This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a71e45-80ee-4887-83b1-498b9d4f757e/1/qN669ymg8nK0FcenUzEimvS6bD0.roa File: qN669ymg8nK0FcenUzEimvS6bD0.roa (raw, json) Hash identifier: BwVKGc9Um4MKhEVa9QsPEHNNx57h0Tvo1ZPD7iZnTWU= Subject key identifier: A8:DE:BA:F7:29:A0:F2:72:B4:15:C7:A7:53:31:22:9A:F4:BA:6C:3D Certificate issuer: /CN=8d23bd12310a91233160f011786a611030f0fa5f Certificate serial: 019B7CED6E062BF378139D6908142FA1FEA2 Authority key identifier: 8D:23:BD:12:31:0A:91:23:31:60:F0:11:78:6A:61:10:30:F0:FA:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jSO9EjEKkSMxYPAReGphEDDw-l8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a71e45-80ee-4887-83b1-498b9d4f757e/1/qN669ymg8nK0FcenUzEimvS6bD0.roa Signing time: Fri 02 Jan 2026 04:18:13 +0000 ROA not before: Fri 02 Jan 2026 04:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208173 IP address blocks: 2a0f:5740:1::/48 maxlen: 48 2a0f:5740:2::/48 maxlen: 48 2a0f:5740:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/a71e45-80ee-4887-83b1-498b9d4f757e/1/jSO9EjEKkSMxYPAReGphEDDw-l8.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/a71e45-80ee-4887-83b1-498b9d4f757e/1/jSO9EjEKkSMxYPAReGphEDDw-l8.mft rsync://rpki.ripe.net/repository/DEFAULT/jSO9EjEKkSMxYPAReGphEDDw-l8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:6e:06:2b:f3:78:13:9d:69:08:14:2f:a1:fe:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d23bd12310a91233160f011786a611030f0fa5f Validity Not Before: Jan 2 04:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a8debaf729a0f272b415c7a75331229af4ba6c3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:de:a7:d5:4c:d6:11:60:7e:b7:83:02:22:9e: 3c:fd:d4:1a:05:c2:f0:3d:09:c1:5d:54:86:d5:9d: 46:17:9a:24:a5:7f:ee:06:38:d0:de:64:7e:1f:3f: eb:2d:f2:cf:ea:dc:b7:dd:06:67:75:1c:91:0d:6b: fa:36:2e:d6:7c:6b:1c:7c:b6:4b:3f:53:6b:07:79: 57:34:13:38:de:b6:55:52:f0:92:8d:79:db:48:49: 18:74:f5:35:8b:cf:da:36:6f:79:45:e9:30:9e:f5: 65:42:c7:5b:1a:ed:ae:43:c3:8b:da:25:1d:64:8b: 81:0f:4e:52:29:1d:fa:09:d4:8e:03:39:ac:ba:c1: ab:cc:0b:d6:f5:cb:13:85:d0:a8:e8:15:e4:81:c8: 58:19:06:69:f6:2a:de:9c:16:3d:e4:4f:08:81:89: a4:f9:67:73:df:d3:18:96:7e:33:e8:e0:cb:d1:55: 38:52:ea:7f:47:d9:d3:f6:99:ed:a2:d1:30:56:6e: 59:bb:8a:cc:49:4d:39:8f:3c:65:08:04:66:23:55: 39:a1:2c:e7:61:ef:73:43:4d:c6:b8:57:e1:08:67: 27:a5:53:cd:0e:73:2e:a2:f4:95:b9:ce:f4:4b:db: 86:50:c2:82:83:cf:b3:e4:dc:7b:fb:42:0b:47:35: b3:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:DE:BA:F7:29:A0:F2:72:B4:15:C7:A7:53:31:22:9A:F4:BA:6C:3D X509v3 Authority Key Identifier: