This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/IMhrDeS7pt6POgdqkwhQn8NXjdQ.roa File: IMhrDeS7pt6POgdqkwhQn8NXjdQ.roa (raw, json) Hash identifier: 8Co4GdnGTbaplfNAIs0VU0evrLpH3iNJkhwVpK6YVsc= Subject key identifier: 20:C8:6B:0D:E4:BB:A6:DE:8F:3A:07:6A:93:08:50:9F:C3:57:8D:D4 Certificate issuer: /CN=1c7dd3c816d8596080472054348095ed2b8551e5 Certificate serial: 019B7CED89F496E013CC932FB8458ED3F216 Authority key identifier: 1C:7D:D3:C8:16:D8:59:60:80:47:20:54:34:80:95:ED:2B:85:51:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HH3TyBbYWWCARyBUNICV7SuFUeU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/IMhrDeS7pt6POgdqkwhQn8NXjdQ.roa Signing time: Fri 02 Jan 2026 04:18:20 +0000 ROA not before: Fri 02 Jan 2026 04:18:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212567 IP address blocks: 2001:678:e68::/48 maxlen: 48 2001:678:ed0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.crl rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.mft rsync://rpki.ripe.net/repository/DEFAULT/HH3TyBbYWWCARyBUNICV7SuFUeU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:89:f4:96:e0:13:cc:93:2f:b8:45:8e:d3:f2:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c7dd3c816d8596080472054348095ed2b8551e5 Validity Not Before: Jan 2 04:18:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=20c86b0de4bba6de8f3a076a9308509fc3578dd4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:7a:59:4b:95:2e:c6:c4:a3:fc:45:1b:00:11: 78:c9:cd:2b:e6:9c:f5:7c:88:c7:cf:b0:be:1d:ce: 4e:26:af:be:46:4f:5c:2f:67:e2:00:13:66:43:07: cc:fa:63:46:38:00:2a:d2:2d:37:a1:92:23:db:2f: f3:e3:07:93:2b:bf:f2:6c:12:39:0f:58:a9:3e:72: e6:f4:f9:b9:91:9c:99:4b:5d:bd:10:81:71:13:57: c1:0f:97:9d:61:ea:54:59:74:c9:cc:b7:3d:06:7b: 88:77:91:f7:c2:6b:08:a4:c0:dd:d2:bf:56:39:45: b8:58:b8:64:07:ad:0c:50:3c:8d:41:11:ff:bd:7d: 87:f6:1c:38:32:4c:97:8e:3a:23:23:4d:15:11:8a: 95:38:cc:4e:18:b3:1d:38:50:68:22:8c:5b:81:de: a8:58:f2:7b:9c:77:97:bd:a0:fc:b4:e6:ac:cd:e9: ae:1b:05:c4:1d:bf:ef:0d:34:1e:5d:08:69:d5:74: f4:fb:2b:dd:c5:a4:bb:46:dc:31:43:e4:14:58:0e: b9:28:c9:97:ec:e1:93:74:1a:23:96:bf:12:cf:52: f1:e1:5e:3e:fb:4c:fd:d6:17:9e:51:e3:d6:33:b8: e2:f7:47:04:7d:b7:03:15:ec:54:43:7f:24:3b:7f: 56:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:C8:6B:0D:E4:BB:A6:DE:8F:3A:07:6A:93:08:50:9F:C3:57:8D:D4 X509v3 Authority Key Identifier: keyid:1C:7D:D3:C8:16:D8:59:60:80:47:20:54:34:80:95:ED:2B:85:51:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HH3TyBbYWWCARyBUNICV7SuFUeU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/IMhrDeS7pt6POgdqkwhQn8NXjdQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:e68::/48 