This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/IaHDBU7cqXMsetfiX2V98tBbzQ0.roa File: IaHDBU7cqXMsetfiX2V98tBbzQ0.roa (raw, json) Hash identifier: aSIfbQJ1s+03WYJQC/BEFCyDvq1e4lEKVIPKT8xRj5U= Subject key identifier: 21:A1:C3:05:4E:DC:A9:73:2C:7A:D7:E2:5F:65:7D:F2:D0:5B:CD:0D Certificate issuer: /CN=f8a966664ec96edbd12e8e82e940bfb9faec105e Certificate serial: 019B7A5BA30CEA8CEF5EA4B88E9A6965FA0F Authority key identifier: F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/IaHDBU7cqXMsetfiX2V98tBbzQ0.roa Signing time: Thu 01 Jan 2026 16:19:44 +0000 ROA not before: Thu 01 Jan 2026 16:19:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213341 IP address blocks: 2a0a:4587:2000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.mft rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:a3:0c:ea:8c:ef:5e:a4:b8:8e:9a:69:65:fa:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f8a966664ec96edbd12e8e82e940bfb9faec105e Validity Not Before: Jan 1 16:19:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21a1c3054edca9732c7ad7e25f657df2d05bcd0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:25:bc:f8:49:4d:34:83:e6:c9:0a:a0:6c:f7: 6d:37:3e:79:90:92:0d:f4:2e:1e:70:aa:87:54:9d: 53:25:fb:57:d7:2c:1e:2f:91:18:f9:64:35:3d:05: 66:6e:3e:2e:18:33:6e:86:d5:4e:98:85:8f:b9:82: bf:1c:e6:63:20:76:80:bd:fa:0b:78:4a:49:54:62: 3f:c3:fc:b1:5a:ca:db:04:86:2f:d0:1a:04:1c:15: 91:fa:97:da:48:cd:04:62:be:4f:f7:c9:af:24:77: dd:93:7c:a1:87:43:16:9a:65:9e:7a:ac:af:e8:ee: 27:dd:b2:13:ae:2d:ed:21:b2:21:d4:6c:58:29:54: 87:0c:f8:32:03:c3:14:ab:95:9f:09:23:b4:4b:6d: 8c:4b:3f:07:d3:75:88:25:9d:33:45:cd:cf:77:f4: ca:08:c4:1b:c6:44:cf:96:9c:7e:92:34:11:22:80: 58:6a:34:46:a6:25:b2:5a:11:24:e7:bc:f7:9d:0a: 86:14:e0:42:ad:30:53:be:a2:d5:4b:08:cd:8b:c0: e3:46:c0:8b:93:13:1b:a1:4a:91:cd:94:38:43:8b: a1:95:6c:52:a0:c7:04:0b:b2:6c:56:3a:b0:c4:2f: c4:24:d6:86:fe:be:cd:d2:0d:60:e5:5d:ea:3e:4a: f3:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:A1:C3:05:4E:DC:A9:73:2C:7A:D7:E2:5F:65:7D:F2:D0:5B:CD:0D X509v3 Authority Key Identifier: keyid:F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/IaHDBU7cqXMsetfiX2V98tBbzQ0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:4587:2000::/44 Signature Algorithm: sha256WithRSAEncryption 07:92:97:70:6d:80:6c:f4:e3:10:dd:e1:00:8d:4b:53:a2:22: 9b:6f:d4:40:c8:5e:f0:84:a4:ad:89:7b:1a:15:5e:37:c6:96: 