This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a3009-8f2e-420c-9bdf-be74908186f0/1/ON6EBf7h3jg96SfAW19mTfuOUo8.roa File: ON6EBf7h3jg96SfAW19mTfuOUo8.roa (raw, json) Hash identifier: 2IenMofuWYmy5x036TGoX+iZoQ/mV5068cUX7eikQWI= Subject key identifier: 38:DE:84:05:FE:E1:DE:38:3D:E9:27:C0:5B:5F:66:4D:FB:8E:52:8F Certificate issuer: /CN=1db93b83bafad7bfd94f676c021baab5187007f0 Certificate serial: 019B76EB26E7BEFD0819FB51E787C8B00110 Authority key identifier: 1D:B9:3B:83:BA:FA:D7:BF:D9:4F:67:6C:02:1B:AA:B5:18:70:07:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hbk7g7r617_ZT2dsAhuqtRhwB_A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a3009-8f2e-420c-9bdf-be74908186f0/1/ON6EBf7h3jg96SfAW19mTfuOUo8.roa Signing time: Thu 01 Jan 2026 00:18:00 +0000 ROA not before: Thu 01 Jan 2026 00:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29014 IP address blocks: 2001:678:df0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a3009-8f2e-420c-9bdf-be74908186f0/1/Hbk7g7r617_ZT2dsAhuqtRhwB_A.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/7a3009-8f2e-420c-9bdf-be74908186f0/1/Hbk7g7r617_ZT2dsAhuqtRhwB_A.mft rsync://rpki.ripe.net/repository/DEFAULT/Hbk7g7r617_ZT2dsAhuqtRhwB_A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:26:e7:be:fd:08:19:fb:51:e7:87:c8:b0:01:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1db93b83bafad7bfd94f676c021baab5187007f0 Validity Not Before: Jan 1 00:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38de8405fee1de383de927c05b5f664dfb8e528f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:03:80:d9:94:35:73:59:51:c0:f6:50:41:2d: 14:8f:ff:d7:57:18:75:0c:37:7c:37:3e:dd:8d:a3: dd:17:c9:53:ed:ac:fb:ed:fc:d3:95:21:85:65:2c: 61:57:27:24:9a:87:2e:b5:a9:9a:13:01:99:75:40: 62:6d:84:ab:4b:43:eb:b6:99:36:69:42:86:d4:cc: a6:6e:79:ee:e2:21:9f:89:f2:0e:d4:64:09:49:48: 85:fc:9e:c8:04:50:0f:e1:93:35:ce:0b:b6:f2:ea: dc:6e:24:b3:fc:09:08:20:a5:74:31:29:5d:93:27: b2:76:cc:b8:5e:e4:7c:4f:47:d8:d3:ad:2a:ae:c5: dc:f7:85:41:00:a3:7f:4b:1a:f9:38:2f:19:6f:12: 23:af:a6:42:3f:cd:cf:33:bf:b4:18:8e:27:d7:dc: c0:78:0c:2c:2b:1c:35:84:77:96:d8:42:4c:49:9a: 25:86:bc:6c:d8:34:1c:1b:5f:04:1d:6a:f4:45:88: 62:0d:cf:54:eb:60:53:3d:dd:b3:6a:00:1e:9b:47: 66:93:f8:e3:c9:8f:f6:d7:aa:2c:42:c7:6b:55:c1: 46:51:7b:e9:a3:ad:2c:09:1f:bd:dc:c7:b0:40:75: ec:1a:25:de:f3:47:cd:15:ba:2a:f9:bd:62:c1:52: 4b:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:DE:84:05:FE:E1:DE:38:3D:E9:27:C0:5B:5F:66:4D:FB:8E:52:8F X509v3 Authority Key Identifier: