This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/4stdDE5Ol23RnfTsQDEl2PLTvqY.roa File: 4stdDE5Ol23RnfTsQDEl2PLTvqY.roa (raw, json) Hash identifier: H7ciCHF9IxH4VLrZphwDQeEj42rPy6UE+yWgXUd3mSE= Subject key identifier: E2:CB:5D:0C:4E:4E:97:6D:D1:9D:F4:EC:40:31:25:D8:F2:D3:BE:A6 Certificate issuer: /CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03 Certificate serial: 019AA5664A01FC5AA2F7AF531867AE2CCDE3 Authority key identifier: 33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/4stdDE5Ol23RnfTsQDEl2PLTvqY.roa Signing time: Fri 21 Nov 2025 07:52:15 +0000 ROA not before: Fri 21 Nov 2025 07:52:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 208111 IP address blocks: 2a14:9d01::/32 maxlen: 32 2a14:9d02::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a5:66:4a:01:fc:5a:a2:f7:af:53:18:67:ae:2c:cd:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03 Validity Not Before: Nov 21 07:52:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=e2cb5d0c4e4e976dd19df4ec403125d8f2d3bea6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:40:c4:0f:de:86:4e:5d:03:f8:cf:6d:ea:27: aa:3e:8c:5d:f3:a0:f6:9c:88:b6:20:e3:5a:db:3f: 78:2c:4a:a6:cd:6e:f7:41:e3:45:14:fe:eb:17:96: 9e:19:7b:a5:a0:96:d0:c9:1c:35:de:b1:cb:d1:36: 2f:58:80:3e:b6:53:10:7b:20:98:57:fb:c6:69:90: 62:ce:60:c7:85:16:25:cb:3b:bc:42:da:5b:26:4c: 73:2f:be:d8:f9:98:5e:03:cc:59:0c:8f:8b:2d:d1: 68:8c:b8:4a:08:3c:60:c8:2f:82:ae:cf:3d:df:6d: 4c:80:dd:d3:08:a4:b9:0b:97:f9:2e:62:07:a3:1c: 3d:89:bc:00:4c:b0:b6:cb:ce:35:c9:41:6f:3d:68: f6:a0:6c:ed:e5:e3:c2:f9:d2:bf:4a:e3:a4:81:30: 46:71:05:2d:13:44:10:03:3f:4f:75:57:42:10:5f: b5:43:06:9f:8c:d7:22:ff:bb:03:5f:d1:34:83:36: 47:1e:86:c8:df:cd:1e:0a:e2:4a:44:a0:f9:d3:3b: 57:b2:5d:cb:2c:1e:90:b2:e9:5b:72:30:6d:c6:48: 5f:53:a7:96:4f:8f:56:4e:9b:b3:b0:86:34:2a:7d: 2f:36:f2:9a:74:b1:e1:ce:2d:92:06:5e:43:74:cc: 46:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:CB:5D:0C:4E:4E:97:6D:D1:9D:F4:EC:40:31:25:D8:F2:D3:BE:A6 X509v3 Authority Key Identifier: keyid:33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/4stdDE5Ol23RnfTsQDEl2PLTvqY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:9d01::-2a14:9d02:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 04:17:46:ce:2b:b7:b4:f1:5b:14:2d:c7:7e:2a:95:56:59:72: d2:aa:b8:1b:48:38:7c:83:e4:1d:02:c5:38:72:8e:40:e2:24: 40:52:74:8b:36:a2:0f:fe:62:8a:71:ce:79:eb:12:69:57:a4: 15:b6:f2:bc:1f:cf:c9:2c:45:b6:79:d4:81:c5:32:5d:58:dc: 4c:ad:f6:c2:74:a3:0a:71:17:21:08:b0:eb:9d:ab:d3:7d:4b: 3b:fc:9f:ec:fc:83:cb:40:7d:68:08:da:52:fe:e3:82:69:64: dc:6a:71:50:b6:2e:68:16:41:80:36:4b:5d:51:f9:56:3f:fb: 92:89:25:ba:ad:f0:c4:93:8f:c4:d7:ea:94:d2:5e:0b:af:13: 53:5a:89:9f:1d:e2:a1:7a:59:a5:44:ef:9c:a0:4d:ec:72:00: db:0f:0e:db:89:88:2b:84:93:22:82:b3:f2:d9:f0:6e:d5:4a: 9c:bf:e5:38:60:11:c3:b7:13:70:c4:92:fc:c4:9d:f9:94:a8: 3a:41:37:73:61:40:13:a7:cc:d2:4b:ce:3a:3d:b3:fd:a6:5c: a4:cf:88:82:bb:f1:8f:79:23:e3:3e:25:71:d0:76:de:79:a0: d7:a6:1e:4e:e2:c3:57:26:cf:6b:24:3d:41:27:27:77:86:bb: 26:6e:23:10 -----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgISAZqlZkoB/Fqi969TGGeuLM3jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzYjY1YThiYWViYTRmZjYyMTQ5MmViZWU2ZmMxZTg4YWRi MjFiMDMwHhcNMjUxMTIxMDc1MjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMmNiNWQwYzRlNGU5NzZkZDE5ZGY0ZWM0MDMxMjVkOGYyZDNiZWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UDED96GTl0D+M9t6ieqPoxd86D2 nIi2IONa2z94LEqmzW73QeNFFP7rF5aeGXuloJbQyRw13rHL0TYvWIA+tlMQeyCY V/vGaZBizmDHhRYlyzu8QtpbJkxzL77Y+ZheA8xZDI+LLdFojLhKCDxgyC+Crs89 321MgN3TCKS5C5f5LmIHoxw9ibwATLC2y841yUFvPWj2oGzt5ePC+dK/SuOkgTBG cQUtE0QQAz9PdVdCEF+1QwafjNci/7sDX9E0gzZHHobI380eCuJKRKD50ztXsl3L LB6QsulbcjBtxkhfU6eWT49WTpuzsIY0Kn0vNvKadLHhzi2SBl5DdMxGQQIDAQAB o4ICEzCCAg8wHQYDVR0OBBYEFOLLXQxOTpdt0Z307EAxJdjy076mMB8GA1UdIwQY MBaAFDO2Wouuuk/2IUkuvub8HoitshsDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0Njkt ZDU0NzE4NTUxMmRlLzEvNHN0ZERFNU9sMjNSbmZUc1FERWwyUExUdnFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0NjktZDU0NzE4NTUxMmRl LzEvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqFJ0B AwUAKhSdAjANBgkqhkiG9w0BAQsFAAOCAQEABBdGziu3tPFbFC3HfiqVVlly0qq4 G0g4fIPkHQLFOHKOQOIkQFJ0izaiD/5iinHOeesSaVekFbbyvB/PySxFtnnUgcUy XVjcTK32wnSjCnEXIQiw652r031LO/yf7PyDy0B9aAjaUv7jgmlk3GpxULYuaBZB gDZLXVH5Vj/7kokluq3wxJOPxNfqlNJeC68TU1qJnx3ioXpZpUTvnKBN7HIA2w8O 24mIK4STIoKz8tnwbtVKnL/lOGARw7cTcMSS/MSd+ZSoOkE3c2FAE6fM0kvOOj2z /aZcpM+Igrvxj3kj4z4lcdB23nmg16YeTuLDVybPayQ9QScnd4a7Jm4jEA== -----END CERTIFICATE-----Generated at Sun Dec 7 00:10:23 2025 by rpki-client