This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/94c2bb-e80a-4f2c-8208-a9b2766773aa/1/a3MACvt7XrPEY_fMvOjs2dGCc8I.roa File: a3MACvt7XrPEY_fMvOjs2dGCc8I.roa (raw, json) Hash identifier: BnSZeJBjA6bMn5RCXClcc6mDzKBCwKOx+bVKk38vQdw= Subject key identifier: 6B:73:00:0A:FB:7B:5E:B3:C4:63:F7:CC:BC:E8:EC:D9:D1:82:73:C2 Certificate issuer: /CN=d90482763070955e7ea87e2ca37b891b864b2577 Certificate serial: 019B79EBB087680B502D9365DCAD3A8EBA2D Authority key identifier: D9:04:82:76:30:70:95:5E:7E:A8:7E:2C:A3:7B:89:1B:86:4B:25:77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2QSCdjBwlV5-qH4so3uJG4ZLJXc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/94c2bb-e80a-4f2c-8208-a9b2766773aa/1/a3MACvt7XrPEY_fMvOjs2dGCc8I.roa Signing time: Thu 01 Jan 2026 14:17:27 +0000 ROA not before: Thu 01 Jan 2026 14:17:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209642 IP address blocks: 2a14:7540::/40 maxlen: 48 2a14:7540:100::/40 maxlen: 40 2a14:7540:200::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/94c2bb-e80a-4f2c-8208-a9b2766773aa/1/2QSCdjBwlV5-qH4so3uJG4ZLJXc.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/94c2bb-e80a-4f2c-8208-a9b2766773aa/1/2QSCdjBwlV5-qH4so3uJG4ZLJXc.mft rsync://rpki.ripe.net/repository/DEFAULT/2QSCdjBwlV5-qH4so3uJG4ZLJXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:eb:b0:87:68:0b:50:2d:93:65:dc:ad:3a:8e:ba:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d90482763070955e7ea87e2ca37b891b864b2577 Validity Not Before: Jan 1 14:17:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6b73000afb7b5eb3c463f7ccbce8ecd9d18273c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:f4:0b:12:18:77:1d:ad:35:ca:84:78:eb:cf: c1:c8:5e:43:87:6e:27:86:65:a0:15:9a:b3:60:a8: a6:10:33:15:1f:f0:4e:db:fc:69:d2:4d:bd:6f:f1: 73:61:77:3f:28:d1:30:38:25:19:06:6c:c2:3f:d7: 2b:1a:9f:ce:c9:33:cb:85:d0:e2:35:cc:2f:82:d2: 34:34:7d:bc:e2:ab:8f:77:d3:f0:1a:9e:fe:2a:cd: 93:05:3c:34:7b:c6:6b:49:98:4a:91:fb:14:46:52: 25:c9:d7:fd:14:bd:5b:0a:de:60:cf:a3:78:7d:0e: 42:e5:4a:93:7c:b9:ae:98:ea:78:01:76:57:18:3c: eb:37:be:c6:37:53:26:56:b3:3f:6d:ee:04:67:35: a6:b4:9b:39:fd:e7:16:fa:ff:8b:07:94:05:db:33: 27:ec:8b:da:e3:e1:02:ab:ff:33:73:ee:54:52:88: 8e:30:9b:64:74:23:26:da:3b:4f:a5:64:83:21:0b: 7b:41:cb:79:90:2a:66:52:15:82:b5:aa:22:c3:e1: 13:f7:73:5e:2e:2c:b0:5f:21:ec:eb:22:33:8b:6d: 7e:47:ec:70:0a:11:7a:ac:e6:26:1d:72:be:f5:bf: b5:19:ee:e7:4d:2e:c1:21:05:f3:09:15:e7:5b:d9: e4:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:73:00:0A:FB:7B:5E:B3:C4:63:F7:CC:BC:E8:EC:D9:D1:82:73:C2 X509v3 Authority Key Identifier: