This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/A1JsbsxWkNXUU8QyN0AWnizgBFw.roa File: A1JsbsxWkNXUU8QyN0AWnizgBFw.roa (raw, json) Hash identifier: y6f3rKG8PBNM5DXM9nCBuq0cHLmq/7VXH19uEdctt+E= Subject key identifier: 03:52:6C:6E:CC:56:90:D5:D4:53:C4:32:37:40:16:9E:2C:E0:04:5C Certificate issuer: /CN=32388fcf74d2e59524f4eb4d96e44c5222db63e1 Certificate serial: 019B7AC820206EC2183DF415DE75AC589F37 Authority key identifier: 32:38:8F:CF:74:D2:E5:95:24:F4:EB:4D:96:E4:4C:52:22:DB:63:E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MjiPz3TS5ZUk9OtNluRMUiLbY-E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/A1JsbsxWkNXUU8QyN0AWnizgBFw.roa Signing time: Thu 01 Jan 2026 18:18:14 +0000 ROA not before: Thu 01 Jan 2026 18:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208995 IP address blocks: 2a14:5680:a001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/MjiPz3TS5ZUk9OtNluRMUiLbY-E.crl rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/MjiPz3TS5ZUk9OtNluRMUiLbY-E.mft rsync://rpki.ripe.net/repository/DEFAULT/MjiPz3TS5ZUk9OtNluRMUiLbY-E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:20:20:6e:c2:18:3d:f4:15:de:75:ac:58:9f:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32388fcf74d2e59524f4eb4d96e44c5222db63e1 Validity Not Before: Jan 1 18:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=03526c6ecc5690d5d453c4323740169e2ce0045c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:38:9c:b0:f3:61:b2:cc:d4:f3:f0:51:a4:62: 15:45:86:83:d6:23:bc:6d:e9:b0:50:d1:13:20:a1: fb:ab:bb:57:ff:b8:1c:cb:ff:bb:30:c4:1e:65:93: 73:f5:6e:6e:c5:8f:98:fa:fe:06:57:79:fc:e5:15: ec:7b:e1:a6:8a:0b:9c:2f:c7:52:57:5e:d2:d8:d3: 48:54:b2:07:c1:79:44:48:ea:c3:d2:33:ca:8a:f9: 9f:17:8d:06:b4:4e:c3:36:ee:0f:a3:6b:ea:c1:d7: 7d:f0:3b:4f:48:4f:3c:13:d6:7a:2c:63:0b:55:bd: 53:e8:33:a6:62:40:95:cf:57:c8:e9:c0:18:d0:94: 8d:26:93:52:3f:ef:b2:50:94:ae:5d:9d:cf:29:2c: 22:0e:e0:69:f8:89:a1:46:ba:f9:64:1a:74:59:2c: cb:27:7d:0d:b9:6b:a3:a7:6c:b3:4f:a2:61:f2:80: 4f:b9:a2:54:cb:0d:08:1a:51:99:47:1c:90:e1:cb: 6f:a0:f5:38:bf:64:e2:c3:9a:11:5a:cc:8d:5f:4e: 08:e5:ef:b8:17:fb:9c:c1:ee:41:e9:d2:00:7e:bb: bc:5a:2a:bc:b2:ae:17:f0:f0:2a:97:95:32:05:ee: 09:c2:fe:bd:d7:92:4a:4e:fb:c5:64:b7:1c:91:2b: b0:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:52:6C:6E:CC:56:90:D5:D4:53:C4:32:37:40:16:9E:2C:E0:04:5C X509v3 Authority Key Identifier: keyid:32:38:8F:CF:74:D2:E5:95:24:F4:EB:4D:96:E4:4C:52:22:DB:63:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MjiPz3TS5ZUk9OtNluRMUiLbY-E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/A1JsbsxWkNXUU8QyN0AWnizgBFw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/MjiPz3TS5ZUk9OtNluRMUiLbY-E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:5680:a001::/48 