This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c321f5-d611-4218-af1f-48cb0fcb90c3/1/kw3KvvgPTUTV0V309H9CvDuEBIQ.roa File: kw3KvvgPTUTV0V309H9CvDuEBIQ.roa (raw, json) Hash identifier: 4ftZLUJ9xcgzwuUMgO3uFG9wTcVNdec0m6eUXJ7nQsI= Subject key identifier: 93:0D:CA:BE:F8:0F:4D:44:D5:D1:5D:F4:F4:7F:42:BC:3B:84:04:84 Certificate issuer: /CN=993e814676f32f264771c7ad767a4df87d3c63e2 Certificate serial: 019B11FCD59BA3BC01D4F07E94CFA86EF66E Authority key identifier: 99:3E:81:46:76:F3:2F:26:47:71:C7:AD:76:7A:4D:F8:7D:3C:63:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mT6BRnbzLyZHccetdnpN-H08Y-I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c321f5-d611-4218-af1f-48cb0fcb90c3/1/kw3KvvgPTUTV0V309H9CvDuEBIQ.roa Signing time: Fri 12 Dec 2025 09:55:41 +0000 ROA not before: Fri 12 Dec 2025 09:55:41 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 206659 IP address blocks: 2a0d:b080::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c321f5-d611-4218-af1f-48cb0fcb90c3/1/mT6BRnbzLyZHccetdnpN-H08Y-I.crl rsync://rpki.ripe.net/repository/DEFAULT/65/c321f5-d611-4218-af1f-48cb0fcb90c3/1/mT6BRnbzLyZHccetdnpN-H08Y-I.mft rsync://rpki.ripe.net/repository/DEFAULT/mT6BRnbzLyZHccetdnpN-H08Y-I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 12:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:11:fc:d5:9b:a3:bc:01:d4:f0:7e:94:cf:a8:6e:f6:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=993e814676f32f264771c7ad767a4df87d3c63e2 Validity Not Before: Dec 12 09:55:41 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=930dcabef80f4d44d5d15df4f47f42bc3b840484 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:bd:71:5f:95:e2:25:2a:80:fa:e0:ae:d9:d9: 46:e3:21:88:25:21:c5:e0:a5:97:51:bf:8a:85:f1: e0:b1:44:c6:02:3e:cd:56:a6:2b:83:3b:ef:a5:bb: f3:2e:4c:10:e0:2b:43:25:01:d8:f9:d2:8f:14:f4: 81:6c:b3:be:ac:91:04:99:c1:60:fa:da:f5:68:27: 30:76:7c:51:48:fb:dc:21:7b:97:f7:f0:be:52:d9: 55:25:c4:20:ed:6d:09:5e:7f:b3:ed:14:b0:3c:ec: 47:e0:7a:5b:2f:11:1e:26:fc:ba:85:b6:99:f3:dc: 58:5b:ae:4a:36:89:b4:f3:b2:79:a6:bb:f7:57:a6: 44:88:ac:cc:bb:e1:e3:70:09:23:f5:7d:ac:e8:95: ca:89:01:ee:64:48:45:b4:55:e4:07:dd:23:46:db: 68:99:23:24:aa:ef:38:ef:1a:d5:d7:f4:37:ec:be: aa:6b:09:0c:2c:4b:36:80:09:8e:4e:66:db:8d:9d: 4e:53:04:1f:15:c0:af:19:96:d2:b6:9e:33:03:4d: ca:2c:d4:e3:ac:51:b0:5d:5c:a2:bd:df:77:b9:92: af:1f:58:36:e5:b4:31:a8:cb:2c:2d:c3:53:1a:4d: 32:01:83:4a:b7:ce:d1:e9:5d:2a:b5:87:59:34:6e: c2:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:0D:CA:BE:F8:0F:4D:44:D5:D1:5D:F4:F4:7F:42:BC:3B:84:04:84 X509v3 Authority Key Identifier: