This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aLKVm8TGdpRWFDqvIC2q7c_aKD8.roa File: aLKVm8TGdpRWFDqvIC2q7c_aKD8.roa (raw, json) Hash identifier: gN/BHbYYLvSUe8+qsWBkGtwel22CwAtO9OhpemD9zmA= Subject key identifier: 68:B2:95:9B:C4:C6:76:94:56:14:3A:AF:20:2D:AA:ED:CF:DA:28:3F Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5CF5FFC24F386445793BA70C33B9E6 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aLKVm8TGdpRWFDqvIC2q7c_aKD8.roa Signing time: Fri 02 Jan 2026 06:20:02 +0000 ROA not before: Fri 02 Jan 2026 06:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203691 IP address blocks: 2a0e:b107:1c0::/48 maxlen: 48 2a0e:b107:1c1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:f5:ff:c2:4f:38:64:45:79:3b:a7:0c:33:b9:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=68b2959bc4c6769456143aaf202daaedcfda283f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:13:99:0f:b4:0d:28:ca:45:d2:4c:4c:00:53: 8f:3f:5e:ae:9c:1f:9c:31:b5:3d:c2:aa:8a:69:4b: 49:2a:b6:a4:1e:4d:7d:2e:be:2b:c5:15:83:4d:a9: 25:57:03:81:ec:ec:a5:72:f4:e4:d5:19:cf:16:1d: 87:9d:ae:1c:5d:0a:41:a7:ac:cb:bc:3e:b8:ea:88: 96:a3:7a:15:7b:d3:f5:93:09:35:f3:4b:3e:e6:c3: c8:63:4d:41:35:99:ef:d1:f3:d2:77:c6:16:e9:9c: 1c:4d:23:92:52:8f:11:05:c7:e6:a3:fb:7d:8a:33: b2:d5:83:ba:f4:ac:b9:9a:49:d0:ce:7b:f4:95:59: fc:20:bf:39:26:21:9d:62:29:42:e2:c9:6f:c1:28: 7c:23:cc:6a:b9:97:ed:96:88:fb:56:d2:9a:9c:86: 3e:de:04:cd:bd:6f:96:3d:69:2c:6a:dc:0d:61:ab: d9:ec:b4:f6:7a:01:d8:5d:cf:c7:f9:c0:59:9b:26: 22:6c:15:09:34:ef:69:4b:fb:a8:af:02:fd:ba:d3: aa:42:5c:7c:57:cd:5b:50:75:ac:b8:d9:4b:1a:9a: 56:bd:e8:06:4c:68:2a:d0:9b:3c:78:fc:6c:5c:8b: 85:1b:68:8b:0a:d4:27:14:e3:75:f3:67:e5:46:a7: 40:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:B2:95:9B:C4:C6:76:94:56:14:3A:AF:20:2D:AA:ED:CF:DA:28:3F X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aLKVm8TGdpRWFDqvIC2q7c_aKD8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:b107:1c0::/47 Signature Algorithm: sha256WithRSAEncryption 37:41:b2:be:ed:ca:a4:cb:60:d9:30:a9:1f:be:51:8f:88:b2: f3:49:8f:55:b3:93:c5:bb:a0:9b:ef:12:34:29:c1:28:6f:d1: 1e:5c:5c:bb:ce:ce:78:3f:70:12:15:51:ba:a8:9e:5e:20:8e: 65:78:d2:14:00:53:b9:6d:de:57:8a:10:81:fd:db:88:d5:29: 08:d8:78:e7:60:23:64:9f:70:08:34:b3:1a:bc:d9:67:65:55: 3b:ff:97:b0:5b:f4:ac:31:41:63:bc:f8:86:e9:04:7c:a6:eb: f1:48:b8:52:50:92:cc:4d:0b:00:47:60:7c:37:62:ff:ae:70: c5:74:02:eb:72:66:b3:d0:60:b9:58:25:61:9a:cf:9d:09:32: 4d:4a:69:b6:92:e1:8d:3d:8d:7a:68:6a:15:27:24:a2:c1:70: ca:a7:a9:de:51:51:57:52:de:db:1f:45:09:9d:49:e6:41:6d: 04:4e:04:9d:b5:da:d5:97:58:a0:b5:f2:1b:ff:f8:2e:e1:61: b6:da:f2:32:ec:e4:c4:32:33:cc:fc:e7:d9:f9:73:62:b9:87: 4d:52:1c:26:4f:0a:45:b0:98:7c:d1:35:88:fd:c8:d6:e6:70: 86:48:6d:a0:75:cb:44:da:67:fc:ae:b1:af:c8:01:66:6e:c4: ae:6b:97:6b -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9XPX/wk84ZEV5O6cMM7nmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OGIyOTU5YmM0YzY3Njk0NTYxNDNhYWYyMDJkYWFlZGNmZGEyODNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArROZD7QNKMpF0kxMAFOPP16unB+c MbU9wqqKaUtJKrakHk19Lr4rxRWDTaklVwOB7OylcvTk1RnPFh2Hna4cXQpBp6zL vD646oiWo3oVe9P1kwk180s+5sPIY01BNZnv0fPSd8YW6ZwcTSOSUo8RBcfmo/t9 ijOy1YO69Ky5mknQznv0lVn8IL85JiGdYilC4slvwSh8I8xquZftloj7VtKanIY+ 3gTNvW+WPWksatwNYavZ7LT2egHYXc/H+cBZmyYibBUJNO9pS/uorwL9utOqQlx8 V81bUHWsuNlLGppWvegGTGgq0Js8ePxsXIuFG2iLCtQnFON182flRqdA7QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFGiylZvExnaUVhQ6ryAtqu3P2ig/MB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvYUxLVm04VEdkcFJXRkRxdklDMnE3Y19hS0Q4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6xBwHA MA0GCSqGSIb3DQEBCwUAA4IBAQA3QbK+7cqky2DZMKkfvlGPiLLzSY9Vs5PFu6Cb 7xI0KcEob9EeXFy7zs54P3ASFVG6qJ5eII5leNIUAFO5bd5XihCB/duI1SkI2Hjn YCNkn3AINLMavNlnZVU7/5ewW/SsMUFjvPiG6QR8puvxSLhSUJLMTQsAR2B8N2L/ rnDFdALrcmaz0GC5WCVhms+dCTJNSmm2kuGNPY16aGoVJySiwXDKp6neUVFXUt7b H0UJnUnmQW0ETgSdtdrVl1igtfIb//gu4WG22vIy7OTEMjPM/OfZ+XNiuYdNUhwm TwpFsJh80TWI/cjW5nCGSG2gdctE2mf8rrGvyAFmbsSua5dr -----END CERTIFICATE-----Generated at Sun Jan 11 23:53:53 2026 by rpki-client