN99vFdbAempQ2A2_gxGNJ7ed64.roa (raw, json) Hash identifier: 1v+1gMi8uf5SBhW1FJK7tf586/slgxWuh9VuZL56b4M= Subject key identifier: 90:DF:7D:BC:57:5B:01:E9:A9:43:60:36:FE:0C:46:34:9E:DE:77:AE Certificate issuer: /CN=0b5caf262fdbfcc5ff30e28a5104646e27a89262 Certificate serial: 019B7A5B96A1E9252D8A7718B51B6DB6ABB1 Authority key identifier: 0B:5C:AF:26:2F:DB:FC:C5:FF:30:E2:8A:51:04:64:6E:27:A8:92:62 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1yvJi_b_MX_MOKKUQRkbieokmI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/kN99vFdbAempQ2A2_gxGNJ7ed64.roa Signing time: Thu 01 Jan 2026 16:19:41 +0000 ROA not before: Thu 01 Jan 2026 16:19:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12414 IP address blocks: 2a05:b2c2::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/C1yvJi_b_MX_MOKKUQRkbieokmI.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/C1yvJi_b_MX_MOKKUQRkbieokmI.mft rsync://rpki.ripe.net/repository/DEFAULT/C1yvJi_b_MX_MOKKUQRkbieokmI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:96:a1:e9:25:2d:8a:77:18:b5:1b:6d:b6:ab:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b5caf262fdbfcc5ff30e28a5104646e27a89262 Validity Not Before: Jan 1 16:19:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90df7dbc575b01e9a9436036fe0c46349ede77ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:3b:c3:35:2a:87:f5:58:83:74:66:0e:82:10: 2e:61:a2:9d:24:95:ee:3c:59:ac:7b:50:99:b8:12: 5d:2a:ab:3c:bd:53:d3:b0:08:21:98:fd:9b:fe:c4: 76:66:78:9e:f4:c3:08:fd:83:c0:67:55:ba:70:4d: fc:06:b1:54:fc:cb:61:f7:a6:45:c7:18:9c:13:a9: 89:6c:2f:b0:f4:1e:c1:71:3d:ee:ed:6b:ac:1a:e0: 41:0c:51:43:24:4d:1b:e5:60:25:d5:95:ba:68:49: 1b:24:9f:72:de:02:25:4d:21:f7:cc:01:81:5e:75: c1:9b:69:1f:23:fa:82:21:17:f6:a9:9d:31:e8:e0: b1:a4:5e:4b:22:a1:f9:ea:4e:5d:bc:84:48:06:5d: 59:3a:32:d8:be:61:08:a3:36:26:4a:7f:40:1c:b4: 4a:1e:d0:f5:e4:2a:68:6d:75:f9:9a:3c:89:e5:c5: cf:89:ae:9d:73:20:fe:31:73:e9:3a:c8:55:36:70: 8b:ca:59:2d:6b:dc:68:99:cb:8d:6f:1b:5b:ce:b3: 3b:f0:53:7b:16:03:cf:7d:61:d6:b7:39:d0:aa:2c: 2b:45:c4:98:e1:9a:b7:e2:10:1c:97:8f:25:25:f8: 52:8b:76:84:69:64:12:d4:a7:e6:8f:c5:c7:44:80: 2b:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:DF:7D:BC:57:5B:01:E9:A9:43:60:36:FE:0C:46:34:9E:DE:77:AE X509v3 Authority Key Identifier: keyid:0B:5C:AF:26:2F:DB:FC:C5:FF:30:E2:8A:51:04:64:6E:27:A8:92:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1yvJi_b_MX_MOKKUQRkbieokmI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/kN99vFdbAempQ2A2_gxGNJ7ed64.