This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d8b41-bc66-4a5f-82e6-a82cbbc73675/1/HYHPGDt2fjAgC47_M3DioNC03-E.roa File: HYHPGDt2fjAgC47_M3DioNC03-E.roa (raw, json) Hash identifier: cxx+e28mtQ/DOkAQ7RXQpszf/7Q5+36ijtIPOYGFO4M= Subject key identifier: 1D:81:CF:18:3B:76:7E:30:20:0B:8E:FF:33:70:E2:A0:D0:B4:DF:E1 Certificate issuer: /CN=d25efe544b6357c7fbc281b2e41b1cb2e743e89c Certificate serial: 019B8024CDEA24EDD533AC647529E2E35FE8 Authority key identifier: D2:5E:FE:54:4B:63:57:C7:FB:C2:81:B2:E4:1B:1C:B2:E7:43:E8:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0l7-VEtjV8f7woGy5BscsudD6Jw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7d8b41-bc66-4a5f-82e6-a82cbbc73675/1/HYHPGDt2fjAgC47_M3DioNC03-E.roa Signing time: Fri 02 Jan 2026 19:17:34 +0000 ROA not before: Fri 02 Jan 2026 19:17:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 154155 IP address blocks: 2001:678:120::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7d8b41-bc66-4a5f-82e6-a82cbbc73675/1/0l7-VEtjV8f7woGy5BscsudD6Jw.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7d8b41-bc66-4a5f-82e6-a82cbbc73675/1/0l7-VEtjV8f7woGy5BscsudD6Jw.mft rsync://rpki.ripe.net/repository/DEFAULT/0l7-VEtjV8f7woGy5BscsudD6Jw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:80:24:cd:ea:24:ed:d5:33:ac:64:75:29:e2:e3:5f:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d25efe544b6357c7fbc281b2e41b1cb2e743e89c Validity Not Before: Jan 2 19:17:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1d81cf183b767e30200b8eff3370e2a0d0b4dfe1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:bb:d5:38:38:af:b2:bc:7d:c5:0b:b2:2b:86: ad:e8:1d:58:09:27:5e:da:89:05:63:6e:c5:c4:e7: e7:17:19:32:b4:22:28:3c:1f:c0:d2:24:d4:c0:85: d8:a9:af:09:80:61:2b:b1:f2:70:37:9d:e9:c1:a8: 3d:24:7c:bf:42:4b:32:f2:10:8c:c5:45:f2:68:64: 1f:10:01:60:d2:b4:f3:34:3d:e5:41:c1:e2:9d:c4: 1f:c6:72:0f:39:6f:0f:ac:cf:f8:22:57:d7:df:ef: 53:74:f0:00:2c:77:d5:e9:93:52:77:0e:ff:94:9e: e8:01:9e:2d:64:da:8a:a0:7b:64:32:96:c8:e8:71: da:50:bc:97:31:bf:37:b6:64:d4:26:fb:2e:7b:bd: ab:0e:b1:ae:fc:b7:13:9a:f8:14:f9:c0:46:6b:53: cb:a7:73:91:9b:84:db:87:16:26:30:49:6f:b3:6f: 0e:65:f4:d6:b5:af:ac:2b:d4:b5:b9:16:d0:b7:6d: af:39:37:8a:ef:86:38:a8:5e:0b:77:44:27:8c:29: 89:ad:c1:43:d7:d9:3c:a8:78:03:fa:3e:9a:a3:36: 54:b4:ee:04:db:bf:88:cb:ca:c3:a2:ff:fe:03:4a: ed:a7:d7:d0:78:e0:6f:b2:d7:b7:0d:25:86:d7:ef: 4d:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:81:CF:18:3B:76:7E:30:20:0B:8E:FF:33:70:E2:A0:D0:B4:DF:E1 X509v3 Authority Key Identifier: keyid:D2:5E:FE:54:4B:63:57:C7:FB:C2:81:B2:E4:1B:1C:B2:E7:43:E8:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0l7-VEtjV8f7woGy5BscsudD6Jw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d8b41-bc66-4a5f-82e6-a82cbbc73675/1/HYHPGDt2fjAgC47_M3DioNC03-E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d8b41-bc66-4a5f-82e6-a82cbbc73675/1/0l7-VEtjV8f7woGy5BscsudD6Jw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:120::/48 