This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/DG37KkmfJzhR-pMxX_F2qVTQ6u8.roa File: DG37KkmfJzhR-pMxX_F2qVTQ6u8.roa (raw, json) Hash identifier: UJrwfm5G6WATgjPoxhF5hosi/UOg5a6mHA/+Ffdj5lw= Subject key identifier: 0C:6D:FB:2A:49:9F:27:38:51:FA:93:31:5F:F1:76:A9:54:D0:EA:EF Certificate issuer: /CN=32388fcf74d2e59524f4eb4d96e44c5222db63e1 Certificate serial: 019B7AC820CFDF9179076584A91F3D7A0799 Authority key identifier: 32:38:8F:CF:74:D2:E5:95:24:F4:EB:4D:96:E4:4C:52:22:DB:63:E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MjiPz3TS5ZUk9OtNluRMUiLbY-E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/DG37KkmfJzhR-pMxX_F2qVTQ6u8.roa Signing time: Thu 01 Jan 2026 18:18:14 +0000 ROA not before: Thu 01 Jan 2026 18:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210213 IP address blocks: 2a14:5680:a003::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/MjiPz3TS5ZUk9OtNluRMUiLbY-E.crl rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/MjiPz3TS5ZUk9OtNluRMUiLbY-E.mft rsync://rpki.ripe.net/repository/DEFAULT/MjiPz3TS5ZUk9OtNluRMUiLbY-E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:20:cf:df:91:79:07:65:84:a9:1f:3d:7a:07:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32388fcf74d2e59524f4eb4d96e44c5222db63e1 Validity Not Before: Jan 1 18:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0c6dfb2a499f273851fa93315ff176a954d0eaef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:2d:aa:8d:81:c7:fa:9d:83:16:79:e0:7c:56: 33:2e:7d:bb:de:96:45:16:34:b2:ed:2d:8e:8d:fb: e0:05:84:d9:ee:96:11:2e:a0:4a:1c:82:be:c4:70: 3a:a1:9f:5c:cf:d0:aa:e4:09:82:c2:e5:e5:86:d5: 07:8f:21:ec:b8:f3:9d:89:99:41:bb:a2:99:97:d0: 65:89:f3:a0:97:ff:9f:9d:f7:f5:37:e8:21:64:66: 5c:7b:b4:dc:17:7d:72:ac:26:85:ee:43:25:40:a2: 46:5b:f9:3a:a8:8e:a1:7e:7d:ff:c2:fd:78:47:1b: 3c:fe:21:ce:51:ff:26:2e:96:71:73:2a:92:07:b2: f6:b9:3e:bd:2a:af:ec:ab:e3:c7:ea:e2:ec:68:4c: 5a:e0:ba:6a:84:8a:91:6d:53:72:be:70:6a:3c:5d: 89:56:02:7a:60:5d:a9:1a:36:65:f0:50:3a:58:aa: 1b:c3:e9:97:63:70:ff:1a:f6:f2:fa:c8:ce:4e:ca: d6:7f:0a:70:40:68:80:a3:ce:8d:0e:d0:98:73:58: 6f:46:f9:8d:ed:9d:6b:0d:2f:98:c6:f0:a5:68:11: 7f:45:41:9b:94:91:59:78:26:a3:dd:87:8e:84:85: 54:d2:d9:52:1e:c6:02:ad:43:78:85:72:78:27:4c: ae:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:6D:FB:2A:49:9F:27:38:51:FA:93:31:5F:F1:76:A9:54:D0:EA:EF X509v3 Authority Key Identifier: keyid:32:38:8F:CF:74:D2:E5:95:24:F4:EB:4D:96:E4:4C:52:22:DB:63:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MjiPz3TS5ZUk9OtNluRMUiLbY-E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/DG37KkmfJzhR-pMxX_F2qVTQ6u8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/MjiPz3TS5ZUk9OtNluRMUiLbY-E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:5680:a003::/48 