This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/CKy-OlEHWT0U4OEH4XNFBIF7ve0.roa File: CKy-OlEHWT0U4OEH4XNFBIF7ve0.roa (raw, json) Hash identifier: 5ga9RC/rv5JtpQ3RZmBClmdUWMus2W/DOAbBBYln7+I= Subject key identifier: 08:AC:BE:3A:51:07:59:3D:14:E0:E1:07:E1:73:45:04:81:7B:BD:ED Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa Certificate serial: 019B797EAC3DC48F5019CA95B5D6E013306C Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/CKy-OlEHWT0U4OEH4XNFBIF7ve0.roa Signing time: Thu 01 Jan 2026 12:18:23 +0000 ROA not before: Thu 01 Jan 2026 12:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207454 IP address blocks: 2a0e:aa06:480::/44 maxlen: 48 2a0e:aa07:e00a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 Jan 2026 14:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:ac:3d:c4:8f:50:19:ca:95:b5:d6:e0:13:30:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa Validity Not Before: Jan 1 12:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08acbe3a5107593d14e0e107e1734504817bbded Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:4d:73:cc:69:ee:2b:63:e7:a5:7a:57:72:eb: 6c:e6:bd:9b:98:ce:f5:7d:d8:a2:06:63:86:d2:bc: 1d:4f:cd:60:9d:2b:6e:7e:8e:5e:75:97:fa:ea:f2: 57:a4:35:ad:50:92:13:7b:d9:27:91:01:0f:cb:b1: 56:a3:36:6f:91:df:f3:df:2a:f7:ae:ce:a3:3e:7f: 11:8d:cc:35:29:e3:b8:f5:a8:eb:cf:e5:b3:ec:9b: 1b:7b:44:8e:be:ed:e9:c1:99:c6:0f:90:5b:46:0b: d1:13:74:91:72:c8:17:e8:20:41:fb:a9:fc:01:37: f8:8b:bf:fd:03:eb:26:e7:9d:7a:01:16:1f:64:37: 0a:a6:d9:54:ba:86:83:60:cb:de:58:21:bf:99:d3: 59:89:d8:39:63:e9:20:ba:e4:14:81:4e:e2:ea:49: af:72:87:80:20:1b:38:f3:df:f9:bf:f3:88:fa:71: 23:20:92:cd:15:ea:24:d0:05:d1:33:c4:e6:c9:35: f8:b8:20:f4:e4:47:e4:6e:2b:65:e9:99:4f:37:0e: 56:c7:9e:b6:1a:63:8f:6d:0a:be:1e:1d:c2:61:de: 2f:e4:0b:14:c9:bf:1a:6b:de:a0:4e:b2:59:13:45: b0:41:b3:45:dc:a7:03:c5:90:2d:b5:a6:0c:4e:a3: c2:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:AC:BE:3A:51:07:59:3D:14:E0:E1:07:E1:73:45:04:81:7B:BD:ED X509v3 Authority Key Identifier: keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/CKy-OlEHWT0U4OEH4XNFBIF7ve0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:aa06:480::/44 2a0e:aa07:e00a::/48 Signature Algorithm: sha256WithRSAEncryption 0a:9c:b0:26:cb:b3:b8:4c:51:1f:5f:d2:02:eb:69:f6:bf:29: 3b:fc:da:49:d4:59:34:06:cb:86:4b:fd:46:b8:14:a4:1b:c5: 5e:a9:4a:2e:0a:f3:d8:c0:b2:85:3c:e4:2f:f1:8a:e0:39:37: 97:83:99:45:06:b2:f4:bb:42:21:c4:b9:77:dc:14:9d:38:95: d0:e1:41:c1:52:17:bc:93:98:e7:24:00:ca:18:49:22:f8:af: c1:a6:f0:4c:1a:e8:61:ce:00:9b:d9:47:4d:dd:cb:2b:25:88: 03:73:11:06:76:ac:b3:bc:e5:c1:62:5b:a1:f9:c3:cb:f1:75: 67:37:97:6a:03:c5:87:1f:64:73:44:c7:86:2c:32:d3:0b:26: 56:ba:87:be:53:48:db:87:7a:b2:e0:f7:6a:4c:7a:72:c5:2d: 0b:64:dd:be:29:b8:57:cc:10:98:d8:a4:ec:11:83:cc:ba:c5: 20:f3:89:62:7d:b0:f3:df:0b:09:42:a6:72:89:af:d2:b5:f5: 46:dd:34:01:8e:ee:e4:99:7d:74:8c:5f:d9:31:06:98:93:65: d8:bc:96:78:b5:97:b8:77:55:64:79:82:07:9a:50:98:1c:cd: 15:53:d4:cb:48:e9:73:15:32:5f:f9:03:83:ff:07:a9:6d:b1: d5:84:48:61 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5fqw9xI9QGcqVtdbgEzBsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0 ZWYzYWEwHhcNMjYwMTAxMTIxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGFjYmUzYTUxMDc1OTNkMTRlMGUxMDdlMTczNDUwNDgxN2JiZGVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv01zzGnuK2PnpXpXcuts5r2bmM71 fdiiBmOG0rwdT81gnStufo5edZf66vJXpDWtUJITe9knkQEPy7FWozZvkd/z3yr3 rs6jPn8Rjcw1KeO49ajrz+Wz7Jsbe0SOvu3pwZnGD5BbRgvRE3SRcsgX6CBB+6n8 ATf4i7/9A+sm5516ARYfZDcKptlUuoaDYMveWCG/mdNZidg5Y+kguuQUgU7i6kmv coeAIBs489/5v/OI+nEjIJLNFeok0AXRM8TmyTX4uCD05Efkbitl6ZlPNw5Wx562 GmOPbQq+Hh3CYd4v5AsUyb8aa96gTrJZE0WwQbNF3KcDxZAttaYMTqPCgQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFAisvjpRB1k9FODhB+FzRQSBe73tMB8GA1UdIwQY MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt YTU0MWQxYmNlZTE5LzEvQ0t5LU9sRUhXVDBVNE9FSDRYTkZCSUY3dmUwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5 LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6qBgSA AwcAKg6qB+AKMA0GCSqGSIb3DQEBCwUAA4IBAQAKnLAmy7O4TFEfX9IC62n2vyk7 /NpJ1Fk0BsuGS/1GuBSkG8VeqUouCvPYwLKFPOQv8YrgOTeXg5lFBrL0u0IhxLl3 3BSdOJXQ4UHBUhe8k5jnJADKGEki+K/BpvBMGuhhzgCb2UdN3csrJYgDcxEGdqyz vOXBYluh+cPL8XVnN5dqA8WHH2RzRMeGLDLTCyZWuoe+U0jbh3qy4PdqTHpyxS0L ZN2+KbhXzBCY2KTsEYPMusUg84lifbDz3wsJQqZyia/StfVG3TQBju7kmX10jF/Z MQaYk2XYvJZ4tZe4d1VkeYIHmlCYHM0VU9TLSOlzFTJf+QOD/wepbbHVhEhh -----END CERTIFICATE-----Generated at Tue Jan 6 21:31:19 2026 by rpki-client