This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1kvkqadHLwx_6xU4ctgza7if3xc.roa File: 1kvkqadHLwx_6xU4ctgza7if3xc.roa (raw, json) Hash identifier: ReYhYGzhXz5v72MRgTisyHugugFNQBNvh3NM2wvv8Xc= Subject key identifier: D6:4B:E4:A9:A7:47:2F:0C:7F:EB:15:38:72:D8:33:6B:B8:9F:DF:17 Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Certificate serial: 019B6D89FAD1953430682C4F8637091925D5 Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1kvkqadHLwx_6xU4ctgza7if3xc.roa Signing time: Tue 30 Dec 2025 04:35:17 +0000 ROA not before: Tue 30 Dec 2025 04:35:17 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 213529 IP address blocks: 2a0d:d940:2008::/48 maxlen: 48 2a0d:d940:9006::/48 maxlen: 48 2a0d:d940:900e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:89:fa:d1:95:34:30:68:2c:4f:86:37:09:19:25:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Validity Not Before: Dec 30 04:35:17 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d64be4a9a7472f0c7feb153872d8336bb89fdf17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:52:41:b4:9a:9d:8c:28:48:3d:39:78:c4:ea: db:22:5d:6a:70:a3:be:64:0d:0d:d9:84:ae:f2:eb: 30:13:e8:62:47:5d:4b:1a:76:2c:17:51:09:74:95: f7:09:04:0f:fb:5b:51:ba:9a:f7:64:78:c8:5f:3c: 83:bd:19:dc:ed:88:77:f4:d0:1e:93:41:d7:21:3a: 20:03:0a:6c:35:a6:05:03:44:32:fb:87:bc:a1:8e: b4:d2:2f:bf:2e:74:15:56:06:e3:99:dc:bd:cc:eb: 33:9f:dd:ea:ee:57:94:d6:85:24:ec:c4:15:f9:9a: 70:61:d3:40:5f:5f:6a:40:8b:38:17:0a:90:e1:0c: 86:42:c5:f0:60:91:ac:93:30:36:9e:9c:be:f7:d4: 52:98:7f:15:61:b5:0b:e2:11:cf:23:86:ce:30:38: 7f:07:f7:e9:b2:f3:65:3d:67:05:16:d2:b9:17:8f: 07:fc:bd:c5:65:9d:2a:b0:7d:57:3f:f0:24:f7:7d: e8:38:18:f9:ee:b2:7c:9e:23:d1:5b:b9:ea:0f:dd: 65:00:50:89:e3:6b:ae:57:86:9d:9f:3c:8c:55:13: 9e:41:ea:5f:4c:cc:a3:ed:4d:6d:64:bf:68:01:4b: 8c:e9:11:56:47:9e:6f:2a:f0:a0:cf:94:2e:f6:ff: 41:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:4B:E4:A9:A7:47:2F:0C:7F:EB:15:38:72:D8:33:6B:B8:9F:DF:17 X509v3 Authority Key Identifier: keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1kvkqadHLwx_6xU4ctgza7if3xc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:d940:2008::/48 2a0d:d940:9006::/48 2a0d:d940:900e::/48 Signature Algorithm: sha256WithRSAEncryption e3:a0:d3:d4:c6:13:3d:de:2d:c9:eb:fe:b1:95:6e:d8:99:e1: 0c:2b:38:99:96:8d:2d:62:06:71:c8:cf:af:33:24:4b:db:2e: ee:20:ce:a0:16:e9:35:61:94:72:24:be:9e:ab:5d:ef:49:cc: 8f:af:2e:80:78:b1:c7:53:ec:5d:e6:06:02:41:8d:0e:3a:fa: 95:b1:cd:b2:47:6b:38:e9:ab:93:6b:9e:32:20:96:41:d0:73: 81:cd:b1:37:98:0d:bd:22:04:15:ca:da:c9:ed:2f:de:8b:e4: 33:03:81:bf:a9:c2:ad:01:e8:38:d6:fe:cf:15:84:6a:97:20: 34:7c:59:db:2d:26:e7:74:58:eb:4b:3e:a9:ca:0f:5e:b1:17: 9b:26:94:12:6d:48:fa:ae:f7:80:45:6a:e8:0e:9b:63:8c:01: 69:27:09:25:58:ef:c7:23:d9:05:5f:92:55:ee:d3:bf:d3:fb: 64:11:4f:3b:ff:67:ad:b4:13:e2:1a:3d:c0:9d:e0:06:33:ab: 50:d6:3f:ba:98:51:9b:85:71:c1:1d:ac:13:97:2f:8d:83:e6: 4d:58:06:05:a3:97:a5:51:e6:e8:90:90:2b:c5:ee:fd:2c:e4: 0f:93:3d:06:95:c5:8f:23:2f:02:9c:3d:b2:2f:bb:c4:ba:1f: 6f:93:7f:d4 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZttifrRlTQwaCxPhjcJGSXVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj YmJjNzQwHhcNMjUxMjMwMDQzNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNjRiZTRhOWE3NDcyZjBjN2ZlYjE1Mzg3MmQ4MzM2YmI4OWZkZjE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VJBtJqdjChIPTl4xOrbIl1qcKO+ ZA0N2YSu8uswE+hiR11LGnYsF1EJdJX3CQQP+1tRupr3ZHjIXzyDvRnc7Yh39NAe k0HXITogAwpsNaYFA0Qy+4e8oY600i+/LnQVVgbjmdy9zOszn93q7leU1oUk7MQV +ZpwYdNAX19qQIs4FwqQ4QyGQsXwYJGskzA2npy+99RSmH8VYbUL4hHPI4bOMDh/ B/fpsvNlPWcFFtK5F48H/L3FZZ0qsH1XP/Ak933oOBj57rJ8niPRW7nqD91lAFCJ 42uuV4adnzyMVROeQepfTMyj7U1tZL9oAUuM6RFWR55vKvCgz5Qu9v9B8wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNZL5KmnRy8Mf+sVOHLYM2u4n98XMB8GA1UdIwQY MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt MTRkMjM4NTI3ODM1LzEvMWt2a3FhZEhMd3hfNnhVNGN0Z3phN2lmM3hjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1 LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg3ZQCAI AwcAKg3ZQJAGAwcAKg3ZQJAOMA0GCSqGSIb3DQEBCwUAA4IBAQDjoNPUxhM93i3J 6/6xlW7YmeEMKziZlo0tYgZxyM+vMyRL2y7uIM6gFuk1YZRyJL6eq13vScyPry6A eLHHU+xd5gYCQY0OOvqVsc2yR2s46auTa54yIJZB0HOBzbE3mA29IgQVytrJ7S/e i+QzA4G/qcKtAeg41v7PFYRqlyA0fFnbLSbndFjrSz6pyg9esRebJpQSbUj6rveA RWroDptjjAFpJwklWO/HI9kFX5JV7tO/0/tkEU87/2ettBPiGj3AneAGM6tQ1j+6 mFGbhXHBHawTly+Ng+ZNWAYFo5elUebokJArxe79LOQPkz0GlcWPIy8CnD2yL7vE uh9vk3/U -----END CERTIFICATE-----Generated at Tue Dec 30 08:49:15 2025 by rpki-client