This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/CPkBq_zQB-fhQ8UogfiL5KSBubk.roa File: CPkBq_zQB-fhQ8UogfiL5KSBubk.roa (raw, json) Hash identifier: oV0zn2bwdrc0NvALeseDNS1mdQIN7a9uOC/bezgLC/k= Subject key identifier: 08:F9:01:AB:FC:D0:07:E7:E1:43:C5:28:81:F8:8B:E4:A4:81:B9:B9 Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa Certificate serial: 019B797E9E0AEE180B768634996A6126020D Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/CPkBq_zQB-fhQ8UogfiL5KSBubk.roa Signing time: Thu 01 Jan 2026 12:18:19 +0000 ROA not before: Thu 01 Jan 2026 12:18:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48266 IP address blocks: 2a0e:aa07:4100::/40 maxlen: 40 2a0e:aa07:e033::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 Jan 2026 14:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:9e:0a:ee:18:0b:76:86:34:99:6a:61:26:02:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa Validity Not Before: Jan 1 12:18:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08f901abfcd007e7e143c52881f88be4a481b9b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:3a:e8:76:08:05:0b:2e:27:15:2c:11:d0:af: 2a:f9:6c:1a:8b:0b:1c:19:8d:51:41:d9:1f:71:a6: a0:5b:71:31:62:c2:75:2c:ab:f1:3d:5d:b9:7c:73: 78:6a:45:ab:f2:fb:51:2f:2e:e3:23:6e:40:f1:2b: e7:14:57:68:3d:0a:39:ad:12:fc:67:0b:5a:4b:58: dd:f9:ef:b2:31:90:96:8b:0c:c0:d0:09:8f:af:2b: 36:36:c4:b5:33:d3:3c:d8:c1:98:9e:8d:51:63:4e: 19:a1:29:76:5d:16:44:fc:b2:ee:ab:09:d5:1b:21: e8:21:1c:46:ac:28:8e:5f:4b:25:ad:b8:44:4c:a0: f4:6f:3f:1f:21:36:3a:99:c9:de:37:d3:56:97:ab: 3e:f2:8c:69:ae:2f:a6:8b:f6:dd:3e:dc:db:29:e3: b8:97:76:da:7f:67:3b:52:1a:5a:f6:07:f2:09:ff: 0b:d2:24:d9:c0:49:bf:5c:6f:a5:eb:a8:9c:8c:86: 05:e7:95:3b:93:25:25:8c:c1:14:1b:84:c7:5f:36: 59:bc:e2:6c:0a:e0:25:6d:1f:5c:ad:79:26:0e:7a: 73:c0:18:7d:cd:3c:d8:f2:c7:94:66:b5:3a:3e:bc: dc:32:74:ef:23:f3:96:07:e2:56:82:4f:62:20:43: 59:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:F9:01:AB:FC:D0:07:E7:E1:43:C5:28:81:F8:8B:E4:A4:81:B9:B9 X509v3 Authority Key Identifier: keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/CPkBq_zQB-fhQ8UogfiL5KSBubk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:aa07:4100::/40 2a0e:aa07:e033::/48 Signature Algorithm: sha256WithRSAEncryption 41:27:8c:e3:a1:03:39:9f:09:60:6b:44:4c:ce:21:dc:50:e2: 58:8d:f2:2f:49:96:f1:78:fa:13:c8:86:a3:a9:85:d1:5f:e5: c7:c0:98:a1:c9:ed:cb:31:ec:e9:0d:84:d4:52:8a:97:7e:85: c3:e2:1e:1e:73:cd:ff:f4:2e:58:76:28:d8:9a:b5:3f:bc:4f: 39:77:e1:a1:26:ab:c9:89:ec:e4:16:cc:d6:6b:f6:d8:24:a3: 69:c1:fa:f8:40:28:fe:61:99:03:3b:8e:20:37:43:0b:8f:e5: d4:2b:06:6c:04:af:aa:ad:24:af:a6:c4:c6:4b:ca:a7:79:84: 77:dc:de:58:69:70:a5:53:7b:b5:f6:fb:ff:85:a3:85:7b:9d: 2b:0d:f5:9f:99:1d:38:78:7e:4f:4e:13:8e:40:e9:c9:70:9f: 7b:b2:24:fc:b4:a7:dc:76:12:b4:6d:b1:7c:c3:1f:8f:92:6b: b3:88:68:4f:15:97:23:73:fa:ca:5c:5f:0a:6d:1a:b3:c8:a1: 2e:94:2c:50:43:90:86:d2:5d:b7:6f:29:ad:08:e1:75:84:df: 1b:4a:31:34:68:b6:4d:30:25:e5:da:9e:ba:44:cb:db:74:70: 49:e4:b3:ab:ef:c5:c8:2a:98:9d:23:be:c9:48:6d:3e:6b:84: be:82:41:03 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZt5fp4K7hgLdoY0mWphJgINMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0 ZWYzYWEwHhcNMjYwMTAxMTIxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGY5MDFhYmZjZDAwN2U3ZTE0M2M1Mjg4MWY4OGJlNGE0ODFiOWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujrodggFCy4nFSwR0K8q+Wwaiwsc GY1RQdkfcaagW3ExYsJ1LKvxPV25fHN4akWr8vtRLy7jI25A8SvnFFdoPQo5rRL8 ZwtaS1jd+e+yMZCWiwzA0AmPrys2NsS1M9M82MGYno1RY04ZoSl2XRZE/LLuqwnV GyHoIRxGrCiOX0slrbhETKD0bz8fITY6mcneN9NWl6s+8oxpri+mi/bdPtzbKeO4 l3baf2c7Uhpa9gfyCf8L0iTZwEm/XG+l66icjIYF55U7kyUljMEUG4THXzZZvOJs CuAlbR9crXkmDnpzwBh9zTzY8seUZrU6PrzcMnTvI/OWB+JWgk9iIENZZQIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFAj5Aav80Afn4UPFKIH4i+Skgbm5MB8GA1UdIwQY MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt YTU0MWQxYmNlZTE5LzEvQ1BrQnFfelFCLWZoUThVb2dmaUw1S1NCdWJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5 LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKg6qB0ED BwAqDqoH4DMwDQYJKoZIhvcNAQELBQADggEBAEEnjOOhAzmfCWBrREzOIdxQ4liN 8i9JlvF4+hPIhqOphdFf5cfAmKHJ7csx7OkNhNRSipd+hcPiHh5zzf/0Llh2KNia tT+8Tzl34aEmq8mJ7OQWzNZr9tgko2nB+vhAKP5hmQM7jiA3QwuP5dQrBmwEr6qt JK+mxMZLyqd5hHfc3lhpcKVTe7X2+/+Fo4V7nSsN9Z+ZHTh4fk9OE45A6clwn3uy JPy0p9x2ErRtsXzDH4+Sa7OIaE8VlyNz+spcXwptGrPIoS6ULFBDkIbSXbdvKa0I 4XWE3xtKMTRotk0wJeXanrpEy9t0cEnks6vvxcgqmJ0jvslIbT5rhL6CQQM= -----END CERTIFICATE-----Generated at Tue Jan 6 21:32:10 2026 by rpki-client