Signature Algorithm: sha256WithRSAEncryption 2d:a9:e7:2a:46:3d:5c:45:07:43:6c:50:8f:91:08:32:40:e1: 74:c0:15:77:0e:a1:0d:0e:59:3b:b5:49:09:d2:f6:e2:23:fe: eb:07:97:e9:6e:fb:f8:b8:84:f7:a8:47:54:dd:24:ba:2e:e2: d1:58:c2:d2:e4:d6:1e:00:af:62:3d:30:bd:b1:ee:e0:29:e1: dd:62:82:07:2d:e2:3d:95:93:29:3c:4e:a2:1f:9a:f2:00:5e: 69:5d:ce:49:0d:13:97:02:17:8d:a0:ac:ad:51:e1:90:53:d7: 58:a3:19:c9:1d:e4:93:59:42:77:a3:43:5b:17:e3:4a:0d:74: 89:09:1f:6f:3b:29:83:a5:a7:e6:71:97:bc:61:3f:98:b6:b6: 4d:b4:5d:8a:73:f6:5b:92:29:fb:ba:d8:77:6b:4f:41:b6:67: 00:c9:77:08:be:17:e2:bf:34:eb:48:c3:39:01:c3:22:f9:d4: cf:cf:f8:79:a2:ec:26:4a:68:0f:3e:74:2c:69:50:01:5e:d8: 2f:1f:41:10:a2:6b:07:54:06:d3:74:ad:3c:da:3d:c3:5a:79: 45:d6:21:16:14:6d:22:ae:9c:d6:3b:61:9c:36:f9:82:d9:a3: a6:47:bf:c1:ea:fe:cf:b1:ca:b1:fc:26:d3:cc:11:26:18:00: 00:91:f0:44 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt6yCDP35F5B2WEqR89egeZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyMzg4ZmNmNzRkMmU1OTUyNGY0ZWI0ZDk2ZTQ0YzUyMjJk YjYzZTEwHhcNMjYwMTAxMTgxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYzZkZmIyYTQ5OWYyNzM4NTFmYTkzMzE1ZmYxNzZhOTU0ZDBlYWVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyi2qjYHH+p2DFnngfFYzLn273pZF FjSy7S2OjfvgBYTZ7pYRLqBKHIK+xHA6oZ9cz9Cq5AmCwuXlhtUHjyHsuPOdiZlB u6KZl9BlifOgl/+fnff1N+ghZGZce7TcF31yrCaF7kMlQKJGW/k6qI6hfn3/wv14 Rxs8/iHOUf8mLpZxcyqSB7L2uT69Kq/sq+PH6uLsaExa4LpqhIqRbVNyvnBqPF2J VgJ6YF2pGjZl8FA6WKobw+mXY3D/Gvby+sjOTsrWfwpwQGiAo86NDtCYc1hvRvmN 7Z1rDS+YxvClaBF/RUGblJFZeCaj3YeOhIVU0tlSHsYCrUN4hXJ4J0yuMwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAxt+ypJnyc4UfqTMV/xdqlU0OrvMB8GA1UdIwQY MBaAFDI4j8900uWVJPTrTZbkTFIi22PhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWppUHozVFM1WlVrOU90Tmx1Uk1VaUxiWS1FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9hOWExYzktMzQ0NC00ZTViLWE3MjAt MTgwNDBjOGUyMmVkLzEvREczN0trbWZKemhSLXBNeFhfRjJxVlRRNnU4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My9hOWExYzktMzQ0NC00ZTViLWE3MjAtMTgwNDBjOGUyMmVk LzEvTWppUHozVFM1WlVrOU90Tmx1Uk1VaUxiWS1FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhRWgKAD MA0GCSqGSIb3DQEBCwUAA4IBAQAtqecqRj1cRQdDbFCPkQgyQOF0wBV3DqENDlk7 tUkJ0vbiI/7rB5fpbvv4uIT3qEdU3SS6LuLRWMLS5NYeAK9iPTC9se7gKeHdYoIH LeI9lZMpPE6iH5ryAF5pXc5JDROXAheNoKytUeGQU9dYoxnJHeSTWUJ3o0NbF+NK DXSJCR9vOymDpafmcZe8YT+YtrZNtF2Kc/Zbkin7uth3a09BtmcAyXcIvhfivzTr SMM5AcMi+dTPz/h5ouwmSmgPPnQsaVABXtgvH0EQomsHVAbTdK082j3DWnlF1iEW FG0irpzWO2GcNvmC2aOmR7/B6v7Pscqx/CbTzBEmGAAAkfBE -----END CERTIFICATE-----Generated at Tue Jan 27 04:10:55 2026 by rpki-client