This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/q5OHsMnoclPtZxTfFFLO8V7xM_A.roa File: q5OHsMnoclPtZxTfFFLO8V7xM_A.roa (raw, json) Hash identifier: kRnxJnfbBG687+x3M5t+/g6fKT4I4zdzsfRk/nUF+bo= Subject key identifier: AB:93:87:B0:C9:E8:72:53:ED:67:14:DF:14:52:CE:F1:5E:F1:33:F0 Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2 Certificate serial: 019B7BA36C4F478F7C244B3D97E1DE1AC7B2 Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/q5OHsMnoclPtZxTfFFLO8V7xM_A.roa Signing time: Thu 01 Jan 2026 22:17:46 +0000 ROA not before: Thu 01 Jan 2026 22:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208850 IP address blocks: 2a01:e901:10a::/48 maxlen: 48 2a01:e901:11a::/48 maxlen: 48 2a01:e901:12a::/48 maxlen: 48 2a01:e901:13a::/48 maxlen: 48 2a01:e901:14a::/48 maxlen: 48 2a01:e901:15a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:6c:4f:47:8f:7c:24:4b:3d:97:e1:de:1a:c7:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2 Validity Not Before: Jan 1 22:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ab9387b0c9e87253ed6714df1452cef15ef133f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:a7:7c:c2:d4:76:95:c9:32:b4:4c:d7:7f:30: 96:70:9f:2a:50:f5:0f:c7:ce:43:14:85:cf:60:5c: 61:bc:66:a0:ac:58:f5:70:29:9b:2b:fb:c5:5b:34: 00:37:a2:11:14:ee:26:13:1e:18:86:35:6d:49:a0: 03:72:a8:d4:03:ec:a8:79:5f:bb:f4:6d:b4:d7:c6: d2:5a:3d:f2:d4:c1:f6:fd:ba:b6:56:ca:7f:d6:de: c1:59:0a:84:46:dc:1e:d9:73:a3:c4:24:b7:74:ae: e2:a7:b8:a4:71:7f:e2:d9:f8:01:25:47:d0:ce:be: 2b:25:1c:cc:a9:20:0c:15:3d:ff:f0:eb:eb:43:28: bd:e0:6d:c2:0a:bb:6e:1b:b8:21:af:e2:57:9c:02: 2a:55:41:3f:ce:c2:11:14:2f:0c:c1:11:5a:20:78: ff:78:cd:5b:e8:e5:dc:5c:a9:36:78:d3:00:9b:48: 7f:16:e7:9d:06:63:1e:82:9c:7c:7e:1c:32:57:2e: f0:48:1d:96:85:df:f3:00:d3:0a:63:34:b6:6f:44: 28:eb:b4:44:3e:51:da:b3:81:78:67:eb:d3:30:ec: e9:7c:97:4b:6b:aa:5c:06:7e:7d:4d:9d:b6:a5:b8: 9f:e2:36:70:22:f2:8e:88:e2:c9:93:4c:8c:11:aa: f3:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:93:87:B0:C9:E8:72:53:ED:67:14:DF:14:52:CE:F1:5E:F1:33:F0 X509v3 Authority Key Identifier: keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/q5OHsMnoclPtZxTfFFLO8V7xM_A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:e901:10a::/48 2a01:e901:11a::/48 2a01:e901:12a::/48 2a01:e901:13a::/48 2a01:e901:14a::/48 2a01:e901:15a::/48 