This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/AJbfoK5NDzY7slqv2VxoN6jz7Z8.roa File: AJbfoK5NDzY7slqv2VxoN6jz7Z8.roa (raw, json) Hash identifier: t7Or3kodVU4zmFE+xtd2pyiM3KjgcEq+rYKO3xYIMo0= Subject key identifier: 00:96:DF:A0:AE:4D:0F:36:3B:B2:5A:AF:D9:5C:68:37:A8:F3:ED:9F Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Certificate serial: 019B7A5B0AE3D1AACCA85336124C1458E08F Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/AJbfoK5NDzY7slqv2VxoN6jz7Z8.roa Signing time: Thu 01 Jan 2026 16:19:05 +0000 ROA not before: Thu 01 Jan 2026 16:19:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201194 IP address blocks: 2a05:9080:9::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 06 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:0a:e3:d1:aa:cc:a8:53:36:12:4c:14:58:e0:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Validity Not Before: Jan 1 16:19:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0096dfa0ae4d0f363bb25aafd95c6837a8f3ed9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:fa:9d:da:fb:e7:46:a6:b9:a1:51:b7:90:e4: 71:64:a3:1d:ea:67:8b:df:48:9a:90:ec:68:41:fd: 51:6b:6f:09:90:01:66:52:24:f3:1a:69:54:b9:6a: 62:52:3b:29:7b:bf:4d:38:bc:84:c1:3d:b4:a5:bd: 1d:15:f3:5b:fc:51:16:42:41:14:15:2b:a6:ca:0d: 4e:0c:3e:d6:10:b7:fb:5d:2b:73:3e:e8:91:91:07: a9:ab:3b:ec:0b:49:63:27:c5:9e:e2:98:9a:3f:65: 95:41:e4:57:36:6b:91:97:4e:3a:31:63:bd:01:f1: 26:82:5b:94:4c:44:62:e0:74:fe:06:de:af:9f:bc: bc:70:0b:d4:0a:6d:a4:7f:73:17:61:c2:ad:f6:44: d7:3f:79:d0:63:ad:b0:7b:7b:29:85:9d:38:64:0d: 79:66:9d:b9:ad:95:85:71:d4:df:6a:29:b6:14:1c: e2:59:df:3a:64:f2:0a:e5:44:16:ee:ab:08:61:34: a6:2e:d4:6f:2f:45:c9:d8:55:d2:4a:5f:9d:84:8c: 76:ea:2f:17:2f:33:db:84:f1:27:d3:83:6d:24:0d: e7:6f:93:81:ff:ff:a4:1b:16:31:8e:e4:07:d2:4d: 66:c2:64:00:10:68:c6:53:7f:1e:6c:27:75:e8:f9: e0:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:96:DF:A0:AE:4D:0F:36:3B:B2:5A:AF:D9:5C:68:37:A8:F3:ED:9F X509v3 Authority Key Identifier: keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/AJbfoK5NDzY7slqv2VxoN6jz7Z8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:9080:9::/48 Signature Algorithm: sha256WithRSAEncryption 75:6b:33:23:22:35:fa:06:6d:46:bb:33:87:72:96:c3:f0:1c: d8:68:00:fd:24:76:d8:01:79:ba:70:fc:f3:ce:3b:78:b2:26: f2:a8:11:2e:81:9c:2c:b9:bf:34:a6:12:c0:25:2b:2e:d0:11: c9:3a:f0:2d:30:a7:0c:90:dd:2d:3b:37:30:e4:8b:a9:cf:18: 48:e3:f7:1b:67:33:68:b7:1c:39:84:7c:63:57:ad:4a:e7:2f: db:f4:fe:db:3f:04:fc:65:a8:78:d9:c3:b4:86:68:71:00:9f: 96:e4:43:bf:eb:a6:4a:1a:f8:70:c9:ee:74:da:bb:66:49:5c: 11:56:de:77:dd:ad:79:62:33:b2:e6:29:55:f0:d3:51:7c:ef: 98:8e:ad:70:91:61:e4:82:a7:f7:5e:89:9c:f4:c0:db:e2:dc: c3:38:67:28:8a:fd:ed:00:37:a3:c2:c7:d2:c9:8c:b2:73:7c: f6:73:00:9a:d1:68:57:87:49:9c:4b:55:4f:97:27:dc:da:f0: 4b:0a:6d:55:b8:f8:a6:00:64:1a:ca:6d:01:57:89:5c:82:a0: ef:ff:85:80:6f:a6:ab:83:fc:08:4c:34:e8:0b:3b:2a:48:25: 09:50:7a:1e:f9:54:68:d6:c2:e4:38:59:4c:4f:3d:f9:b5:d0: a2:f4:77:9d -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt6Wwrj0arMqFM2EkwUWOCPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw Y2MzNGIwHhcNMjYwMTAxMTYxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMDk2ZGZhMGFlNGQwZjM2M2JiMjVhYWZkOTVjNjgzN2E4ZjNlZDlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/qd2vvnRqa5oVG3kORxZKMd6meL 30iakOxoQf1Ra28JkAFmUiTzGmlUuWpiUjspe79NOLyEwT20pb0dFfNb/FEWQkEU FSumyg1ODD7WELf7XStzPuiRkQepqzvsC0ljJ8We4piaP2WVQeRXNmuRl046MWO9 AfEmgluUTERi4HT+Bt6vn7y8cAvUCm2kf3MXYcKt9kTXP3nQY62we3sphZ04ZA15 Zp25rZWFcdTfaim2FBziWd86ZPIK5UQW7qsIYTSmLtRvL0XJ2FXSSl+dhIx26i8X LzPbhPEn04NtJA3nb5OB//+kGxYxjuQH0k1mwmQAEGjGU38ebCd16PnghQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFACW36CuTQ82O7Jar9lcaDeo8+2fMB8GA1UdIwQY MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt MDk0ODk4OWU2ZDU1LzEvQUpiZm9LNU5Eelk3c2xxdjJWeG9ONmp6N1o4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1 LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWQgAAJ MA0GCSqGSIb3DQEBCwUAA4IBAQB1azMjIjX6Bm1GuzOHcpbD8BzYaAD9JHbYAXm6 cPzzzjt4sibyqBEugZwsub80phLAJSsu0BHJOvAtMKcMkN0tOzcw5IupzxhI4/cb ZzNotxw5hHxjV61K5y/b9P7bPwT8Zah42cO0hmhxAJ+W5EO/66ZKGvhwye502rtm SVwRVt533a15YjOy5ilV8NNRfO+Yjq1wkWHkgqf3Xomc9MDb4tzDOGcoiv3tADej wsfSyYyyc3z2cwCa0WhXh0mcS1VPlyfc2vBLCm1VuPimAGQaym0BV4lcgqDv/4WA b6arg/wITDToCzsqSCUJUHoe+VRo1sLkOFlMTz35tdCi9Hed -----END CERTIFICATE-----Generated at Mon Jan 5 13:06:38 2026 by rpki-client