This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/45659b-24d7-4220-a118-93f4255f2b82/1/KUoewwdfRmOf_tbAsPp_9X-LAEQ.roa File: KUoewwdfRmOf_tbAsPp_9X-LAEQ.roa (raw, json) Hash identifier: LGunqhuUXzXuULPWvo35kZbrmM/8QY9qb8IveKrkACU= Subject key identifier: 29:4A:1E:C3:07:5F:46:63:9F:FE:D6:C0:B0:FA:7F:F5:7F:8B:00:44 Certificate issuer: /CN=4502eb22ae5c0b4dcd39a0f9641a2570634471f9 Certificate serial: 019B7AC81770AC283040B7F40DA055FB0809 Authority key identifier: 45:02:EB:22:AE:5C:0B:4D:CD:39:A0:F9:64:1A:25:70:63:44:71:F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQLrIq5cC03NOaD5ZBolcGNEcfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/45659b-24d7-4220-a118-93f4255f2b82/1/KUoewwdfRmOf_tbAsPp_9X-LAEQ.roa Signing time: Thu 01 Jan 2026 18:18:12 +0000 ROA not before: Thu 01 Jan 2026 18:18:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50399 IP address blocks: 2001:678:9c8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/45659b-24d7-4220-a118-93f4255f2b82/1/RQLrIq5cC03NOaD5ZBolcGNEcfk.crl rsync://rpki.ripe.net/repository/DEFAULT/99/45659b-24d7-4220-a118-93f4255f2b82/1/RQLrIq5cC03NOaD5ZBolcGNEcfk.mft rsync://rpki.ripe.net/repository/DEFAULT/RQLrIq5cC03NOaD5ZBolcGNEcfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:17:70:ac:28:30:40:b7:f4:0d:a0:55:fb:08:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4502eb22ae5c0b4dcd39a0f9641a2570634471f9 Validity Not Before: Jan 1 18:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=294a1ec3075f46639ffed6c0b0fa7ff57f8b0044 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ac:9d:e1:c3:3f:82:58:f6:e9:ac:7a:ac:24: 27:fe:7e:51:e9:d6:eb:e9:8e:b6:cb:f6:77:7f:13: 7b:7c:4c:fa:0a:cf:f8:91:9f:ef:90:14:e0:e3:55: ce:c4:2f:0b:c2:c8:0d:fa:fe:de:96:88:ad:4b:eb: 7b:1c:1c:6a:0b:41:1c:9c:ca:d0:93:8a:c9:db:d8: 4e:db:39:c8:c5:04:ea:9a:01:30:50:e9:b8:40:bf: 02:85:b8:90:bd:04:bf:6d:ee:36:c6:57:a9:e0:12: 4c:c0:bd:e0:84:66:dc:23:5b:78:fa:c8:53:0d:7a: a8:04:2e:61:e6:2a:71:fb:ff:30:13:cf:6a:c0:7f: c5:70:6e:1d:cb:13:04:ea:e0:51:ae:1c:63:69:34: 54:4d:4d:7e:0e:da:26:31:97:6d:0c:6a:76:e7:54: 94:4c:3d:84:6e:40:50:44:f5:26:3a:07:8b:33:e0: 38:05:08:e1:7d:04:f4:7e:e2:5a:c4:71:45:d2:30: e8:af:0d:6c:08:ba:72:ba:8c:d3:d3:00:a2:a6:6a: cf:5c:9a:0f:eb:86:3e:e5:38:56:29:3e:1f:b0:cf: 31:05:1c:f6:4c:aa:60:39:a7:ee:a2:c1:3b:52:14: 98:32:bd:e1:10:43:cb:24:fa:63:a3:6a:49:b3:95: 46:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:4A:1E:C3:07:5F:46:63:9F:FE:D6:C0:B0:FA:7F:F5:7F:8B:00:44 X509v3 Authority Key Identifier: keyid:45:02:EB:22:AE:5C:0B:4D:CD:39:A0:F9:64:1A:25:70:63:44:71:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQLrIq5cC03NOaD5ZBolcGNEcfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/45659b-24d7-4220-a118-93f4255f2b82/1/KUoewwdfRmOf_tbAsPp_9X-LAEQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/45659b-24d7-4220-a118-93f4255f2b82/1/RQLrIq5cC03NOaD5ZBolcGNEcfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:9c8::/48 