This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/40862c-93af-4b26-825e-656c162fb24e/1/cKL3lZ9VAXfjx8BhCwvWc7MJlYA.roa File: cKL3lZ9VAXfjx8BhCwvWc7MJlYA.roa (raw, json) Hash identifier: IsUUX+ELNERYCqEA3Z6rk2jYuiJw1w0Lqm0oMQwqq4s= Subject key identifier: 70:A2:F7:95:9F:55:01:77:E3:C7:C0:61:0B:0B:D6:73:B3:09:95:80 Certificate issuer: /CN=459602d7af7c348c95ab11edd6132056753eabb9 Certificate serial: 019AE0E001BA3B1465E945D19E5E5124AF22 Authority key identifier: 45:96:02:D7:AF:7C:34:8C:95:AB:11:ED:D6:13:20:56:75:3E:AB:B9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RZYC1698NIyVqxHt1hMgVnU-q7k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/40862c-93af-4b26-825e-656c162fb24e/1/cKL3lZ9VAXfjx8BhCwvWc7MJlYA.roa Signing time: Tue 02 Dec 2025 21:02:48 +0000 ROA not before: Tue 02 Dec 2025 21:02:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 215724 IP address blocks: 2a14:7f00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/40862c-93af-4b26-825e-656c162fb24e/1/RZYC1698NIyVqxHt1hMgVnU-q7k.crl rsync://rpki.ripe.net/repository/DEFAULT/52/40862c-93af-4b26-825e-656c162fb24e/1/RZYC1698NIyVqxHt1hMgVnU-q7k.mft rsync://rpki.ripe.net/repository/DEFAULT/RZYC1698NIyVqxHt1hMgVnU-q7k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e0:e0:01:ba:3b:14:65:e9:45:d1:9e:5e:51:24:af:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=459602d7af7c348c95ab11edd6132056753eabb9 Validity Not Before: Dec 2 21:02:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=70a2f7959f550177e3c7c0610b0bd673b3099580 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:40:9c:63:02:5c:b7:82:65:0e:eb:e0:93:f3: b8:c5:32:28:ab:b2:8d:da:7f:e7:99:82:61:a7:71: cd:e2:b8:e5:18:40:88:d3:fc:0d:2b:9f:cb:4e:f3: 27:97:74:8f:e4:30:2d:81:51:ff:0e:99:4f:9c:60: 01:ad:79:bc:90:5e:eb:44:a9:b5:6a:4b:0d:b3:99: 5e:64:d3:d4:5a:5e:9a:76:0c:d9:fe:ef:26:3f:78: ca:49:d0:73:fe:0a:b8:47:30:b6:c6:6e:3f:68:b9: 55:8f:fd:2b:b0:c3:4f:d2:4f:b0:11:de:a4:9a:22: aa:cc:c6:b5:53:0b:d7:09:d5:c0:9a:89:6c:be:a7: c2:d4:f7:00:c9:60:9e:6a:5a:a8:cd:7d:f3:60:ac: 67:2b:fc:33:83:96:cc:b8:d7:d7:3a:8f:5e:61:93: ab:99:73:ba:fb:1f:2a:21:13:b5:7c:3d:26:8a:8f: a9:44:b7:09:df:d2:77:79:f3:40:34:ab:47:67:15: fd:0e:f9:8c:59:5b:0f:e7:59:ab:b3:ef:22:52:98: ed:79:45:1a:81:f0:0a:e7:2f:ab:e4:25:8d:2b:9e: 84:fa:ab:fb:67:7f:bf:86:51:7b:6d:76:e5:11:18: d5:ff:57:dd:86:e7:2f:d3:27:43:8a:2d:8e:97:e5: f7:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:A2:F7:95:9F:55:01:77:E3:C7:C0:61:0B:0B:D6:73:B3:09:95:80 X509v3 Authority Key Identifier: keyid:45:96:02:D7:AF:7C:34:8C:95:AB:11:ED:D6:13:20:56:75:3E:AB:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZYC1698NIyVqxHt1hMgVnU-q7k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/40862c-93af-4b26-825e-656c162fb24e/1/cKL3lZ9VAXfjx8BhCwvWc7MJlYA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/40862c-93af-4b26-825e-656c162fb24e/1/RZYC1698NIyVqxHt1hMgVnU-q7k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7f00::/29 