This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/S-PfT7x9rr1Key3l24FiMn_GM3M.roa File: S-PfT7x9rr1Key3l24FiMn_GM3M.roa (raw, json) Hash identifier: 69f7peYT5HVTCqDrHMvYQn0aPJJ6z/N2GfKv65UX+FI= Subject key identifier: 4B:E3:DF:4F:BC:7D:AE:BD:4A:7B:2D:E5:DB:81:62:32:7F:C6:33:73 Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2 Certificate serial: 019B7BA36856594A417B2156B2CF976A74E9 Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/S-PfT7x9rr1Key3l24FiMn_GM3M.roa Signing time: Thu 01 Jan 2026 22:17:45 +0000 ROA not before: Thu 01 Jan 2026 22:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206058 IP address blocks: 2a01:e901:10d::/48 maxlen: 48 2a01:e901:11d::/48 maxlen: 48 2a01:e901:12d::/48 maxlen: 48 2a01:e901:13d::/48 maxlen: 48 2a01:e901:14d::/48 maxlen: 48 2a01:e901:15d::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:68:56:59:4a:41:7b:21:56:b2:cf:97:6a:74:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2 Validity Not Before: Jan 1 22:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4be3df4fbc7daebd4a7b2de5db8162327fc63373 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:bc:05:d8:b8:69:26:80:b0:a8:ed:92:08:42: 90:5a:0c:31:d4:e7:76:b4:5b:3b:6d:f1:27:5d:8c: bb:6b:0c:59:b8:da:7f:c2:f0:0f:d6:be:23:86:51: a4:44:32:11:ad:c9:be:2c:c4:01:32:15:c1:0b:a2: b6:95:7a:2e:ec:74:86:c3:5f:74:d1:de:15:74:6c: 5e:80:4c:9d:df:3d:ed:ee:09:89:da:c8:61:99:32: 57:97:03:d4:cf:bc:83:df:9c:dd:d8:a5:5c:54:34: e9:0f:e2:89:b7:81:de:40:8b:6b:28:50:bb:d0:21: 9e:25:b5:ee:d6:a5:fd:c1:fe:97:a1:a9:b8:85:b2: 5a:10:98:e0:bf:cf:73:fd:73:69:0a:0a:ee:8e:12: 0c:66:fd:4f:62:35:26:a2:cc:92:0a:49:99:53:a6: 2a:6d:ae:0f:a2:73:13:a0:be:bb:b7:54:2e:26:da: 78:21:79:77:a8:6a:5d:a9:67:85:90:bb:a8:69:e8: 0b:dd:71:59:07:0d:bf:36:8b:a1:53:26:fa:d2:39: 97:7f:79:83:4e:82:ba:74:24:41:7a:7e:a7:ea:3b: a0:f7:64:23:8c:22:4c:aa:a4:43:66:a9:28:c2:7f: 6b:35:80:97:1f:d8:1b:56:83:c4:c0:b0:68:50:99: ca:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:E3:DF:4F:BC:7D:AE:BD:4A:7B:2D:E5:DB:81:62:32:7F:C6:33:73 X509v3 Authority Key Identifier: keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/S-PfT7x9rr1Key3l24FiMn_GM3M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:e901:10d::/48 2a01:e901:11d::/48 2a01:e901:12d::/48 2a01:e901:13d::/48 2a01:e901:14d::/48 2a01:e901:15d::/48 Signature Algorithm: sha256WithRSAEncryption 88:5f:28:8f:65:8e:34:11:0c:a1:4b:a3:6d:0c:1a:eb:bd:59: cb:8f:f5:51:73:b2:61:af:30:ae:b8:fc:f2:87:c8:dc:c7:98: 97:70:9a:8e:e0:1f:68:5d:1e:b2:35:fd:f7:dd:61:e1:46:09: bd:43:1f:cd:7a:b2:18:82:6f:b5:74:73:4e:f6:0e:97:5f:a8: e0:f8:5d:d8:9f:48:ab:95:3b:d3:68:d8:31:3e:f8:b0:ce:c7: a8:59:73:02:90:ee:b7:84:47:4c:bd:0b:cd:cb:16:ab:b1:a7: 16:a3:51:77:22:7f:c7:24:db:4b:88:e5:b3:4f:cb:54:2e:70: 2a:98:bc:01:ba:28:f0:4f:ae:a7:da:9f:57:c8:8b:7c:7a:28: e5:ff:dc:1a:88:17:1e:8f:d6:f9:5f:d1:ff:30:b0:e8:a2:fb: 4c:eb:e5:48:f5:eb:28:ff:3c:aa:5f:83:ff:ae:4b:91:e5:83: 9b:0b:9d:ec:27:c0:d6:13:ac:41:23:e9:9e:4e:3d:17:00:dd: 0f:18:f7:e8:0e:85:4b:f6:7a:3c:7a:bc:cd:d5:e8:75:62:cf: af:ea:ef:ce:38:a9:fa:32:7b:1c:9f:c3:d0:78:2f:05:dd:9b: ae:32:51:ad:44:a4:7d:51:ed:45:3f:5f:d5:d0:f1:f9:d0:e5: 23:b0:47:ad -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgISAZt7o2hWWUpBeyFWss+XanTpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi NzgzYzIwHhcNMjYwMTAxMjIxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YmUzZGY0ZmJjN2RhZWJkNGE3YjJkZTVkYjgxNjIzMjdmYzYzMzczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLwF2LhpJoCwqO2SCEKQWgwx1Od2 tFs7bfEnXYy7awxZuNp/wvAP1r4jhlGkRDIRrcm+LMQBMhXBC6K2lXou7HSGw190 0d4VdGxegEyd3z3t7gmJ2shhmTJXlwPUz7yD35zd2KVcVDTpD+KJt4HeQItrKFC7 0CGeJbXu1qX9wf6Xoam4hbJaEJjgv89z/XNpCgrujhIMZv1PYjUmosySCkmZU6Yq ba4PonMToL67t1QuJtp4IXl3qGpdqWeFkLuoaegL3XFZBw2/NouhUyb60jmXf3mD ToK6dCRBen6n6jug92QjjCJMqqRDZqkown9rNYCXH9gbVoPEwLBoUJnKqwIDAQAB o4ICOTCCAjUwHQYDVR0OBBYEFEvj30+8fa69Snst5duBYjJ/xjNzMB8GA1UdIwQY MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt NDRmOGVkNWQ2MWQ3LzEvUy1QZlQ3eDlycjFLZXkzbDI0RmlNbl9HTTNNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3 LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEN AwcAKgHpAQEdAwcAKgHpAQEtAwcAKgHpAQE9AwcAKgHpAQFNAwcAKgHpAQFdMA0G CSqGSIb3DQEBCwUAA4IBAQCIXyiPZY40EQyhS6NtDBrrvVnLj/VRc7JhrzCuuPzy h8jcx5iXcJqO4B9oXR6yNf333WHhRgm9Qx/NerIYgm+1dHNO9g6XX6jg+F3Yn0ir lTvTaNgxPviwzseoWXMCkO63hEdMvQvNyxarsacWo1F3In/HJNtLiOWzT8tULnAq mLwBuijwT66n2p9XyIt8eijl/9waiBcej9b5X9H/MLDoovtM6+VI9eso/zyqX4P/ rkuR5YObC53sJ8DWE6xBI+meTj0XAN0PGPfoDoVL9no8erzN1eh1Ys+v6u/OOKn6 Mnscn8PQeC8F3ZuuMlGtRKR9Ue1FP1/V0PH50OUjsEet -----END CERTIFICATE-----Generated at Sun Jan 25 17:20:01 2026 by rpki-client