This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/aAbcudvR6Naqp8DeAQUS1CrPV44.roa File: aAbcudvR6Naqp8DeAQUS1CrPV44.roa (raw, json) Hash identifier: S2Kbj1FRicsKekZKxEZ8HS2PzV0qeH8rSeKS2jWFLto= Subject key identifier: 68:06:DC:B9:DB:D1:E8:D6:AA:A7:C0:DE:01:05:12:D4:2A:CF:57:8E Certificate issuer: /CN=8a28ff310da7df8309cfab4dcf9a235842b60872 Certificate serial: 019B7F1474D11962AF5AC1895E5899D167F5 Authority key identifier: 8A:28:FF:31:0D:A7:DF:83:09:CF:AB:4D:CF:9A:23:58:42:B6:08:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iij_MQ2n34MJz6tNz5ojWEK2CHI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/aAbcudvR6Naqp8DeAQUS1CrPV44.roa Signing time: Fri 02 Jan 2026 14:20:05 +0000 ROA not before: Fri 02 Jan 2026 14:20:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214569 IP address blocks: 2a06:b700::/48 maxlen: 48 2a06:b700:1::/48 maxlen: 48 2a06:b700:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/iij_MQ2n34MJz6tNz5ojWEK2CHI.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/iij_MQ2n34MJz6tNz5ojWEK2CHI.mft rsync://rpki.ripe.net/repository/DEFAULT/iij_MQ2n34MJz6tNz5ojWEK2CHI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 19:29:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:74:d1:19:62:af:5a:c1:89:5e:58:99:d1:67:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8a28ff310da7df8309cfab4dcf9a235842b60872 Validity Not Before: Jan 2 14:20:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6806dcb9dbd1e8d6aaa7c0de010512d42acf578e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:f4:3e:12:6e:48:e9:fd:df:56:a8:4f:c5:ec: 69:ef:3e:a0:86:96:25:3f:6d:69:47:74:4b:4f:a8: 4e:f7:b2:aa:d8:b6:6b:32:65:0b:18:9a:1e:ae:0d: 99:18:69:61:48:3c:01:b5:4a:f5:2c:89:ed:9d:77: 1c:d1:01:9d:04:83:4d:66:f2:0b:ff:e7:34:ce:76: 86:d2:1f:8a:c3:14:d9:3b:52:b0:cd:c4:ff:46:4a: 31:40:9d:59:b3:a9:14:e5:9d:42:49:3d:98:45:42: 1d:28:f0:8c:10:64:c6:08:56:70:2a:06:14:a1:77: c2:2b:6f:06:5d:3b:50:06:86:50:1a:4d:bf:57:50: 22:92:a7:d6:7c:4b:5b:31:b7:9d:a7:cd:42:ff:1d: 6c:9b:e5:91:28:06:89:7e:4d:71:f1:34:88:87:19: 14:27:b6:fc:14:c6:d7:e5:5d:68:39:c0:e5:a3:fe: 88:4c:2b:47:0f:a9:8a:ca:0d:33:23:f1:b7:d6:54: 68:b4:84:3e:5b:b7:56:85:f0:97:b6:c6:2c:1a:c2: a5:df:0d:40:6d:40:59:4c:e2:ff:ba:17:5f:b4:72: 70:32:9b:44:c1:12:78:3c:c7:3f:23:53:d4:fa:7b: 16:3f:5b:04:96:f9:d3:d6:18:1c:5d:a9:18:f5:ff: 61:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:06:DC:B9:DB:D1:E8:D6:AA:A7:C0:DE:01:05:12:D4:2A:CF:57:8E X509v3 Authority Key Identifier: keyid:8A:28:FF:31:0D:A7:DF:83:09:CF:AB:4D:CF:9A:23:58:42:B6:08:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iij_MQ2n34MJz6tNz5ojWEK2CHI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/aAbcudvR6Naqp8DeAQUS1CrPV44.