This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/KDLd_3rPD976SC3XcGSVNGzbbrw.roa File: KDLd_3rPD976SC3XcGSVNGzbbrw.roa (raw, json) Hash identifier: 9uOq1GB8z5yH6EUyG7/81m/WIFx1QPWTnjtsr+U7cVg= Subject key identifier: 28:32:DD:FF:7A:CF:0F:DE:FA:48:2D:D7:70:64:95:34:6C:DB:6E:BC Certificate issuer: /CN=14bf39139b710c4f7237edfd88518655af39c323 Certificate serial: 019BE5F5D032FD086ED4808B7A56B46E09AC Authority key identifier: 14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/KDLd_3rPD976SC3XcGSVNGzbbrw.roa Signing time: Thu 22 Jan 2026 13:47:30 +0000 ROA not before: Thu 22 Jan 2026 13:47:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215305 IP address blocks: 2a13:3d81::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.mft rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e5:f5:d0:32:fd:08:6e:d4:80:8b:7a:56:b4:6e:09:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=14bf39139b710c4f7237edfd88518655af39c323 Validity Not Before: Jan 22 13:47:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2832ddff7acf0fdefa482dd7706495346cdb6ebc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:64:b8:5e:29:bc:f8:33:73:08:3f:31:c0:4a: 0b:7a:22:ba:41:67:17:5f:25:39:87:f9:15:71:2b: cd:c4:3d:f4:07:61:51:8a:91:f4:67:b0:ea:19:2c: ec:58:d6:25:82:a2:76:27:3c:da:41:08:8b:b4:b7: fe:75:3e:46:56:11:e7:01:88:a2:88:62:90:9a:16: 88:fd:7b:cf:1b:04:0a:3d:47:63:2b:4d:a4:02:36: 32:2a:38:eb:b0:3e:b1:77:de:d8:fa:71:54:42:59: a5:9f:32:15:5f:0d:1c:a9:91:54:22:2b:42:d7:9d: cc:eb:43:3f:b3:59:d7:89:9c:5a:0c:3b:30:26:7e: b7:5b:ed:66:2b:7a:20:17:fc:1c:40:4d:f5:db:80: c0:ad:b1:21:1c:79:5c:f3:59:a0:d9:55:4b:05:01: 88:d2:52:3c:fb:e7:f2:71:31:42:45:09:52:e1:c9: 5b:38:15:f9:18:b8:91:4c:ac:bc:63:30:07:76:06: 2f:57:82:21:2e:9c:9a:5b:c8:32:74:56:69:ba:9a: 11:8b:5c:e7:af:2e:2d:04:56:5f:54:76:ec:5d:8c: 5e:e4:c9:72:3c:54:8a:50:6d:0a:0e:d0:10:b3:f6: 29:dc:79:a4:0c:b5:c6:65:d8:01:80:17:f8:4e:10: e5:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:32:DD:FF:7A:CF:0F:DE:FA:48:2D:D7:70:64:95:34:6C:DB:6E:BC X509v3 Authority Key Identifier: keyid:14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/KDLd_3rPD976SC3XcGSVNGzbbrw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:3d81::/48 Signature Algorithm: sha256WithRSAEncryption 6e:5e:fb:a6:a7:36:db:26:14:88:8c:f1:3a:a0:d8:0a:08:26: 27:14:19:da:d3:18:ec:30:74:bf:37:6d:8f:50:7e:01:9c:cc: 16:b6:3d:25:87:67:ac:78:da:98:0f:68:9e:fe:67:65:68:33: c4:f0:ed:93:60:7f:6e:22:54:df:99:5b:63:eb:4e:2c:4e:ae: 8e:c4:ca:8f:59:71:ca:d6:af:f7:30:a2:37:7a:57:c5:a4:63: 3d:88:5c:bf:1d:78:5b:a9:3f:8a:14:ce:e3:18:a3:b0:fe:ef: 6b:d0:42:94:05:39:f7:31:64:7d:71:ee:7b:8b:b7:2c:21:08: 11:78:f7:c8:13:c0:7d:d4:d0:a3:57:28:6d:5f:a9:5e:d7:6d: 8f:44:63:64:a4:eb:23:b1:ba:0d:01:d1:ec:17:69:c6:f8:44: cb:6e:4a:cb:f8:da:c4:c0:44:bc:d5:02:7a:38:b4:97:0a:b1: 4c:3d:5c:59:88:2f:b6:1d:15:55:6e:75:71:44:9f:d1:c8:ae: bb:f9:ce:c7:a1:2a:1a:e0:69:c1:75:c2:79:68:57:32:46:11: b3:0a:f6:dd:9a:4a:da:0a:75:5e:f4:53:a0:20:64:d2:47:43: d9:b4:e2:6b:29:18:1d:cc:df:e8:77:d2:e7:77:c6:94:9d:c9: d7:33:d0:f3 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZvl9dAy/Qhu1ICLela0bgmsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE0YmYzOTEzOWI3MTBjNGY3MjM3ZWRmZDg4NTE4NjU1YWYz OWMzMjMwHhcNMjYwMTIyMTM0NzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODMyZGRmZjdhY2YwZmRlZmE0ODJkZDc3MDY0OTUzNDZjZGI2ZWJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWS4Xim8+DNzCD8xwEoLeiK6QWcX XyU5h/kVcSvNxD30B2FRipH0Z7DqGSzsWNYlgqJ2JzzaQQiLtLf+dT5GVhHnAYii iGKQmhaI/XvPGwQKPUdjK02kAjYyKjjrsD6xd97Y+nFUQlmlnzIVXw0cqZFUIitC 153M60M/s1nXiZxaDDswJn63W+1mK3ogF/wcQE3124DArbEhHHlc81mg2VVLBQGI 0lI8++fycTFCRQlS4clbOBX5GLiRTKy8YzAHdgYvV4IhLpyaW8gydFZpupoRi1zn ry4tBFZfVHbsXYxe5MlyPFSKUG0KDtAQs/Yp3HmkDLXGZdgBgBf4ThDl6QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFCgy3f96zw/e+kgt13BklTRs2268MB8GA1UdIwQY MBaAFBS/ORObcQxPcjft/YhRhlWvOcMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYt YTg2MmI4ODU5M2EwLzEvS0RMZF8zclBEOTc2U0MzWGNHU1ZOR3piYnJ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYtYTg2MmI4ODU5M2Ew LzEvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhM9gQAA MA0GCSqGSIb3DQEBCwUAA4IBAQBuXvumpzbbJhSIjPE6oNgKCCYnFBna0xjsMHS/ N22PUH4BnMwWtj0lh2eseNqYD2ie/mdlaDPE8O2TYH9uIlTfmVtj604sTq6OxMqP WXHK1q/3MKI3elfFpGM9iFy/HXhbqT+KFM7jGKOw/u9r0EKUBTn3MWR9ce57i7cs IQgRePfIE8B91NCjVyhtX6le122PRGNkpOsjsboNAdHsF2nG+ETLbkrL+NrEwES8 1QJ6OLSXCrFMPVxZiC+2HRVVbnVxRJ/RyK67+c7HoSoa4GnBdcJ5aFcyRhGzCvbd mkraCnVe9FOgIGTSR0PZtOJrKRgdzN/od9Lnd8aUncnXM9Dz -----END CERTIFICATE-----Generated at Sun Jan 25 17:44:57 2026 by rpki-client