This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/KlixQVOZPwj2P7IsU6UK6TEAtrI.roa File: KlixQVOZPwj2P7IsU6UK6TEAtrI.roa (raw, json) Hash identifier: sDFOAzJVALs9ccbx12fQTxrUvz7R6MdVGJZt6nowTYY= Subject key identifier: 2A:58:B1:41:53:99:3F:08:F6:3F:B2:2C:53:A5:0A:E9:31:00:B6:B2 Certificate issuer: /CN=12b87c6caf81de3625fe1ce0559f39e30505a051 Certificate serial: 019B7A5B49A81B6811C06278B82CEAAF7178 Authority key identifier: 12:B8:7C:6C:AF:81:DE:36:25:FE:1C:E0:55:9F:39:E3:05:05:A0:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Erh8bK-B3jYl_hzgVZ854wUFoFE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/KlixQVOZPwj2P7IsU6UK6TEAtrI.roa Signing time: Thu 01 Jan 2026 16:19:21 +0000 ROA not before: Thu 01 Jan 2026 16:19:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210070 IP address blocks: 2a0f:f7c0::/32 maxlen: 32 2a0f:f7c1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/Erh8bK-B3jYl_hzgVZ854wUFoFE.crl rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/Erh8bK-B3jYl_hzgVZ854wUFoFE.mft rsync://rpki.ripe.net/repository/DEFAULT/Erh8bK-B3jYl_hzgVZ854wUFoFE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 13:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:49:a8:1b:68:11:c0:62:78:b8:2c:ea:af:71:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=12b87c6caf81de3625fe1ce0559f39e30505a051 Validity Not Before: Jan 1 16:19:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a58b14153993f08f63fb22c53a50ae93100b6b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:53:e8:ab:dd:e8:bc:e6:28:92:77:9c:3a:07: eb:1b:3d:7e:ef:43:4d:61:f3:8a:79:49:7b:39:95: 1f:79:68:9a:13:7b:c7:7f:26:76:10:6d:09:3d:0f: 83:93:ce:63:26:43:d4:f1:da:6c:86:d0:18:1f:b9: 10:84:7b:8f:e3:7f:a7:32:ec:40:e7:ab:48:e2:aa: 6b:63:f4:6f:10:b4:c5:fe:09:4f:9f:41:86:fe:ea: a2:68:e3:07:25:db:a6:5e:ff:9d:53:f1:71:1a:73: 51:d8:3a:35:f7:86:b4:73:a4:51:e4:56:46:b5:66: dd:9d:2c:c4:da:f3:94:26:9f:62:7d:c9:cb:4f:71: cc:ed:9f:91:41:11:ef:e9:27:71:28:22:3f:66:08: 9d:0b:ba:6d:05:51:3a:13:34:b9:96:cf:88:13:c9: 53:e2:8d:a0:36:10:5e:68:a8:7d:cd:00:60:bb:22: 2a:5b:a2:8b:39:c0:4b:6e:e7:98:5a:01:ff:73:b1: 42:95:00:b1:48:d5:75:a8:a5:d6:e5:5f:9a:53:7e: 1e:5c:26:04:04:91:ad:db:cc:3c:e0:61:d1:77:42: 14:1b:b6:d7:1f:f1:53:c3:22:a4:9b:66:91:b9:c5: cc:94:96:dc:de:2d:e8:2d:98:c3:7c:03:dd:26:55: 49:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:58:B1:41:53:99:3F:08:F6:3F:B2:2C:53:A5:0A:E9:31:00:B6:B2 X509v3 Authority Key Identifier: keyid:12:B8:7C:6C:AF:81:DE:36:25:FE:1C:E0:55:9F:39:E3:05:05:A0:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Erh8bK-B3jYl_hzgVZ854wUFoFE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/KlixQVOZPwj2P7IsU6UK6TEAtrI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/Erh8bK-B3jYl_hzgVZ854wUFoFE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:f7c0::/31 