This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/kBXYGbTxdPtMX8674-LRTUc3syU.roa File: kBXYGbTxdPtMX8674-LRTUc3syU.roa (raw, json) Hash identifier: iVyxpIKZTeWiXDctlyE3ADiEgnIUxFQhQQ9pjma1pGw= Subject key identifier: 90:15:D8:19:B4:F1:74:FB:4C:5F:CE:BB:E3:E2:D1:4D:47:37:B3:25 Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad Certificate serial: 019B79100C1788245CB8E29EE06EE4E44861 Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/kBXYGbTxdPtMX8674-LRTUc3syU.roa Signing time: Thu 01 Jan 2026 10:17:33 +0000 ROA not before: Thu 01 Jan 2026 10:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20546 IP address blocks: 2001:678:804::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.mft rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:0c:17:88:24:5c:b8:e2:9e:e0:6e:e4:e4:48:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad Validity Not Before: Jan 1 10:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9015d819b4f174fb4c5fcebbe3e2d14d4737b325 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:82:10:6a:41:1f:c6:22:c5:81:f0:ba:4c:9f: b3:51:c0:d7:e7:46:05:7d:be:f8:df:2f:94:05:b0: f4:31:f7:fd:3d:ca:ce:38:be:f0:fa:8b:fe:cf:a5: 5d:43:a9:78:ab:b2:f4:bf:91:c3:15:41:30:bd:d2: 3f:2d:f4:57:2c:b7:25:dc:3a:5c:72:b1:1f:43:07: 61:5b:de:54:89:57:8f:4e:3e:50:46:36:6b:21:05: 1f:a7:ae:fb:e1:c0:cb:40:bd:1e:bf:1e:b8:8d:37: fc:e3:43:78:c3:9c:14:ec:7b:d3:6e:ce:ea:9c:89: be:88:5a:d4:a7:70:85:cc:3c:4e:a0:da:5c:d1:ff: a7:cd:5a:14:ac:ae:5c:b3:be:ef:a0:42:6b:7a:95: 88:01:08:90:3b:83:d6:40:9c:f4:c3:3a:c1:4a:c8: 11:6e:9e:98:3d:60:36:c8:a1:9b:95:8a:c8:08:93: 0c:68:ef:11:a4:88:eb:7d:0f:a7:32:4a:8b:9b:86: 91:86:64:09:67:f3:3c:6c:fe:43:5b:14:bd:30:07: a5:09:2f:15:ba:28:47:17:e6:58:63:cc:9e:1d:9e: 41:4f:b0:72:3a:f2:4a:b6:af:c3:58:41:c7:a8:a6: e3:c0:f0:95:47:95:56:f0:29:15:39:ad:67:d4:9c: 2f:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:15:D8:19:B4:F1:74:FB:4C:5F:CE:BB:E3:E2:D1:4D:47:37:B3:25 X509v3 Authority Key Identifier: keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/kBXYGbTxdPtMX8674-LRTUc3syU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:804::/48 Signature Algorithm: sha256WithRSAEncryption d9:81:71:d9:89:44:76:9c:e0:48:f3:f8:8f:67:c7:81:1e:93: 41:17:33:7f:ad:16:44:47:d6:43:05:2d:a1:50:be:a7:95:c6: 95:9f:fc:7b:73:86:82:fa:0b:e9:5e:e6:72:ab:5f:e5:14:2a: 6a:27:af:b7:12:6a:77:ec:95:28:4e:75:03:d0:6c:11:bd:db: f5:6d:24:59:47:e2:7e:cf:6c:3e:74:3b:80:58:c7:00:14:4d: 26:90:8b:5e:0d:67:13:41:02:d9:f0:b3:1b:33:81:3c:19:18: 5b:c6:84:57:4e:f9:70:7b:44:e9:11:0c:63:ca:2c:ae:df:4e: 36:d5:09:59:b1:e4:3b:1d:67:76:33:1f:60:85:d5:9b:f4:7f: ed:f0:da:99:e6:ac:23:00:e5:b2:7c:1e:0b:38:b5:6d:88:a4: c3:31:ee:f2:d4:dd:8a:b2:8a:37:b6:7b:ec:27:ae:76:55:88: 59:0d:5e:9c:73:d4:0f:65:4c:02:84:9d:85:a5:7e:34:d5:ad: 41:3f:88:8a:55:50:06:ef:a1:98:2f:f2:71:55:d7:f9:cd:8d: a4:da:0e:ec:24:65:14:67:af:ec:dc:7a:a4:47:55:50:79:5a: d0:86:0c:81:78:6e:29:21:d9:bc:e4:e7:e5:d0:7f:0f:ee:ec: 97:e8:a6:21 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5EAwXiCRcuOKe4G7k5EhhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx NmI5YWQwHhcNMjYwMTAxMTAxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDE1ZDgxOWI0ZjE3NGZiNGM1ZmNlYmJlM2UyZDE0ZDQ3MzdiMzI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoIQakEfxiLFgfC6TJ+zUcDX50YF fb743y+UBbD0Mff9PcrOOL7w+ov+z6VdQ6l4q7L0v5HDFUEwvdI/LfRXLLcl3Dpc crEfQwdhW95UiVePTj5QRjZrIQUfp6774cDLQL0evx64jTf840N4w5wU7HvTbs7q nIm+iFrUp3CFzDxOoNpc0f+nzVoUrK5cs77voEJrepWIAQiQO4PWQJz0wzrBSsgR bp6YPWA2yKGblYrICJMMaO8RpIjrfQ+nMkqLm4aRhmQJZ/M8bP5DWxS9MAelCS8V uihHF+ZYY8yeHZ5BT7ByOvJKtq/DWEHHqKbjwPCVR5VW8CkVOa1n1JwvxwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJAV2Bm08XT7TF/Ou+Pi0U1HN7MlMB8GA1UdIwQY MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt ZTEyM2U0ZTMwM2UxLzEva0JYWUdiVHhkUHRNWDg2NzQtTFJUVWMzc3lVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAgE MA0GCSqGSIb3DQEBCwUAA4IBAQDZgXHZiUR2nOBI8/iPZ8eBHpNBFzN/rRZER9ZD BS2hUL6nlcaVn/x7c4aC+gvpXuZyq1/lFCpqJ6+3Emp37JUoTnUD0GwRvdv1bSRZ R+J+z2w+dDuAWMcAFE0mkIteDWcTQQLZ8LMbM4E8GRhbxoRXTvlwe0TpEQxjyiyu 30421QlZseQ7HWd2Mx9ghdWb9H/t8NqZ5qwjAOWyfB4LOLVtiKTDMe7y1N2Ksoo3 tnvsJ652VYhZDV6cc9QPZUwChJ2FpX401a1BP4iKVVAG76GYL/JxVdf5zY2k2g7s JGUUZ6/s3HqkR1VQeVrQhgyBeG4pIdm85Ofl0H8P7uyX6KYh -----END CERTIFICATE-----Generated at Sun Jan 25 10:24:28 2026 by rpki-client