This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/KZ1bYzHidoAa7Wst1TW0pl0A0LQ.roa File: KZ1bYzHidoAa7Wst1TW0pl0A0LQ.roa (raw, json) Hash identifier: pSBEYi8KDbVxU64ImKcv33FLPOah5htlj9imFKKKyS0= Subject key identifier: 29:9D:5B:63:31:E2:76:80:1A:ED:6B:2D:D5:35:B4:A6:5D:00:D0:B4 Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2 Certificate serial: 019B78344193E55827909ABD86478546EDBE Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/KZ1bYzHidoAa7Wst1TW0pl0A0LQ.roa Signing time: Thu 01 Jan 2026 06:17:29 +0000 ROA not before: Thu 01 Jan 2026 06:17:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3204 IP address blocks: 2a09:7:200a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:41:93:e5:58:27:90:9a:bd:86:47:85:46:ed:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2 Validity Not Before: Jan 1 06:17:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=299d5b6331e276801aed6b2dd535b4a65d00d0b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:6c:7d:c1:7a:62:b0:6c:61:6f:0f:af:dc:6c: a9:8a:53:71:94:56:87:3a:8a:ee:f4:6b:c0:35:ce: dc:87:e8:b2:74:c8:79:49:36:42:50:f3:0a:40:82: ce:f3:19:af:2b:b0:dc:16:77:13:f9:f4:12:da:27: d7:c6:d3:6c:b5:30:6e:93:d7:63:f3:4a:70:55:c6: da:67:d9:a7:13:54:22:77:27:56:40:7f:b6:4e:56: be:41:62:0c:b2:53:e7:5b:0c:6a:dd:1b:ed:9e:d6: 5b:2f:2d:63:7e:e5:63:b7:45:88:f4:c9:ca:31:84: 48:75:1c:69:e1:97:bc:99:15:ec:6b:18:b7:39:28: e2:44:0b:b3:4e:b3:88:b4:a3:4b:51:13:89:3d:6b: 38:c6:45:54:1c:fb:c5:b1:a4:bd:15:77:c5:4b:e7: 8f:ef:9c:75:d5:f7:f4:1c:2c:3b:ea:77:0c:65:da: 20:62:46:f6:2f:92:25:7f:7e:62:a4:a4:2d:1e:c2: aa:db:71:2d:83:c1:a4:88:db:5d:cb:4b:f0:eb:0f: 2b:38:56:c1:c9:f0:3a:84:c2:cc:3a:57:6c:b0:30: 3d:ea:42:12:25:10:de:85:6f:f5:a1:2f:3b:64:75: 8b:ce:50:37:cb:c2:a3:cc:51:d3:25:95:7f:17:f4: 14:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:9D:5B:63:31:E2:76:80:1A:ED:6B:2D:D5:35:B4:A6:5D:00:D0:B4 X509v3 Authority Key Identifier: keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/KZ1bYzHidoAa7Wst1TW0pl0A0LQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:7:200a::/48 Signature Algorithm: sha256WithRSAEncryption 57:03:7d:76:76:8f:9e:b6:8a:91:6a:85:2c:f9:e2:33:f6:ce: 67:fb:cc:8e:5b:43:89:18:90:46:a7:d6:59:86:32:dd:e4:b0: b0:26:89:d6:6e:83:9c:7d:53:ef:8a:71:eb:b5:b4:56:a1:f5: a4:2d:a5:3e:4d:22:23:cb:0e:bd:e6:de:f0:39:ba:ae:32:31: 64:20:9b:85:20:19:00:54:06:c5:cc:f8:41:c5:6c:ff:e2:d7: 4f:29:3b:fe:91:92:44:6f:d1:cc:36:75:fc:af:f5:fe:7f:bf: e5:27:83:d7:3b:a7:f7:bb:fc:7d:cd:fd:2a:22:2b:36:71:a1: 36:cb:97:4e:08:22:fc:f0:94:b7:a3:18:0b:31:14:2d:2a:64: 22:37:cf:08:21:b1:9d:8a:18:cf:11:f0:cb:57:50:05:9a:83: a6:e3:9d:2d:57:b9:69:a2:f4:c9:6e:d7:8b:ee:97:e8:39:a4: 74:51:08:be:76:25:79:7a:b8:61:35:e5:07:82:86:e0:f8:5d: 94:11:7d:37:09:3b:41:5e:22:2a:5d:0a:eb:60:b5:f1:55:83: 20:26:87:a9:d3:03:d7:f2:84:d1:0a:b2:00:cc:9f:0c:ab:1a: a0:b3:0c:45:f3:17:a6:e6:6e:b6:68:a1:65:0b:d7:91:46:6e: b4:19:59:0b -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt4NEGT5VgnkJq9hkeFRu2+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi YmFhZTIwHhcNMjYwMTAxMDYxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTlkNWI2MzMxZTI3NjgwMWFlZDZiMmRkNTM1YjRhNjVkMDBkMGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22x9wXpisGxhbw+v3GypilNxlFaH Ooru9GvANc7ch+iydMh5STZCUPMKQILO8xmvK7DcFncT+fQS2ifXxtNstTBuk9dj 80pwVcbaZ9mnE1QidydWQH+2Tla+QWIMslPnWwxq3RvtntZbLy1jfuVjt0WI9MnK MYRIdRxp4Ze8mRXsaxi3OSjiRAuzTrOItKNLUROJPWs4xkVUHPvFsaS9FXfFS+eP 75x11ff0HCw76ncMZdogYkb2L5Ilf35ipKQtHsKq23Etg8GkiNtdy0vw6w8rOFbB yfA6hMLMOldssDA96kISJRDehW/1oS87ZHWLzlA3y8KjzFHTJZV/F/QUmwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFCmdW2Mx4naAGu1rLdU1tKZdANC0MB8GA1UdIwQY MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt MjU0YWNkOTJiNGUxLzEvS1oxYll6SGlkb0FhN1dzdDFUVzBwbDBBMExRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkAByAK MA0GCSqGSIb3DQEBCwUAA4IBAQBXA312do+etoqRaoUs+eIz9s5n+8yOW0OJGJBG p9ZZhjLd5LCwJonWboOcfVPvinHrtbRWofWkLaU+TSIjyw695t7wObquMjFkIJuF IBkAVAbFzPhBxWz/4tdPKTv+kZJEb9HMNnX8r/X+f7/lJ4PXO6f3u/x9zf0qIis2 caE2y5dOCCL88JS3oxgLMRQtKmQiN88IIbGdihjPEfDLV1AFmoOm450tV7lpovTJ bteL7pfoOaR0UQi+diV5erhhNeUHgobg+F2UEX03CTtBXiIqXQrrYLXxVYMgJoep 0wPX8oTRCrIAzJ8MqxqgswxF8xem5m62aKFlC9eRRm60GVkL -----END CERTIFICATE-----Generated at Mon Jan 26 00:13:48 2026 by rpki-client