keyid:99:3E:81:46:76:F3:2F:26:47:71:C7:AD:76:7A:4D:F8:7D:3C:63:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mT6BRnbzLyZHccetdnpN-H08Y-I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c321f5-d611-4218-af1f-48cb0fcb90c3/1/kw3KvvgPTUTV0V309H9CvDuEBIQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c321f5-d611-4218-af1f-48cb0fcb90c3/1/mT6BRnbzLyZHccetdnpN-H08Y-I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:b080::/29 Signature Algorithm: sha256WithRSAEncryption 2f:b0:2a:fd:ee:59:13:6f:61:79:4d:31:7e:35:d9:ff:20:1c: 12:21:48:b4:87:d4:98:22:f7:f3:45:8d:6f:2d:2d:a0:61:05: 5c:84:02:72:d2:d6:1f:42:5e:99:8f:71:53:28:87:2b:57:80: f4:92:0b:da:28:78:41:d5:17:21:4a:8c:0f:0f:a5:49:e7:a9: 16:bd:0a:90:d0:9d:b7:b0:bd:ad:f1:32:de:46:89:2e:3a:2b: fa:f3:2a:cd:fe:c8:1f:7b:a8:64:df:4f:17:6a:f4:90:79:bc: 2e:15:b6:fe:20:a5:98:23:03:f8:f3:17:db:0c:58:75:44:fa: e5:b9:d2:83:cf:ce:c2:fe:7c:34:e4:e9:53:3c:47:17:f1:1b: 76:70:bd:25:85:f0:0b:68:78:41:c9:ef:96:1c:7b:16:cf:3d: 55:8d:23:12:4d:db:05:68:94:50:84:3d:6b:f3:a4:33:2d:4c: 31:2b:fc:9d:2b:1d:00:83:05:8b:ae:05:f6:de:22:c9:1a:d4: 3f:08:8e:81:06:76:13:32:c6:2e:dc:bd:b7:97:c0:6f:fc:1c: 9e:da:da:ce:b8:14:0d:00:9b:67:84:ac:e8:bc:22:a9:72:4c: 3e:69:34:e6:85:90:20:5c:8b:9f:9b:06:94:2c:3f:a5:18:59: bf:cf:5f:d5 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZsR/NWbo7wB1PB+lM+obvZuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5M2U4MTQ2NzZmMzJmMjY0NzcxYzdhZDc2N2E0ZGY4N2Qz YzYzZTIwHhcNMjUxMjEyMDk1NTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MzBkY2FiZWY4MGY0ZDQ0ZDVkMTVkZjRmNDdmNDJiYzNiODQwNDg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA371xX5XiJSqA+uCu2dlG4yGIJSHF 4KWXUb+KhfHgsUTGAj7NVqYrgzvvpbvzLkwQ4CtDJQHY+dKPFPSBbLO+rJEEmcFg +tr1aCcwdnxRSPvcIXuX9/C+UtlVJcQg7W0JXn+z7RSwPOxH4HpbLxEeJvy6hbaZ 89xYW65KNom087J5prv3V6ZEiKzMu+HjcAkj9X2s6JXKiQHuZEhFtFXkB90jRtto mSMkqu847xrV1/Q37L6qawkMLEs2gAmOTmbbjZ1OUwQfFcCvGZbStp4zA03KLNTj rFGwXVyivd93uZKvH1g25bQxqMssLcNTGk0yAYNKt87R6V0qtYdZNG7C1QIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFJMNyr74D01E1dFd9PR/Qrw7hASEMB8GA1UdIwQY MBaAFJk+gUZ28y8mR3HHrXZ6Tfh9PGPiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVQ2QlJuYnpMeVpIY2NldGRucE4tSDA4WS1JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMzIxZjUtZDYxMS00MjE4LWFmMWYt NDhjYjBmY2I5MGMzLzEva3czS3Z2Z1BUVVRWMFYzMDlIOUN2RHVFQklRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9jMzIxZjUtZDYxMS00MjE4LWFmMWYtNDhjYjBmY2I5MGMz LzEvbVQ2QlJuYnpMeVpIY2NldGRucE4tSDA4WS1JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg2wgDAN BgkqhkiG9w0BAQsFAAOCAQEAL7Aq/e5ZE29heU0xfjXZ/yAcEiFItIfUmCL380WN by0toGEFXIQCctLWH0JemY9xUyiHK1eA9JIL2ih4QdUXIUqMDw+lSeepFr0KkNCd t7C9rfEy3kaJLjor+vMqzf7IH3uoZN9PF2r0kHm8LhW2/iClmCMD+PMX2wxYdUT6 5bnSg8/Owv58NOTpUzxHF/EbdnC9JYXwC2h4Qcnvlhx7Fs89VY0jEk3bBWiUUIQ9 a/OkMy1MMSv8nSsdAIMFi64F9t4iyRrUPwiOgQZ2EzLGLty9t5fAb/wcntrazrgU DQCbZ4Ss6LwiqXJMPmk05oWQIFyLn5sGlCw/pRhZv89f1Q== -----END CERTIFICATE-----Generated at Wed Dec 17 20:45:19 2025 by rpki-client