This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/kDFa5fuToySOCU5vcGqCPDIk2Pc.roa File: kDFa5fuToySOCU5vcGqCPDIk2Pc.roa (raw, json) Hash identifier: I1BI9NSvaTv9rq7lHhxdUbN5f5WvqbSLYeczo8o1iF8= Subject key identifier: 90:31:5A:E5:FB:93:A3:24:8E:09:4E:6F:70:6A:82:3C:32:24:D8:F7 Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212 Certificate serial: 019B7E391D76C4A6621B2233209ED4CAF4B9 Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/kDFa5fuToySOCU5vcGqCPDIk2Pc.roa Signing time: Fri 02 Jan 2026 10:20:30 +0000 ROA not before: Fri 02 Jan 2026 10:20:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197501 IP address blocks: 2a0a:2c0:8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:1d:76:c4:a6:62:1b:22:33:20:9e:d4:ca:f4:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212 Validity Not Before: Jan 2 10:20:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90315ae5fb93a3248e094e6f706a823c3224d8f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:11:67:80:3b:e4:33:94:be:ce:65:bc:bc:25: 6c:bb:3d:7c:e1:87:19:54:42:8f:bd:45:56:46:ae: c1:6e:31:69:4e:1a:89:52:5a:c2:be:0b:a1:bd:42: 5a:0c:a5:9b:f6:9a:8c:9d:8a:de:13:f8:22:e9:c6: 16:11:a4:40:22:df:3d:06:f2:02:72:b3:90:73:0e: b5:15:1a:d6:05:ac:73:5f:4d:34:ed:40:99:9a:81: 51:a4:bd:32:e7:10:13:c1:51:79:6a:ba:be:11:85: c9:4f:13:98:ae:e7:4e:16:79:2d:f4:65:69:71:60: e5:f3:d4:32:2e:bf:8b:b6:c8:13:b2:e4:4f:82:53: 34:2e:c4:e5:7d:3d:04:50:3b:09:32:79:27:03:a4: db:8c:2e:0f:ac:a8:48:9c:dd:d0:5f:e8:58:b0:34: c5:88:dd:4e:e6:61:c5:1b:7e:a8:91:08:95:a2:cc: 92:b8:04:89:18:23:3f:d2:79:b3:15:3f:03:07:55: 63:93:86:94:cd:2c:24:61:9c:fe:2f:3e:fd:82:c4: b7:76:75:2a:d5:f0:cd:5e:0c:ff:11:26:4e:32:7e: a5:fc:7c:7f:43:ad:fa:4b:05:6c:cd:51:c8:8d:08: 47:b2:55:d6:1a:84:df:85:a2:15:fb:e9:c6:59:cc: 43:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:31:5A:E5:FB:93:A3:24:8E:09:4E:6F:70:6A:82:3C:32:24:D8:F7 X509v3 Authority Key Identifier: keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/kDFa5fuToySOCU5vcGqCPDIk2Pc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:2c0:8::/48 Signature Algorithm: sha256WithRSAEncryption 63:e5:a7:d2:45:46:80:d2:81:cb:dc:13:81:db:cb:2c:7c:c3: 80:d0:b3:31:7d:3a:be:64:c4:53:54:7c:ea:df:53:0d:a9:16: 22:2e:12:9b:f4:1a:3a:f1:4c:c0:eb:82:90:bf:e4:05:4e:93: 2f:16:75:0a:ea:66:96:6b:4c:8f:f9:aa:63:a1:00:a0:d9:4d: 95:a6:21:a4:29:a1:c6:24:65:4e:52:e0:43:92:5f:7e:b2:23: 9d:e1:3b:84:a0:72:d6:96:6b:9b:a0:3a:b8:06:74:ec:54:2b: ec:b5:7a:d4:9d:55:04:d6:98:82:ce:04:27:12:50:3d:c4:cf: 9a:aa:63:1e:45:fd:93:0d:c5:51:7a:7e:49:b0:b0:10:15:54: 63:90:1f:22:f2:1b:54:e1:24:c0:8d:8f:35:df:ec:36:ca:19: df:7a:f6:59:ae:71:e4:62:fc:b7:39:f5:6f:ba:2c:26:fe:99: 17:dd:0f:53:a6:36:43:ce:2b:08:09:3e:28:8a:bd:dc:04:c9: 09:4b:8d:c7:c2:6c:c7:6d:f1:ca:e6:00:2b:da:20:bd:65:c1: 8c:02:02:56:5a:3d:82:e3:07:a7:d1:67:4e:c3:61:6b:ab:85: 35:ba:68:e5:4e:b4:30:ff:57:8e:bb:45:59:90:4e:f0:89:2d: c0:bb:e0:75 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+OR12xKZiGyIzIJ7UyvS5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx YmQyMTIwHhcNMjYwMTAyMTAyMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDMxNWFlNWZiOTNhMzI0OGUwOTRlNmY3MDZhODIzYzMyMjRkOGY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxFngDvkM5S+zmW8vCVsuz184YcZ VEKPvUVWRq7BbjFpThqJUlrCvguhvUJaDKWb9pqMnYreE/gi6cYWEaRAIt89BvIC crOQcw61FRrWBaxzX0007UCZmoFRpL0y5xATwVF5arq+EYXJTxOYrudOFnkt9GVp cWDl89QyLr+LtsgTsuRPglM0LsTlfT0EUDsJMnknA6TbjC4PrKhInN3QX+hYsDTF iN1O5mHFG36okQiVosySuASJGCM/0nmzFT8DB1Vjk4aUzSwkYZz+Lz79gsS3dnUq 1fDNXgz/ESZOMn6l/Hx/Q636SwVszVHIjQhHslXWGoTfhaIV++nGWcxDbwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJAxWuX7k6MkjglOb3BqgjwyJNj3MB8GA1UdIwQY MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt Mzk5M2FhMzI0ZTFmLzEva0RGYTVmdVRveVNPQ1U1dmNHcUNQRElrMlBjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgoCwAAI MA0GCSqGSIb3DQEBCwUAA4IBAQBj5afSRUaA0oHL3BOB28ssfMOA0LMxfTq+ZMRT VHzq31MNqRYiLhKb9Bo68UzA64KQv+QFTpMvFnUK6maWa0yP+apjoQCg2U2VpiGk KaHGJGVOUuBDkl9+siOd4TuEoHLWlmuboDq4BnTsVCvstXrUnVUE1piCzgQnElA9 xM+aqmMeRf2TDcVRen5JsLAQFVRjkB8i8htU4STAjY813+w2yhnfevZZrnHkYvy3 OfVvuiwm/pkX3Q9TpjZDzisICT4oir3cBMkJS43HwmzHbfHK5gAr2iC9ZcGMAgJW Wj2C4wen0WdOw2Frq4U1umjlTrQw/1eOu0VZkE7wiS3Au+B1 -----END CERTIFICATE-----Generated at Sun Jan 25 18:05:34 2026 by rpki-client