This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/AQBZKKUw0CfqLnDcy9hcMLkcBVQ.roa File: AQBZKKUw0CfqLnDcy9hcMLkcBVQ.roa (raw, json) Hash identifier: e8Nsfm4NARCM4kcuUWqaXIOJHBmE9O9GAIR9R4lcjmA= Subject key identifier: 01:00:59:28:A5:30:D0:27:EA:2E:70:DC:CB:D8:5C:30:B9:1C:05:54 Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205 Certificate serial: 019B7835504193ED24BEAC8A7F6436FCD380 Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/AQBZKKUw0CfqLnDcy9hcMLkcBVQ.roa Signing time: Thu 01 Jan 2026 06:18:38 +0000 ROA not before: Thu 01 Jan 2026 06:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 2001:67c:24f0::/48 maxlen: 48 2001:67c:2500::/45 maxlen: 45 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:50:41:93:ed:24:be:ac:8a:7f:64:36:fc:d3:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205 Validity Not Before: Jan 1 06:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=01005928a530d027ea2e70dccbd85c30b91c0554 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:79:59:15:8e:f8:73:6e:c7:dd:61:e1:45:66: 6f:df:bc:8c:7b:fc:d3:ce:cf:ea:18:75:f4:26:9b: 04:e9:0d:d1:e5:03:46:8e:b5:da:09:91:b2:69:84: 27:5a:ad:05:46:90:1f:4d:13:70:62:73:47:bf:f3: 14:18:79:f5:de:4c:93:98:14:e3:94:79:08:f2:82: b6:fd:f4:4d:d1:2b:cc:ff:86:10:20:66:42:00:ce: d5:a8:3d:cf:aa:a8:bb:d2:a5:38:2c:4d:14:99:0b: 94:17:28:52:1a:db:2c:1f:26:70:1b:5d:1a:83:04: 9b:6e:33:1f:a2:89:58:78:fb:f2:31:39:7b:da:5e: a8:90:8e:c6:b9:64:ff:53:83:96:cc:b7:70:29:4f: a0:ce:56:be:a9:a3:64:b8:8f:4f:52:20:cd:01:ee: 6f:19:0f:00:05:a6:4d:7a:e0:b9:f3:36:1b:84:dc: 7b:ba:b8:07:bc:10:07:62:9e:ee:e8:4e:4f:b4:3b: 32:94:7f:dc:14:00:2f:b5:55:4b:eb:ff:b1:53:33: 47:aa:dd:73:59:5c:41:a1:45:c6:50:3c:b5:3f:91: e2:c4:3f:a6:0b:d2:56:87:7a:dc:78:f6:60:3e:c0: 92:61:57:ff:d9:cd:e1:c3:7c:b3:2e:46:40:44:bb: 87:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:00:59:28:A5:30:D0:27:EA:2E:70:DC:CB:D8:5C:30:B9:1C:05:54 X509v3 Authority Key Identifier: keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/AQBZKKUw0CfqLnDcy9hcMLkcBVQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:24f0::/48 2001:67c:2500::/45 Signature Algorithm: sha256WithRSAEncryption 50:ba:2d:22:14:56:16:f7:d0:aa:53:de:47:4c:96:c9:92:f8: b5:44:b1:a9:d7:00:a9:82:b4:82:b5:cb:6e:c5:73:c0:c4:fa: 65:a6:58:6e:5b:15:f9:3c:93:eb:ec:0f:9e:5f:32:cc:53:d9: a1:60:67:ab:e1:14:f4:78:ea:45:72:e5:c3:74:cb:8e:3b:9f: b7:b8:e7:f0:b7:fe:d5:fb:ce:64:b7:9f:e5:b9:c6:89:ab:7d: 33:b6:b1:ec:36:1d:96:2b:6d:a6:76:9f:83:64:67:36:ed:2e: 8a:cf:b9:ec:9c:76:6b:1b:e3:63:c4:c9:74:b4:c3:e1:8a:b0: 77:65:74:d6:9d:eb:db:cd:7f:bb:32:3d:eb:0e:64:74:d7:63: a4:68:7b:8b:29:c3:72:5c:d0:4d:34:0b:55:6a:d9:dc:af:c3: e6:27:5b:92:b3:4d:4a:a0:23:af:07:00:e6:f8:e8:10:85:43: 25:9f:21:71:66:f6:78:4d:91:15:df:55:e6:d8:b2:9f:7b:bc: 20:e6:f9:67:98:a1:9a:28:fb:d8:79:20:b3:7b:45:47:f0:25: 7d:93:71:22:5d:b4:6c:53:4a:0d:52:f7:3b:55:5a:03:68:16: 2e:1a:df:fb:fc:ba:5f:05:8a:cb:f5:a7:81:5a:94:51:f3:e5: 96:2f:38:20 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt4NVBBk+0kvqyKf2Q2/NOAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk Y2UyMDUwHhcNMjYwMTAxMDYxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMTAwNTkyOGE1MzBkMDI3ZWEyZTcwZGNjYmQ4NWMzMGI5MWMwNTU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHlZFY74c27H3WHhRWZv37yMe/zT zs/qGHX0JpsE6Q3R5QNGjrXaCZGyaYQnWq0FRpAfTRNwYnNHv/MUGHn13kyTmBTj lHkI8oK2/fRN0SvM/4YQIGZCAM7VqD3Pqqi70qU4LE0UmQuUFyhSGtssHyZwG10a gwSbbjMfoolYePvyMTl72l6okI7GuWT/U4OWzLdwKU+gzla+qaNkuI9PUiDNAe5v GQ8ABaZNeuC58zYbhNx7urgHvBAHYp7u6E5PtDsylH/cFAAvtVVL6/+xUzNHqt1z WVxBoUXGUDy1P5HixD+mC9JWh3rcePZgPsCSYVf/2c3hw3yzLkZARLuHQQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFAEAWSilMNAn6i5w3MvYXDC5HAVUMB8GA1UdIwQY MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et ODcyYjM3MTBjMmExLzEvQVFCWktLVXcwQ2ZxTG5EY3k5aGNNTGtjQlZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfCTw AwcDIAEGfCUAMA0GCSqGSIb3DQEBCwUAA4IBAQBQui0iFFYW99CqU95HTJbJkvi1 RLGp1wCpgrSCtctuxXPAxPplplhuWxX5PJPr7A+eXzLMU9mhYGer4RT0eOpFcuXD dMuOO5+3uOfwt/7V+85kt5/lucaJq30ztrHsNh2WK22mdp+DZGc27S6Kz7nsnHZr G+NjxMl0tMPhirB3ZXTWnevbzX+7Mj3rDmR012OkaHuLKcNyXNBNNAtVatncr8Pm J1uSs01KoCOvBwDm+OgQhUMlnyFxZvZ4TZEV31Xm2LKfe7wg5vlnmKGaKPvYeSCz e0VH8CV9k3EiXbRsU0oNUvc7VVoDaBYuGt/7/LpfBYrL9aeBWpRR8+WWLzgg -----END CERTIFICATE-----Generated at Fri Jan 9 17:05:13 2026 by rpki-client