This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Ktwl2yAsOpnTWIMwxivAceuLJzY.roa File: Ktwl2yAsOpnTWIMwxivAceuLJzY.roa (raw, json) Hash identifier: KRg6PqD8zVO1nALZmN1KSFcbs5xnaZHo4MgN4YkpqIY= Subject key identifier: 2A:DC:25:DB:20:2C:3A:99:D3:58:83:30:C6:2B:C0:71:EB:8B:27:36 Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Certificate serial: 019B866B4E2F6811F404B56542736F140D5F Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Ktwl2yAsOpnTWIMwxivAceuLJzY.roa Signing time: Sun 04 Jan 2026 00:32:17 +0000 ROA not before: Sun 04 Jan 2026 00:32:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199654 IP address blocks: 2a0f:b240:c::/48 maxlen: 48 2a0f:b240:20::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:86:6b:4e:2f:68:11:f4:04:b5:65:42:73:6f:14:0d:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Validity Not Before: Jan 4 00:32:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2adc25db202c3a99d3588330c62bc071eb8b2736 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:cc:a9:23:0a:9c:86:24:85:0d:f5:96:cb:5c: df:df:87:56:da:a5:87:0e:f6:e3:c2:90:6b:9d:df: a5:64:1d:e8:78:53:91:2d:a6:d5:d4:5d:6c:e8:0b: 40:0b:32:61:29:18:0e:15:5b:33:4b:31:eb:49:68: a9:c8:da:1e:83:a3:e3:f3:35:64:31:f6:28:aa:24: 1f:b4:ec:5e:1f:7b:08:f7:f5:2f:bf:81:a2:fa:b0: 9c:44:cc:a7:b8:76:1e:2d:de:e8:de:78:9f:9e:e8: 42:3e:75:15:79:e9:c3:dc:71:b8:ca:3b:93:9e:2f: 7a:9e:a8:f0:db:68:30:4d:81:68:16:a5:c7:c0:52: 5b:94:03:ef:bc:19:b5:a7:3b:5e:ad:18:9f:7a:99: b7:cb:bd:00:11:03:7d:5d:2a:57:26:50:48:a1:59: 8b:a6:8c:e6:dc:2d:22:90:86:04:65:3f:11:61:53: 5b:40:fa:d6:96:47:81:33:4c:31:b5:e2:26:4d:b5: 85:70:a2:a9:3e:2f:85:00:ab:3d:6d:25:e9:57:66: ce:dc:58:60:56:91:cb:5b:60:8a:70:4a:5c:da:cf: ae:71:a2:dd:17:c2:1f:69:82:70:2e:bb:c5:56:80: 7a:53:70:09:5e:7e:67:00:23:c8:bf:72:29:50:52: 57:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:DC:25:DB:20:2C:3A:99:D3:58:83:30:C6:2B:C0:71:EB:8B:27:36 X509v3 Authority Key Identifier: keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Ktwl2yAsOpnTWIMwxivAceuLJzY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:b240:c::/48 2a0f:b240:20::/44 Signature Algorithm: sha256WithRSAEncryption 64:0c:0a:73:a2:36:34:60:d0:44:4a:53:c7:e3:55:10:c5:53: 51:0e:69:ae:bc:98:f8:e3:35:74:18:77:86:f8:65:3f:8d:03: 4b:21:ec:8a:ed:5e:c3:fa:c5:b8:9b:43:57:9d:03:8a:58:bc: eb:cc:1e:4e:78:bc:9c:02:37:76:f1:eb:66:94:38:4b:53:6e: 10:fa:18:83:e0:85:cd:1a:ea:8a:f1:05:e0:e6:15:04:a6:99: 02:c6:09:d2:1a:bb:76:b3:e6:35:3a:f4:5a:f0:75:5e:7a:62: 69:6c:d4:f7:3b:05:fb:44:4f:b9:c5:33:3a:7b:3d:cc:54:c6: 5f:e6:da:1a:dc:23:ff:0a:04:ab:83:25:c6:ed:f3:34:5b:f4: 07:b0:31:9e:5b:77:91:e8:91:39:d5:78:9d:4c:d7:a9:15:b2: 4d:78:0d:f6:96:c2:f7:31:8b:f9:e4:e4:e1:5b:5d:c1:3f:c5: 36:ab:25:ce:be:a6:af:c5:f7:d8:0e:af:dd:ad:3d:73:91:62: a0:f7:98:d9:5b:53:b1:97:ab:e1:c4:e5:a3:5f:e8:0f:02:5e: db:3a:e5:b4:10:4b:db:22:46:61:30:5e:78:aa:56:b4:42:3a: 72:70:1e:cb:2c:d3:27:69:50:e1:a4:9a:f5:16:b3:12:04:49: 86:06:7a:ef -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZuGa04vaBH0BLVlQnNvFA1fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk ZmUyMGYwHhcNMjYwMTA0MDAzMjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYWRjMjVkYjIwMmMzYTk5ZDM1ODgzMzBjNjJiYzA3MWViOGIyNzM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9MypIwqchiSFDfWWy1zf34dW2qWH DvbjwpBrnd+lZB3oeFORLabV1F1s6AtACzJhKRgOFVszSzHrSWipyNoeg6Pj8zVk MfYoqiQftOxeH3sI9/Uvv4Gi+rCcRMynuHYeLd7o3nifnuhCPnUVeenD3HG4yjuT ni96nqjw22gwTYFoFqXHwFJblAPvvBm1pzterRifepm3y70AEQN9XSpXJlBIoVmL pozm3C0ikIYEZT8RYVNbQPrWlkeBM0wxteImTbWFcKKpPi+FAKs9bSXpV2bO3Fhg VpHLW2CKcEpc2s+ucaLdF8IfaYJwLrvFVoB6U3AJXn5nACPIv3IpUFJXuQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCrcJdsgLDqZ01iDMMYrwHHriyc2MB8GA1UdIwQY MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct YjcxNzk4MGU0YWQ2LzEvS3R3bDJ5QXNPcG5UV0lNd3hpdkFjZXVMSnpZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2 LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+yQAAM AwcEKg+yQAAgMA0GCSqGSIb3DQEBCwUAA4IBAQBkDApzojY0YNBESlPH41UQxVNR DmmuvJj44zV0GHeG+GU/jQNLIeyK7V7D+sW4m0NXnQOKWLzrzB5OeLycAjd28etm lDhLU24Q+hiD4IXNGuqK8QXg5hUEppkCxgnSGrt2s+Y1OvRa8HVeemJpbNT3OwX7 RE+5xTM6ez3MVMZf5toa3CP/CgSrgyXG7fM0W/QHsDGeW3eR6JE51XidTNepFbJN eA32lsL3MYv55OThW13BP8U2qyXOvqavxffYDq/drT1zkWKg95jZW1Oxl6vhxOWj X+gPAl7bOuW0EEvbIkZhMF54qla0QjpycB7LLNMnaVDhpJr1FrMSBEmGBnrv -----END CERTIFICATE-----Generated at Mon Jan 19 23:23:27 2026 by rpki-client