53:36:bd:2f:1c:77:cd:c0:bf:63:3a:30:61:d9:9a:d6:94:05: cc:f2:74:d5:67:f5:05:d4:1d:c7:e5:99:07:1e:d0:1a:f2:e6: 13:1d:49:7b:e8:04:9b:6a:8f:59:f9:df:0e:bd:2a:e4:be:27: db:6f:b4:51:75:16:7a:f9:26:05:cf:95:fd:17:50:e8:da:77: 01:93:b4:5d:ea:2c:b0:5b:a1:31:02:8a:18:b4:d3:80:58:91: d0:a5:58:50:2a:71:d7:f1:32:6a:0c:2e:56:ea:fc:cc:77:06: a9:39:72:af:a8:09:db:ca:a4:72:e9:15:b7:57:a3:fa:84:8e: b2:de:2a:29:e0:e9:e3:f1:31:dc:d3:79:0f:11:67:2b:53:d5: a4:ca:85:73:48:d9:df:8a:3c:11:96:d5:fb:03:cd:7b:92:10: a6:99:8e:7a:1b:bd:ed:ac:10:34:68:4a:c5:77:3a:d8:40:a6: 5a:07:cc:58:fe:02:f7:58:15:45:db:fe:c8:16:20:12:3c:3c: 63:88:a5:80:2c:8c:9b:2f:1b:3f:d4:64:dd:97:25:44:63:e8: e8:97:fa:b9 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgISAZt6W6MM6ozvXqS4jpppZfoPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4YTk2NjY2NGVjOTZlZGJkMTJlOGU4MmU5NDBiZmI5ZmFl YzEwNWUwHhcNMjYwMTAxMTYxOTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWExYzMwNTRlZGNhOTczMmM3YWQ3ZTI1ZjY1N2RmMmQwNWJjZDBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SW8+ElNNIPmyQqgbPdtNz55kJIN 9C4ecKqHVJ1TJftX1yweL5EY+WQ1PQVmbj4uGDNuhtVOmIWPuYK/HOZjIHaAvfoL eEpJVGI/w/yxWsrbBIYv0BoEHBWR+pfaSM0EYr5P98mvJHfdk3yhh0MWmmWeeqyv 6O4n3bITri3tIbIh1GxYKVSHDPgyA8MUq5WfCSO0S22MSz8H03WIJZ0zRc3Pd/TK CMQbxkTPlpx+kjQRIoBYajRGpiWyWhEk57z3nQqGFOBCrTBTvqLVSwjNi8DjRsCL kxMboUqRzZQ4Q4uhlWxSoMcEC7JsVjqwxC/EJNaG/r7N0g1g5V3qPkrzVQIDAQAB o4ICDjCCAgowHQYDVR0OBBYEFCGhwwVO3KlzLHrX4l9lffLQW80NMB8GA1UdIwQY MBaAFPipZmZOyW7b0S6OgulAv7n67BBeMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1LbG1aazdKYnR2UkxvNkM2VUNfdWZyc0VGNC5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1 LTM4MjM1NWZjMmZmMS8xL0lhSERCVTdjcVhNc2V0ZmlYMlY5OHRCYnpRMC5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1LTM4MjM1NWZjMmZm MS8xLzEtS2xtWms3SmJ0dlJMbzZDNlVDX3VmcnNFRjQuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQqCkWH IAAwDQYJKoZIhvcNAQELBQADggEBAAeSl3BtgGz04xDd4QCNS1OiIptv1EDIXvCE pK2JexoVXjfGllM2vS8cd83Av2M6MGHZmtaUBczydNVn9QXUHcflmQce0Bry5hMd SXvoBJtqj1n53w69KuS+J9tvtFF1Fnr5JgXPlf0XUOjadwGTtF3qLLBboTECihi0 04BYkdClWFAqcdfxMmoMLlbq/Mx3Bqk5cq+oCdvKpHLpFbdXo/qEjrLeKing6ePx MdzTeQ8RZytT1aTKhXNI2d+KPBGW1fsDzXuSEKaZjnobve2sEDRoSsV3OthAploH zFj+AvdYFUXb/sgWIBI8PGOIpYAsjJsvGz/UZN2XJURj6OiX+rk= -----END CERTIFICATE-----Generated at Mon Jan 26 05:54:04 2026 by rpki-client