Signature Algorithm: sha256WithRSAEncryption 4b:ee:08:d1:ef:b6:c2:a2:9e:fc:f4:e7:44:90:fd:55:8f:6d: 1e:71:67:34:ab:90:91:21:7f:e1:69:ed:d1:cf:67:d1:29:da: b8:1a:a0:ec:c0:63:20:e3:76:aa:24:40:be:36:16:b2:58:6a: d3:a4:8d:38:96:92:d4:36:e9:a3:ec:04:50:13:d7:9a:70:b7: e4:1a:c7:0b:02:e6:21:34:29:ee:54:9f:22:6a:49:89:4c:85: a9:a9:b2:54:b3:85:fb:37:fc:c7:d4:2e:30:1d:a1:5d:c9:07: 5d:70:17:01:cd:0a:bd:4c:81:81:5b:af:71:86:ee:a5:ba:e5: 94:fd:67:f7:72:86:1a:28:df:59:8c:00:8b:49:25:a9:f1:cf: 2d:92:cb:4b:6c:6b:c3:84:01:12:71:d4:05:ff:08:c1:2a:99: 0e:13:20:b2:c6:8e:7e:a7:b8:bb:1d:7d:ae:a5:49:f8:13:57: e1:1a:1d:f3:c6:00:d0:ce:d7:4c:fc:c0:96:bc:18:75:4b:f0: ae:91:39:91:84:ff:c0:ee:fe:6f:7a:8e:07:63:c4:f4:57:c4: c7:7e:bd:d8:ea:21:cf:56:97:3e:6c:46:44:82:2b:a4:f2:e9: 11:ce:45:7c:e7:dd:b7:cd:a5:9e:0a:92:f6:f3:e0:f4:c8:9c: 3f:40:72:15 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZuAJM3qJO3VM6xkdSni41/oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNWVmZTU0NGI2MzU3YzdmYmMyODFiMmU0MWIxY2IyZTc0 M2U4OWMwHhcNMjYwMTAyMTkxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZDgxY2YxODNiNzY3ZTMwMjAwYjhlZmYzMzcwZTJhMGQwYjRkZmUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6LvVODivsrx9xQuyK4at6B1YCSde 2okFY27FxOfnFxkytCIoPB/A0iTUwIXYqa8JgGErsfJwN53pwag9JHy/Qksy8hCM xUXyaGQfEAFg0rTzND3lQcHincQfxnIPOW8PrM/4IlfX3+9TdPAALHfV6ZNSdw7/ lJ7oAZ4tZNqKoHtkMpbI6HHaULyXMb83tmTUJvsue72rDrGu/LcTmvgU+cBGa1PL p3ORm4TbhxYmMElvs28OZfTWta+sK9S1uRbQt22vOTeK74Y4qF4Ld0QnjCmJrcFD 19k8qHgD+j6aozZUtO4E27+Iy8rDov/+A0rtp9fQeOBvste3DSWG1+9NYQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFB2Bzxg7dn4wIAuO/zNw4qDQtN/hMB8GA1UdIwQY MBaAFNJe/lRLY1fH+8KBsuQbHLLnQ+icMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGw3LVZFdGpWOGY3d29HeTVCc2NzdWRENkp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDhiNDEtYmM2Ni00YTVmLTgyZTYt YTgyY2JiYzczNjc1LzEvSFlIUEdEdDJmakFnQzQ3X00zRGlvTkMwMy1FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83ZDhiNDEtYmM2Ni00YTVmLTgyZTYtYTgyY2JiYzczNjc1 LzEvMGw3LVZFdGpWOGY3d29HeTVCc2NzdWRENkp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAEg MA0GCSqGSIb3DQEBCwUAA4IBAQBL7gjR77bCop789OdEkP1Vj20ecWc0q5CRIX/h ae3Rz2fRKdq4GqDswGMg43aqJEC+NhayWGrTpI04lpLUNumj7ARQE9eacLfkGscL AuYhNCnuVJ8iakmJTIWpqbJUs4X7N/zH1C4wHaFdyQddcBcBzQq9TIGBW69xhu6l uuWU/Wf3coYaKN9ZjACLSSWp8c8tkstLbGvDhAEScdQF/wjBKpkOEyCyxo5+p7i7 HX2upUn4E1fhGh3zxgDQztdM/MCWvBh1S/CukTmRhP/A7v5veo4HY8T0V8THfr3Y 6iHPVpc+bEZEgiuk8ukRzkV85923zaWeCpL28+D0yJw/QHIV -----END CERTIFICATE-----Generated at Sun Jan 25 21:57:46 2026 by rpki-client