This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/NKFYjT8NOU2nNm75iC1mMdUvWRg.roa File: NKFYjT8NOU2nNm75iC1mMdUvWRg.roa (raw, json) Hash identifier: T+3lCMY+jPZeKCOFr2ByuWF+cVwT3gGdpsce+k/SCB4= Subject key identifier: 34:A1:58:8D:3F:0D:39:4D:A7:36:6E:F9:88:2D:66:31:D5:2F:59:18 Certificate issuer: /CN=6fa64a647bd2a5557f70f676adcc76904fb872ab Certificate serial: 019B7CECF76AA4161630A50E12593972FEE6 Authority key identifier: 6F:A6:4A:64:7B:D2:A5:55:7F:70:F6:76:AD:CC:76:90:4F:B8:72:AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/NKFYjT8NOU2nNm75iC1mMdUvWRg.roa Signing time: Fri 02 Jan 2026 04:17:43 +0000 ROA not before: Fri 02 Jan 2026 04:17:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213708 IP address blocks: 2a14:9400::/40 maxlen: 40 2a14:9401:2000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.crl rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.mft rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 04:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ec:f7:6a:a4:16:16:30:a5:0e:12:59:39:72:fe:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6fa64a647bd2a5557f70f676adcc76904fb872ab Validity Not Before: Jan 2 04:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=34a1588d3f0d394da7366ef9882d6631d52f5918 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:83:1d:33:b3:ca:2a:9f:5a:19:e5:87:55:fd: 1d:67:b2:0a:3b:e0:4c:43:cb:58:76:86:c3:39:ce: 84:d9:4e:fb:d3:dc:a4:a4:01:2d:ed:ff:37:ba:24: 85:36:f1:41:40:de:96:78:6c:47:1e:e0:bf:57:d3: 16:d5:8e:a4:26:ee:2b:6a:d7:f9:d5:31:1f:86:6e: 36:4b:58:52:c6:62:92:fc:28:d3:de:2a:61:75:d9: ac:78:6f:7b:ba:48:30:a2:bc:d4:34:19:36:51:0a: 31:76:09:21:6f:8c:79:53:30:3d:dd:d0:e9:51:99: 09:6f:ab:92:d9:32:ab:2a:aa:e6:57:ef:73:b2:2d: af:f0:67:a4:a3:02:e2:6a:2d:9c:a6:ad:bc:09:0e: 22:d5:cc:92:32:4b:ba:48:ad:56:84:17:26:20:02: 48:8e:92:47:bf:c2:e5:e4:f7:66:0b:70:bc:11:e8: 04:24:9e:5c:b8:19:25:29:e4:92:fd:5f:bd:60:12: af:46:6b:01:9a:ac:10:0d:d6:c6:29:71:36:67:19: 64:46:15:cc:38:fd:f5:b3:8c:e4:14:7c:08:0c:63: 4a:88:ba:2d:57:60:07:a1:f4:f9:7a:6b:d5:9a:a2: cd:5f:08:03:08:b6:41:0b:a7:89:0d:9c:55:aa:4d: 55:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:A1:58:8D:3F:0D:39:4D:A7:36:6E:F9:88:2D:66:31:D5:2F:59:18 X509v3 Authority Key Identifier: keyid:6F:A6:4A:64:7B:D2:A5:55:7F:70:F6:76:AD:CC:76:90:4F:B8:72:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/NKFYjT8NOU2nNm75iC1mMdUvWRg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:9400::/40 2a14:9401:2000::/36 Signature Algorithm: sha256WithRSAEncryption 7b:ed:91:07:8b:90:f3:13:7b:b0:29:fa:50:81:cf:77:1b:fb: ca:bb:90:4e:d1:6b:83:71:85:ad:08:0f:ee:cd:9c:4a:71:a9: 70:bb:99:d0:2c:1a:c9:e3:50:ba:33:c5:53:c0:1a:94:4e:30: f3:ce:8f:62:d3:ba:2c:3d:c1:d8:3e:ce:3f:35:3f:22:c9:9f: 47:e6:5c:ac:66:f3:11:39:67:6c:68:55:15:1d:02:c1:ae:28: 91:7b:e7:75:88:7b:99:39:50:19:05:81:ad:4f:7e:22:9e:94: 2b:2a:d5:8b:c2:bb:0e:8e:d5:cf:46:52:10:58:f7:f8:54:16: 3b:34:1a:54:86:00:68:6d:1d:98:21:9e:02:25:bb:2e:63:28: af:47:e8:24:ce:fe:f8:da:01:b5:b3:32:6c:e5:f6:e6:a4:14: f5:0f:75:b2:58:d0:70:56:97:94:ba:51:e8:9e:b1:ad:c1:da: 2a:98:b9:de:3a:27:6c:08:6d:1a:bd:4a:be:4e:d6:87:21:86: f9:a8:c3:60:6c:e2:8a:d0:bd:ca:de:96:35:dd:fb:f1:b3:7a: 57:ba:eb:4c:c2:ba:f5:c8:5a:9a:7a:3b:0f:97:65:29:c6:01: 51:4a:22:d3:3e:f8:5d:aa:5f:47:d9:b6:30:f4:a5:e9:dc:c5: 4f:40:eb:cc -----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgISAZt87PdqpBYWMKUOElk5cv7mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmYTY0YTY0N2JkMmE1NTU3ZjcwZjY3NmFkY2M3NjkwNGZi ODcyYWIwHhcNMjYwMTAyMDQxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNGExNTg4ZDNmMGQzOTRkYTczNjZlZjk4ODJkNjYzMWQ1MmY1OTE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoMdM7PKKp9aGeWHVf0dZ7IKO+BM Q8tYdobDOc6E2U7709ykpAEt7f83uiSFNvFBQN6WeGxHHuC/V9MW1Y6kJu4ratf5 1TEfhm42S1hSxmKS/CjT3iphddmseG97ukgworzUNBk2UQoxdgkhb4x5UzA93dDp UZkJb6uS2TKrKqrmV+9zsi2v8GekowLiai2cpq28CQ4i1cySMku6SK1WhBcmIAJI jpJHv8Ll5PdmC3C8EegEJJ5cuBklKeSS/V+9YBKvRmsBmqwQDdbGKXE2ZxlkRhXM OP31s4zkFHwIDGNKiLotV2AHofT5emvVmqLNXwgDCLZBC6eJDZxVqk1VoQIDAQAB o4ICEzCCAg8wHQYDVR0OBBYEFDShWI0/DTlNpzZu+YgtZjHVL1kYMB8GA1UdIwQY MBaAFG+mSmR70qVVf3D2dq3MdpBPuHKrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYjZaS1pIdlNwVlZfY1BaMnJjeDJrRS00Y3FzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNThkYWUtNTRmYS00YTMzLWExOWQt ZTkxYjNhYmQxZmU4LzEvTktGWWpUOE5PVTJuTm03NWlDMW1NZFV2V1JnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8yNThkYWUtNTRmYS00YTMzLWExOWQtZTkxYjNhYmQxZmU4 LzEvYjZaS1pIdlNwVlZfY1BaMnJjeDJrRS00Y3FzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKhSUAAAD BgQqFJQBIDANBgkqhkiG9w0BAQsFAAOCAQEAe+2RB4uQ8xN7sCn6UIHPdxv7yruQ TtFrg3GFrQgP7s2cSnGpcLuZ0CwayeNQujPFU8AalE4w886PYtO6LD3B2D7OPzU/ IsmfR+ZcrGbzETlnbGhVFR0Cwa4okXvndYh7mTlQGQWBrU9+Ip6UKyrVi8K7Do7V z0ZSEFj3+FQWOzQaVIYAaG0dmCGeAiW7LmMor0foJM7++NoBtbMybOX25qQU9Q91 sljQcFaXlLpR6J6xrcHaKpi53jonbAhtGr1Kvk7WhyGG+ajDYGziitC9yt6WNd37 8bN6V7rrTMK69chamno7D5dlKcYBUUoi0z74XapfR9m2MPSl6dzFT0DrzA== -----END CERTIFICATE-----Generated at Mon Jan 26 11:43:56 2026 by rpki-client