This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/kdpA_FGh8De_3t0XAUAZBxl2atQ.roa File: kdpA_FGh8De_3t0XAUAZBxl2atQ.roa (raw, json) Hash identifier: sVcoVUKOIe+5ShYkg7UX2nsGLKYp9ktHdUjuoSG4OfU= Subject key identifier: 91:DA:40:FC:51:A1:F0:37:BF:DE:DD:17:01:40:19:07:19:76:6A:D4 Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318 Certificate serial: 019B7C135A283254048A9B5D0318B054047B Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/kdpA_FGh8De_3t0XAUAZBxl2atQ.roa Signing time: Fri 02 Jan 2026 00:20:01 +0000 ROA not before: Fri 02 Jan 2026 00:20:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 22773 IP address blocks: 2a10:5e80::/29 maxlen: 29 2a10:5f80::/29 maxlen: 29 2a10:6080::/29 maxlen: 29 2a10:6480::/29 maxlen: 29 2a10:6580::/29 maxlen: 29 2a10:6680::/29 maxlen: 29 2a10:6780::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.mft rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:5a:28:32:54:04:8a:9b:5d:03:18:b0:54:04:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318 Validity Not Before: Jan 2 00:20:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=91da40fc51a1f037bfdedd170140190719766ad4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:66:47:15:8b:aa:6d:15:41:e3:c9:78:94:bd: 74:4a:08:58:64:19:4b:37:86:2c:4f:ef:2a:c7:b0: b5:ce:07:c1:15:37:8f:bc:cd:fd:54:3a:41:e7:33: 43:79:3e:de:70:19:9b:1c:85:8c:3b:e4:e6:77:43: 3f:5f:2f:7b:16:c6:29:b0:c1:a7:2d:91:08:40:47: 2c:c5:fe:f2:7b:94:fe:e1:f9:06:7b:49:f7:66:a7: 66:fc:bc:b4:1d:8c:7f:c0:89:6d:7c:62:ac:2f:05: 6a:d5:e4:5c:75:6c:67:9f:e8:4d:19:60:a9:f7:a7: 29:ba:ee:35:c6:db:76:42:38:a6:36:3a:d4:9c:fe: 5b:42:68:50:ca:dd:58:4a:bb:fd:48:f0:41:66:41: ff:b2:bd:01:c2:f9:3b:88:8c:60:8c:f7:76:e5:e6: e2:c9:b5:4f:33:94:ce:b4:e3:0f:7b:48:10:64:66: 4f:eb:92:f5:e0:d8:2a:45:40:c2:b6:e3:a1:d4:53: 3e:c2:9d:ca:a0:2c:cc:94:10:eb:cb:06:c1:ee:9e: 5a:ec:7d:be:c8:f3:fc:46:c2:5e:a8:d6:43:8f:7a: 70:f4:71:1f:a5:b9:bc:b1:8d:58:67:03:77:11:3f: 81:ed:6f:3a:e8:0e:68:7d:4d:3a:ed:81:dc:2a:f6: bb:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:DA:40:FC:51:A1:F0:37:BF:DE:DD:17:01:40:19:07:19:76:6A:D4 X509v3 Authority Key Identifier: keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/kdpA_FGh8De_3t0XAUAZBxl2atQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:5e80::/29 2a10:5f80::/29 2a10:6080::/29 2a10:6480::/29 2a10:6580::/29 2a10:6680::/29 2a10:6780::/29 Signature Algorithm: sha256WithRSAEncryption 0a:1c:0d:c8:91:76:2f:c4:08:b1:f4:7f:56:cc:f4:95:c4:2d: 16:0a:c6:64:83:14:a8:ae:f6:a6:30:12:c6:3d:4c:58:b6:b1: 06:d5:42:e7:24:56:33:cc:52:ec:99:56:ea:76:0e:c7:7b:06: 71:76:29:a4:bf:a8:72:5d:de:81:db:f2:3a:6b:06:52:b5:91: 71:19:6d:4d:ed:63:da:cc:95:44:93:05:42:31:9c:d4:52:ec: 89:8c:83:a6:4b:53:c2:94:cf:13:c5:1a:fe:90:b2:95:52:ea: 8a:ed:bd:10:b9:d5:f4:e2:0d:6f:7e:c7:3c:7f:4e:7f:fe:53: 85:07:59:e3:44:ed:08:48:d6:8c:3b:21:4a:07:dd:f7:30:9f: 9f:c6:84:7e:62:21:0f:26:db:63:ea:23:d0:92:c9:fb:f2:71: df:27:be:f2:64:eb:4d:50:ba:95:66:0b:9b:e9:2c:65:ca:eb: 4d:56:16:78:95:ee:c7:03:4c:06:1f:3a:1c:5b:47:3e:f2:89: 26:bd:b6:06:03:45:8b:0f:be:b7:9d:c0:0c:83:25:5e:c9:46: dd:33:96:00:dd:63:5e:cd:8a:cf:98:a8:c3:9f:50:51:08:b5: 9c:0b:68:55:4f:d6:27:5c:78:90:4f:e2:05:77:6a:af:39:cc: 6f:fd:1d:d8 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgISAZt8E1ooMlQEiptdAxiwVAR7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk NGYzMTgwHhcNMjYwMTAyMDAyMDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MWRhNDBmYzUxYTFmMDM3YmZkZWRkMTcwMTQwMTkwNzE5NzY2YWQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WZHFYuqbRVB48l4lL10SghYZBlL N4YsT+8qx7C1zgfBFTePvM39VDpB5zNDeT7ecBmbHIWMO+Tmd0M/Xy97FsYpsMGn LZEIQEcsxf7ye5T+4fkGe0n3Zqdm/Ly0HYx/wIltfGKsLwVq1eRcdWxnn+hNGWCp 96cpuu41xtt2QjimNjrUnP5bQmhQyt1YSrv9SPBBZkH/sr0Bwvk7iIxgjPd25ebi ybVPM5TOtOMPe0gQZGZP65L14NgqRUDCtuOh1FM+wp3KoCzMlBDrywbB7p5a7H2+ yPP8RsJeqNZDj3pw9HEfpbm8sY1YZwN3ET+B7W866A5ofU067YHcKva7aQIDAQAB o4ICNDCCAjAwHQYDVR0OBBYEFJHaQPxRofA3v97dFwFAGQcZdmrUMB8GA1UdIwQY MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt NjMzNDhjZGJmMDI0LzEva2RwQV9GR2g4RGVfM3QwWEFVQVpCeGwyYXRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0 LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKhBegAMF AyoQX4ADBQMqEGCAAwUDKhBkgAMFAyoQZYADBQMqEGaAAwUDKhBngDANBgkqhkiG 9w0BAQsFAAOCAQEAChwNyJF2L8QIsfR/Vsz0lcQtFgrGZIMUqK72pjASxj1MWLax BtVC5yRWM8xS7JlW6nYOx3sGcXYppL+ocl3egdvyOmsGUrWRcRltTe1j2syVRJMF QjGc1FLsiYyDpktTwpTPE8Ua/pCylVLqiu29ELnV9OINb37HPH9Of/5ThQdZ40Tt CEjWjDshSgfd9zCfn8aEfmIhDybbY+oj0JLJ+/Jx3ye+8mTrTVC6lWYLm+ksZcrr TVYWeJXuxwNMBh86HFtHPvKJJr22BgNFiw++t53ADIMlXslG3TOWAN1jXs2Kz5io w59QUQi1nAtoVU/WJ1x4kE/iBXdqrznMb/0d2A== -----END CERTIFICATE-----Generated at Sun Jan 25 11:01:55 2026 by rpki-client