This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/32nhL28HnVvRRTyw5tBUJdjr4j0.roa File: 32nhL28HnVvRRTyw5tBUJdjr4j0.roa (raw, json) Hash identifier: +zLh6gIHoybz3iAAOdtQltxgsMfjG3zetDelOFc51nc= Subject key identifier: DF:69:E1:2F:6F:07:9D:5B:D1:45:3C:B0:E6:D0:54:25:D8:EB:E2:3D Certificate issuer: /CN=663a24480f04d1318bf1a70dabffa4b27ef32da2 Certificate serial: 019B7CED700B7E7F037A82F246B88A0A28E1 Authority key identifier: 66:3A:24:48:0F:04:D1:31:8B:F1:A7:0D:AB:FF:A4:B2:7E:F3:2D:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZjokSA8E0TGL8acNq_-ksn7zLaI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/32nhL28HnVvRRTyw5tBUJdjr4j0.roa Signing time: Fri 02 Jan 2026 04:18:14 +0000 ROA not before: Fri 02 Jan 2026 04:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207754 IP address blocks: 2a14:a900::/29 maxlen: 32 2a14:a900::/32 maxlen: 32 2a14:a900::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/ZjokSA8E0TGL8acNq_-ksn7zLaI.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/ZjokSA8E0TGL8acNq_-ksn7zLaI.mft rsync://rpki.ripe.net/repository/DEFAULT/ZjokSA8E0TGL8acNq_-ksn7zLaI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:70:0b:7e:7f:03:7a:82:f2:46:b8:8a:0a:28:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=663a24480f04d1318bf1a70dabffa4b27ef32da2 Validity Not Before: Jan 2 04:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=df69e12f6f079d5bd1453cb0e6d05425d8ebe23d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e3:36:aa:9b:d3:bc:55:c9:7f:08:e8:95:b2: 97:54:88:d1:dc:82:9c:17:cd:0b:e8:d8:fb:64:c2: 52:be:2a:b8:b6:3e:fc:15:21:60:34:5c:01:29:41: 11:86:82:2a:c3:e0:f9:17:54:93:15:e2:e3:53:f9: 63:7f:37:c7:77:84:0c:f5:4d:bd:a5:34:aa:66:ae: fa:fa:51:71:18:56:84:5b:88:48:29:1d:f5:aa:7c: 3b:0e:9d:0c:9f:06:32:55:98:44:fd:f6:f0:86:d7: 42:2d:e8:93:c3:ce:24:64:4c:6d:a6:d9:08:7f:4b: 68:b1:e7:dd:35:98:00:d9:15:e5:a3:99:65:5a:47: de:a0:09:ee:8f:02:84:98:c4:f3:6a:eb:22:5b:b2: a0:8d:0c:55:ff:ea:d7:86:2f:db:73:73:01:86:2c: 06:c3:ab:01:23:6a:e8:72:88:c0:0d:d6:00:00:85: e0:97:bd:7e:b2:42:57:a0:4e:34:d5:bf:f9:54:53: 20:9a:43:b1:36:21:9a:fe:83:22:b0:9c:11:89:d7: d7:97:40:3a:bc:b2:26:53:1b:5d:24:54:a3:03:3b: b8:16:c6:a1:f9:4b:91:66:60:8b:c2:14:57:09:13: 77:e5:60:64:71:46:67:d4:06:b8:28:6a:7b:00:d4: b6:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:69:E1:2F:6F:07:9D:5B:D1:45:3C:B0:E6:D0:54:25:D8:EB:E2:3D X509v3 Authority Key Identifier: keyid:66:3A:24:48:0F:04:D1:31:8B:F1:A7:0D:AB:FF:A4:B2:7E:F3:2D:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZjokSA8E0TGL8acNq_-ksn7zLaI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/32nhL28HnVvRRTyw5tBUJdjr4j0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/ZjokSA8E0TGL8acNq_-ksn7zLaI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:a900::/29 