This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/7HJItND-ZHUyWIc0zlIoIbcu0kU.roa File: 7HJItND-ZHUyWIc0zlIoIbcu0kU.roa (raw, json) Hash identifier: 9Bz34LYfCAabYfpSmfTeNq9WvdNCYgrnyawzxf6Rfac= Subject key identifier: EC:72:48:B4:D0:FE:64:75:32:58:87:34:CE:52:28:21:B7:2E:D2:45 Certificate issuer: /CN=a122d6d21bd04c46224653a49be029e3c024b846 Certificate serial: 019B7E38C1A403598D5CE5001B1CAEA13DAF Authority key identifier: A1:22:D6:D2:1B:D0:4C:46:22:46:53:A4:9B:E0:29:E3:C0:24:B8:46 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oSLW0hvQTEYiRlOkm-Ap48AkuEY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/7HJItND-ZHUyWIc0zlIoIbcu0kU.roa Signing time: Fri 02 Jan 2026 10:20:07 +0000 ROA not before: Fri 02 Jan 2026 10:20:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213597 IP address blocks: 2a14:af00::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/oSLW0hvQTEYiRlOkm-Ap48AkuEY.crl rsync://rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/oSLW0hvQTEYiRlOkm-Ap48AkuEY.mft rsync://rpki.ripe.net/repository/DEFAULT/oSLW0hvQTEYiRlOkm-Ap48AkuEY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:c1:a4:03:59:8d:5c:e5:00:1b:1c:ae:a1:3d:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a122d6d21bd04c46224653a49be029e3c024b846 Validity Not Before: Jan 2 10:20:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ec7248b4d0fe647532588734ce522821b72ed245 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:bb:d1:2a:c4:a9:95:13:69:76:50:f3:74:0d: af:c8:aa:4a:f4:80:10:b4:bf:05:4a:ca:08:08:46: 40:85:17:e1:4d:c6:8f:73:39:68:f6:67:76:32:e1: 17:99:a9:45:99:c6:13:93:90:5b:ff:46:24:e8:7c: 59:c1:47:18:58:a8:27:50:c4:e2:e4:d3:5d:03:b6: 94:8f:b5:90:e4:7c:e8:b2:27:a5:e6:5a:06:f1:d9: e2:20:5d:ac:9d:38:39:3b:eb:9f:12:49:a0:91:41: 9a:7c:30:14:76:cd:04:68:e9:aa:a9:c0:4f:88:ba: 4f:58:08:d6:11:fd:f2:f9:a1:58:0e:fe:d1:d6:e9: de:61:a1:ab:90:60:c2:48:14:dc:07:ed:50:4f:e5: 29:a2:e7:ce:eb:fd:13:b1:03:75:84:60:bd:1e:65: 1c:dc:1a:3b:72:9e:d3:3f:13:b9:a9:23:99:42:63: c1:48:ca:b9:06:d9:2d:35:42:87:b5:58:b6:b7:80: 07:43:04:8f:f2:cb:0a:37:4c:8c:76:c1:9b:5e:13: 0b:04:4a:7d:f9:48:54:8e:30:8d:82:ea:81:0a:8b: 92:e2:f6:ac:4b:50:6a:fc:03:0a:8d:42:59:0f:18: 47:78:cf:0b:86:93:21:33:90:bf:72:6d:81:70:66: 6c:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:72:48:B4:D0:FE:64:75:32:58:87:34:CE:52:28:21:B7:2E:D2:45 X509v3 Authority Key Identifier: keyid:A1:22:D6:D2:1B:D0:4C:46:22:46:53:A4:9B:E0:29:E3:C0:24:B8:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSLW0hvQTEYiRlOkm-Ap48AkuEY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/7HJItND-ZHUyWIc0zlIoIbcu0kU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/oSLW0hvQTEYiRlOkm-Ap48AkuEY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:af00::/29 