This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/bnK4p1zEjjMpHGYBWVHlrBkLh7g.roa File: bnK4p1zEjjMpHGYBWVHlrBkLh7g.roa (raw, json) Hash identifier: FTLJfN5i2b+RptkaFlN3Il1kzjhjI+oXWg1vZs6H4k0= Subject key identifier: 6E:72:B8:A7:5C:C4:8E:33:29:1C:66:01:59:51:E5:AC:19:0B:87:B8 Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff Certificate serial: 019B7BA51A194865EC3756EF071DFEA6DE14 Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/bnK4p1zEjjMpHGYBWVHlrBkLh7g.roa Signing time: Thu 01 Jan 2026 22:19:36 +0000 ROA not before: Thu 01 Jan 2026 22:19:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201848 IP address blocks: 2a04:ac00:1::/48 maxlen: 48 2a04:ac00:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.mft rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:1a:19:48:65:ec:37:56:ef:07:1d:fe:a6:de:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff Validity Not Before: Jan 1 22:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6e72b8a75cc48e33291c66015951e5ac190b87b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:ea:d0:bf:f1:62:f9:ff:47:61:75:a2:34:f2: 3d:88:1e:1d:37:dc:ca:06:a0:43:07:68:75:5d:ca: 9d:4d:55:33:21:63:cd:d8:69:a1:ab:f1:3c:ee:f3: 0f:c1:d0:0d:5c:b1:73:ec:01:cd:43:4b:47:b9:bf: f8:9c:3f:68:d9:75:17:72:3a:19:2b:12:6f:10:56: 9b:99:ec:13:33:f0:5b:39:e6:45:50:67:ef:5d:26: 4f:68:67:50:21:39:a6:f1:31:30:2e:d3:f5:af:50: 14:ad:80:55:6f:a2:23:b4:4a:27:6f:b0:31:db:8e: 01:a1:ea:17:21:fb:6c:a0:e4:5e:f6:07:bd:bb:a4: d0:dc:8c:02:88:42:c7:22:89:74:2e:63:8e:3e:69: 50:f6:6f:a9:8b:91:cc:45:83:6f:8b:92:6f:3f:b7: 31:3f:0c:72:d8:4a:85:9a:9c:ea:2a:87:7a:5a:9e: cb:4d:64:8f:88:33:ba:19:37:a2:cf:7f:8c:9f:e8: d5:07:39:c9:29:c5:84:23:19:8c:51:e1:78:0b:af: 20:af:40:0e:23:fc:db:e3:1b:05:e8:42:e2:99:02: 94:ff:0f:bd:3f:28:65:5c:c7:54:cb:e4:29:9f:a7: bc:ff:f2:03:2d:e7:40:39:0e:c7:05:c3:4d:b5:2c: e1:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:72:B8:A7:5C:C4:8E:33:29:1C:66:01:59:51:E5:AC:19:0B:87:B8 X509v3 Authority Key Identifier: keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/bnK4p1zEjjMpHGYBWVHlrBkLh7g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a04:ac00:1::/48 2a04:ac00:4::/48 Signature Algorithm: sha256WithRSAEncryption 04:98:c4:ec:78:61:da:83:32:ba:0e:22:f2:f5:c2:74:44:ef: e5:25:86:8b:88:ac:d3:8b:9a:d9:85:fe:4b:51:da:20:29:e1: 66:4f:cc:36:fb:9b:93:e8:89:43:8a:60:a9:0e:e0:21:5f:78: 19:61:8e:ae:df:6f:ff:ca:24:c9:d0:de:ea:5e:9e:93:28:16: d5:2f:25:3e:1d:9c:4c:b4:a3:7c:0f:ad:cb:e7:f9:13:a9:e5: 3b:5f:11:58:01:9d:8c:7e:f7:46:4d:dc:82:85:49:1c:d3:e3: 92:4d:d1:ea:d8:92:c7:b0:bb:fc:59:0f:07:43:03:9b:3f:d0: 80:3d:cb:c3:5f:1b:30:4d:4a:4a:a6:6b:9c:8d:16:82:f5:1c: 60:49:56:87:1d:1e:77:6c:cf:6a:97:9c:3c:e1:ce:37:53:65: 7d:c2:f0:1d:d1:49:18:76:ed:d1:55:94:81:4d:a9:49:1b:45: 21:3a:12:79:a7:97:b3:b7:f7:08:bf:94:7e:eb:46:df:e6:80: a8:32:74:e1:5d:49:cb:14:cd:2f:8d:7c:06:3a:46:2d:e8:ea: e2:04:a1:50:c1:fa:95:b5:93:1a:3e:3c:dc:2c:85:3e:e3:2e: ae:c0:99:0d:42:3f:d0:dc:af:fd:61:1c:89:26:4c:31:55:0b: ff:e9:01:54 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt7pRoZSGXsN1bvBx3+pt4UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz NmM0ZmYwHhcNMjYwMTAxMjIxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZTcyYjhhNzVjYzQ4ZTMzMjkxYzY2MDE1OTUxZTVhYzE5MGI4N2I4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+rQv/Fi+f9HYXWiNPI9iB4dN9zK BqBDB2h1XcqdTVUzIWPN2Gmhq/E87vMPwdANXLFz7AHNQ0tHub/4nD9o2XUXcjoZ KxJvEFabmewTM/BbOeZFUGfvXSZPaGdQITmm8TEwLtP1r1AUrYBVb6IjtEonb7Ax 244BoeoXIftsoORe9ge9u6TQ3IwCiELHIol0LmOOPmlQ9m+pi5HMRYNvi5JvP7cx Pwxy2EqFmpzqKod6Wp7LTWSPiDO6GTeiz3+Mn+jVBznJKcWEIxmMUeF4C68gr0AO I/zb4xsF6ELimQKU/w+9PyhlXMdUy+Qpn6e8//IDLedAOQ7HBcNNtSzhnwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFG5yuKdcxI4zKRxmAVlR5awZC4e4MB8GA1UdIwQY MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt ODg2MmI1MTczMTdjLzEvYm5LNHAxekVqak1wSEdZQldWSGxyQmtMaDdnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgSsAAAB AwcAKgSsAAAEMA0GCSqGSIb3DQEBCwUAA4IBAQAEmMTseGHagzK6DiLy9cJ0RO/l JYaLiKzTi5rZhf5LUdogKeFmT8w2+5uT6IlDimCpDuAhX3gZYY6u32//yiTJ0N7q Xp6TKBbVLyU+HZxMtKN8D63L5/kTqeU7XxFYAZ2MfvdGTdyChUkc0+OSTdHq2JLH sLv8WQ8HQwObP9CAPcvDXxswTUpKpmucjRaC9RxgSVaHHR53bM9ql5w84c43U2V9 wvAd0UkYdu3RVZSBTalJG0UhOhJ5p5ezt/cIv5R+60bf5oCoMnThXUnLFM0vjXwG OkYt6OriBKFQwfqVtZMaPjzcLIU+4y6uwJkNQj/Q3K/9YRyJJkwxVQv/6QFU -----END CERTIFICATE-----Generated at Sun Jan 25 22:16:45 2026 by rpki-client