Signature Algorithm: sha256WithRSAEncryption 57:41:c8:17:82:84:2d:4e:7b:d3:94:48:12:30:95:8a:4c:ad: 1d:87:30:61:7b:ab:7b:52:e9:e4:c2:d9:a6:29:6d:a3:63:df: 7e:da:ad:8f:d8:2c:e8:5f:46:96:94:7e:54:4d:89:84:d5:fb: 4d:84:ff:40:bf:d8:a2:55:f5:19:4a:31:f1:93:f5:88:83:f2: f1:f8:c7:5a:c2:f6:1b:17:58:7d:9a:2f:fb:a1:50:a0:5e:01: a7:a9:70:15:9a:55:3a:95:d6:4b:32:55:7e:79:a2:74:90:91: 8c:6a:2d:59:f5:96:e5:7c:20:48:eb:bc:e2:3c:50:6f:6a:15: fd:7d:aa:c4:ed:02:22:2e:ab:35:2a:46:eb:4d:2e:b9:26:df: 83:5e:8d:9d:a1:79:41:e9:75:ff:7b:60:86:b1:f9:8b:b9:c6: e2:6f:ff:89:8e:37:65:f8:91:bb:10:ee:2e:d9:47:2b:a8:3e: db:24:9a:dd:9c:b5:4d:e4:52:93:be:98:5e:1d:54:13:e0:7d: 23:a8:a6:38:50:53:2a:b2:fa:c1:94:5e:51:2d:f4:3b:91:1c: cb:27:29:af:33:46:fd:fc:13:d6:7d:14:68:40:2c:61:71:d7: 36:c4:33:76:4a:bf:d7:35:00:3d:f9:75:20:be:b2:63:ff:25: 0e:70:9f:d5 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt87XALfn8DeoLyRriKCijhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2M2EyNDQ4MGYwNGQxMzE4YmYxYTcwZGFiZmZhNGIyN2Vm MzJkYTIwHhcNMjYwMTAyMDQxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZjY5ZTEyZjZmMDc5ZDViZDE0NTNjYjBlNmQwNTQyNWQ4ZWJlMjNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuM2qpvTvFXJfwjolbKXVIjR3IKc F80L6Nj7ZMJSviq4tj78FSFgNFwBKUERhoIqw+D5F1STFeLjU/ljfzfHd4QM9U29 pTSqZq76+lFxGFaEW4hIKR31qnw7Dp0MnwYyVZhE/fbwhtdCLeiTw84kZExtptkI f0tosefdNZgA2RXlo5llWkfeoAnujwKEmMTzausiW7KgjQxV/+rXhi/bc3MBhiwG w6sBI2rocojADdYAAIXgl71+skJXoE401b/5VFMgmkOxNiGa/oMisJwRidfXl0A6 vLImUxtdJFSjAzu4Fsah+UuRZmCLwhRXCRN35WBkcUZn1Aa4KGp7ANS2CwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFN9p4S9vB51b0UU8sObQVCXY6+I9MB8GA1UdIwQY MBaAFGY6JEgPBNExi/GnDav/pLJ+8y2iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmpva1NBOEUwVEdMOGFjTnFfLWtzbjd6TGFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82ZjgwYTgtNmI2YS00ZDk2LWJmNDkt Nzc1ZjVmNzRkNTgxLzEvMzJuaEwyOEhuVnZSUlR5dzV0QlVKZGpyNGowLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi82ZjgwYTgtNmI2YS00ZDk2LWJmNDktNzc1ZjVmNzRkNTgx LzEvWmpva1NBOEUwVEdMOGFjTnFfLWtzbjd6TGFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhSpADAN BgkqhkiG9w0BAQsFAAOCAQEAV0HIF4KELU5705RIEjCVikytHYcwYXure1Lp5MLZ pilto2Pfftqtj9gs6F9GlpR+VE2JhNX7TYT/QL/YolX1GUox8ZP1iIPy8fjHWsL2 GxdYfZov+6FQoF4Bp6lwFZpVOpXWSzJVfnmidJCRjGotWfWW5XwgSOu84jxQb2oV /X2qxO0CIi6rNSpG600uuSbfg16NnaF5Qel1/3tghrH5i7nG4m//iY43ZfiRuxDu LtlHK6g+2ySa3Zy1TeRSk76YXh1UE+B9I6imOFBTKrL6wZReUS30O5EcyycprzNG /fwT1n0UaEAsYXHXNsQzdkq/1zUAPfl1IL6yY/8lDnCf1Q== -----END CERTIFICATE-----Generated at Sun Jan 25 22:15:52 2026 by rpki-client