This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/KJ_UKUidS9-7KSDGLThVTELwDhI.roa File: KJ_UKUidS9-7KSDGLThVTELwDhI.roa (raw, json) Hash identifier: dHBmhOaPvkrCjpSOzFqmoqtogZjlMERH8Hhj6/qx0yI= Subject key identifier: 28:9F:D4:29:48:9D:4B:DF:BB:29:20:C6:2D:38:55:4C:42:F0:0E:12 Certificate issuer: /CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5 Certificate serial: 019B76EB3A5E8E5FA4862E915577483B7B59 Authority key identifier: 57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/KJ_UKUidS9-7KSDGLThVTELwDhI.roa Signing time: Thu 01 Jan 2026 00:18:05 +0000 ROA not before: Thu 01 Jan 2026 00:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209861 IP address blocks: 2a10:a642:aa00::/40 maxlen: 48 2a10:a642:aa00::/48 maxlen: 48 2a10:a642:ad00::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/V3bZoLVb1JWhvjxcA_olHT3ouMU.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/V3bZoLVb1JWhvjxcA_olHT3ouMU.mft rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:3a:5e:8e:5f:a4:86:2e:91:55:77:48:3b:7b:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5 Validity Not Before: Jan 1 00:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=289fd429489d4bdfbb2920c62d38554c42f00e12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:6e:5d:17:df:3e:ef:c2:25:0f:70:9d:5d:ba: 0f:dd:8d:8a:ec:e4:6e:43:8e:c5:13:cd:30:2f:02: 4c:74:16:43:f6:bf:83:5b:11:df:dc:18:81:2b:4f: 4d:6b:b6:ba:5e:ef:16:fe:91:7c:d7:84:73:57:dc: ba:63:cc:8e:b1:04:07:49:8a:75:60:7f:a6:4d:a4: 7c:0a:57:7b:15:4d:d3:a1:8d:a4:f3:35:fe:ab:bc: 71:75:e9:bc:89:3e:b6:f0:e6:3e:86:e2:06:28:1b: e9:32:ad:84:94:b1:af:ef:79:f2:6d:72:cc:80:ac: da:c6:3b:b5:f8:1d:b6:9e:a5:89:44:92:54:fe:b5: 92:d8:9b:1d:bb:87:13:b0:89:0a:b5:ad:92:d7:ad: 54:cb:92:2c:dc:9f:45:30:bb:c2:83:97:cf:20:ff: f0:47:2c:00:93:87:7c:79:37:95:a1:2e:d0:e5:13: ea:51:cb:91:12:0d:b6:39:5a:7e:62:3b:3d:1b:26: 15:d5:0e:fd:37:4f:c6:bc:31:ca:1a:fa:9b:fa:4a: 82:c8:9b:82:90:6f:85:97:8b:d9:38:56:58:52:3a: d3:a4:db:ab:db:f2:b6:8d:a1:5b:72:e9:c0:7d:3f: 41:20:3c:e0:09:f5:0a:bd:78:24:cf:07:60:cb:3d: 20:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:9F:D4:29:48:9D:4B:DF:BB:29:20:C6:2D:38:55:4C:42:F0:0E:12 X509v3 Authority Key Identifier: keyid:57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/KJ_UKUidS9-7KSDGLThVTELwDhI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/V3bZoLVb1JWhvjxcA_olHT3ouMU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:a642:aa00::/40 