This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tKNnpGbIGPkGR97n-hLwWBgjUqQ.roa File: tKNnpGbIGPkGR97n-hLwWBgjUqQ.roa (raw, json) Hash identifier: vGYR+XEdm/ckaZc5mYx9zn8ifCc6fhy3mqGEtIKABGE= Subject key identifier: B4:A3:67:A4:66:C8:18:F9:06:47:DE:E7:FA:12:F0:58:18:23:52:A4 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5D1E173CDAE30C30EEC3856B73F5D6 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tKNnpGbIGPkGR97n-hLwWBgjUqQ.roa Signing time: Fri 02 Jan 2026 06:20:13 +0000 ROA not before: Fri 02 Jan 2026 06:20:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209556 IP address blocks: 2a0e:b107:30f::/48 maxlen: 48 2a10:ccc0:c0c2::/48 maxlen: 48 2a10:ccc0:c0c3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:1e:17:3c:da:e3:0c:30:ee:c3:85:6b:73:f5:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b4a367a466c818f90647dee7fa12f058182352a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:a4:9d:a5:22:8f:bb:3c:a2:08:f1:24:dc:a8: ba:cf:16:35:e4:f5:c9:34:2c:02:bb:a2:b7:ec:fd: 79:a1:80:c0:b5:20:ba:c3:1d:33:48:cc:77:27:86: d6:01:6f:fc:a3:bb:36:1e:8f:e4:68:ff:0f:e9:e8: 3a:d0:08:a9:eb:a4:eb:d6:8f:33:0f:42:c6:23:8e: d4:17:d0:86:4f:a2:8f:e4:2e:de:5e:38:1a:c0:f0: 11:d2:c3:7d:71:3e:fa:d5:42:64:61:f2:32:fe:cd: 58:ff:f7:c2:77:78:da:b1:06:a7:62:77:48:50:07: e3:38:57:10:15:71:28:19:d5:b2:29:20:5e:4e:db: 21:45:f9:b2:8f:21:1a:c5:2d:24:bf:13:bb:37:fd: 45:3e:c2:d0:55:f7:9b:a4:a1:84:0b:9d:1c:6e:bf: 7a:2f:d8:5f:0e:54:74:6a:bb:44:02:6f:79:e8:61: 32:48:a3:8c:fd:20:77:f1:e6:1e:a7:93:99:d2:ed: b4:6e:8b:47:5b:b0:b9:6f:03:bf:40:3d:33:af:67: de:59:2e:50:04:d2:3e:90:03:ba:5d:b3:22:26:35: 4f:b4:93:cf:62:05:c6:9c:ea:61:eb:ea:6a:21:14: bd:2b:3e:55:08:af:5d:a3:ae:d5:dc:d9:f3:74:59: be:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:A3:67:A4:66:C8:18:F9:06:47:DE:E7:FA:12:F0:58:18:23:52:A4 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tKNnpGbIGPkGR97n-hLwWBgjUqQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:b107:30f::/48 2a10:ccc0:c0c2::/47 Signature Algorithm: sha256WithRSAEncryption 00:81:f1:91:b0:74:90:3e:e7:e1:74:2a:0b:54:26:79:d4:c6: b8:11:72:f7:18:40:ca:dd:44:04:23:5b:88:16:f5:27:9b:18: 15:a3:dd:6b:d3:5b:6c:ea:de:d1:53:20:74:e9:d1:5f:a9:be: 31:24:d2:69:89:07:93:10:3a:69:6c:ec:6a:66:6f:98:f3:6a: 4b:7f:2a:8d:b4:06:42:aa:c0:84:ed:02:2b:d9:e0:11:20:6e: 4f:f5:09:52:ab:ca:63:3b:28:78:c4:0f:b5:61:6c:15:d6:75: df:14:8d:56:c8:c3:21:9d:04:62:31:87:98:b0:bc:a0:81:7f: 2b:f5:90:d8:a1:98:0d:87:fd:cc:9b:2e:46:ce:ea:79:9b:51: e5:f2:ee:46:b8:1e:2f:ac:6f:83:3b:f1:53:de:dd:2f:c6:11: 57:6e:3a:3a:c4:2f:94:75:8e:98:51:e4:01:eb:ef:13:00:b8: e0:73:0e:a3:85:73:15:71:6c:bb:0a:a7:6c:14:73:0d:d9:3d: ab:68:c2:68:40:45:f3:33:40:9e:db:5d:7a:45:46:1e:ad:b1: ca:ba:88:76:4d:85:23:4a:e7:90:f8:00:be:0f:26:8f:ab:44: 58:d4:76:83:81:f0:5b:52:2c:9e:02:c4:03:9a:ef:0e:7a:79: 50:5a:78:8e -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9XR4XPNrjDDDuw4Vrc/XWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNGEzNjdhNDY2YzgxOGY5MDY0N2RlZTdmYTEyZjA1ODE4MjM1MmE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6SdpSKPuzyiCPEk3Ki6zxY15PXJ NCwCu6K37P15oYDAtSC6wx0zSMx3J4bWAW/8o7s2Ho/kaP8P6eg60Aip66Tr1o8z D0LGI47UF9CGT6KP5C7eXjgawPAR0sN9cT761UJkYfIy/s1Y//fCd3jasQanYndI UAfjOFcQFXEoGdWyKSBeTtshRfmyjyEaxS0kvxO7N/1FPsLQVfebpKGEC50cbr96 L9hfDlR0artEAm956GEySKOM/SB38eYep5OZ0u20botHW7C5bwO/QD0zr2feWS5Q BNI+kAO6XbMiJjVPtJPPYgXGnOph6+pqIRS9Kz5VCK9do67V3NnzdFm+bQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFLSjZ6RmyBj5Bkfe5/oS8FgYI1KkMB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvdEtObnBHYklHUGtHUjk3bi1oTHdXQmdqVXFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBwMP AwcBKhDMwMDCMA0GCSqGSIb3DQEBCwUAA4IBAQAAgfGRsHSQPufhdCoLVCZ51Ma4 EXL3GEDK3UQEI1uIFvUnmxgVo91r01ts6t7RUyB06dFfqb4xJNJpiQeTEDppbOxq Zm+Y82pLfyqNtAZCqsCE7QIr2eARIG5P9QlSq8pjOyh4xA+1YWwV1nXfFI1WyMMh nQRiMYeYsLyggX8r9ZDYoZgNh/3Mmy5Gzup5m1Hl8u5GuB4vrG+DO/FT3t0vxhFX bjo6xC+UdY6YUeQB6+8TALjgcw6jhXMVcWy7CqdsFHMN2T2raMJoQEXzM0Ce2116 RUYerbHKuoh2TYUjSueQ+AC+DyaPq0RY1HaDgfBbUiyeAsQDmu8OenlQWniO -----END CERTIFICATE-----Generated at Sun Jan 11 23:53:25 2026 by rpki-client