This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/KSdakay3gtUShp0dQMjSrpxgoD0.roa File: KSdakay3gtUShp0dQMjSrpxgoD0.roa (raw, json) Hash identifier: XNyPJVaWyf4+vdHDerOtheobBg6/+Hml9U53i48zq4g= Subject key identifier: 29:27:5A:91:AC:B7:82:D5:12:86:9D:1D:40:C8:D2:AE:9C:60:A0:3D Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019B7910AD1C32DFFCE16FB67E2DDBC5C945 Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/KSdakay3gtUShp0dQMjSrpxgoD0.roa Signing time: Thu 01 Jan 2026 10:18:14 +0000 ROA not before: Thu 01 Jan 2026 10:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213702 IP address blocks: 2a12:bec4:150::/44 maxlen: 44 2a12:bec4:1460::/44 maxlen: 44 2a12:bec4:1a70::/44 maxlen: 44 2a12:bec4:1a80::/44 maxlen: 44 2a12:bec4:1c90::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:ad:1c:32:df:fc:e1:6f:b6:7e:2d:db:c5:c9:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 1 10:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29275a91acb782d512869d1d40c8d2ae9c60a03d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:3c:fb:bb:8a:80:e0:c1:d3:47:af:3f:3f:49: 69:43:3e:4f:ff:78:83:8a:b0:65:c0:14:0d:3f:15: 1e:c3:48:11:56:ed:3a:89:0f:cc:92:67:9e:e3:69: 49:10:c1:47:f1:d1:43:3b:d8:de:d8:02:88:77:1d: 3c:33:2c:44:c2:79:10:e7:08:7e:84:23:af:96:c2: a8:29:d8:67:99:96:3a:08:e0:68:aa:fa:86:3c:d0: b9:b8:7c:39:b7:b5:8c:5f:6d:fc:c9:1d:63:17:4b: 0d:9d:21:26:30:f5:7d:12:25:de:06:8d:47:cd:f1: e5:f1:f7:23:a8:58:df:76:b9:c3:e8:c6:fa:30:e0: cd:9a:ba:d6:ef:4f:cc:02:43:3e:9e:dc:b1:d0:67: 5b:05:a2:df:7a:82:0e:a7:7c:a0:5f:36:75:c2:ca: 69:be:e5:43:d4:39:03:bd:b4:26:43:26:b0:02:8b: be:8a:a6:da:78:72:25:9e:f2:bb:31:c8:6c:2d:76: cc:52:1b:79:05:e3:ad:82:60:fe:51:13:47:87:8f: 70:6a:13:6c:05:28:79:21:96:f7:77:45:d7:a5:56: f1:c4:15:6a:8c:b9:e8:e8:77:be:77:36:2d:21:f4: 77:ef:55:1b:3a:46:c8:53:9a:f6:22:f0:95:a4:e4: 75:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:27:5A:91:AC:B7:82:D5:12:86:9D:1D:40:C8:D2:AE:9C:60:A0:3D X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/KSdakay3gtUShp0dQMjSrpxgoD0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec4:150::/44 2a12:bec4:1460::/44 2a12:bec4:1a70::-2a12:bec4:1a8f:ffff:ffff:ffff:ffff:ffff 2a12:bec4:1c90::/44 Signature Algorithm: sha256WithRSAEncryption b8:b8:b6:96:f8:42:e0:2a:13:6a:00:80:1a:08:0c:93:93:b0: f7:70:07:33:89:dd:0c:d1:57:24:38:70:53:13:fe:0d:18:10: dc:f3:9a:f6:94:0f:f1:3b:3f:fc:13:f7:de:b6:5d:f4:0e:c5: 32:c4:bf:5e:51:e5:b8:f1:86:62:ab:a3:14:ed:92:45:32:ee: 5b:6c:e5:cd:b2:d6:90:e5:98:01:ca:f7:0f:cc:d3:86:37:d3: 08:8a:37:32:e5:98:e2:e6:15:e3:82:05:de:d2:9d:29:fc:d9: ce:9e:79:09:04:c6:23:9a:0b:00:60:3d:7d:7c:dc:a5:42:74: 1e:aa:3e:ba:f3:1d:a0:2d:d5:cc:70:75:c1:a5:4b:58:a1:d9: 52:98:8b:72:40:9c:0c:8d:65:18:d7:40:d9:f7:22:1c:59:12: b4:84:9c:a0:3a:9b:c9:ea:08:e3:a3:ef:ce:6c:49:d9:3a:6c: 5d:2b:af:d5:45:3c:4c:c9:cc:12:be:bd:6d:9c:75:87:6b:c7: c7:38:c6:fd:3f:9f:9f:2b:de:e1:60:ed:80:ab:6d:7c:57:91: 87:ff:6a:98:df:69:6a:c4:41:ee:a7:5a:99:e7:d9:ef:be:0c: 07:b3:a8:a6:66:3d:2a:df:cc:71:f2:5b:81:19:ad:6f:02:67: 2a:e0:f3:51 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt5EK0cMt/84W+2fi3bxclFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTAxMTAxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTI3NWE5MWFjYjc4MmQ1MTI4NjlkMWQ0MGM4ZDJhZTljNjBhMDNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzz7u4qA4MHTR68/P0lpQz5P/3iD irBlwBQNPxUew0gRVu06iQ/Mkmee42lJEMFH8dFDO9je2AKIdx08MyxEwnkQ5wh+ hCOvlsKoKdhnmZY6COBoqvqGPNC5uHw5t7WMX238yR1jF0sNnSEmMPV9EiXeBo1H zfHl8fcjqFjfdrnD6Mb6MODNmrrW70/MAkM+ntyx0GdbBaLfeoIOp3ygXzZ1wspp vuVD1DkDvbQmQyawAou+iqbaeHIlnvK7MchsLXbMUht5BeOtgmD+URNHh49wahNs BSh5IZb3d0XXpVbxxBVqjLno6He+dzYtIfR371UbOkbIU5r2IvCVpOR12wIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFCknWpGst4LVEoadHUDI0q6cYKA9MB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvS1NkYWtheTNndFVTaHAwZFFNalNycHhnb0QwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcEKhK+xAFQ AwcEKhK+xBRgMBIDBwQqEr7EGnADBwQqEr7EGoADBwQqEr7EHJAwDQYJKoZIhvcN AQELBQADggEBALi4tpb4QuAqE2oAgBoIDJOTsPdwBzOJ3QzRVyQ4cFMT/g0YENzz mvaUD/E7P/wT9962XfQOxTLEv15R5bjxhmKroxTtkkUy7lts5c2y1pDlmAHK9w/M 04Y30wiKNzLlmOLmFeOCBd7SnSn82c6eeQkExiOaCwBgPX183KVCdB6qPrrzHaAt 1cxwdcGlS1ih2VKYi3JAnAyNZRjXQNn3IhxZErSEnKA6m8nqCOOj785sSdk6bF0r r9VFPEzJzBK+vW2cdYdrx8c4xv0/n58r3uFg7YCrbXxXkYf/apjfaWrEQe6nWpnn 2e++DAezqKZmPSrfzHHyW4EZrW8CZyrg81E= -----END CERTIFICATE-----Generated at Tue Jan 20 02:48:50 2026 by rpki-client