This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Asktmls84T6ZHjI584ckCKbuL0g.roa File: Asktmls84T6ZHjI584ckCKbuL0g.roa (raw, json) Hash identifier: RKaDIT4nTf15ScIjvZTmv2dLhz0IUrDZSaHZzLtROEg= Subject key identifier: 02:C9:2D:9A:5B:3C:E1:3E:99:1E:32:39:F3:87:24:08:A6:EE:2F:48 Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Certificate serial: 019B7F14A5ED8CCC5730261C41C163660DD1 Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Asktmls84T6ZHjI584ckCKbuL0g.roa Signing time: Fri 02 Jan 2026 14:20:18 +0000 ROA not before: Fri 02 Jan 2026 14:20:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16260 IP address blocks: 2001:668:1fc::/46 maxlen: 46 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:a5:ed:8c:cc:57:30:26:1c:41:c1:63:66:0d:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Validity Not Before: Jan 2 14:20:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=02c92d9a5b3ce13e991e3239f3872408a6ee2f48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:89:78:a5:62:94:7f:39:a3:6a:57:a1:ff:e9: 06:19:0c:7f:5f:50:83:bd:1c:40:f5:5e:e6:c4:e8: 3e:93:99:ec:a3:96:c5:27:a3:97:1d:c9:20:64:07: b6:63:db:d9:02:88:35:45:17:44:20:9d:97:cb:a7: 61:e4:fa:f0:1c:74:ba:c7:47:6f:06:be:73:00:eb: cb:6d:8e:19:78:c5:98:a6:0c:81:b5:09:e1:3f:b8: ba:ce:d1:1b:ed:a8:52:2f:53:0a:b4:94:78:83:db: 94:d7:af:3b:b1:53:92:bb:90:6b:97:1d:a9:d3:15: 9f:35:1b:00:74:34:6c:03:e3:c6:21:54:46:09:22: 85:de:db:90:da:11:43:65:73:97:7e:d8:4c:fb:21: df:ea:9d:3d:7a:d4:f2:e6:f3:2e:23:d6:e2:55:2a: a5:44:c5:6b:62:04:69:75:db:bf:19:4e:59:62:85: 4d:f3:44:26:35:5f:39:14:a6:66:56:24:ec:a8:b4: 65:ca:fd:b6:48:bb:9b:0e:da:07:62:fd:47:94:c2: 92:01:79:fa:b2:ba:97:8b:bf:66:44:b7:40:eb:cf: e7:df:b5:de:97:9c:88:e5:46:d9:11:27:3f:76:87: d1:38:59:10:e5:f0:68:2c:fb:b9:53:2e:95:27:ae: c6:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:C9:2D:9A:5B:3C:E1:3E:99:1E:32:39:F3:87:24:08:A6:EE:2F:48 X509v3 Authority Key Identifier: keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Asktmls84T6ZHjI584ckCKbuL0g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:668:1fc::/46 Signature Algorithm: sha256WithRSAEncryption 36:ee:f1:6d:06:d5:b3:24:ea:99:6f:d8:73:1d:f3:39:a9:f9: b0:17:bb:20:2f:b6:1b:15:cb:55:3e:3f:38:4d:4a:27:e6:73: 2c:8e:e0:09:03:74:e3:4f:2f:2a:95:e8:a8:7b:9a:47:13:88: b8:d8:61:b1:e4:b0:54:6d:8f:b8:70:1e:ca:76:46:e4:12:6f: f0:39:01:88:d0:00:62:d6:14:c0:1e:19:d1:f5:e6:29:7f:d7: 38:62:8e:df:21:64:97:aa:9e:3b:b9:f8:82:dd:da:ea:0c:00: 45:f6:b0:7b:15:a3:fa:be:a3:b5:31:e5:cf:1b:84:2c:60:d3: f6:4f:93:a5:da:fc:bf:51:6f:73:77:f8:b0:ba:f4:f2:1a:4f: a2:b1:d3:ba:36:b7:9f:72:5d:c0:eb:61:41:25:11:91:35:a8: c2:0e:65:7b:02:66:2c:c9:43:c0:e2:08:69:8c:7e:fd:c3:50: 4b:f3:80:10:e9:15:bf:65:03:b0:e9:3d:a8:04:26:51:e8:ef: 39:f9:5b:14:39:b7:6f:7e:d2:a4:89:5e:e0:e3:52:f8:e9:0f: 13:f5:d0:13:e8:3c:c0:8f:77:78:81:25:e6:ce:75:e9:04:de: f0:09:d8:1a:78:bc:a4:a9:d9:61:0e:35:20:e4:23:62:54:51: ee:76:d3:d0 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/FKXtjMxXMCYcQcFjZg3RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0 NmQxNzEwHhcNMjYwMTAyMTQyMDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMmM5MmQ5YTViM2NlMTNlOTkxZTMyMzlmMzg3MjQwOGE2ZWUyZjQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIl4pWKUfzmjaleh/+kGGQx/X1CD vRxA9V7mxOg+k5nso5bFJ6OXHckgZAe2Y9vZAog1RRdEIJ2Xy6dh5PrwHHS6x0dv Br5zAOvLbY4ZeMWYpgyBtQnhP7i6ztEb7ahSL1MKtJR4g9uU1687sVOSu5Brlx2p 0xWfNRsAdDRsA+PGIVRGCSKF3tuQ2hFDZXOXfthM+yHf6p09etTy5vMuI9biVSql RMVrYgRpddu/GU5ZYoVN80QmNV85FKZmViTsqLRlyv22SLubDtoHYv1HlMKSAXn6 srqXi79mRLdA68/n37Xel5yI5UbZESc/dofROFkQ5fBoLPu5Uy6VJ67GbwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFALJLZpbPOE+mR4yOfOHJAim7i9IMB8GA1UdIwQY MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt MGNmMTA5M2Q0NTQ4LzEvQXNrdG1sczg0VDZaSGpJNTg0Y2tDS2J1TDBnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4 LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCIAEGaAH8 MA0GCSqGSIb3DQEBCwUAA4IBAQA27vFtBtWzJOqZb9hzHfM5qfmwF7sgL7YbFctV Pj84TUon5nMsjuAJA3TjTy8qleioe5pHE4i42GGx5LBUbY+4cB7KdkbkEm/wOQGI 0ABi1hTAHhnR9eYpf9c4Yo7fIWSXqp47ufiC3drqDABF9rB7FaP6vqO1MeXPG4Qs YNP2T5Ol2vy/UW9zd/iwuvTyGk+isdO6Nrefcl3A62FBJRGRNajCDmV7AmYsyUPA 4ghpjH79w1BL84AQ6RW/ZQOw6T2oBCZR6O85+VsUObdvftKkiV7g41L46Q8T9dAT 6DzAj3d4gSXmznXpBN7wCdgaeLykqdlhDjUg5CNiVFHudtPQ -----END CERTIFICATE-----Generated at Sun Jan 25 13:32:50 2026 by rpki-client