This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/hZiFcW7h5F5XfcXkHDMH450e4sg.roa File: hZiFcW7h5F5XfcXkHDMH450e4sg.roa (raw, json) Hash identifier: D2HtChe92Pq7COg3X4YoKzG61XVo1IcROxs8V7eIHbE= Subject key identifier: 85:98:85:71:6E:E1:E4:5E:57:7D:C5:E4:1C:33:07:E3:9D:1E:E2:C8 Certificate issuer: /CN=374e2729b17369890a1512f643cd08e4ba2ff414 Certificate serial: 019BEFC7D8A8EE998AC0B5F9B5641073E653 Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/hZiFcW7h5F5XfcXkHDMH450e4sg.roa Signing time: Sat 24 Jan 2026 11:33:30 +0000 ROA not before: Sat 24 Jan 2026 11:33:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33042 IP address blocks: 2a05:f686::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.mft rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ef:c7:d8:a8:ee:99:8a:c0:b5:f9:b5:64:10:73:e6:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414 Validity Not Before: Jan 24 11:33:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=859885716ee1e45e577dc5e41c3307e39d1ee2c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:35:b5:1f:59:7f:18:0f:a6:93:5d:ec:10:73: 6c:35:ea:fc:9f:4f:30:35:92:1f:af:7b:d7:1a:fd: 9a:11:38:29:49:17:22:fc:5d:b1:b3:8b:cf:67:2a: 85:dc:55:c5:15:ab:d1:de:a9:1e:46:97:42:50:1f: a8:0b:97:c5:44:f7:b8:02:52:b2:10:f5:59:51:83: 01:a3:7c:b9:16:4e:01:8c:79:f7:45:ee:4e:39:b8: 32:13:7f:ce:80:2d:e4:ef:6c:49:8a:09:c0:98:b0: 24:07:b7:a2:e7:d0:fe:45:78:f9:68:43:44:db:89: ff:53:82:0d:c3:79:0b:d7:67:ea:b6:8c:e3:e8:bb: de:ae:34:10:e5:56:d2:54:54:e7:98:2b:52:d8:ea: 4a:bc:4b:0a:70:4f:31:f0:34:d4:91:9b:10:c3:25: 98:da:f5:81:9d:f5:d3:33:21:99:49:ce:08:e8:96: e1:6d:c7:bf:ba:ad:1f:f7:27:a0:8b:41:97:d3:1e: 3e:60:e5:b6:3f:c1:a7:fa:bc:44:af:87:b0:1b:7a: ad:3b:e5:8b:64:b4:10:79:ca:7f:a7:2c:87:f2:38: 03:1c:17:24:6e:0f:57:d4:84:15:06:2b:01:fd:e7: a9:21:41:95:53:f8:93:67:8f:72:a6:11:6c:62:6a: f0:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:98:85:71:6E:E1:E4:5E:57:7D:C5:E4:1C:33:07:E3:9D:1E:E2:C8 X509v3 Authority Key Identifier: keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/hZiFcW7h5F5XfcXkHDMH450e4sg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:f686::/32 Signature Algorithm: sha256WithRSAEncryption 80:48:76:31:db:a9:b4:a4:90:a3:6b:08:5e:8e:ed:a6:41:e5: a0:84:88:e6:d3:d2:bc:57:a9:3c:fe:0a:d0:00:04:cc:6a:e2: 63:f2:78:9a:85:dc:1a:12:ff:2e:ae:db:8a:63:34:1e:d9:91: c7:cf:35:e0:37:e1:94:ae:db:8a:bb:0d:db:44:d6:6a:67:7e: 8d:fb:45:34:09:8b:0b:9e:32:a6:79:30:9d:33:df:07:ef:e5: 3d:56:4e:65:b4:70:56:9d:f1:81:4e:15:7e:95:fa:3f:80:14: 0b:54:29:c3:70:04:0b:03:be:c8:d4:d9:0d:d9:98:f0:ce:58: 34:7d:50:c9:31:11:81:9a:41:54:12:51:fa:7f:3e:2d:d4:1f: e9:db:41:07:cb:28:40:8d:fa:4f:56:d7:ca:94:3c:13:03:62: d3:60:17:af:fc:fd:68:67:ac:8a:3f:aa:26:9d:14:86:a9:43: ab:d4:a6:1d:9c:30:66:97:f9:b3:f7:30:6b:81:41:ea:f1:f1: 87:d5:f5:6a:4b:f9:9b:85:b6:69:6e:4e:48:a9:dc:33:02:b5: b5:b3:5d:cc:71:5f:20:08:b5:de:a2:0a:27:54:07:a2:a6:38: 40:3f:1f:b7:ab:66:e8:ed:0b:5d:97:93:47:ef:c3:eb:14:0f: e3:56:c9:3c -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZvvx9io7pmKwLX5tWQQc+ZTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM3NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEy ZmY0MTQwHhcNMjYwMTI0MTEzMzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTk4ODU3MTZlZTFlNDVlNTc3ZGM1ZTQxYzMzMDdlMzlkMWVlMmM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTW1H1l/GA+mk13sEHNsNer8n08w NZIfr3vXGv2aETgpSRci/F2xs4vPZyqF3FXFFavR3qkeRpdCUB+oC5fFRPe4AlKy EPVZUYMBo3y5Fk4BjHn3Re5OObgyE3/OgC3k72xJignAmLAkB7ei59D+RXj5aENE 24n/U4INw3kL12fqtozj6LverjQQ5VbSVFTnmCtS2OpKvEsKcE8x8DTUkZsQwyWY 2vWBnfXTMyGZSc4I6Jbhbce/uq0f9yegi0GX0x4+YOW2P8Gn+rxEr4ewG3qtO+WL ZLQQecp/pyyH8jgDHBckbg9X1IQVBisB/eepIUGVU/iTZ49yphFsYmrwVQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFIWYhXFu4eReV33F5BwzB+OdHuLIMB8GA1UdIwQY MBaAFDdOJymxc2mJChUS9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYt Y2ZjNDZhNzZlYzc4LzEvaFppRmNXN2g1RjVYZmNYa0hETUg0NTBlNHNnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4 LzEvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgX2hjAN BgkqhkiG9w0BAQsFAAOCAQEAgEh2MduptKSQo2sIXo7tpkHloISI5tPSvFepPP4K 0AAEzGriY/J4moXcGhL/Lq7bimM0HtmRx8814DfhlK7birsN20TWamd+jftFNAmL C54ypnkwnTPfB+/lPVZOZbRwVp3xgU4VfpX6P4AUC1Qpw3AECwO+yNTZDdmY8M5Y NH1QyTERgZpBVBJR+n8+LdQf6dtBB8soQI36T1bXypQ8EwNi02AXr/z9aGesij+q Jp0UhqlDq9SmHZwwZpf5s/cwa4FB6vHxh9X1akv5m4W2aW5OSKncMwK1tbNdzHFf IAi13qIKJ1QHoqY4QD8ft6tm6O0LXZeTR+/D6xQP41bJPA== -----END CERTIFICATE-----Generated at Sun Jan 25 15:01:11 2026 by rpki-client