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/iij_MQ2n34MJz6tNz5ojWEK2CHI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:b700::-2a06:b700:2:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 6c:aa:fd:c5:83:af:1b:60:bf:36:77:6b:6d:bc:46:32:65:08: eb:92:1c:c5:8f:ee:cf:f8:c0:34:db:61:5b:65:d9:76:ac:48: 53:b2:47:a6:29:61:7d:b0:49:35:a5:4d:15:7e:d4:ea:c7:f5: 19:e2:60:f2:f6:bc:a8:89:d2:ca:24:80:d2:af:1d:66:14:a5: d8:8a:08:5d:32:60:39:7a:bc:9b:bc:ba:b6:a5:78:db:5a:63: 27:da:4d:9d:4b:89:71:5c:1e:a5:13:59:f3:87:98:77:6d:62: 44:6b:93:7e:12:bb:16:3e:b6:a6:b3:e4:53:d5:6e:2b:c5:39: 7c:98:92:ee:09:db:56:3b:35:0d:86:79:f3:c5:63:a5:26:7f: 6d:34:97:c2:5f:4c:57:1e:f2:59:ee:66:95:88:96:c2:ef:77: cc:a5:fc:9d:56:18:c7:d5:99:2f:4f:2c:92:4b:ea:51:89:0e: 93:66:e1:0b:a6:6a:a9:cb:0f:d5:b7:62:40:f3:d5:eb:47:cb: c7:88:54:3a:34:3e:c7:14:c4:ea:ac:47:99:20:2f:58:c8:a8: 88:58:9e:28:db:25:dc:39:9b:69:f0:9d:aa:ba:d7:13:5a:bb: 29:54:42:26:a0:9d:23:1f:be:84:0e:2f:d4:27:2b:81:d2:12: 1e:b8:cc:40 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZt/FHTRGWKvWsGJXliZ0Wf1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhMjhmZjMxMGRhN2RmODMwOWNmYWI0ZGNmOWEyMzU4NDJi NjA4NzIwHhcNMjYwMTAyMTQyMDA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODA2ZGNiOWRiZDFlOGQ2YWFhN2MwZGUwMTA1MTJkNDJhY2Y1NzhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvQ+Em5I6f3fVqhPxexp7z6ghpYl P21pR3RLT6hO97Kq2LZrMmULGJoerg2ZGGlhSDwBtUr1LIntnXcc0QGdBINNZvIL /+c0znaG0h+KwxTZO1KwzcT/RkoxQJ1Zs6kU5Z1CST2YRUIdKPCMEGTGCFZwKgYU oXfCK28GXTtQBoZQGk2/V1AikqfWfEtbMbedp81C/x1sm+WRKAaJfk1x8TSIhxkU J7b8FMbX5V1oOcDlo/6ITCtHD6mKyg0zI/G31lRotIQ+W7dWhfCXtsYsGsKl3w1A bUBZTOL/uhdftHJwMptEwRJ4PMc/I1PU+nsWP1sElvnT1hgcXakY9f9hwwIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFGgG3Lnb0ejWqqfA3gEFEtQqz1eOMB8GA1UdIwQY MBaAFIoo/zENp9+DCc+rTc+aI1hCtghyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWlqX01RMm4zNE1KejZ0Tno1b2pXRUsyQ0hJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hNWQyODYtODY3MC00N2U0LTk3YjQt MjRjZjhhNjFkN2U4LzEvYUFiY3VkdlI2TmFxcDhEZUFRVVMxQ3JQVjQ0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC9hNWQyODYtODY3MC00N2U0LTk3YjQtMjRjZjhhNjFkN2U4 LzEvaWlqX01RMm4zNE1KejZ0Tno1b2pXRUsyQ0hJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARMA8DBAAqBrcD BwAqBrcAAAIwDQYJKoZIhvcNAQELBQADggEBAGyq/cWDrxtgvzZ3a228RjJlCOuS HMWP7s/4wDTbYVtl2XasSFOyR6YpYX2wSTWlTRV+1OrH9RniYPL2vKiJ0sokgNKv HWYUpdiKCF0yYDl6vJu8uraleNtaYyfaTZ1LiXFcHqUTWfOHmHdtYkRrk34SuxY+ tqaz5FPVbivFOXyYku4J21Y7NQ2GefPFY6Umf200l8JfTFce8lnuZpWIlsLvd8yl /J1WGMfVmS9PLJJL6lGJDpNm4QumaqnLD9W3YkDz1etHy8eIVDo0PscUxOqsR5kg L1jIqIhYnijbJdw5m2nwnaq61xNauylUQiagnSMfvoQOL9QnK4HSEh64zEA= -----END CERTIFICATE-----Generated at Mon Feb 2 02:04:05 2026 by rpki-client