Signature Algorithm: sha256WithRSAEncryption 30:02:95:33:17:83:77:7a:2a:0a:11:91:80:a1:bb:08:4c:e8: 88:69:28:c0:ec:8a:d4:f5:a1:56:12:50:7f:b9:00:b8:d9:4f: 95:86:1b:88:57:dc:d6:1b:a4:62:65:a6:08:9d:cb:7e:ac:9b: 55:a9:bb:20:58:95:ac:a4:20:71:11:6e:62:e9:c9:f0:fe:e8: bc:49:0b:04:0b:7f:15:44:19:89:ac:ff:14:d3:3a:5e:87:65: 1e:58:5f:e6:2d:1f:aa:87:09:ca:e5:32:2e:b8:4d:d6:a4:31: fa:67:13:ca:76:89:77:e2:de:ce:2c:48:32:d6:62:f0:30:07: 07:3c:e5:49:cc:a5:6a:d6:f1:27:8d:6a:e8:75:6b:76:cb:61: c5:4a:da:2b:fa:2b:3e:ec:a4:4d:75:1a:ae:ee:7f:37:aa:9d: a0:7d:cb:fa:1d:28:0c:5b:8f:c2:67:1c:b9:0f:aa:53:f3:98: 4f:dd:65:63:fc:42:93:25:b1:50:80:ce:c6:7f:ce:b9:6c:28: 7b:e7:9b:7f:03:f4:25:b7:ee:a9:b2:8e:6e:a4:f5:e4:85:f6: af:22:a1:8f:23:99:28:89:96:e3:a0:b9:86:a4:05:2b:6c:da: 1b:1e:75:5f:39:bd:1e:15:71:f2:ae:c9:93:78:a7:29:a7:c9: cc:ba:13:3b -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt+OMGkA1mNXOUAGxyuoT2vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExMjJkNmQyMWJkMDRjNDYyMjQ2NTNhNDliZTAyOWUzYzAy NGI4NDYwHhcNMjYwMTAyMTAyMDA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlYzcyNDhiNGQwZmU2NDc1MzI1ODg3MzRjZTUyMjgyMWI3MmVkMjQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorvRKsSplRNpdlDzdA2vyKpK9IAQ tL8FSsoICEZAhRfhTcaPczlo9md2MuEXmalFmcYTk5Bb/0Yk6HxZwUcYWKgnUMTi 5NNdA7aUj7WQ5Hzosiel5loG8dniIF2snTg5O+ufEkmgkUGafDAUds0EaOmqqcBP iLpPWAjWEf3y+aFYDv7R1uneYaGrkGDCSBTcB+1QT+UpoufO6/0TsQN1hGC9HmUc 3Bo7cp7TPxO5qSOZQmPBSMq5BtktNUKHtVi2t4AHQwSP8ssKN0yMdsGbXhMLBEp9 +UhUjjCNguqBCouS4vasS1Bq/AMKjUJZDxhHeM8LhpMhM5C/cm2BcGZsJQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFOxySLTQ/mR1MliHNM5SKCG3LtJFMB8GA1UdIwQY MBaAFKEi1tIb0ExGIkZTpJvgKePAJLhGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1NMVzBodlFURVlpUmxPa20tQXA0OEFrdUVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wNDhhZmMtZDJjYy00ZTMzLTg2MDct NWYyNTFhMDNmYTJiLzEvN0hKSXRORC1aSFV5V0ljMHpsSW9JYmN1MGtVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8wNDhhZmMtZDJjYy00ZTMzLTg2MDctNWYyNTFhMDNmYTJi LzEvb1NMVzBodlFURVlpUmxPa20tQXA0OEFrdUVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhSvADAN BgkqhkiG9w0BAQsFAAOCAQEAMAKVMxeDd3oqChGRgKG7CEzoiGkowOyK1PWhVhJQ f7kAuNlPlYYbiFfc1hukYmWmCJ3LfqybVam7IFiVrKQgcRFuYunJ8P7ovEkLBAt/ FUQZiaz/FNM6XodlHlhf5i0fqocJyuUyLrhN1qQx+mcTynaJd+LezixIMtZi8DAH BzzlScylatbxJ41q6HVrdsthxUraK/orPuykTXUaru5/N6qdoH3L+h0oDFuPwmcc uQ+qU/OYT91lY/xCkyWxUIDOxn/OuWwoe+ebfwP0JbfuqbKObqT15IX2ryKhjyOZ KImW46C5hqQFK2zaGx51Xzm9HhVx8q7Jk3inKafJzLoTOw== -----END CERTIFICATE-----Generated at Sun Jan 25 23:31:37 2026 by rpki-client