This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/tkLKI36bEE_d9mFrnpG75Jz1duc.roa File: tkLKI36bEE_d9mFrnpG75Jz1duc.roa (raw, json) Hash identifier: GQR5CqcIcifEV/UVBCebbmLSOnvxcbQORub4i3S8oOk= Subject key identifier: B6:42:CA:23:7E:9B:10:4F:DD:F6:61:6B:9E:91:BB:E4:9C:F5:76:E7 Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800 Certificate serial: 019B7F14F9D249D59A60DC1957D618CE390A Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/tkLKI36bEE_d9mFrnpG75Jz1duc.roa Signing time: Fri 02 Jan 2026 14:20:39 +0000 ROA not before: Fri 02 Jan 2026 14:20:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203020 IP address blocks: 2a09:a702:72::/48 maxlen: 48 2a09:a702:73::/48 maxlen: 48 2a09:a702:76::/48 maxlen: 48 2a09:a702:77::/48 maxlen: 48 2a09:a702:92::/48 maxlen: 48 2a09:a702:93::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.mft rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:f9:d2:49:d5:9a:60:dc:19:57:d6:18:ce:39:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800 Validity Not Before: Jan 2 14:20:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b642ca237e9b104fddf6616b9e91bbe49cf576e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:ff:5e:53:32:3f:d8:08:71:84:46:96:8f:62: e0:52:d7:97:d6:38:b9:08:8e:dc:bd:07:24:7e:75: 91:5a:fb:ba:0d:6e:55:fb:b5:be:cd:e4:53:d5:b1: 02:48:4d:35:87:a7:ed:f8:5e:54:5d:74:d1:31:a7: 50:68:cd:3c:df:a6:f7:2c:f9:86:80:6e:ee:66:cd: 3a:73:61:07:fe:ec:ec:5c:1b:71:a7:5f:3d:fc:a4: 62:0d:7c:a9:7d:33:26:9f:27:85:58:2a:ba:20:db: 01:f9:ed:c8:b7:d5:10:4e:73:6f:45:8b:46:84:25: ce:9a:34:a3:0c:c5:10:e9:ce:13:d1:90:8e:33:48: eb:ce:72:0f:71:4e:77:97:c7:9d:87:b5:7f:b9:da: 21:7b:86:de:14:20:a7:3f:d3:49:a4:9a:56:6a:ba: a0:03:52:b1:b5:d4:64:e9:ff:7f:00:12:13:79:08: c3:54:45:60:c6:62:11:7a:01:66:22:8e:dd:95:f4: d6:e3:1c:62:05:6a:2c:22:1f:36:1f:a8:f4:90:11: 9c:5d:05:f1:41:46:d8:b5:e1:84:b1:1c:19:03:45: ab:7e:a9:16:a7:2f:fe:62:fc:32:72:b9:d5:37:8a: a4:97:db:69:f2:a1:96:ad:a1:7a:90:8d:0b:85:65: 4c:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:42:CA:23:7E:9B:10:4F:DD:F6:61:6B:9E:91:BB:E4:9C:F5:76:E7 X509v3 Authority Key Identifier: keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/tkLKI36bEE_d9mFrnpG75Jz1duc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:a702:72::/47 2a09:a702:76::/47 2a09:a702:92::/47 Signature Algorithm: sha256WithRSAEncryption 32:91:a2:64:4e:1b:03:57:15:3d:b7:c7:50:c8:10:e3:5b:5a: 22:3a:d8:55:8f:1d:51:c6:b8:11:a4:6d:c2:a8:fc:19:8e:b4: 7a:56:56:59:4a:da:8d:93:86:3a:97:6a:ab:4a:31:c2:f6:96: 53:6e:cd:83:87:da:50:30:0c:86:b1:ec:62:48:69:d6:92:af: 11:91:8b:5e:bf:ef:68:ad:00:c7:e0:0f:b5:7e:83:49:45:76: 26:d3:56:b7:0c:ae:98:30:08:11:9e:b2:62:b4:66:51:bb:bc: ed:a9:ee:39:89:76:69:58:5a:39:a7:00:6b:f9:74:b1:df:7c: a0:b9:fd:4c:9a:53:23:bd:b8:c0:5f:2d:ab:54:9d:55:9d:4c: d2:57:5c:9c:5f:bd:fa:c7:c9:f7:2f:6d:de:4c:f9:55:fc:bd: 12:62:06:27:18:2c:82:46:58:5e:5e:13:23:2a:94:34:f6:f0: 26:1d:16:9b:96:ea:75:cd:09:1a:f1:fe:48:57:3b:f6:cc:3b: 2b:e2:05:1b:10:55:5a:73:d0:bd:37:c6:1f:57:0e:48:bf:5d: 46:dd:9d:dc:88:dc:49:45:1d:8d:7a:1d:52:c7:65:cb:5c:78: a7:de:97:9c:23:ce:e3:24:d2:41:9a:41:a2:99:6f:e0:26:65: a3:43:71:82 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/FPnSSdWaYNwZV9YYzjkKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0 YmY4MDAwHhcNMjYwMTAyMTQyMDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNjQyY2EyMzdlOWIxMDRmZGRmNjYxNmI5ZTkxYmJlNDljZjU3NmU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0v9eUzI/2AhxhEaWj2LgUteX1ji5 CI7cvQckfnWRWvu6DW5V+7W+zeRT1bECSE01h6ft+F5UXXTRMadQaM0836b3LPmG gG7uZs06c2EH/uzsXBtxp189/KRiDXypfTMmnyeFWCq6INsB+e3It9UQTnNvRYtG hCXOmjSjDMUQ6c4T0ZCOM0jrznIPcU53l8edh7V/udohe4beFCCnP9NJpJpWarqg A1KxtdRk6f9/ABITeQjDVEVgxmIRegFmIo7dlfTW4xxiBWosIh82H6j0kBGcXQXx QUbYteGEsRwZA0WrfqkWpy/+YvwycrnVN4qkl9tp8qGWraF6kI0LhWVM2wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLZCyiN+mxBP3fZha56Ru+Sc9XbnMB8GA1UdIwQY MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt NDhkNWZmNGJhMjU1LzEvdGtMS0kzNmJFRV9kOW1Gcm5wRzc1SnoxZHVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1 LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKgmnAgBy AwcBKgmnAgB2AwcBKgmnAgCSMA0GCSqGSIb3DQEBCwUAA4IBAQAykaJkThsDVxU9 t8dQyBDjW1oiOthVjx1RxrgRpG3CqPwZjrR6VlZZStqNk4Y6l2qrSjHC9pZTbs2D h9pQMAyGsexiSGnWkq8RkYtev+9orQDH4A+1foNJRXYm01a3DK6YMAgRnrJitGZR u7ztqe45iXZpWFo5pwBr+XSx33yguf1MmlMjvbjAXy2rVJ1VnUzSV1ycX736x8n3 L23eTPlV/L0SYgYnGCyCRlheXhMjKpQ09vAmHRablup1zQka8f5IVzv2zDsr4gUb EFVac9C9N8YfVw5Iv11G3Z3ciNxJRR2Neh1Sx2XLXHin3pecI87jJNJBmkGimW/g JmWjQ3GC -----END CERTIFICATE-----Generated at Sun Jan 18 10:45:06 2026 by rpki-client