This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/140kRQEj3h0GjQtPnM7mNhB0pd0.roa File: 140kRQEj3h0GjQtPnM7mNhB0pd0.roa (raw, json) Hash identifier: Glji+wdNx0lC1Qzp3pek3CS+AHdgtNRm2/n00pXzbAo= Subject key identifier: D7:8D:24:45:01:23:DE:1D:06:8D:0B:4F:9C:CE:E6:36:10:74:A5:DD Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045 Certificate serial: 019B76EB83E43A2E924A33C2E4512A2229B0 Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/140kRQEj3h0GjQtPnM7mNhB0pd0.roa Signing time: Thu 01 Jan 2026 00:18:24 +0000 ROA not before: Thu 01 Jan 2026 00:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 46475 IP address blocks: 2a11:840:34::/48 maxlen: 48 2a11:840:35::/48 maxlen: 48 2a11:840:36::/48 maxlen: 48 2a11:840:37::/48 maxlen: 48 2a11:840:38::/48 maxlen: 48 2a11:840:39::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.mft rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:83:e4:3a:2e:92:4a:33:c2:e4:51:2a:22:29:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045 Validity Not Before: Jan 1 00:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d78d24450123de1d068d0b4f9ccee6361074a5dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:52:d3:2b:a6:f7:4a:b0:14:9a:c6:67:5d:ed: 5c:ba:28:a2:96:c9:65:c4:6a:65:3b:35:e7:38:73: f8:f6:28:22:93:4b:05:ac:aa:36:33:fa:f6:d3:69: 3b:29:b3:8e:fb:ba:09:69:a5:fd:48:43:8b:c6:f9: b5:a5:00:af:d2:50:94:32:15:1a:03:3c:20:10:fb: 31:8f:b9:7a:fb:0b:ac:db:77:af:6b:bd:88:28:d8: 1d:04:f9:8a:f5:9d:98:b1:df:a9:2a:e7:17:e2:5b: 3d:85:57:b3:db:56:73:e3:dd:02:5e:10:63:d8:0c: 9f:83:64:49:c2:5a:2f:ca:b5:7a:b3:6f:10:84:f2: ac:2e:c2:62:ae:eb:6f:54:bc:84:5e:bf:20:3d:75: 73:ee:64:a4:6c:4b:21:50:b1:5c:30:d1:8b:cd:66: 79:9c:10:16:0a:e6:1e:d8:eb:04:ac:42:58:c9:0f: 51:46:e7:a1:f7:7f:03:ac:65:5c:96:1e:de:46:e6: ba:6e:85:80:d2:29:04:8f:06:c9:af:28:dc:27:12: 58:7b:02:38:64:a0:a7:86:cb:5a:5e:28:25:ac:59: 69:f6:30:60:ea:a7:6f:2d:f8:5c:1d:a7:4a:36:06: dd:c3:59:68:6e:db:bf:a1:ad:f8:c2:9d:77:56:ed: c9:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:8D:24:45:01:23:DE:1D:06:8D:0B:4F:9C:CE:E6:36:10:74:A5:DD X509v3 Authority Key Identifier: keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/140kRQEj3h0GjQtPnM7mNhB0pd0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:840:34::-2a11:840:39:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 29:34:25:ac:74:fa:8b:0b:55:03:fb:20:d0:37:b5:b5:17:1f: b2:b5:54:71:93:93:bf:48:f6:a0:f7:4c:cb:68:54:f1:7d:e9: 8c:49:b0:a2:9f:eb:d9:26:d1:28:8d:d3:ce:ba:fd:3c:2b:e9: c6:8f:f0:33:fe:9f:02:30:86:7b:ab:d1:89:22:5d:eb:40:00: 5b:12:f8:2d:88:dc:a8:47:1c:49:20:af:f8:42:b5:d0:6e:64: 95:b7:2e:3a:89:a1:06:0b:41:9a:49:d0:a8:ca:45:26:a7:70: 00:75:47:e6:a1:9b:ca:4e:7e:0d:50:80:9d:c6:af:53:fe:fc: 98:b0:f7:f6:3b:84:7c:eb:85:e0:95:e9:79:f8:17:0e:7e:61: c8:87:ae:2d:ed:dd:38:2b:bc:2d:af:ef:97:a6:0d:fb:e6:a9: df:49:9f:d6:54:20:e0:45:2b:72:5a:b8:f3:2d:5e:6a:34:f8: 47:c2:28:5d:00:9b:4b:24:f3:54:00:c5:01:e6:59:07:15:f1: 9a:76:d7:a6:ab:cf:2a:68:b2:7c:d8:ea:26:77:05:5e:3c:d3: c8:2a:45:02:06:93:5e:21:d4:d4:b3:a8:d6:04:46:39:a6:a9: 59:1d:bd:3f:c2:68:8b:20:2a:93:c7:8c:2a:7b:37:37:21:b5: 5b:db:f5:6c -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt264PkOi6SSjPC5FEqIimwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx NjAwNDUwHhcNMjYwMTAxMDAxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNzhkMjQ0NTAxMjNkZTFkMDY4ZDBiNGY5Y2NlZTYzNjEwNzRhNWRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFLTK6b3SrAUmsZnXe1cuiiilsll xGplOzXnOHP49igik0sFrKo2M/r202k7KbOO+7oJaaX9SEOLxvm1pQCv0lCUMhUa AzwgEPsxj7l6+wus23eva72IKNgdBPmK9Z2Ysd+pKucX4ls9hVez21Zz490CXhBj 2Ayfg2RJwlovyrV6s28QhPKsLsJirutvVLyEXr8gPXVz7mSkbEshULFcMNGLzWZ5 nBAWCuYe2OsErEJYyQ9RRueh938DrGVclh7eRua6boWA0ikEjwbJryjcJxJYewI4 ZKCnhstaXiglrFlp9jBg6qdvLfhcHadKNgbdw1lobtu/oa34wp13Vu3J/QIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFNeNJEUBI94dBo0LT5zO5jYQdKXdMB8GA1UdIwQY MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt NTE5MjAzNzMzNTNjLzEvMTQwa1JRRWozaDBHalF0UG5NN21OaEIwcGQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwIqEQhA ADQDBwEqEQhAADgwDQYJKoZIhvcNAQELBQADggEBACk0Jax0+osLVQP7INA3tbUX H7K1VHGTk79I9qD3TMtoVPF96YxJsKKf69km0SiN0866/Twr6caP8DP+nwIwhnur 0YkiXetAAFsS+C2I3KhHHEkgr/hCtdBuZJW3LjqJoQYLQZpJ0KjKRSancAB1R+ah m8pOfg1QgJ3Gr1P+/Jiw9/Y7hHzrheCV6Xn4Fw5+YciHri3t3TgrvC2v75emDfvm qd9Jn9ZUIOBFK3JauPMtXmo0+EfCKF0Am0sk81QAxQHmWQcV8Zp216arzyposnzY 6iZ3BV4808gqRQIGk14h1NSzqNYERjmmqVkdvT/CaIsgKpPHjCp7NzchtVvb9Ww= -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:00 2026 by rpki-client