2a10:a642:ad00::/40 Signature Algorithm: sha256WithRSAEncryption c3:16:e0:f7:7b:2c:65:47:f1:6f:73:10:41:14:d1:2b:9c:dd: 53:e0:57:7f:d8:6c:9e:31:2b:b3:ed:27:6b:e7:be:9e:a8:9d: ae:09:1e:94:0b:46:79:09:33:3c:88:35:d5:ce:54:55:02:bf: f8:d0:23:64:5d:6e:cd:56:66:0a:a5:12:d0:47:90:d2:43:08: 7f:5c:a2:a3:96:27:8b:24:6f:fd:71:68:a1:2b:b8:e0:b9:07: 41:8c:60:37:3a:33:45:14:0a:33:0a:d7:be:0c:43:24:92:48: d0:d0:ac:97:f7:07:7e:dc:14:76:e3:95:5d:c2:89:24:03:d8: 4d:25:20:7c:7f:1c:98:97:5a:2d:d9:af:d4:18:77:03:67:48: fb:58:32:c0:e6:af:79:60:67:47:99:a9:2a:fa:26:08:0c:ec: 92:cb:92:ca:7d:34:a6:40:4a:14:0a:e4:62:29:e2:0a:2d:32: a7:60:31:40:ee:3d:71:b0:32:e7:aa:74:e3:9f:f7:6b:e8:86: f2:c0:8a:39:58:2a:4a:42:96:58:6e:8a:53:b0:97:3c:3a:67: e2:5e:89:80:f4:28:15:ed:f9:d5:b9:a8:8f:28:14:2a:b6:f5: 59:49:c0:54:13:b2:42:f9:af:6c:9c:1f:04:29:74:47:d6:11: d1:b8:b6:25 -----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgISAZt26zpejl+khi6RVXdIO3tZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3NzZkOWEwYjU1YmQ0OTVhMWJlM2M1YzAzZmEyNTFkM2Rl OGI4YzUwHhcNMjYwMTAxMDAxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODlmZDQyOTQ4OWQ0YmRmYmIyOTIwYzYyZDM4NTU0YzQyZjAwZTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAym5dF98+78IlD3CdXboP3Y2K7ORu Q47FE80wLwJMdBZD9r+DWxHf3BiBK09Na7a6Xu8W/pF814RzV9y6Y8yOsQQHSYp1 YH+mTaR8Cld7FU3ToY2k8zX+q7xxdem8iT628OY+huIGKBvpMq2ElLGv73nybXLM gKzaxju1+B22nqWJRJJU/rWS2Jsdu4cTsIkKta2S161Uy5Is3J9FMLvCg5fPIP/w RywAk4d8eTeVoS7Q5RPqUcuREg22OVp+Yjs9GyYV1Q79N0/GvDHKGvqb+kqCyJuC kG+Fl4vZOFZYUjrTpNur2/K2jaFbcunAfT9BIDzgCfUKvXgkzwdgyz0gxwIDAQAB o4ICEzCCAg8wHQYDVR0OBBYEFCif1ClInUvfuykgxi04VUxC8A4SMB8GA1UdIwQY MBaAFFd22aC1W9SVob48XAP6JR096LjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUt YzBiYTJmM2ZjNzJhLzEvS0pfVUtVaWRTOS03S1NER0xUaFZURUx3RGhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUtYzBiYTJmM2ZjNzJh LzEvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKhCmQqoD BgAqEKZCrTANBgkqhkiG9w0BAQsFAAOCAQEAwxbg93ssZUfxb3MQQRTRK5zdU+BX f9hsnjErs+0na+e+nqidrgkelAtGeQkzPIg11c5UVQK/+NAjZF1uzVZmCqUS0EeQ 0kMIf1yio5YniyRv/XFooSu44LkHQYxgNzozRRQKMwrXvgxDJJJI0NCsl/cHftwU duOVXcKJJAPYTSUgfH8cmJdaLdmv1Bh3A2dI+1gywOaveWBnR5mpKvomCAzsksuS yn00pkBKFArkYiniCi0yp2AxQO49cbAy56p045/3a+iG8sCKOVgqSkKWWG6KU7CX PDpn4l6JgPQoFe351bmojygUKrb1WUnAVBOyQvmvbJwfBCl0R9YR0bi2JQ== -----END CERTIFICATE-----Generated at Sun Jan 25 17:34:02 2026 by rpki-client