keyid:8D:23:BD:12:31:0A:91:23:31:60:F0:11:78:6A:61:10:30:F0:FA:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jSO9EjEKkSMxYPAReGphEDDw-l8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a71e45-80ee-4887-83b1-498b9d4f757e/1/qN669ymg8nK0FcenUzEimvS6bD0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a71e45-80ee-4887-83b1-498b9d4f757e/1/jSO9EjEKkSMxYPAReGphEDDw-l8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:5740:1::-2a0f:5740:3:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 45:78:3f:79:29:ba:0d:00:53:f0:23:ca:a5:88:2f:98:78:3b: 75:21:25:2c:a2:96:3c:54:64:ec:75:35:84:d0:c9:35:06:37: 78:9e:91:a3:e5:e6:0f:84:b8:77:4b:0a:04:2c:0d:5d:06:03: 81:d9:ab:ca:a2:a0:02:42:ed:b9:a3:82:42:44:8b:33:39:f3: 1f:50:55:3c:87:55:68:c6:84:9a:29:63:3a:3f:86:98:13:c8: 88:28:91:bd:57:40:32:d4:c9:44:05:f0:ff:da:a1:af:a5:82: 8f:ba:e8:6e:a8:ff:60:8a:69:99:b8:05:82:be:6b:82:c9:95: c9:8c:73:50:5a:03:5f:e7:87:06:c8:6e:1c:87:2f:73:d7:51: eb:b2:62:50:84:7d:27:ad:a5:30:68:4b:cd:17:47:ec:3a:a6: 86:6d:01:a0:18:73:ce:06:47:1c:2b:fc:5e:3e:07:65:13:cf: 1f:b4:74:7b:25:7b:8a:e8:52:1e:c1:ef:ed:fa:6e:a9:16:3a: 9b:ec:00:6d:cf:00:3d:69:3a:c9:e1:a9:e2:d5:89:0c:0e:62: f0:69:1b:7f:5f:bf:91:42:9b:bf:82:a7:8a:f0:1d:2e:6f:b3: bd:6f:a9:b8:73:5b:ce:61:af:5e:d7:0b:38:ba:4c:b9:ff:06: 6a:b6:7e:da -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt87W4GK/N4E51pCBQvof6iMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkMjNiZDEyMzEwYTkxMjMzMTYwZjAxMTc4NmE2MTEwMzBm MGZhNWYwHhcNMjYwMTAyMDQxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhOGRlYmFmNzI5YTBmMjcyYjQxNWM3YTc1MzMxMjI5YWY0YmE2YzNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt6n1UzWEWB+t4MCIp48/dQaBcLw PQnBXVSG1Z1GF5okpX/uBjjQ3mR+Hz/rLfLP6ty33QZndRyRDWv6Ni7WfGscfLZL P1NrB3lXNBM43rZVUvCSjXnbSEkYdPU1i8/aNm95RekwnvVlQsdbGu2uQ8OL2iUd ZIuBD05SKR36CdSOAzmsusGrzAvW9csThdCo6BXkgchYGQZp9irenBY95E8IgYmk +Wdz39MYln4z6ODL0VU4Uup/R9nT9pntotEwVm5Zu4rMSU05jzxlCARmI1U5oSzn Ye9zQ03GuFfhCGcnpVPNDnMuovSVuc70S9uGUMKCg8+z5Nx7+0ILRzWzYQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFKjeuvcpoPJytBXHp1MxIpr0umw9MB8GA1UdIwQY MBaAFI0jvRIxCpEjMWDwEXhqYRAw8PpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalNPOUVqRUtrU014WVBBUmVHcGhFRER3LWw4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hNzFlNDUtODBlZS00ODg3LTgzYjEt NDk4YjlkNGY3NTdlLzEvcU42Njl5bWc4bkswRmNlblV6RWltdlM2YkQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi9hNzFlNDUtODBlZS00ODg3LTgzYjEtNDk4YjlkNGY3NTdl LzEvalNPOUVqRUtrU014WVBBUmVHcGhFRER3LWw4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqD1dA AAEDBwIqD1dAAAAwDQYJKoZIhvcNAQELBQADggEBAEV4P3kpug0AU/AjyqWIL5h4 O3UhJSyiljxUZOx1NYTQyTUGN3iekaPl5g+EuHdLCgQsDV0GA4HZq8qioAJC7bmj gkJEizM58x9QVTyHVWjGhJopYzo/hpgTyIgokb1XQDLUyUQF8P/aoa+lgo+66G6o /2CKaZm4BYK+a4LJlcmMc1BaA1/nhwbIbhyHL3PXUeuyYlCEfSetpTBoS80XR+w6 poZtAaAYc84GRxwr/F4+B2UTzx+0dHsle4roUh7B7+36bqkWOpvsAG3PAD1pOsnh qeLViQwOYvBpG39fv5FCm7+Cp4rwHS5vs71vqbhzW85hr17XCzi6TLn/Bmq2fto= -----END CERTIFICATE-----Generated at Mon Jan 26 03:05:55 2026 by rpki-client