This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/KQr8hoe3qNXmD4xNLKdHbiLcgqI.roa File: KQr8hoe3qNXmD4xNLKdHbiLcgqI.roa (raw, json) Hash identifier: 6mm/G7ieG+awxJHZeA3eEOpfZ0fdXjrrIn+s82v/mp0= Subject key identifier: 29:0A:FC:86:87:B7:A8:D5:E6:0F:8C:4D:2C:A7:47:6E:22:DC:82:A2 Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839 Certificate serial: 019B7C8084D9869EA3DCABB85367D9522C33 Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/KQr8hoe3qNXmD4xNLKdHbiLcgqI.roa Signing time: Fri 02 Jan 2026 02:19:15 +0000 ROA not before: Fri 02 Jan 2026 02:19:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202736 IP address blocks: 2a00:e460::/29 maxlen: 48 2a0b:d900::/29 maxlen: 48 2a0c:65c0::/29 maxlen: 48 2a0c:6980::/29 maxlen: 48 2a13:97c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:84:d9:86:9e:a3:dc:ab:b8:53:67:d9:52:2c:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839 Validity Not Before: Jan 2 02:19:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=290afc8687b7a8d5e60f8c4d2ca7476e22dc82a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:78:f4:d7:88:f9:10:62:ae:8b:96:4b:12:cb: 98:ee:09:09:e0:cf:28:e5:73:14:10:f0:ad:bf:b2: 30:5c:5d:41:65:19:38:9c:db:30:5e:26:a0:3e:a9: 90:7c:03:48:e2:3a:89:4c:6c:f7:7e:0e:f6:65:eb: 87:3c:6c:6c:ed:86:d8:76:d0:37:57:7c:18:fa:03: 0b:0a:eb:1d:67:34:43:8c:4e:ce:bf:55:73:5c:1d: 93:fa:55:f5:e2:ca:03:1d:6c:a3:b3:d1:e9:29:db: cd:31:d3:8a:f0:19:d0:3a:c9:57:a3:5a:97:28:7a: db:68:71:df:bd:c1:24:38:cd:f4:81:20:09:b1:de: 6a:dd:1e:04:0f:55:8d:9f:32:23:29:a5:27:61:42: 86:25:1a:7a:a2:09:dc:f7:f9:81:84:aa:e2:42:e4: ce:6c:9f:cc:43:f1:1c:d9:7f:a9:35:34:70:83:e2: 63:5f:17:f3:d2:46:d1:62:fe:dc:9e:12:60:8b:e2: a3:d2:eb:b3:f3:5d:d3:2c:b2:5d:78:50:d8:df:8e: bf:0e:c9:2d:b9:48:bf:7d:c4:0d:7a:7d:32:ff:dc: d0:fe:d5:be:b2:fe:12:58:a8:34:6d:18:0d:08:7e: 50:13:d7:b5:ec:4d:9f:4b:47:7a:1a:ff:ea:1a:0f: f9:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:0A:FC:86:87:B7:A8:D5:E6:0F:8C:4D:2C:A7:47:6E:22:DC:82:A2 X509v3 Authority Key Identifier: keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/KQr8hoe3qNXmD4xNLKdHbiLcgqI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:e460::/29 2a0b:d900::/29 2a0c:65c0::/29 2a0c:6980::/29 2a13:97c0::/29 Signature Algorithm: sha256WithRSAEncryption c1:d0:e2:b9:7b:65:fa:35:e8:aa:80:1b:c5:bd:cd:94:80:7f: db:17:ce:41:9c:1f:8f:2f:0b:4c:1e:ea:93:8f:d5:19:c6:de: 86:be:40:c8:fd:99:59:8c:54:fa:9d:12:5e:21:f5:4f:19:66: 1c:89:92:8b:3e:15:f8:79:e8:e6:fd:15:6a:67:72:d2:53:f3: f5:be:22:f9:31:4e:ce:ff:cb:68:c1:7d:70:bf:77:e9:fa:d9: 13:fe:af:ae:89:7d:63:2e:7e:8a:3f:d1:4b:32:94:fa:7b:eb: 95:00:63:6f:a0:42:26:04:be:30:91:0f:d2:5b:94:69:73:58: 0d:6a:be:4f:42:8e:cf:ec:4b:33:e3:ea:8b:b8:0c:ca:a0:d6: d9:07:1d:51:8f:b2:bf:6a:6f:db:d3:96:92:3f:f5:1f:b7:35: c4:ac:ba:7d:54:84:47:c3:0a:24:15:e3:08:fb:c3:c8:49:c0: 36:2a:42:9d:be:1e:04:34:2d:8a:43:ee:19:be:e6:91:7c:ab: a4:6f:28:73:a7:d0:40:ce:7b:28:70:e8:9c:18:e0:96:26:93: 7d:c1:66:88:23:39:0e:90:81:ba:39:da:15:c7:9d:cf:cd:78: 52:49:98:5f:3d:5c:6f:35:c3:ec:2a:dd:97:db:d5:3a:ed:b7: 6b:e3:58:27 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt8gITZhp6j3Ku4U2fZUiwzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx ZmE4MzkwHhcNMjYwMTAyMDIxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTBhZmM4Njg3YjdhOGQ1ZTYwZjhjNGQyY2E3NDc2ZTIyZGM4MmEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXj014j5EGKui5ZLEsuY7gkJ4M8o 5XMUEPCtv7IwXF1BZRk4nNswXiagPqmQfANI4jqJTGz3fg72ZeuHPGxs7YbYdtA3 V3wY+gMLCusdZzRDjE7Ov1VzXB2T+lX14soDHWyjs9HpKdvNMdOK8BnQOslXo1qX KHrbaHHfvcEkOM30gSAJsd5q3R4ED1WNnzIjKaUnYUKGJRp6ognc9/mBhKriQuTO bJ/MQ/Ec2X+pNTRwg+JjXxfz0kbRYv7cnhJgi+Kj0uuz813TLLJdeFDY346/Dskt uUi/fcQNen0y/9zQ/tW+sv4SWKg0bRgNCH5QE9e17E2fS0d6Gv/qGg/5swIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFCkK/IaHt6jV5g+MTSynR24i3IKiMB8GA1UdIwQY MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt MzA0OTVmNDAzNzg0LzEvS1FyOGhvZTNxTlhtRDR4TkxLZEhiaUxjZ3FJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0 LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgDkYAMF AyoL2QADBQMqDGXAAwUDKgxpgAMFAyoTl8AwDQYJKoZIhvcNAQELBQADggEBAMHQ 4rl7Zfo16KqAG8W9zZSAf9sXzkGcH48vC0we6pOP1RnG3oa+QMj9mVmMVPqdEl4h 9U8ZZhyJkos+Ffh56Ob9FWpnctJT8/W+IvkxTs7/y2jBfXC/d+n62RP+r66JfWMu foo/0UsylPp765UAY2+gQiYEvjCRD9JblGlzWA1qvk9Cjs/sSzPj6ou4DMqg1tkH HVGPsr9qb9vTlpI/9R+3NcSsun1UhEfDCiQV4wj7w8hJwDYqQp2+HgQ0LYpD7hm+ 5pF8q6RvKHOn0EDOeyhw6JwY4JYmk33BZogjOQ6Qgbo52hXHnc/NeFJJmF89XG81 w+wq3Zfb1Trtt2vjWCc= -----END CERTIFICATE-----Generated at Sun Jan 11 07:31:19 2026 by rpki-client