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/C1yvJi_b_MX_MOKKUQRkbieokmI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:b2c2::/31 Signature Algorithm: sha256WithRSAEncryption 1b:0c:00:3f:cb:ae:e4:8b:6f:1f:80:55:eb:2a:a6:fc:12:c1: cd:ac:4f:49:39:39:8a:bf:25:6b:56:01:e0:74:3c:c7:e4:c2: 1c:6f:28:af:12:a6:d8:1a:85:04:87:fd:e7:e4:36:94:14:17: 1c:11:91:da:7d:d9:2e:96:35:03:67:f6:2d:af:a9:95:51:55: 58:c4:76:db:bc:51:79:2c:8f:2c:22:dc:51:03:81:62:0f:41: 29:b0:c8:12:3f:55:fd:7a:9a:e4:5a:6d:2c:dc:a6:34:b5:9e: ac:9c:9c:76:eb:08:85:31:92:68:76:02:fd:3e:76:01:bd:75: 51:91:aa:0f:ab:b4:81:5e:18:3e:c6:4a:1a:aa:29:4a:fe:fb: 1a:e9:c7:0c:d1:c8:07:e5:83:06:36:25:12:07:7c:36:ab:5b: 88:ba:75:9c:43:f1:a5:41:3b:d9:a9:2a:95:75:6b:d4:a0:0a: fd:7a:85:30:ab:33:8b:98:16:ea:52:a8:a2:a8:83:c3:88:47: 28:5d:e0:05:8f:c5:a7:ad:7b:7e:c6:cb:3e:b6:71:6b:6f:6d: 66:38:39:fe:58:03:0d:65:d3:7b:11:44:c1:2a:99:08:8e:43: 1a:06:44:5b:43:1b:0d:15:dc:11:fc:6f:a1:09:57:32:ed:99: f6:5f:0b:24 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt6W5ah6SUtincYtRtttquxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiNWNhZjI2MmZkYmZjYzVmZjMwZTI4YTUxMDQ2NDZlMjdh ODkyNjIwHhcNMjYwMTAxMTYxOTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MGRmN2RiYzU3NWIwMWU5YTk0MzYwMzZmZTBjNDYzNDllZGU3N2FlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zvDNSqH9ViDdGYOghAuYaKdJJXu PFmse1CZuBJdKqs8vVPTsAghmP2b/sR2Znie9MMI/YPAZ1W6cE38BrFU/Mth96ZF xxicE6mJbC+w9B7BcT3u7WusGuBBDFFDJE0b5WAl1ZW6aEkbJJ9y3gIlTSH3zAGB XnXBm2kfI/qCIRf2qZ0x6OCxpF5LIqH56k5dvIRIBl1ZOjLYvmEIozYmSn9AHLRK HtD15CpobXX5mjyJ5cXPia6dcyD+MXPpOshVNnCLylkta9xomcuNbxtbzrM78FN7 FgPPfWHWtznQqiwrRcSY4Zq34hAcl48lJfhSi3aEaWQS1Kfmj8XHRIArPwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFJDffbxXWwHpqUNgNv4MRjSe3neuMB8GA1UdIwQY MBaAFAtcryYv2/zF/zDiilEEZG4nqJJiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzF5dkppX2JfTVhfTU9LS1VRUmtiaWVva21JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mNGI4ZTktNjg2ZC00MWJlLTk4OTEt ZGYxZTk1ZDdlZGQ5LzEva045OXZGZGJBZW1wUTJBMl9neEdOSjdlZDY0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mNGI4ZTktNjg2ZC00MWJlLTk4OTEtZGYxZTk1ZDdlZGQ5 LzEvQzF5dkppX2JfTVhfTU9LS1VRUmtiaWVva21JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKgWywjAN BgkqhkiG9w0BAQsFAAOCAQEAGwwAP8uu5ItvH4BV6yqm/BLBzaxPSTk5ir8la1YB 4HQ8x+TCHG8orxKm2BqFBIf95+Q2lBQXHBGR2n3ZLpY1A2f2La+plVFVWMR227xR eSyPLCLcUQOBYg9BKbDIEj9V/Xqa5FptLNymNLWerJycdusIhTGSaHYC/T52Ab11 UZGqD6u0gV4YPsZKGqopSv77GunHDNHIB+WDBjYlEgd8NqtbiLp1nEPxpUE72akq lXVr1KAK/XqFMKszi5gW6lKooqiDw4hHKF3gBY/Fp617fsbLPrZxa29tZjg5/lgD DWXTexFEwSqZCI5DGgZEW0MbDRXcEfxvoQlXMu2Z9l8LJA== -----END CERTIFICATE-----Generated at Mon Jan 26 17:44:22 2026 by rpki-client