Signature Algorithm: sha256WithRSAEncryption 7a:22:11:ee:23:11:b8:6c:27:b2:6f:cc:54:90:90:6a:9e:1e: 5f:71:29:db:75:af:3b:5e:2a:4b:b1:23:52:da:53:8f:1f:00: ad:e5:59:2d:66:98:f3:41:b3:f1:9e:8f:39:75:85:3c:4c:9b: 47:9a:57:93:fa:7a:d6:7f:d9:fc:eb:63:2f:3e:ff:1a:e6:3b: bf:6b:95:30:4c:2d:2d:e1:4c:fe:44:41:02:78:09:d3:5d:53: 82:2e:c9:2b:f8:7b:5c:6e:b1:71:c9:73:7e:b7:a1:e3:8b:0f: 2f:cf:56:7b:40:c3:e5:2f:ea:bd:09:f8:7b:43:db:06:ed:66: 35:83:b7:6c:ab:bd:10:77:41:0c:01:2a:58:24:38:55:03:cd: 13:2c:d1:6e:ac:46:40:00:3c:12:cc:08:3a:53:94:4f:bb:de: 16:df:b4:2b:fe:99:db:13:70:d8:09:38:64:ca:70:62:82:02: c5:81:95:4b:2b:5b:65:c7:8b:40:bc:11:68:59:9d:40:b6:b1: cc:e0:86:20:8e:b8:d6:54:25:2e:ef:a2:ea:62:d8:4c:a0:fc: 1a:2f:af:32:55:70:64:c3:b9:bd:f2:29:9a:53:b7:9c:5c:51: 64:fe:ca:cb:70:78:1a:90:d6:89:c0:04:21:bb:5e:b4:a5:df: 8c:95:ba:ed -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt6yBdwrCgwQLf0DaBV+wgJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1MDJlYjIyYWU1YzBiNGRjZDM5YTBmOTY0MWEyNTcwNjM0 NDcxZjkwHhcNMjYwMTAxMTgxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTRhMWVjMzA3NWY0NjYzOWZmZWQ2YzBiMGZhN2ZmNTdmOGIwMDQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxayd4cM/glj26ax6rCQn/n5R6dbr 6Y62y/Z3fxN7fEz6Cs/4kZ/vkBTg41XOxC8LwsgN+v7eloitS+t7HBxqC0EcnMrQ k4rJ29hO2znIxQTqmgEwUOm4QL8ChbiQvQS/be42xlep4BJMwL3ghGbcI1t4+shT DXqoBC5h5ipx+/8wE89qwH/FcG4dyxME6uBRrhxjaTRUTU1+DtomMZdtDGp251SU TD2EbkBQRPUmOgeLM+A4BQjhfQT0fuJaxHFF0jDorw1sCLpyuozT0wCipmrPXJoP 64Y+5ThWKT4fsM8xBRz2TKpgOafuosE7UhSYMr3hEEPLJPpjo2pJs5VGKQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFClKHsMHX0Zjn/7WwLD6f/V/iwBEMB8GA1UdIwQY MBaAFEUC6yKuXAtNzTmg+WQaJXBjRHH5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlFMcklxNWNDMDNOT2FENVpCb2xjR05FY2ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80NTY1OWItMjRkNy00MjIwLWExMTgt OTNmNDI1NWYyYjgyLzEvS1VvZXd3ZGZSbU9mX3RiQXNQcF85WC1MQUVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS80NTY1OWItMjRkNy00MjIwLWExMTgtOTNmNDI1NWYyYjgy LzEvUlFMcklxNWNDMDNOT2FENVpCb2xjR05FY2ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAnI MA0GCSqGSIb3DQEBCwUAA4IBAQB6IhHuIxG4bCeyb8xUkJBqnh5fcSnbda87XipL sSNS2lOPHwCt5VktZpjzQbPxno85dYU8TJtHmleT+nrWf9n862MvPv8a5ju/a5Uw TC0t4Uz+REECeAnTXVOCLskr+HtcbrFxyXN+t6Hjiw8vz1Z7QMPlL+q9Cfh7Q9sG 7WY1g7dsq70Qd0EMASpYJDhVA80TLNFurEZAADwSzAg6U5RPu94W37Qr/pnbE3DY CThkynBiggLFgZVLK1tlx4tAvBFoWZ1AtrHM4IYgjrjWVCUu76LqYthMoPwaL68y VXBkw7m98imaU7ecXFFk/srLcHgakNaJwAQhu160pd+Mlbrt -----END CERTIFICATE-----Generated at Mon Jan 26 00:38:56 2026 by rpki-client