This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/9Ot2lpgpvcZx24KEUZQEMZRVmRY.roa File: 9Ot2lpgpvcZx24KEUZQEMZRVmRY.roa (raw, json) Hash identifier: ME/k/Yr9mj4qMX2vkjFHZzpz//kL5X/tttQp1fIZJss= Subject key identifier: F4:EB:76:96:98:29:BD:C6:71:DB:82:84:51:94:04:31:94:55:99:16 Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Certificate serial: 019B7B35872643573F99F0A168E79EB0165C Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/9Ot2lpgpvcZx24KEUZQEMZRVmRY.roa Signing time: Thu 01 Jan 2026 20:17:44 +0000 ROA not before: Thu 01 Jan 2026 20:17:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210440 IP address blocks: 2a14:67c1:a080::/44 maxlen: 48 2a14:67c1:b000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:87:26:43:57:3f:99:f0:a1:68:e7:9e:b0:16:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Validity Not Before: Jan 1 20:17:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f4eb76969829bdc671db82845194043194559916 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:5d:9c:95:dd:a5:65:d9:b8:d3:c1:7f:0d:2f: d2:6a:e7:6b:cc:ed:d9:b3:31:48:63:3c:f6:b4:35: 04:6b:96:c8:58:be:5b:9f:2c:6c:4f:70:2b:08:25: 69:e4:e0:1b:2e:0d:e5:70:c0:f7:b1:56:2f:05:93: 9b:e4:63:25:ec:da:ef:bf:13:60:39:35:ad:57:f7: 93:62:a7:c0:29:2d:90:18:dc:87:64:4f:61:64:8f: 02:4b:8d:ab:97:c4:90:98:f4:68:f6:b1:95:0e:77: 12:0e:b0:c4:03:ed:34:cf:d0:1d:78:46:8a:c9:c5: 6a:01:57:03:a1:be:2d:fd:c7:25:e5:f8:f9:12:05: 9b:73:e2:bf:97:50:06:bb:31:3a:c0:5c:fa:e4:d9: bf:5d:44:68:e7:33:7b:85:54:43:d4:f3:8e:fd:bf: 6d:3f:2b:11:e0:c5:0e:30:41:3b:7e:1e:58:de:8c: eb:96:f4:08:05:51:a2:44:ca:79:73:e3:35:02:37: 4f:4d:7c:c0:9c:d7:fc:89:7d:be:33:7c:36:a5:34: 53:0d:ad:ff:65:61:01:10:27:51:1d:df:d3:f1:48: 45:29:2f:41:3a:a7:0e:79:58:97:6f:f2:8d:7a:19: d0:1a:88:86:7a:bc:5d:8d:9e:47:80:b5:10:d4:dd: 15:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:EB:76:96:98:29:BD:C6:71:DB:82:84:51:94:04:31:94:55:99:16 X509v3 Authority Key Identifier: keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/9Ot2lpgpvcZx24KEUZQEMZRVmRY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:67c1:a080::/44 2a14:67c1:b000::/48 Signature Algorithm: sha256WithRSAEncryption cf:04:7e:89:1a:89:60:a6:82:9c:ec:6c:b6:83:a3:57:48:4e: fa:be:7f:f4:51:f0:39:65:ca:58:16:c0:cc:52:55:05:c1:ad: 48:81:79:05:1b:6e:a7:22:ff:23:eb:52:9b:34:ac:af:b9:6a: da:8d:bf:90:92:79:75:c3:97:26:ff:4f:dc:e5:06:90:71:1d: 85:8d:c4:57:1b:88:1a:24:30:c3:bf:d4:1c:f8:e5:3a:78:40: 3e:a6:a6:04:f6:ff:01:42:c1:65:ad:3f:1c:05:0b:7f:3d:b3: c0:06:cf:b0:15:b6:37:20:b9:3f:bf:a6:31:7b:48:a7:7f:f7: c3:ee:a7:2c:23:29:0d:e6:58:5c:67:54:de:7e:f3:b7:7e:42: 3c:97:54:82:dc:e5:e3:78:97:20:c3:9f:95:06:25:70:0e:44: 32:26:95:05:53:b9:a0:e4:09:1e:64:de:7f:80:b6:82:96:b1: 7e:73:b3:2b:ba:78:26:9c:83:dd:16:9a:42:e0:68:9f:49:5d: 59:c9:b4:02:bf:de:e4:2c:d0:d6:ff:f1:7b:d7:6a:e7:98:b4: 00:f6:1a:5e:b6:2e:bc:81:a4:2b:8f:63:0a:1b:23:db:30:29: 42:70:c6:93:4e:a0:31:e2:79:cc:7c:3e:3d:e7:a0:dd:a2:22: ff:09:c1:43 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt7NYcmQ1c/mfChaOeesBZcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll NGUwZTAwHhcNMjYwMTAxMjAxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNGViNzY5Njk4MjliZGM2NzFkYjgyODQ1MTk0MDQzMTk0NTU5OTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF2cld2lZdm408F/DS/SaudrzO3Z szFIYzz2tDUEa5bIWL5bnyxsT3ArCCVp5OAbLg3lcMD3sVYvBZOb5GMl7NrvvxNg OTWtV/eTYqfAKS2QGNyHZE9hZI8CS42rl8SQmPRo9rGVDncSDrDEA+00z9AdeEaK ycVqAVcDob4t/ccl5fj5EgWbc+K/l1AGuzE6wFz65Nm/XURo5zN7hVRD1POO/b9t PysR4MUOMEE7fh5Y3ozrlvQIBVGiRMp5c+M1AjdPTXzAnNf8iX2+M3w2pTRTDa3/ ZWEBECdRHd/T8UhFKS9BOqcOeViXb/KNehnQGoiGerxdjZ5HgLUQ1N0VuwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFPTrdpaYKb3GcduChFGUBDGUVZkWMB8GA1UdIwQY MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt ZjZjYzRlZjBmN2RmLzEvOU90MmxwZ3B2Y1p4MjRLRVVaUUVNWlJWbVJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhRnwaCA AwcAKhRnwbAAMA0GCSqGSIb3DQEBCwUAA4IBAQDPBH6JGolgpoKc7Gy2g6NXSE76 vn/0UfA5ZcpYFsDMUlUFwa1IgXkFG26nIv8j61KbNKyvuWrajb+Qknl1w5cm/0/c 5QaQcR2FjcRXG4gaJDDDv9Qc+OU6eEA+pqYE9v8BQsFlrT8cBQt/PbPABs+wFbY3 ILk/v6Yxe0inf/fD7qcsIykN5lhcZ1TefvO3fkI8l1SC3OXjeJcgw5+VBiVwDkQy JpUFU7mg5AkeZN5/gLaClrF+c7MrungmnIPdFppC4GifSV1ZybQCv97kLNDW//F7 12rnmLQA9hpeti68gaQrj2MKGyPbMClCcMaTTqAx4nnMfD4956DdoiL/CcFD -----END CERTIFICATE-----Generated at Sun Jan 25 12:05:58 2026 by rpki-client