Signature Algorithm: sha256WithRSAEncryption 03:d3:4e:6c:99:b9:94:c7:d4:64:9e:6b:d0:54:c1:55:33:b5: ad:e7:e6:40:3d:b0:30:3c:7c:a2:49:aa:a6:6c:78:97:70:9a: da:4c:77:52:a2:8c:49:a6:11:60:5a:49:13:dc:7b:43:af:56: 4f:cf:ae:03:27:67:a9:f9:c2:86:df:a2:39:f2:4e:06:09:3c: 85:7c:22:e7:e2:41:5d:50:92:70:3e:dd:ad:54:2d:ac:a9:5f: 5b:29:23:42:ac:19:1e:11:f6:04:d1:75:7e:28:8f:bd:11:97: 39:d3:4a:f4:06:b7:b9:3b:06:9a:36:5b:24:5c:48:f3:4b:af: 2b:38:7b:1f:af:ee:fe:b9:15:c1:a3:d0:27:90:f4:77:f0:9c: 3c:6a:4b:7d:f3:13:a7:05:5b:81:16:f0:05:89:7d:bf:19:90: 44:ee:3e:f5:c3:33:e1:46:d5:ea:ab:b1:cf:46:eb:15:8d:09: ec:ca:ff:85:92:fb:25:f8:5d:c7:d3:06:d7:0f:77:1d:1c:28: ec:2b:24:b5:61:ac:be:fa:d9:1b:31:f7:70:4c:99:f0:ab:34: 4e:5c:60:53:6c:b4:ee:0c:36:98:02:fc:fc:b3:1a:41:02:c7: b5:4d:04:ec:68:53:66:b3:56:d5:06:2f:24:29:80:ad:7f:a4: c6:4a:96:11 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt6yCAgbsIYPfQV3nWsWJ83MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyMzg4ZmNmNzRkMmU1OTUyNGY0ZWI0ZDk2ZTQ0YzUyMjJk YjYzZTEwHhcNMjYwMTAxMTgxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMzUyNmM2ZWNjNTY5MGQ1ZDQ1M2M0MzIzNzQwMTY5ZTJjZTAwNDVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzicsPNhsszU8/BRpGIVRYaD1iO8 bemwUNETIKH7q7tX/7gcy/+7MMQeZZNz9W5uxY+Y+v4GV3n85RXse+GmigucL8dS V17S2NNIVLIHwXlESOrD0jPKivmfF40GtE7DNu4Po2vqwdd98DtPSE88E9Z6LGML Vb1T6DOmYkCVz1fI6cAY0JSNJpNSP++yUJSuXZ3PKSwiDuBp+ImhRrr5ZBp0WSzL J30NuWujp2yzT6Jh8oBPuaJUyw0IGlGZRxyQ4ctvoPU4v2Tiw5oRWsyNX04I5e+4 F/ucwe5B6dIAfru8Wiq8sq4X8PAql5UyBe4Jwv6915JKTvvFZLcckSuwOwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFANSbG7MVpDV1FPEMjdAFp4s4ARcMB8GA1UdIwQY MBaAFDI4j8900uWVJPTrTZbkTFIi22PhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWppUHozVFM1WlVrOU90Tmx1Uk1VaUxiWS1FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9hOWExYzktMzQ0NC00ZTViLWE3MjAt MTgwNDBjOGUyMmVkLzEvQTFKc2JzeFdrTlhVVThReU4wQVduaXpnQkZ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My9hOWExYzktMzQ0NC00ZTViLWE3MjAtMTgwNDBjOGUyMmVk LzEvTWppUHozVFM1WlVrOU90Tmx1Uk1VaUxiWS1FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhRWgKAB MA0GCSqGSIb3DQEBCwUAA4IBAQAD005smbmUx9RknmvQVMFVM7Wt5+ZAPbAwPHyi SaqmbHiXcJraTHdSooxJphFgWkkT3HtDr1ZPz64DJ2ep+cKG36I58k4GCTyFfCLn 4kFdUJJwPt2tVC2sqV9bKSNCrBkeEfYE0XV+KI+9EZc500r0Bre5OwaaNlskXEjz S68rOHsfr+7+uRXBo9AnkPR38Jw8akt98xOnBVuBFvAFiX2/GZBE7j71wzPhRtXq q7HPRusVjQnsyv+Fkvsl+F3H0wbXD3cdHCjsKyS1Yay++tkbMfdwTJnwqzROXGBT bLTuDDaYAvz8sxpBAse1TQTsaFNms1bVBi8kKYCtf6TGSpYR -----END CERTIFICATE-----Generated at Tue Jan 20 13:02:31 2026 by rpki-client