This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zaqUVbnojkTDERJ3_10rZNSt5rY.roa File: zaqUVbnojkTDERJ3_10rZNSt5rY.roa (raw, json) Hash identifier: NGic8W1khL+lAFdMnmPV+Vm0bsU7mpdMnMkf2eKrYZ4= Subject key identifier: CD:AA:94:55:B9:E8:8E:44:C3:11:12:77:FF:5D:2B:64:D4:AD:E6:B6 Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5 Certificate serial: 019B7F84B15A4007323F8E3DCEE1812032CC Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zaqUVbnojkTDERJ3_10rZNSt5rY.roa Signing time: Fri 02 Jan 2026 16:22:41 +0000 ROA not before: Fri 02 Jan 2026 16:22:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212615 IP address blocks: 2a14:6e40:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 06 Jan 2026 11:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:b1:5a:40:07:32:3f:8e:3d:ce:e1:81:20:32:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5 Validity Not Before: Jan 2 16:22:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cdaa9455b9e88e44c3111277ff5d2b64d4ade6b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:8e:a0:6a:91:9d:15:a6:04:69:b5:9c:b5:63: d6:99:2e:86:9f:c0:e8:2e:2e:29:08:4e:ee:0e:66: 24:e3:12:61:1c:dc:08:23:84:5a:ef:0b:7d:ec:a7: c8:92:05:49:a7:0f:2e:03:5a:ac:a5:5f:9c:6c:1f: c5:8b:3c:cd:53:44:98:f5:4e:07:e7:ff:59:ac:ce: e4:30:bd:a7:aa:07:ea:f4:70:37:19:5c:e7:59:6d: b3:37:7e:5e:03:b1:3c:e9:50:6f:71:53:b5:c1:7f: e5:c2:f8:69:8d:d6:07:cd:c9:42:93:6f:be:c8:ce: 0f:7e:8f:f2:11:d2:92:07:b7:51:af:d2:c4:f7:62: 91:0d:11:f9:20:d8:4a:3e:11:d2:97:56:db:03:fe: e8:ea:ff:f7:85:2c:d7:fa:8e:0b:57:a7:0d:d7:20: 38:d5:02:bc:d5:50:11:9c:c3:f4:54:7a:8a:8c:85: 54:fa:30:93:60:4d:5d:df:1e:8c:dc:8b:07:f3:23: 7d:59:64:84:d7:22:ca:10:c5:48:76:b9:d9:ed:61: de:0f:eb:21:cb:98:f0:93:ef:54:aa:49:48:ea:9a: 55:c2:91:e5:f9:11:01:da:cc:51:ed:38:c1:01:57: 2a:d8:08:e5:f3:3c:55:27:49:08:6d:58:17:70:0a: 22:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:AA:94:55:B9:E8:8E:44:C3:11:12:77:FF:5D:2B:64:D4:AD:E6:B6 X509v3 Authority Key Identifier: keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zaqUVbnojkTDERJ3_10rZNSt5rY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:6e40:1::/48 Signature Algorithm: sha256WithRSAEncryption 72:a3:c4:30:a9:33:55:ff:20:52:d8:5b:2e:f7:06:7d:17:e2: c5:b9:69:41:b8:14:90:48:7b:69:32:54:83:e8:a4:0b:6d:a2: b7:6e:2a:4f:b1:4c:66:5a:1c:28:3a:44:47:fc:e2:4a:13:4b: 26:1a:c2:dd:79:b2:26:1b:39:10:e9:2f:08:8d:b8:6c:35:50: 65:ee:f4:db:11:6d:28:c1:9c:91:e3:eb:94:7d:87:24:c9:7d: 0c:10:31:73:15:19:3a:48:91:d1:f9:17:2e:d5:3d:6e:71:1d: 12:e0:65:27:0a:ca:74:1d:38:ac:59:64:bb:04:d7:f2:8c:33: db:6a:6f:66:48:5f:c8:35:c4:49:5e:c3:14:2a:82:6c:67:d0: b0:57:63:2a:81:36:98:9a:c4:39:0b:0d:f5:62:59:c4:a3:00: 34:3a:03:b4:d2:62:7d:6f:99:69:74:d4:aa:c5:ed:e7:84:ed: bc:86:5f:87:89:a6:c4:05:ed:37:01:34:70:26:87:dd:fd:5d: 8d:1f:91:24:e6:8d:35:3d:c5:2a:a2:22:5b:a1:31:b9:30:93: fd:2b:5f:3e:13:7a:d7:25:04:b1:5e:8d:63:5c:30:7e:f6:a4: c6:d4:6b:75:c1:bd:42:32:b9:98:e0:06:2e:bc:a4:0a:2d:99: 9c:f5:62:0d -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/hLFaQAcyP449zuGBIDLMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2 YjI1YzUwHhcNMjYwMTAyMTYyMjQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZGFhOTQ1NWI5ZTg4ZTQ0YzMxMTEyNzdmZjVkMmI2NGQ0YWRlNmI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI6gapGdFaYEabWctWPWmS6Gn8Do Li4pCE7uDmYk4xJhHNwII4Ra7wt97KfIkgVJpw8uA1qspV+cbB/FizzNU0SY9U4H 5/9ZrM7kML2nqgfq9HA3GVznWW2zN35eA7E86VBvcVO1wX/lwvhpjdYHzclCk2++ yM4Pfo/yEdKSB7dRr9LE92KRDRH5INhKPhHSl1bbA/7o6v/3hSzX+o4LV6cN1yA4 1QK81VARnMP0VHqKjIVU+jCTYE1d3x6M3IsH8yN9WWSE1yLKEMVIdrnZ7WHeD+sh y5jwk+9UqklI6ppVwpHl+REB2sxR7TjBAVcq2Ajl8zxVJ0kIbVgXcAoiVQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFM2qlFW56I5EwxESd/9dK2TUrea2MB8GA1UdIwQY MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt YjgxMWNmY2I5ZmQ1LzEvemFxVVZibm9qa1RERVJKM18xMHJaTlN0NXJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1 LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhRuQAAB MA0GCSqGSIb3DQEBCwUAA4IBAQByo8QwqTNV/yBS2Fsu9wZ9F+LFuWlBuBSQSHtp MlSD6KQLbaK3bipPsUxmWhwoOkRH/OJKE0smGsLdebImGzkQ6S8IjbhsNVBl7vTb EW0owZyR4+uUfYckyX0MEDFzFRk6SJHR+Rcu1T1ucR0S4GUnCsp0HTisWWS7BNfy jDPbam9mSF/INcRJXsMUKoJsZ9CwV2MqgTaYmsQ5Cw31YlnEowA0OgO00mJ9b5lp dNSqxe3nhO28hl+HiabEBe03ATRwJofd/V2NH5Ek5o01PcUqoiJboTG5MJP9K18+ E3rXJQSxXo1jXDB+9qTG1Gt1wb1CMrmY4AYuvKQKLZmc9WIN -----END CERTIFICATE-----Generated at Mon Jan 5 14:37:37 2026 by rpki-client