This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/M-KkecQacS96cquJbKiBQfZ-9iY.roa File: M-KkecQacS96cquJbKiBQfZ-9iY.roa (raw, json) Hash identifier: UtXWiuTBsYsiqMTVzaU0Opj7rNe9sfLhIzgKA9Zyjok= Subject key identifier: 33:E2:A4:79:C4:1A:71:2F:7A:72:AB:89:6C:A8:81:41:F6:7E:F6:26 Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c Certificate serial: 019A92E2F18DA1762CB0209504540BDAC52B Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/M-KkecQacS96cquJbKiBQfZ-9iY.roa Signing time: Mon 17 Nov 2025 17:35:37 +0000 ROA not before: Mon 17 Nov 2025 17:35:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 205866 IP address blocks: 2a0d:6a40::/29 maxlen: 29 2a0d:cc40::/29 maxlen: 29 2a0d:e1c0::/29 maxlen: 29 2a0d:fbc0::/29 maxlen: 29 2a0e:adc0::/29 maxlen: 29 2a0f:9a40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 08:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:92:e2:f1:8d:a1:76:2c:b0:20:95:04:54:0b:da:c5:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c Validity Not Before: Nov 17 17:35:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=33e2a479c41a712f7a72ab896ca88141f67ef626 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:5e:96:7b:79:1b:4b:90:ba:4c:2f:40:a4:04: c6:51:b3:59:5d:7a:de:32:c9:84:b4:ce:78:a9:f7: 17:44:3c:64:91:3a:92:68:0a:6b:53:3f:c9:bd:f7: a6:40:4e:46:40:fa:da:16:ff:45:41:f5:15:01:ac: 29:83:5d:c4:d7:51:ab:cf:b3:30:a1:6c:92:85:61: 9d:f6:8f:d3:eb:7b:f0:95:3f:84:f8:f6:92:3e:93: c4:c5:aa:31:47:2b:18:5e:00:b6:1f:30:7c:e3:e2: c8:b2:a7:73:b0:56:e8:99:92:f7:17:e8:57:87:9e: 3d:2d:9e:a1:f9:65:90:bd:30:26:59:a2:cc:9a:21: 63:57:e7:82:4b:84:87:74:e5:67:76:d8:33:34:2d: 68:76:5b:5e:f8:2b:f5:ea:e8:5c:97:90:6f:61:81: 49:41:8e:fb:a2:76:dc:f5:bb:4a:1f:18:c8:21:32: e3:d8:76:1b:81:0f:b2:69:45:29:93:c5:6b:83:b0: b9:f3:ff:33:31:9d:5c:2e:b2:f2:a6:07:3d:75:d9: 5f:bd:02:d1:91:41:3c:46:33:59:e8:18:24:00:ec: fe:e3:95:ee:a1:83:ed:41:46:8f:c4:e7:91:1e:94: 2a:62:4c:7b:78:1c:ec:c1:ad:e6:3a:a5:98:1c:50: 0f:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:E2:A4:79:C4:1A:71:2F:7A:72:AB:89:6C:A8:81:41:F6:7E:F6:26 X509v3 Authority Key Identifier: keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/M-KkecQacS96cquJbKiBQfZ-9iY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:6a40::/29 2a0d:cc40::/29 2a0d:e1c0::/29 2a0d:fbc0::/29 2a0e:adc0::/29 2a0f:9a40::/29 Signature Algorithm: sha256WithRSAEncryption 93:d0:33:c9:21:31:c8:af:8c:1d:3f:8d:50:85:38:7c:4e:43: 0c:70:0f:a6:3e:db:fa:e8:f1:a0:6c:8e:e9:6c:ca:5c:57:8c: 98:d2:9e:e6:69:83:c4:73:1e:cd:c9:6a:18:b3:36:c2:1f:fa: 4e:3f:f0:81:48:4b:53:ff:2a:0b:18:7a:89:71:e0:54:4f:6b: 39:f1:55:fc:93:1b:aa:73:48:8b:d1:2f:8f:68:6e:b4:5a:45: ee:4e:c0:00:e7:32:a9:8c:cb:b8:b2:89:59:a9:07:f7:ee:fb: ce:84:2a:17:d0:a3:5b:d5:d1:ad:10:43:51:28:5d:bf:81:cd: 74:12:59:e5:14:88:59:14:e0:95:30:d3:58:5d:ad:e3:c2:3d: 4b:04:1a:e9:32:60:7b:5e:e8:a2:ef:2b:46:2b:23:4b:36:41: 27:dc:88:82:82:c1:bf:a9:b6:da:44:5e:e0:3b:21:cc:9e:82: bb:a3:7a:7f:fc:d1:48:b5:f3:b5:40:11:83:3e:be:a1:ba:7c: b4:c6:d8:76:86:27:dd:68:81:bb:57:ea:3c:39:de:2d:94:9d: 41:8c:66:dd:a6:f2:fb:34:c8:44:01:d3:b4:2f:ab:58:b1:78: 8a:e1:93:0a:8e:8f:92:7f:57:6a:10:b9:38:03:3a:a2:41:ad: 86:0f:f3:6f -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZqS4vGNoXYssCCVBFQL2sUrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4 ZmNjNGMwHhcNMjUxMTE3MTczNTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzM2UyYTQ3OWM0MWE3MTJmN2E3MmFiODk2Y2E4ODE0MWY2N2VmNjI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl6We3kbS5C6TC9ApATGUbNZXXre MsmEtM54qfcXRDxkkTqSaAprUz/JvfemQE5GQPraFv9FQfUVAawpg13E11Grz7Mw oWyShWGd9o/T63vwlT+E+PaSPpPExaoxRysYXgC2HzB84+LIsqdzsFbomZL3F+hX h549LZ6h+WWQvTAmWaLMmiFjV+eCS4SHdOVndtgzNC1odlte+Cv16uhcl5BvYYFJ QY77onbc9btKHxjIITLj2HYbgQ+yaUUpk8Vrg7C58/8zMZ1cLrLypgc9ddlfvQLR kUE8RjNZ6BgkAOz+45XuoYPtQUaPxOeRHpQqYkx7eBzswa3mOqWYHFAPEwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFDPipHnEGnEvenKriWyogUH2fvYmMB8GA1UdIwQY MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt MjM5ZDJmZTM5OGIxLzEvTS1La2VjUWFjUzk2Y3F1SmJLaUJRZlotOWlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg1qQAMF AyoNzEADBQMqDeHAAwUDKg37wAMFAyoOrcADBQMqD5pAMA0GCSqGSIb3DQEBCwUA A4IBAQCT0DPJITHIr4wdP41QhTh8TkMMcA+mPtv66PGgbI7pbMpcV4yY0p7maYPE cx7NyWoYszbCH/pOP/CBSEtT/yoLGHqJceBUT2s58VX8kxuqc0iL0S+PaG60WkXu TsAA5zKpjMu4solZqQf37vvOhCoX0KNb1dGtEENRKF2/gc10ElnlFIhZFOCVMNNY Xa3jwj1LBBrpMmB7Xuii7ytGKyNLNkEn3IiCgsG/qbbaRF7gOyHMnoK7o3p//NFI tfO1QBGDPr6huny0xth2hifdaIG7V+o8Od4tlJ1BjGbdpvL7NMhEAdO0L6tYsXiK 4ZMKjo+Sf1dqELk4AzqiQa2GD/Nv -----END CERTIFICATE-----Generated at Fri Dec 5 13:23:16 2025 by rpki-client