This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/aBHHIsoOk3cwdTg01_-s4u0Jsjk.roa File: aBHHIsoOk3cwdTg01_-s4u0Jsjk.roa (raw, json) Hash identifier: PbrAA8TMsU9WP0enV5kXL9Tl3hHucxigMTmbYxEfjpk= Subject key identifier: 68:11:C7:22:CA:0E:93:77:30:75:38:34:D7:FF:AC:E2:ED:09:B2:39 Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b Certificate serial: 019B7F8413CF62512F5E154DBE0C637F5A05 Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/aBHHIsoOk3cwdTg01_-s4u0Jsjk.roa Signing time: Fri 02 Jan 2026 16:22:00 +0000 ROA not before: Fri 02 Jan 2026 16:22:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34440 IP address blocks: 2a01:488:bb18::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:13:cf:62:51:2f:5e:15:4d:be:0c:63:7f:5a:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b Validity Not Before: Jan 2 16:22:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6811c722ca0e937730753834d7fface2ed09b239 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:a8:c3:52:36:03:a2:1c:c1:2e:2d:08:23:d9: fb:b2:29:ac:e1:bc:82:8b:31:a2:93:02:b1:86:ea: 03:95:7d:94:2e:c0:85:8c:48:64:46:aa:ab:88:58: ec:b2:5b:ee:8f:81:e4:cc:16:c7:77:3d:7d:ee:c6: 44:04:a2:dd:ae:e2:8a:cb:02:60:0d:29:d1:89:6a: 29:48:ac:10:57:44:ff:c4:02:e9:46:f8:21:01:a4: 53:30:65:d7:e2:3a:90:96:c5:55:07:9e:c7:24:52: 40:68:1c:48:03:b0:93:50:e2:9f:3f:0d:cf:71:a5: c6:3d:ea:f5:31:7b:c5:d0:52:d6:e6:2a:80:47:37: 8a:47:a1:97:a2:7d:aa:e0:77:b5:56:82:75:15:f6: a1:73:b9:87:1c:71:fc:89:ad:69:a3:cb:e7:3e:10: 60:25:bc:c2:1f:00:24:9e:66:90:1f:e2:88:f5:a7: 9a:36:91:83:fa:f6:17:ff:aa:65:77:8e:07:c8:90: 34:6e:da:72:cc:2f:5c:fd:1d:1f:c5:1e:57:f5:66: 25:16:b7:a6:cf:02:68:54:52:3c:2f:b9:ab:dc:f5: ee:6e:01:20:0e:c6:e5:ab:23:91:54:c7:d7:5f:48: 7e:33:03:33:f7:73:8b:1f:94:13:93:ca:4d:c4:fa: 99:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:11:C7:22:CA:0E:93:77:30:75:38:34:D7:FF:AC:E2:ED:09:B2:39 X509v3 Authority Key Identifier: keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/aBHHIsoOk3cwdTg01_-s4u0Jsjk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:488:bb18::/48 Signature Algorithm: sha256WithRSAEncryption 42:f9:b2:8e:cd:70:36:8f:c2:7b:ad:82:8f:90:32:73:f0:99: 5c:1c:0a:2c:1d:0b:ae:84:c5:a7:63:d0:6c:da:6b:e3:8c:87: 68:47:bd:9b:66:38:41:53:e9:b7:f5:bf:3b:10:fd:bb:2d:19: 7a:20:34:1e:6b:47:33:e2:5f:49:90:bf:c3:54:59:b9:5d:62: bd:74:0b:f0:f9:d1:b0:3a:f2:d7:de:55:4e:37:82:c2:dd:27: fe:16:89:44:37:5b:05:a7:0d:a2:f4:c0:6e:e0:c7:b8:dd:04: 8a:dd:4d:fd:79:bd:90:9d:b0:5d:ed:59:73:61:62:00:f6:05: 93:17:7f:6c:d2:c0:0e:1b:97:25:fd:9b:28:a2:93:26:b7:2b: ca:18:7d:09:40:58:d5:34:67:c2:6a:85:87:23:46:8e:da:68: 76:e9:41:2b:53:de:44:1b:af:fc:12:0e:be:53:b9:ca:02:a4: e7:17:d8:a7:3c:b4:38:9f:10:a5:1d:f8:3f:d1:f9:76:8b:99: 8e:f9:37:62:f6:5c:bf:0f:ec:11:db:4f:8e:19:79:3d:f5:21: 1f:94:f2:86:06:77:20:97:5a:f1:cf:3e:63:06:24:83:0a:81: 1d:2e:eb:d2:1d:59:1d:d3:2e:bd:b6:fd:a0:b1:ee:4a:3c:83: 89:f6:66:c9 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/hBPPYlEvXhVNvgxjf1oFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0 ZTk4MWIwHhcNMjYwMTAyMTYyMjAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODExYzcyMmNhMGU5Mzc3MzA3NTM4MzRkN2ZmYWNlMmVkMDliMjM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6jDUjYDohzBLi0II9n7sims4byC izGikwKxhuoDlX2ULsCFjEhkRqqriFjsslvuj4HkzBbHdz197sZEBKLdruKKywJg DSnRiWopSKwQV0T/xALpRvghAaRTMGXX4jqQlsVVB57HJFJAaBxIA7CTUOKfPw3P caXGPer1MXvF0FLW5iqARzeKR6GXon2q4He1VoJ1Ffahc7mHHHH8ia1po8vnPhBg JbzCHwAknmaQH+KI9aeaNpGD+vYX/6pld44HyJA0btpyzC9c/R0fxR5X9WYlFrem zwJoVFI8L7mr3PXubgEgDsblqyORVMfXX0h+MwMz93OLH5QTk8pNxPqZaQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFGgRxyLKDpN3MHU4NNf/rOLtCbI5MB8GA1UdIwQY MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt MTYxZjM0MjM4N2QxLzEvYUJISElzb09rM2N3ZFRnMDFfLXM0dTBKc2prLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsY MA0GCSqGSIb3DQEBCwUAA4IBAQBC+bKOzXA2j8J7rYKPkDJz8JlcHAosHQuuhMWn Y9Bs2mvjjIdoR72bZjhBU+m39b87EP27LRl6IDQea0cz4l9JkL/DVFm5XWK9dAvw +dGwOvLX3lVON4LC3Sf+FolEN1sFpw2i9MBu4Me43QSK3U39eb2QnbBd7VlzYWIA 9gWTF39s0sAOG5cl/ZsoopMmtyvKGH0JQFjVNGfCaoWHI0aO2mh26UErU95EG6/8 Eg6+U7nKAqTnF9inPLQ4nxClHfg/0fl2i5mO+Tdi9ly/D+wR20+OGXk99SEflPKG Bncgl1rxzz5jBiSDCoEdLuvSHVkd0y69tv2gse5KPIOJ9mbJ -----END CERTIFICATE-----Generated at Sun Jan 25 14:21:04 2026 by rpki-client