keyid:D9:04:82:76:30:70:95:5E:7E:A8:7E:2C:A3:7B:89:1B:86:4B:25:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QSCdjBwlV5-qH4so3uJG4ZLJXc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/94c2bb-e80a-4f2c-8208-a9b2766773aa/1/a3MACvt7XrPEY_fMvOjs2dGCc8I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/94c2bb-e80a-4f2c-8208-a9b2766773aa/1/2QSCdjBwlV5-qH4so3uJG4ZLJXc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7540::-2a14:7540:2ff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 84:24:eb:bd:c2:86:08:01:9c:e9:80:aa:8e:0d:d9:94:ca:b7: bb:40:1a:9d:cf:6c:13:6a:1e:6b:4a:21:5c:5b:00:17:3c:2e: 99:de:32:bd:03:27:c0:67:11:84:e7:4f:b7:9d:5e:55:77:fb: 25:8c:60:5a:69:b9:33:2d:ed:f7:0d:de:0f:a2:ea:18:be:90: b0:b2:39:e9:dd:e2:bb:7e:bd:98:f7:e8:e3:84:97:c8:11:5d: 39:17:9c:36:fa:74:28:17:01:68:d4:d2:57:e2:6d:a8:9f:fb: d8:ab:44:61:6d:34:78:cc:05:d4:fa:df:8c:3b:0d:24:b1:44: 72:97:99:aa:b6:1f:65:66:39:05:c3:20:83:0a:e5:82:14:5a: 7e:4c:78:48:a0:cd:2e:ac:42:97:38:6a:94:79:c6:20:e0:d5: 89:17:b8:91:04:a0:e2:e3:50:3c:a1:74:a0:8e:34:39:dd:2a: db:70:b3:f8:2a:9b:15:99:bb:e1:f6:dc:52:99:84:f9:c0:6b: e1:98:24:a2:b1:1e:d6:00:21:fc:22:e9:b9:20:1c:cb:54:b9: 6b:0b:6d:ce:75:36:4e:9a:5c:bc:70:6b:fa:3e:2d:33:bb:23: 75:d1:db:ab:bd:fb:66:00:0c:f6:4a:ca:39:d3:40:82:b7:2d: 9b:21:32:44 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZt567CHaAtQLZNl3K06jrotMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5MDQ4Mjc2MzA3MDk1NWU3ZWE4N2UyY2EzN2I4OTFiODY0 YjI1NzcwHhcNMjYwMTAxMTQxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YjczMDAwYWZiN2I1ZWIzYzQ2M2Y3Y2NiY2U4ZWNkOWQxODI3M2MyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/QLEhh3Ha01yoR468/ByF5Dh24n hmWgFZqzYKimEDMVH/BO2/xp0k29b/FzYXc/KNEwOCUZBmzCP9crGp/OyTPLhdDi NcwvgtI0NH284quPd9PwGp7+Ks2TBTw0e8ZrSZhKkfsURlIlydf9FL1bCt5gz6N4 fQ5C5UqTfLmumOp4AXZXGDzrN77GN1MmVrM/be4EZzWmtJs5/ecW+v+LB5QF2zMn 7Iva4+ECq/8zc+5UUoiOMJtkdCMm2jtPpWSDIQt7Qct5kCpmUhWCtaoiw+ET93Ne LiywXyHs6yIzi21+R+xwChF6rOYmHXK+9b+1Ge7nTS7BIQXzCRXnW9nkawIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFGtzAAr7e16zxGP3zLzo7NnRgnPCMB8GA1UdIwQY MBaAFNkEgnYwcJVefqh+LKN7iRuGSyV3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlFTQ2RqQndsVjUtcUg0c28zdUpHNFpMSlhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85NGMyYmItZTgwYS00ZjJjLTgyMDgt YTliMjc2Njc3M2FhLzEvYTNNQUN2dDdYclBFWV9mTXZPanMyZEdDYzhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC85NGMyYmItZTgwYS00ZjJjLTgyMDgtYTliMjc2Njc3M2Fh LzEvMlFTQ2RqQndsVjUtcUg0c28zdUpHNFpMSlhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARMA8DBQYqFHVA AwYAKhR1QAIwDQYJKoZIhvcNAQELBQADggEBAIQk673ChggBnOmAqo4N2ZTKt7tA Gp3PbBNqHmtKIVxbABc8LpneMr0DJ8BnEYTnT7edXlV3+yWMYFppuTMt7fcN3g+i 6hi+kLCyOend4rt+vZj36OOEl8gRXTkXnDb6dCgXAWjU0lfibaif+9irRGFtNHjM BdT634w7DSSxRHKXmaq2H2VmOQXDIIMK5YIUWn5MeEigzS6sQpc4apR5xiDg1YkX uJEEoOLjUDyhdKCONDndKttws/gqmxWZu+H23FKZhPnAa+GYJKKxHtYAIfwi6bkg HMtUuWsLbc51Nk6aXLxwa/o+LTO7I3XR26u9+2YADPZKyjnTQIK3LZshMkQ= -----END CERTIFICATE-----Generated at Wed Jan 21 14:30:06 2026 by rpki-client