Signature Algorithm: sha256WithRSAEncryption 6d:05:57:e5:24:f5:8f:f7:99:4a:e5:34:93:aa:81:11:55:76: d2:43:63:4b:73:8e:06:be:25:de:87:5d:2a:e1:32:84:6a:64: c6:d1:46:d4:f5:9d:31:5e:43:b6:87:4e:33:5c:65:5e:de:91: 4b:fb:69:f3:3f:21:a3:52:15:0c:05:26:8f:c9:f6:ca:92:c4: f7:3e:7d:73:e3:32:81:4f:e8:2b:1a:f5:29:77:c7:61:20:55: 26:dd:b1:3a:c3:3f:be:26:03:ab:1c:aa:f8:83:5f:0e:e8:fd: ed:98:f9:15:12:d7:4f:08:0d:50:8c:5a:c6:10:13:8b:54:7a: 5c:09:83:8c:eb:a2:f3:4d:38:82:e1:89:18:0c:6c:5c:e8:c3: 55:29:2b:f7:57:71:62:22:90:5a:07:1e:36:f1:9c:ae:f2:22: d3:b4:1d:ae:99:d9:53:02:5f:a0:70:df:26:87:b9:e9:be:fe: 5d:6c:7d:36:df:01:48:01:8e:14:2f:67:58:4d:8d:98:9d:1e: 6b:b9:d3:d6:9a:8c:e8:3f:08:71:e6:19:80:b8:39:b3:05:d1: ae:ff:9a:e5:eb:b6:6c:85:a9:43:86:ac:16:51:39:ad:e6:47: 0a:a2:59:c1:47:6d:63:17:06:e3:45:21:64:ff:1f:73:18:a7: d4:ab:ed:95 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZrg4AG6OxRl6UXRnl5RJK8iMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1OTYwMmQ3YWY3YzM0OGM5NWFiMTFlZGQ2MTMyMDU2NzUz ZWFiYjkwHhcNMjUxMjAyMjEwMjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MGEyZjc5NTlmNTUwMTc3ZTNjN2MwNjEwYjBiZDY3M2IzMDk5NTgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUCcYwJct4JlDuvgk/O4xTIoq7KN 2n/nmYJhp3HN4rjlGECI0/wNK5/LTvMnl3SP5DAtgVH/DplPnGABrXm8kF7rRKm1 aksNs5leZNPUWl6adgzZ/u8mP3jKSdBz/gq4RzC2xm4/aLlVj/0rsMNP0k+wEd6k miKqzMa1UwvXCdXAmolsvqfC1PcAyWCealqozX3zYKxnK/wzg5bMuNfXOo9eYZOr mXO6+x8qIRO1fD0mio+pRLcJ39J3efNANKtHZxX9DvmMWVsP51mrs+8iUpjteUUa gfAK5y+r5CWNK56E+qv7Z3+/hlF7bXblERjV/1fdhucv0ydDii2Ol+X3CQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFHCi95WfVQF348fAYQsL1nOzCZWAMB8GA1UdIwQY MBaAFEWWAtevfDSMlasR7dYTIFZ1Pqu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlpZQzE2OThOSXlWcXhIdDFoTWdWblUtcTdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi80MDg2MmMtOTNhZi00YjI2LTgyNWUt NjU2YzE2MmZiMjRlLzEvY0tMM2xaOVZBWGZqeDhCaEN3dldjN01KbFlBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi80MDg2MmMtOTNhZi00YjI2LTgyNWUtNjU2YzE2MmZiMjRl LzEvUlpZQzE2OThOSXlWcXhIdDFoTWdWblUtcTdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhR/ADAN BgkqhkiG9w0BAQsFAAOCAQEAbQVX5ST1j/eZSuU0k6qBEVV20kNjS3OOBr4l3odd KuEyhGpkxtFG1PWdMV5DtodOM1xlXt6RS/tp8z8ho1IVDAUmj8n2ypLE9z59c+My gU/oKxr1KXfHYSBVJt2xOsM/viYDqxyq+INfDuj97Zj5FRLXTwgNUIxaxhATi1R6 XAmDjOui8004guGJGAxsXOjDVSkr91dxYiKQWgceNvGcrvIi07QdrpnZUwJfoHDf Joe56b7+XWx9Nt8BSAGOFC9nWE2NmJ0ea7nT1pqM6D8IceYZgLg5swXRrv+a5eu2 bIWpQ4asFlE5reZHCqJZwUdtYxcG40UhZP8fcxin1KvtlQ== -----END CERTIFICATE-----Generated at Sat Dec 6 19:18:12 2025 by rpki-client