This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/mkD94LJIRNUZifr1ykr8u_Yv7sI.roa File: mkD94LJIRNUZifr1ykr8u_Yv7sI.roa (raw, json) Hash identifier: QezvNkk97Hcglta18duRAM2qGC7jYIu5wGU9v2UfcZ8= Subject key identifier: 9A:40:FD:E0:B2:48:44:D5:19:89:FA:F5:CA:4A:FC:BB:F6:2F:EE:C2 Certificate issuer: /CN=57718361688d162ff8023c1227cd644dae39a1c0 Certificate serial: 019B7EA4B7F142155D15C224CEC7B5C8959B Authority key identifier: 57:71:83:61:68:8D:16:2F:F8:02:3C:12:27:CD:64:4D:AE:39:A1:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3GDYWiNFi_4AjwSJ81kTa45ocA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/mkD94LJIRNUZifr1ykr8u_Yv7sI.roa Signing time: Fri 02 Jan 2026 12:18:02 +0000 ROA not before: Fri 02 Jan 2026 12:18:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 680 IP address blocks: 2001:67c:2414::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/V3GDYWiNFi_4AjwSJ81kTa45ocA.crl rsync://rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/V3GDYWiNFi_4AjwSJ81kTa45ocA.mft rsync://rpki.ripe.net/repository/DEFAULT/V3GDYWiNFi_4AjwSJ81kTa45ocA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:b7:f1:42:15:5d:15:c2:24:ce:c7:b5:c8:95:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57718361688d162ff8023c1227cd644dae39a1c0 Validity Not Before: Jan 2 12:18:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9a40fde0b24844d51989faf5ca4afcbbf62feec2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:f6:7f:7f:43:66:a8:d9:17:95:35:c6:ff:5b: 96:23:e1:d9:bc:75:44:59:ef:d0:0b:04:cf:ee:15: ac:5d:a5:26:86:ec:a8:f7:53:1a:37:52:42:83:8b: bd:33:09:9a:ad:06:42:f6:40:3b:2c:98:a6:67:00: 97:5e:bc:48:72:d0:c7:ee:58:f0:c6:2d:c7:d6:8b: b7:80:9a:a4:91:a3:b7:16:e1:da:8c:c6:49:d7:2c: 4d:46:f5:f3:0e:06:f0:d9:62:bd:d7:f7:cc:36:64: 44:92:94:5b:0f:39:ea:5e:c0:bf:9d:d5:45:71:40: 98:3a:63:cc:f1:d1:21:2f:e4:f7:ba:4b:81:3d:a4: f4:d2:90:28:11:36:57:80:17:2c:6d:79:41:fd:bb: 03:db:e5:f5:e4:a1:e7:78:bc:44:f1:25:1b:eb:7e: 56:9b:7f:4c:23:42:cb:4b:5e:de:d3:c7:00:82:3c: 45:1d:e6:9c:23:29:c5:ad:ac:f7:a4:f8:cc:be:3c: eb:76:68:ab:e1:d8:9c:61:60:7b:1d:b1:54:97:4c: c6:65:59:d1:7a:fa:87:ea:0c:4c:c2:60:72:b7:e4: 5d:94:7f:f3:97:a3:42:13:57:ba:74:6d:8f:e3:f5: ef:e0:ab:72:99:32:fc:e5:a0:f7:80:d8:08:db:74: a3:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:40:FD:E0:B2:48:44:D5:19:89:FA:F5:CA:4A:FC:BB:F6:2F:EE:C2 X509v3 Authority Key Identifier: keyid:57:71:83:61:68:8D:16:2F:F8:02:3C:12:27:CD:64:4D:AE:39:A1:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3GDYWiNFi_4AjwSJ81kTa45ocA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/mkD94LJIRNUZifr1ykr8u_Yv7sI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/V3GDYWiNFi_4AjwSJ81kTa45ocA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:2414::/48 