Signature Algorithm: sha256WithRSAEncryption 41:de:12:be:7e:0c:27:f6:05:41:3d:be:05:61:a6:4f:9f:f0: 09:25:c6:8f:99:fd:dd:86:9b:c0:42:83:c0:f6:4c:6a:6a:d3: aa:a3:6c:f5:b4:aa:08:f5:15:f0:24:97:5d:2c:3d:ef:68:f2: 13:7f:24:c4:2b:da:2f:98:b4:1d:98:57:2a:1f:34:71:4d:10: 82:85:4f:35:34:f1:3b:0e:ff:d3:e8:72:68:c0:5e:8f:86:16: 0f:64:96:a2:f2:54:fb:21:74:13:e4:84:8f:0c:72:d5:0a:9c: 06:7d:37:24:93:07:07:b6:a8:f8:82:c0:aa:5d:d6:80:ac:28: 09:32:74:34:31:84:18:2b:99:b1:54:43:25:82:b5:85:fd:62: de:57:79:25:e3:0e:6d:a7:ae:08:a7:15:83:5c:59:7a:18:7a: 59:df:a1:78:59:42:fb:a4:8f:f1:98:a8:a7:c8:4e:be:d3:a1: 21:7a:8c:fe:eb:9a:e0:64:48:aa:27:b3:bc:d9:00:77:92:d7: 8e:31:4a:cf:56:42:65:a2:d7:3e:8e:1e:a6:f5:69:c9:3c:b7: ad:bb:c8:b7:62:a0:c5:eb:b6:70:db:a3:e9:80:e5:1a:f2:53: 35:ba:68:3b:41:fb:6c:a3:6d:94:84:9f:cb:dc:fe:2c:74:ba: 0f:e6:0b:f5 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt6W0moG2gRwGJ4uCzqr3F4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyYjg3YzZjYWY4MWRlMzYyNWZlMWNlMDU1OWYzOWUzMDUw NWEwNTEwHhcNMjYwMTAxMTYxOTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTU4YjE0MTUzOTkzZjA4ZjYzZmIyMmM1M2E1MGFlOTMxMDBiNmIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FPoq93ovOYoknecOgfrGz1+70NN YfOKeUl7OZUfeWiaE3vHfyZ2EG0JPQ+Dk85jJkPU8dpshtAYH7kQhHuP43+nMuxA 56tI4qprY/RvELTF/glPn0GG/uqiaOMHJdumXv+dU/FxGnNR2Do194a0c6RR5FZG tWbdnSzE2vOUJp9ifcnLT3HM7Z+RQRHv6SdxKCI/ZgidC7ptBVE6EzS5ls+IE8lT 4o2gNhBeaKh9zQBguyIqW6KLOcBLbueYWgH/c7FClQCxSNV1qKXW5V+aU34eXCYE BJGt28w84GHRd0IUG7bXH/FTwyKkm2aRucXMlJbc3i3oLZjDfAPdJlVJ0wIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFCpYsUFTmT8I9j+yLFOlCukxALayMB8GA1UdIwQY MBaAFBK4fGyvgd42Jf4c4FWfOeMFBaBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRXJoOGJLLUIzallsX2h6Z1ZaODU0d1VGb0ZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9lMjkzNGMtMDUzYS00Yjk3LWFhMmEt NjI4MDhiYmJkZDIxLzEvS2xpeFFWT1pQd2oyUDdJc1U2VUs2VEVBdHJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy9lMjkzNGMtMDUzYS00Yjk3LWFhMmEtNjI4MDhiYmJkZDIx LzEvRXJoOGJLLUIzallsX2h6Z1ZaODU0d1VGb0ZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKg/3wDAN BgkqhkiG9w0BAQsFAAOCAQEAQd4Svn4MJ/YFQT2+BWGmT5/wCSXGj5n93YabwEKD wPZMamrTqqNs9bSqCPUV8CSXXSw972jyE38kxCvaL5i0HZhXKh80cU0QgoVPNTTx Ow7/0+hyaMBej4YWD2SWovJU+yF0E+SEjwxy1QqcBn03JJMHB7ao+ILAql3WgKwo CTJ0NDGEGCuZsVRDJYK1hf1i3ld5JeMObaeuCKcVg1xZehh6Wd+heFlC+6SP8Zio p8hOvtOhIXqM/uua4GRIqiezvNkAd5LXjjFKz1ZCZaLXPo4epvVpyTy3rbvIt2Kg xeu2cNuj6YDlGvJTNbpoO0H7bKNtlISfy9z+LHS6D+YL9Q== -----END CERTIFICATE-----Generated at Mon Jan 12 16:58:47 2026 by rpki-client