This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/JK2nCepL7iOl3W-8oUh4sCCv2mk.roa File: JK2nCepL7iOl3W-8oUh4sCCv2mk.roa (raw, json) Hash identifier: TUicbKSsW4AzNA1MbaGRf0OhMrkHJI20nz0LB0jd/rg= Subject key identifier: 24:AD:A7:09:EA:4B:EE:23:A5:DD:6F:BC:A1:48:78:B0:20:AF:DA:69 Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Certificate serial: 019BF089F1B671FA6DFC7F83886D18B94D27 Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/JK2nCepL7iOl3W-8oUh4sCCv2mk.roa Signing time: Sat 24 Jan 2026 15:05:30 +0000 ROA not before: Sat 24 Jan 2026 15:05:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20473 IP address blocks: 2a14:67c1:b700::/40 maxlen: 48 2a14:67c1:b800::/40 maxlen: 48 2a14:67c1:c400::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f0:89:f1:b6:71:fa:6d:fc:7f:83:88:6d:18:b9:4d:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Validity Not Before: Jan 24 15:05:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=24ada709ea4bee23a5dd6fbca14878b020afda69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:9a:e8:9b:cf:c1:40:24:6c:46:9b:f7:9d:98: 93:d4:04:de:58:42:6c:f9:75:51:f4:d4:d6:be:d2: c1:28:8b:74:12:b4:37:8f:d2:e1:1f:df:2c:77:be: 7e:5b:8f:95:b2:b9:77:a7:a6:22:6f:56:1c:61:f1: 27:3d:28:03:75:83:29:e6:a3:ca:47:18:b5:76:22: 3d:7a:39:c3:8d:d4:93:02:d2:2c:28:0b:e7:40:83: 43:71:bf:ec:57:80:0d:7a:9f:8f:cf:87:9e:bd:6e: 97:eb:0d:bb:d7:d5:b1:6a:43:5d:28:6b:82:84:61: f3:43:7f:62:05:54:13:6b:4d:98:7a:6c:f5:a4:0a: 9b:0a:dd:2d:99:a9:8d:5a:d8:9e:55:4f:fb:4a:00: e8:0d:f8:96:35:f9:60:56:4c:c4:d0:9b:ed:01:40: 9c:cb:68:9a:bf:b5:a6:6d:e6:1c:3c:1a:c7:41:f3: f6:3d:f4:71:bd:b9:19:24:28:fa:4a:a3:fb:36:b9: cf:dc:28:44:99:34:49:04:bd:32:56:21:9f:b0:e6: 93:8f:83:6c:a7:fc:b4:d2:82:41:29:5d:f7:c1:76: 3e:8c:06:58:0a:77:b1:71:27:41:4a:9d:45:ed:2f: a9:9d:c8:a1:19:a2:1f:43:9c:fa:c3:3b:6d:f6:2d: 01:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:AD:A7:09:EA:4B:EE:23:A5:DD:6F:BC:A1:48:78:B0:20:AF:DA:69 X509v3 Authority Key Identifier: keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/JK2nCepL7iOl3W-8oUh4sCCv2mk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:67c1:b700::-2a14:67c1:b8ff:ffff:ffff:ffff:ffff:ffff 2a14:67c1:c400::/40 Signature Algorithm: sha256WithRSAEncryption 11:01:01:47:c4:15:be:48:41:43:b2:d7:41:0d:66:34:48:07: 03:55:0c:15:e6:6b:ef:e6:3d:b9:93:b1:94:d1:a7:f1:85:55: 7b:cd:0f:b8:00:28:b9:db:07:34:16:6c:b6:2a:01:79:ca:30: 36:f8:46:cc:d9:43:53:2c:c4:8e:84:ba:6f:43:6b:79:c1:f0: 0b:40:d2:a3:38:8d:a9:34:26:69:16:3f:b0:12:1d:9b:4b:a3: 17:b8:5f:65:56:52:dc:62:71:04:a5:23:69:b6:05:ae:f4:8d: 08:83:76:b7:d5:d6:47:bb:23:4a:c2:91:33:10:50:c1:d0:67: 8e:db:07:9b:54:e8:ea:05:3e:56:56:78:b3:f2:89:05:99:0b: fe:ae:0d:a5:75:c5:96:40:68:c3:63:45:f0:fc:ef:24:77:16: 9d:2e:91:a8:51:1d:b5:ea:cc:d8:1a:5a:35:8b:b5:87:92:59: 78:ba:26:09:c9:a3:a9:f1:2f:c7:fa:1d:48:8c:0a:5f:25:e0: f4:d0:77:d6:26:bc:c2:d1:30:68:e1:e4:16:d1:cb:3d:6a:10: 29:2b:94:3e:d4:9b:ab:07:85:ca:99:8f:55:30:cd:d3:9d:d5: 82:29:b5:d5:c0:22:ef:e6:f0:3a:16:b6:3d:cb:19:84:20:83: 38:28:3f:91 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZvwifG2cfpt/H+DiG0YuU0nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll NGUwZTAwHhcNMjYwMTI0MTUwNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNGFkYTcwOWVhNGJlZTIzYTVkZDZmYmNhMTQ4NzhiMDIwYWZkYTY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5rom8/BQCRsRpv3nZiT1ATeWEJs +XVR9NTWvtLBKIt0ErQ3j9LhH98sd75+W4+Vsrl3p6Yib1YcYfEnPSgDdYMp5qPK Rxi1diI9ejnDjdSTAtIsKAvnQINDcb/sV4ANep+Pz4eevW6X6w2719WxakNdKGuC hGHzQ39iBVQTa02Yemz1pAqbCt0tmamNWtieVU/7SgDoDfiWNflgVkzE0JvtAUCc y2iav7WmbeYcPBrHQfP2PfRxvbkZJCj6SqP7NrnP3ChEmTRJBL0yViGfsOaTj4Ns p/y00oJBKV33wXY+jAZYCnexcSdBSp1F7S+pncihGaIfQ5z6wztt9i0B/QIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFCStpwnqS+4jpd1vvKFIeLAgr9ppMB8GA1UdIwQY MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt ZjZjYzRlZjBmN2RmLzEvSksybkNlcEw3aU9sM1ctOG9VaDRzQ0N2Mm1rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaMBADBgAqFGfB twMGACoUZ8G4AwYAKhRnwcQwDQYJKoZIhvcNAQELBQADggEBABEBAUfEFb5IQUOy 10ENZjRIBwNVDBXma+/mPbmTsZTRp/GFVXvND7gAKLnbBzQWbLYqAXnKMDb4RszZ Q1MsxI6Eum9Da3nB8AtA0qM4jak0JmkWP7ASHZtLoxe4X2VWUtxicQSlI2m2Ba70 jQiDdrfV1ke7I0rCkTMQUMHQZ47bB5tU6OoFPlZWeLPyiQWZC/6uDaV1xZZAaMNj RfD87yR3Fp0ukahRHbXqzNgaWjWLtYeSWXi6JgnJo6nxL8f6HUiMCl8l4PTQd9Ym vMLRMGjh5BbRyz1qECkrlD7Um6sHhcqZj1UwzdOd1YIptdXAIu/m8DoWtj3LGYQg gzgoP5E= -----END CERTIFICATE-----Generated at Sun Jan 25 12:03:27 2026 by rpki-client