Signature Algorithm: sha256WithRSAEncryption 33:48:55:ae:bd:9c:ba:c5:dd:1f:ac:96:48:37:6d:8a:5a:b6: 1d:90:fb:1d:a4:3d:17:d5:60:de:4e:91:55:96:e7:3f:f8:32: 05:61:b1:7f:86:84:f8:ba:a0:eb:32:38:fe:c4:67:be:a7:d9: a5:ef:97:05:01:f5:7a:4b:3e:59:8e:51:3c:31:74:4a:66:f7: 77:8e:33:da:73:24:4e:51:ad:02:d8:aa:fe:71:36:cf:39:88: d0:02:e9:13:08:6b:2e:59:3c:fb:64:32:57:b3:b9:82:b6:7d: 15:6f:e4:a3:02:eb:3e:fe:6c:24:09:b3:9c:89:bb:64:07:5b: 22:20:66:07:ba:0f:2f:70:6a:4b:9d:22:6a:46:33:64:59:72: dd:ab:a1:a8:41:50:88:28:8d:63:34:24:ba:6d:32:ba:b4:db: 3a:eb:db:36:ab:72:26:14:2d:aa:fc:1d:fe:17:6a:21:4c:e6: 79:61:b3:cc:17:da:4f:9d:5b:2f:96:ca:79:21:1e:14:c7:0b: ba:af:29:a5:a6:f8:5b:93:f2:8f:7f:31:b7:3a:28:dd:a1:e5: 4a:af:cb:55:d6:12:00:d0:9c:eb:f6:55:73:14:e9:2a:99:9e: a1:84:ba:8b:8b:36:69:2f:27:77:1a:7c:27:f7:16:2a:06:cc: 4c:5f:66:ee -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+pLfxQhVdFcIkzse1yJWbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3NzE4MzYxNjg4ZDE2MmZmODAyM2MxMjI3Y2Q2NDRkYWUz OWExYzAwHhcNMjYwMTAyMTIxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YTQwZmRlMGIyNDg0NGQ1MTk4OWZhZjVjYTRhZmNiYmY2MmZlZWMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PZ/f0NmqNkXlTXG/1uWI+HZvHVE We/QCwTP7hWsXaUmhuyo91MaN1JCg4u9MwmarQZC9kA7LJimZwCXXrxIctDH7ljw xi3H1ou3gJqkkaO3FuHajMZJ1yxNRvXzDgbw2WK91/fMNmREkpRbDznqXsC/ndVF cUCYOmPM8dEhL+T3ukuBPaT00pAoETZXgBcsbXlB/bsD2+X15KHneLxE8SUb635W m39MI0LLS17e08cAgjxFHeacIynFraz3pPjMvjzrdmir4dicYWB7HbFUl0zGZVnR evqH6gxMwmByt+RdlH/zl6NCE1e6dG2P4/Xv4KtymTL85aD3gNgI23SjbQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJpA/eCySETVGYn69cpK/Lv2L+7CMB8GA1UdIwQY MBaAFFdxg2FojRYv+AI8EifNZE2uOaHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjNHRFlXaU5GaV80QWp3U0o4MWtUYTQ1b2NBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9hNTU0ZDMtNDIzMi00OGZjLWI4ODMt YjNiNWNhYWY1ZWE2LzEvbWtEOTRMSklSTlVaaWZyMXlrcjh1X1l2N3NJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi9hNTU0ZDMtNDIzMi00OGZjLWI4ODMtYjNiNWNhYWY1ZWE2 LzEvVjNHRFlXaU5GaV80QWp3U0o4MWtUYTQ1b2NBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCQU MA0GCSqGSIb3DQEBCwUAA4IBAQAzSFWuvZy6xd0frJZIN22KWrYdkPsdpD0X1WDe TpFVluc/+DIFYbF/hoT4uqDrMjj+xGe+p9ml75cFAfV6Sz5ZjlE8MXRKZvd3jjPa cyROUa0C2Kr+cTbPOYjQAukTCGsuWTz7ZDJXs7mCtn0Vb+SjAus+/mwkCbOcibtk B1siIGYHug8vcGpLnSJqRjNkWXLdq6GoQVCIKI1jNCS6bTK6tNs669s2q3ImFC2q /B3+F2ohTOZ5YbPMF9pPnVsvlsp5IR4Uxwu6rymlpvhbk/KPfzG3OijdoeVKr8tV 1hIA0Jzr9lVzFOkqmZ6hhLqLizZpLyd3Gnwn9xYqBsxMX2bu -----END CERTIFICATE-----Generated at Tue Jan 27 08:34:23 2026 by rpki-client