This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/KrdFE5qbZm0BsnHIJgKBhkCYfMg.roa File: KrdFE5qbZm0BsnHIJgKBhkCYfMg.roa (raw, json) Hash identifier: yJaF+ZPQzdElslhHHeiCzNPSim47QJWyqmLoPAq0ci0= Subject key identifier: 2A:B7:45:13:9A:9B:66:6D:01:B2:71:C8:26:02:81:86:40:98:7C:C8 Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Certificate serial: 019C04ED5D2E098C2CA7A9514CC92C5AA001 Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/KrdFE5qbZm0BsnHIJgKBhkCYfMg.roa Signing time: Wed 28 Jan 2026 14:06:30 +0000 ROA not before: Wed 28 Jan 2026 14:06:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205899 IP address blocks: 2a05:9080:14::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 31 Jan 2026 06:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:04:ed:5d:2e:09:8c:2c:a7:a9:51:4c:c9:2c:5a:a0:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Validity Not Before: Jan 28 14:06:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2ab745139a9b666d01b271c82602818640987cc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:c1:bb:43:f7:d4:77:9d:07:d0:1c:f5:c6:2a: d2:2c:71:bc:6e:66:8a:6b:91:9e:fb:b2:bb:31:3f: d8:b8:31:90:cf:68:16:2f:10:04:a4:2c:c0:4d:f9: 58:ee:9f:5a:bb:16:d2:a3:21:e7:0f:5c:3f:db:be: 6e:36:58:d4:d5:4f:37:e6:77:f7:bd:6f:52:03:ac: 5e:ac:b5:e8:61:53:23:38:ef:e0:9f:46:e3:0b:02: db:67:13:fe:5a:5e:5e:93:2f:b0:c0:f1:e3:f3:e9: 3d:1e:24:ee:c9:59:5b:6c:a0:ec:b0:28:15:2b:86: 8a:c9:fe:f0:a7:e3:04:39:22:5e:94:e9:93:35:d8: 66:24:91:13:e7:ad:6d:25:ac:07:2b:09:6c:bb:be: c2:17:73:45:ec:f6:28:75:f2:26:dc:81:4f:6b:7e: d3:9d:b2:d4:c6:47:8a:59:ee:f1:fd:48:ef:4c:c0: 20:91:eb:c4:ab:d2:6d:e1:ef:31:60:a5:fe:38:d1: 3a:6f:9d:2f:d9:f8:d5:63:d4:76:ee:11:b3:1a:5b: 05:7d:a9:d9:91:17:e6:ff:4a:03:6c:f6:da:ce:e3: ba:17:d1:ac:6c:1c:55:e6:45:f6:e4:9c:64:c8:c8: d7:73:e2:4e:10:2c:8e:8d:26:07:7f:67:74:05:9d: d8:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:B7:45:13:9A:9B:66:6D:01:B2:71:C8:26:02:81:86:40:98:7C:C8 X509v3 Authority Key Identifier: keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/KrdFE5qbZm0BsnHIJgKBhkCYfMg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:9080:14::/48 Signature Algorithm: sha256WithRSAEncryption 67:ec:94:ce:91:60:58:1f:65:18:29:b7:44:45:9d:49:13:5f: 85:70:3d:52:78:e8:5c:c2:ec:21:da:b0:46:54:ac:92:9f:c6: 37:62:6a:cb:08:97:ab:38:ef:2d:b1:31:85:c3:1e:84:ca:a0: 3c:28:61:cf:48:36:38:e2:f6:9f:c1:93:78:28:69:2c:f8:01: 17:67:56:ca:9a:99:03:9b:40:22:8f:34:14:a2:70:4a:bd:f5: a4:48:2d:4a:ac:35:b6:b9:24:95:78:d4:a6:9d:9a:e3:20:39: 97:f2:57:87:bb:87:29:c8:7e:27:5b:b2:4f:f1:0b:da:dd:da: a6:f2:f7:2f:f6:d4:0d:06:65:03:14:29:cd:a5:fb:83:55:5d: 5b:74:61:78:58:35:b6:3e:f8:99:00:ad:8a:20:87:9e:2d:a4: 7b:bb:80:0a:20:44:19:19:90:7c:b6:9e:6e:65:d2:72:51:6f: bb:08:86:8f:ff:61:ec:e5:12:d2:19:a1:67:c5:21:28:67:12: 95:a4:f6:69:b1:c0:12:84:f9:05:38:41:5a:b1:f0:61:c7:1c: b1:c1:bb:2b:11:be:d8:0c:40:54:62:88:10:c3:df:91:48:11: c7:01:b7:4f:b6:2c:78:ec:fb:88:9e:85:6e:92:d0:1d:bc:cb: 71:8f:83:19 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZwE7V0uCYwsp6lRTMksWqABMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw Y2MzNGIwHhcNMjYwMTI4MTQwNjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYWI3NDUxMzlhOWI2NjZkMDFiMjcxYzgyNjAyODE4NjQwOTg3Y2M4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8G7Q/fUd50H0Bz1xirSLHG8bmaK a5Ge+7K7MT/YuDGQz2gWLxAEpCzATflY7p9auxbSoyHnD1w/275uNljU1U835nf3 vW9SA6xerLXoYVMjOO/gn0bjCwLbZxP+Wl5eky+wwPHj8+k9HiTuyVlbbKDssCgV K4aKyf7wp+MEOSJelOmTNdhmJJET561tJawHKwlsu77CF3NF7PYodfIm3IFPa37T nbLUxkeKWe7x/UjvTMAgkevEq9Jt4e8xYKX+ONE6b50v2fjVY9R27hGzGlsFfanZ kRfm/0oDbPbazuO6F9GsbBxV5kX25JxkyMjXc+JOECyOjSYHf2d0BZ3YdwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFCq3RROam2ZtAbJxyCYCgYZAmHzIMB8GA1UdIwQY MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt MDk0ODk4OWU2ZDU1LzEvS3JkRkU1cWJabTBCc25ISUpnS0Joa0NZZk1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1 LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWQgAAU MA0GCSqGSIb3DQEBCwUAA4IBAQBn7JTOkWBYH2UYKbdERZ1JE1+FcD1SeOhcwuwh 2rBGVKySn8Y3YmrLCJerOO8tsTGFwx6EyqA8KGHPSDY44vafwZN4KGks+AEXZ1bK mpkDm0AijzQUonBKvfWkSC1KrDW2uSSVeNSmnZrjIDmX8leHu4cpyH4nW7JP8Qva 3dqm8vcv9tQNBmUDFCnNpfuDVV1bdGF4WDW2PviZAK2KIIeeLaR7u4AKIEQZGZB8 tp5uZdJyUW+7CIaP/2Hs5RLSGaFnxSEoZxKVpPZpscAShPkFOEFasfBhxxyxwbsr Eb7YDEBUYogQw9+RSBHHAbdPtix47PuInoVuktAdvMtxj4MZ -----END CERTIFICATE-----Generated at Fri Jan 30 10:20:13 2026 by rpki-client