This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/1nu_yHaz4a9cC9ZPSse62hEV7z4.roa File: 1nu_yHaz4a9cC9ZPSse62hEV7z4.roa (raw, json) Hash identifier: JbDziZ7Tgxvff3ssi+tWGZ4dDDxpjWqXNx9DdzoeJIs= Subject key identifier: D6:7B:BF:C8:76:B3:E1:AF:5C:0B:D6:4F:4A:C7:BA:DA:11:15:EF:3E Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2 Certificate serial: 019B7BA36F238A139CFFFAF43782DA06B543 Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/1nu_yHaz4a9cC9ZPSse62hEV7z4.roa Signing time: Thu 01 Jan 2026 22:17:46 +0000 ROA not before: Thu 01 Jan 2026 22:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211944 IP address blocks: 2a01:e901:102::/48 maxlen: 48 2a01:e901:112::/48 maxlen: 48 2a01:e901:122::/48 maxlen: 48 2a01:e901:132::/48 maxlen: 48 2a01:e901:142::/48 maxlen: 48 2a01:e901:152::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:6f:23:8a:13:9c:ff:fa:f4:37:82:da:06:b5:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2 Validity Not Before: Jan 1 22:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d67bbfc876b3e1af5c0bd64f4ac7bada1115ef3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:df:27:a3:56:7d:19:44:96:01:82:84:76:d4: fc:7b:38:58:21:49:00:f0:1e:d5:58:4d:ed:57:52: 27:e4:9f:89:bc:44:2c:18:0b:a3:b3:1b:d6:df:4a: a3:be:5e:e1:33:e8:61:78:af:fd:74:8b:78:99:d3: f4:91:44:61:d1:4d:72:ea:24:94:0a:82:59:ca:9a: cc:01:92:93:03:0d:59:b7:1a:ee:9c:c2:63:3f:f0: 70:cc:7a:17:2c:3d:37:64:8c:00:e5:f9:80:7d:65: c2:5b:a7:81:79:de:26:3a:e9:98:a2:6d:24:db:34: bf:0e:0f:1c:de:71:76:12:d7:e7:ba:ea:52:90:3b: 66:a4:9d:a1:3e:14:70:43:46:2a:27:e6:fa:14:8c: 9d:47:c2:43:d6:9c:d6:0f:9c:51:2f:57:6d:b5:32: 4d:40:63:dd:c6:d0:aa:6a:a1:80:39:f8:1c:e1:bc: b6:55:6c:3e:c5:d0:e0:4e:a2:f4:f4:b9:e8:46:63: 97:92:8c:f6:67:38:2e:9f:5f:c8:52:4a:be:96:b4: 45:9c:5a:80:8d:7a:4b:32:9f:ad:f0:f3:1c:bb:09: 50:fc:85:27:9b:bf:f2:ce:a4:d1:47:74:bb:b9:4c: 3a:e8:d5:17:9f:fd:aa:1b:af:d3:53:ce:78:35:c7: 67:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:7B:BF:C8:76:B3:E1:AF:5C:0B:D6:4F:4A:C7:BA:DA:11:15:EF:3E X509v3 Authority Key Identifier: keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/1nu_yHaz4a9cC9ZPSse62hEV7z4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:e901:102::/48 2a01:e901:112::/48 2a01:e901:122::/48 2a01:e901:132::/48 2a01:e901:142::/48 2a01:e901:152::/48 Signature Algorithm: sha256WithRSAEncryption 45:d4:8d:91:f0:8a:5f:39:2f:1f:0f:c7:cb:a3:5d:6f:93:e2: a6:e3:ca:61:71:f0:c7:d3:cd:8c:7b:08:e3:18:9a:61:bb:eb: 54:01:79:21:0c:f4:e5:dd:29:8c:31:fd:ba:63:61:50:ef:b0: 4f:28:60:1a:dc:85:ab:89:f5:f7:50:92:be:6b:20:7d:b8:17: 5c:b5:42:60:84:33:a4:b1:61:a0:1d:38:74:98:90:2a:77:ae: bc:5a:0b:b2:ea:34:30:94:2a:06:05:a9:98:e0:90:d7:41:66: 1b:75:0d:ad:7a:e0:d4:e7:3e:8b:dd:72:2a:74:68:bb:3e:68: fb:6d:a2:bb:89:11:0d:00:be:5b:b0:14:b9:a8:ab:91:cd:61: 9b:46:92:6b:cf:7a:d2:89:bb:50:26:07:a1:82:c0:20:e5:7c: ca:67:2b:12:9e:bf:06:0a:bc:d2:a1:9b:b0:96:b8:f0:e3:f6: 5e:27:7f:65:0a:78:43:30:e5:9c:bb:16:f8:26:50:13:96:a4: a2:d6:81:a2:6b:6e:b8:27:bf:f1:dd:f5:0f:2d:de:46:3e:ef: fd:27:b9:2d:2b:7a:af:96:94:aa:8d:10:d6:d2:2c:f4:aa:c6: 76:c2:91:7e:68:ee:f1:e4:b6:da:2b:a9:c9:5b:bd:31:c9:ad: 84:fe:b6:10 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgISAZt7o28jihOc//r0N4LaBrVDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi NzgzYzIwHhcNMjYwMTAxMjIxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNjdiYmZjODc2YjNlMWFmNWMwYmQ2NGY0YWM3YmFkYTExMTVlZjNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN8no1Z9GUSWAYKEdtT8ezhYIUkA 8B7VWE3tV1In5J+JvEQsGAujsxvW30qjvl7hM+hheK/9dIt4mdP0kURh0U1y6iSU CoJZyprMAZKTAw1ZtxrunMJjP/BwzHoXLD03ZIwA5fmAfWXCW6eBed4mOumYom0k 2zS/Dg8c3nF2EtfnuupSkDtmpJ2hPhRwQ0YqJ+b6FIydR8JD1pzWD5xRL1dttTJN QGPdxtCqaqGAOfgc4by2VWw+xdDgTqL09LnoRmOXkoz2Zzgun1/IUkq+lrRFnFqA jXpLMp+t8PMcuwlQ/IUnm7/yzqTRR3S7uUw66NUXn/2qG6/TU854NcdnWwIDAQAB o4ICOTCCAjUwHQYDVR0OBBYEFNZ7v8h2s+GvXAvWT0rHutoRFe8+MB8GA1UdIwQY MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt NDRmOGVkNWQ2MWQ3LzEvMW51X3lIYXo0YTljQzlaUFNzZTYyaEVWN3o0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3 LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEC AwcAKgHpAQESAwcAKgHpAQEiAwcAKgHpAQEyAwcAKgHpAQFCAwcAKgHpAQFSMA0G CSqGSIb3DQEBCwUAA4IBAQBF1I2R8IpfOS8fD8fLo11vk+Km48phcfDH082Mewjj GJphu+tUAXkhDPTl3SmMMf26Y2FQ77BPKGAa3IWrifX3UJK+ayB9uBdctUJghDOk sWGgHTh0mJAqd668Wguy6jQwlCoGBamY4JDXQWYbdQ2teuDU5z6L3XIqdGi7Pmj7 baK7iRENAL5bsBS5qKuRzWGbRpJrz3rSibtQJgehgsAg5XzKZysSnr8GCrzSoZuw lrjw4/ZeJ39lCnhDMOWcuxb4JlATlqSi1oGia264J7/x3fUPLd5GPu/9J7ktK3qv lpSqjRDW0iz0qsZ2wpF+aO7x5LbaK6nJW70xya2E/rYQ -----END CERTIFICATE-----Generated at Sun Jan 25 17:19:48 2026 by rpki-client