Signature Algorithm: sha256WithRSAEncryption 7a:d2:33:43:53:76:6d:b5:9c:1b:e9:b8:9c:42:85:96:e7:89: 4c:1a:7f:b7:3c:0a:75:f6:23:ea:b4:6f:6b:9b:a3:e3:20:16: a7:7d:18:fe:ef:37:81:55:9e:e0:2f:89:d9:ff:bb:af:87:76: ec:b3:77:d0:ff:59:e6:91:53:d3:87:44:3d:84:f7:bd:f9:1d: a2:d2:28:93:dc:0e:47:84:66:89:3f:f7:00:8b:fe:e5:51:1d: 3a:35:57:c8:49:29:56:f9:74:8d:33:c8:2b:44:ca:23:bd:a9: 83:94:4c:92:0f:96:32:58:04:12:39:a9:0d:b6:39:a2:28:19: ec:7a:c3:04:0c:74:d0:ee:c0:4b:ed:72:32:64:7e:ba:9b:d7: b5:40:b1:f8:95:af:58:55:02:5d:c8:4b:e9:4c:16:0e:c4:13: 8e:13:61:cb:d5:dd:50:6d:cf:2a:18:31:ff:ee:f5:1e:0c:fb: 1e:22:d5:0d:52:af:e6:7b:73:89:21:84:14:47:4d:64:5f:ac: 14:9a:01:85:fb:87:fb:b4:4f:42:cd:fc:7e:ad:c2:76:62:1a: fc:d2:71:af:04:c8:f3:4c:4e:a3:88:25:2f:c9:4f:41:f5:02: 76:23:ab:c6:a5:24:71:ef:3c:c8:53:ba:41:bd:6b:06:91:11: 23:ba:c6:ee -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgISAZt7o2xPR498JEs9l+HeGseyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi NzgzYzIwHhcNMjYwMTAxMjIxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYjkzODdiMGM5ZTg3MjUzZWQ2NzE0ZGYxNDUyY2VmMTVlZjEzM2YwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06d8wtR2lckytEzXfzCWcJ8qUPUP x85DFIXPYFxhvGagrFj1cCmbK/vFWzQAN6IRFO4mEx4YhjVtSaADcqjUA+yoeV+7 9G2018bSWj3y1MH2/bq2Vsp/1t7BWQqERtwe2XOjxCS3dK7ip7ikcX/i2fgBJUfQ zr4rJRzMqSAMFT3/8OvrQyi94G3CCrtuG7ghr+JXnAIqVUE/zsIRFC8MwRFaIHj/ eM1b6OXcXKk2eNMAm0h/FuedBmMegpx8fhwyVy7wSB2Whd/zANMKYzS2b0Qo67RE PlHas4F4Z+vTMOzpfJdLa6pcBn59TZ22pbif4jZwIvKOiOLJk0yMEarzvwIDAQAB o4ICOTCCAjUwHQYDVR0OBBYEFKuTh7DJ6HJT7WcU3xRSzvFe8TPwMB8GA1UdIwQY MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt NDRmOGVkNWQ2MWQ3LzEvcTVPSHNNbm9jbFB0WnhUZkZGTE84Vjd4TV9BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3 LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEK AwcAKgHpAQEaAwcAKgHpAQEqAwcAKgHpAQE6AwcAKgHpAQFKAwcAKgHpAQFaMA0G CSqGSIb3DQEBCwUAA4IBAQB60jNDU3ZttZwb6bicQoWW54lMGn+3PAp19iPqtG9r m6PjIBanfRj+7zeBVZ7gL4nZ/7uvh3bss3fQ/1nmkVPTh0Q9hPe9+R2i0iiT3A5H hGaJP/cAi/7lUR06NVfISSlW+XSNM8grRMojvamDlEySD5YyWAQSOakNtjmiKBns esMEDHTQ7sBL7XIyZH66m9e1QLH4la9YVQJdyEvpTBYOxBOOE2HL1d1Qbc8qGDH/ 7vUeDPseItUNUq/me3OJIYQUR01kX6wUmgGF+4f7tE9Czfx+rcJ2Yhr80nGvBMjz TE6jiCUvyU9B9QJ2I6vGpSRx7zzIU7pBvWsGkREjusbu -----END CERTIFICATE-----Generated at Sun Jan 25 17:19:05 2026 by rpki-client