2001:678:ed0::/48 Signature Algorithm: sha256WithRSAEncryption 5f:5f:d4:ea:bc:24:98:2f:ae:61:42:7a:ab:a4:11:b5:6c:7a: 70:66:c4:83:08:fb:2d:fc:54:1b:e8:4b:bb:b3:ac:dc:41:8b: af:e6:3f:c9:35:32:13:42:29:b6:01:c8:bf:7b:54:4c:c6:79: 93:c5:79:0b:bf:cd:29:f0:7f:ff:9e:31:fe:89:ab:d2:67:07: d3:90:c1:22:59:a1:2f:21:98:ee:bd:cb:89:1f:fd:95:e5:34: 12:37:bf:71:cd:4e:b4:83:92:3e:6a:05:1e:e3:91:a8:42:aa: 02:73:a1:d2:b6:45:e9:22:9b:40:79:f6:9b:ab:69:9c:92:10: f4:49:e2:22:41:bb:e4:83:a0:36:d2:df:4e:8c:78:18:62:31: d9:86:88:31:84:58:7e:14:8a:41:0e:4e:51:82:76:94:2d:72: 52:1f:f1:95:25:0d:29:3e:6e:34:af:69:fa:e4:4d:44:ca:fe: c7:b1:54:c1:c1:cb:b9:fa:43:7c:9f:8b:39:ed:b4:fb:f4:d7: ea:32:1d:b2:69:7b:8f:4a:7b:8b:b9:bd:c3:33:1e:30:4b:16: cd:a6:f4:9b:58:83:8a:40:ed:55:ac:c9:9e:9b:36:5d:f3:bf: be:b7:ee:02:f0:7a:35:e5:01:65:e2:09:54:8d:6b:27:76:24: 01:f5:aa:c6 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt87Yn0luATzJMvuEWO0/IWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjN2RkM2M4MTZkODU5NjA4MDQ3MjA1NDM0ODA5NWVkMmI4 NTUxZTUwHhcNMjYwMTAyMDQxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMGM4NmIwZGU0YmJhNmRlOGYzYTA3NmE5MzA4NTA5ZmMzNTc4ZGQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3pZS5UuxsSj/EUbABF4yc0r5pz1 fIjHz7C+Hc5OJq++Rk9cL2fiABNmQwfM+mNGOAAq0i03oZIj2y/z4weTK7/ybBI5 D1ipPnLm9Pm5kZyZS129EIFxE1fBD5edYepUWXTJzLc9BnuId5H3wmsIpMDd0r9W OUW4WLhkB60MUDyNQRH/vX2H9hw4MkyXjjojI00VEYqVOMxOGLMdOFBoIoxbgd6o WPJ7nHeXvaD8tOaszemuGwXEHb/vDTQeXQhp1XT0+yvdxaS7RtwxQ+QUWA65KMmX 7OGTdBojlr8Sz1Lx4V4++0z91heeUePWM7ji90cEfbcDFexUQ38kO39WQwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCDIaw3ku6bejzoHapMIUJ/DV43UMB8GA1UdIwQY MBaAFBx908gW2FlggEcgVDSAle0rhVHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEgzVHlCYllXV0NBUnlCVU5JQ1Y3U3VGVWVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYWFiMzYtODg4Ni00MjA2LTllNzkt Y2MyY2Q3ZDMxYTI2LzEvSU1ockRlUzdwdDZQT2dkcWt3aFFuOE5YamRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9iYWFiMzYtODg4Ni00MjA2LTllNzktY2MyY2Q3ZDMxYTI2 LzEvSEgzVHlCYllXV0NBUnlCVU5JQ1Y3U3VGVWVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeA5o AwcAIAEGeA7QMA0GCSqGSIb3DQEBCwUAA4IBAQBfX9TqvCSYL65hQnqrpBG1bHpw ZsSDCPst/FQb6Eu7s6zcQYuv5j/JNTITQim2Aci/e1RMxnmTxXkLv80p8H//njH+ iavSZwfTkMEiWaEvIZjuvcuJH/2V5TQSN79xzU60g5I+agUe45GoQqoCc6HStkXp IptAefabq2mckhD0SeIiQbvkg6A20t9OjHgYYjHZhogxhFh+FIpBDk5RgnaULXJS H/GVJQ0pPm40r2n65E1Eyv7HsVTBwcu5+kN8n4s57bT79NfqMh2yaXuPSnuLub3D Mx4wSxbNpvSbWIOKQO1VrMmemzZd87++t+4C8Ho15QFl4glUjWsndiQB9arG -----END CERTIFICATE-----Generated at Mon Jan 26 08:43:06 2026 by rpki-client