This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/hI6blJ5kjyHb7biy4lfSirS37zs.roa File: hI6blJ5kjyHb7biy4lfSirS37zs.roa (raw, json) Hash identifier: mqWBp2AFnHxwb8q7BdrL6WW9+Na4SaPzQGePE+5iXFc= Subject key identifier: 84:8E:9B:94:9E:64:8F:21:DB:ED:B8:B2:E2:57:D2:8A:B4:B7:EF:3B Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53 Certificate serial: 019B7E38828AD9759F526596228740B2D571 Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/hI6blJ5kjyHb7biy4lfSirS37zs.roa Signing time: Fri 02 Jan 2026 10:19:51 +0000 ROA not before: Fri 02 Jan 2026 10:19:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35372 IP address blocks: 2a0c:b100::/48 maxlen: 48 2a0c:b100:1::/48 maxlen: 48 2a0c:b100:2::/48 maxlen: 48 2a0c:b100:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.mft rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:82:8a:d9:75:9f:52:65:96:22:87:40:b2:d5:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53 Validity Not Before: Jan 2 10:19:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=848e9b949e648f21dbedb8b2e257d28ab4b7ef3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:91:f7:e3:5c:e3:7c:fb:81:42:a6:e5:fe:f8: 4a:2a:4d:e2:ae:2e:54:df:63:c4:d1:c6:2c:1e:16: 32:aa:2d:2e:75:c5:56:d2:f8:16:38:36:66:1f:43: c6:e1:02:44:c1:8e:9e:b7:35:bb:b2:a3:7d:4e:a5: ca:13:b3:f8:f1:ea:32:b1:fa:ab:5a:a1:43:e6:0f: 09:27:f6:df:8d:af:7b:5c:e8:c7:7c:f1:33:57:98: b3:6d:4b:5e:79:47:b2:2d:67:3b:ce:f1:57:62:53: 18:87:b0:75:30:1d:65:cd:6c:15:65:cc:29:35:96: 8e:e4:dc:4f:f5:f1:94:e9:1a:a7:3f:4e:0f:a9:15: fa:d3:69:d8:df:fc:13:3b:04:92:73:e7:f7:69:7c: 30:97:5f:c4:f4:2f:82:17:df:e1:12:f7:25:99:b7: ca:40:e5:84:47:f4:00:8e:eb:3d:ad:7d:26:d1:ac: c6:82:6f:80:61:7e:11:fe:1d:63:57:05:bb:db:3d: 50:07:a2:92:63:40:3c:0e:c0:f2:66:79:9f:3d:e3: 94:54:09:be:b6:bb:dc:61:c0:ce:e7:0b:61:9d:01: 51:e4:33:f7:e7:e2:38:0a:f3:8c:a9:9f:d9:2e:b0: 58:b1:e1:d1:1d:be:c1:c0:82:cc:1b:31:f2:d9:e0: a3:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:8E:9B:94:9E:64:8F:21:DB:ED:B8:B2:E2:57:D2:8A:B4:B7:EF:3B X509v3 Authority Key Identifier: keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/hI6blJ5kjyHb7biy4lfSirS37zs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:b100::/46 Signature Algorithm: sha256WithRSAEncryption 65:15:7f:44:bd:f4:9d:46:13:e1:3b:48:a6:3d:17:91:a6:77: a3:a2:f4:ab:03:67:56:5a:4a:88:48:70:61:9f:1d:7d:dc:75: 45:db:b9:c0:c9:9d:dc:17:41:41:a8:7c:ce:5c:91:f9:74:70: 99:f1:eb:27:89:a9:db:8c:fd:71:e4:48:1c:8f:2b:06:4e:e3: 5f:68:a3:ff:57:27:e2:4a:f3:9a:46:66:08:ee:bf:2a:bf:bd: 2b:de:8d:89:cc:29:59:ec:86:66:91:cf:8e:32:0a:06:e4:bf: ac:7f:0d:f4:7e:fd:44:3e:45:bf:74:aa:c2:5d:64:fa:17:b7: 87:8d:79:3f:6f:a3:a8:74:88:80:4b:47:95:6b:fa:dd:80:db: 82:9f:29:42:52:eb:11:3f:0f:86:5e:d3:11:42:0d:b8:6a:7b: 88:4d:7b:bc:85:e0:ca:84:59:d9:8e:52:29:38:99:29:fe:74: dc:86:3c:a2:16:cd:d2:0d:e4:42:49:93:53:38:41:d2:f4:b1: f2:6f:6b:92:bb:02:9d:b1:f1:92:5e:e5:28:6c:e7:72:58:be: 03:4a:9d:03:29:a6:e5:a1:8e:95:e4:8c:e0:2d:68:10:c8:66: 6b:93:9d:e8:24:c6:9d:25:91:0e:05:95:e0:9e:30:49:3e:04: 92:b0:b3:83 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+OIKK2XWfUmWWIodAstVxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxM2UwNTFjYjgzMWQxOTg5NjA3YmI3NmMwYmM1NjkzZmY5 NDdiNTMwHhcNMjYwMTAyMTAxOTUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDhlOWI5NDllNjQ4ZjIxZGJlZGI4YjJlMjU3ZDI4YWI0YjdlZjNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JH341zjfPuBQqbl/vhKKk3iri5U 32PE0cYsHhYyqi0udcVW0vgWODZmH0PG4QJEwY6etzW7sqN9TqXKE7P48eoysfqr WqFD5g8JJ/bfja97XOjHfPEzV5izbUteeUeyLWc7zvFXYlMYh7B1MB1lzWwVZcwp NZaO5NxP9fGU6RqnP04PqRX602nY3/wTOwSSc+f3aXwwl1/E9C+CF9/hEvclmbfK QOWER/QAjus9rX0m0azGgm+AYX4R/h1jVwW72z1QB6KSY0A8DsDyZnmfPeOUVAm+ trvcYcDO5wthnQFR5DP35+I4CvOMqZ/ZLrBYseHRHb7BwILMGzHy2eCj9QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFISOm5SeZI8h2+24suJX0oq0t+87MB8GA1UdIwQY MBaAFIE+BRy4MdGYlge7dsC8VpP/lHtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ1Q0RkhMZ3gwWmlXQjd0MndMeFdrXy1VZTFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lNDVhZDYtZTVhZS00ODE5LTlmMjQt ZjU3N2FhNDZkZTgzLzEvaEk2YmxKNWtqeUhiN2JpeTRsZlNpclMzN3pzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9lNDVhZDYtZTVhZS00ODE5LTlmMjQtZjU3N2FhNDZkZTgz LzEvZ1Q0RkhMZ3gwWmlXQjd0MndMeFdrXy1VZTFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgyxAAAA MA0GCSqGSIb3DQEBCwUAA4IBAQBlFX9EvfSdRhPhO0imPReRpnejovSrA2dWWkqI SHBhnx193HVF27nAyZ3cF0FBqHzOXJH5dHCZ8esnianbjP1x5EgcjysGTuNfaKP/ VyfiSvOaRmYI7r8qv70r3o2JzClZ7IZmkc+OMgoG5L+sfw30fv1EPkW/dKrCXWT6 F7eHjXk/b6OodIiAS0eVa/rdgNuCnylCUusRPw+GXtMRQg24anuITXu8heDKhFnZ jlIpOJkp/nTchjyiFs3SDeRCSZNTOEHS9LHyb2uSuwKdsfGSXuUobOdyWL4DSp0D KabloY6V5IzgLWgQyGZrk53oJMadJZEOBZXgnjBJPgSSsLOD -----END CERTIFICATE-----Generated at Sun Jan 25 21:04:57 2026 by rpki-client