keyid:1D:B9:3B:83:BA:FA:D7:BF:D9:4F:67:6C:02:1B:AA:B5:18:70:07:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hbk7g7r617_ZT2dsAhuqtRhwB_A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a3009-8f2e-420c-9bdf-be74908186f0/1/ON6EBf7h3jg96SfAW19mTfuOUo8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a3009-8f2e-420c-9bdf-be74908186f0/1/Hbk7g7r617_ZT2dsAhuqtRhwB_A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:df0::/48 Signature Algorithm: sha256WithRSAEncryption 81:c7:79:43:d8:ef:1d:f8:30:d1:9f:20:a6:28:c5:82:11:4a: 0e:a9:a1:44:e0:ef:97:da:1b:7d:8f:11:93:39:4a:ff:38:f8: bc:c6:ef:bb:53:40:13:36:3d:80:f6:1f:0a:ab:be:53:ce:19: ec:01:76:10:89:77:e6:e9:0b:69:90:b3:51:e5:37:18:e2:8e: 31:5c:88:bc:62:97:68:f2:92:76:f1:5e:31:1e:a2:f9:24:39: 44:09:2a:b1:5f:43:05:c3:08:cc:ea:b2:56:96:d5:9d:5e:d1: 31:20:79:96:67:a3:c5:48:97:9f:c0:c9:58:d3:98:b1:d0:44: ca:6a:15:eb:6e:8a:e9:d0:f3:c1:08:6b:2c:91:fb:46:5f:ef: c8:66:8c:35:d9:da:df:c9:8f:17:65:9f:80:e3:07:0c:6c:49: 77:51:0b:fb:4a:9f:c3:a0:1f:66:a0:ec:3b:5a:7f:2d:da:cf: 8a:ab:eb:48:aa:1f:57:d3:c0:7b:ca:eb:ac:c6:2c:0f:af:e8: d4:44:aa:6f:7b:8f:92:54:96:70:bb:e3:53:89:e5:f3:cf:06: 4b:98:74:fc:16:3c:07:82:21:ee:0c:f6:9b:1e:3c:05:80:b5: cf:f0:8c:30:cf:ce:85:92:76:f2:3c:7e:c7:ba:d3:7d:50:e0: 8b:5a:2f:5c -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt26ybnvv0IGftR54fIsAEQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkYjkzYjgzYmFmYWQ3YmZkOTRmNjc2YzAyMWJhYWI1MTg3 MDA3ZjAwHhcNMjYwMTAxMDAxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOGRlODQwNWZlZTFkZTM4M2RlOTI3YzA1YjVmNjY0ZGZiOGU1MjhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgOA2ZQ1c1lRwPZQQS0Uj//XVxh1 DDd8Nz7djaPdF8lT7az77fzTlSGFZSxhVyckmocutamaEwGZdUBibYSrS0Prtpk2 aUKG1Mymbnnu4iGfifIO1GQJSUiF/J7IBFAP4ZM1zgu28urcbiSz/AkIIKV0MSld kyeydsy4XuR8T0fY060qrsXc94VBAKN/Sxr5OC8ZbxIjr6ZCP83PM7+0GI4n19zA eAwsKxw1hHeW2EJMSZolhrxs2DQcG18EHWr0RYhiDc9U62BTPd2zagAem0dmk/jj yY/216osQsdrVcFGUXvpo60sCR+93MewQHXsGiXe80fNFboq+b1iwVJLfwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDjehAX+4d44PeknwFtfZk37jlKPMB8GA1UdIwQY MBaAFB25O4O6+te/2U9nbAIbqrUYcAfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGJrN2c3cjYxN19aVDJkc0FodXF0Umh3Ql9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTMwMDktOGYyZS00MjBjLTliZGYt YmU3NDkwODE4NmYwLzEvT042RUJmN2gzamc5NlNmQVcxOW1UZnVPVW84LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC83YTMwMDktOGYyZS00MjBjLTliZGYtYmU3NDkwODE4NmYw LzEvSGJrN2c3cjYxN19aVDJkc0FodXF0Umh3Ql9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA3w MA0GCSqGSIb3DQEBCwUAA4IBAQCBx3lD2O8d+DDRnyCmKMWCEUoOqaFE4O+X2ht9 jxGTOUr/OPi8xu+7U0ATNj2A9h8Kq75TzhnsAXYQiXfm6QtpkLNR5TcY4o4xXIi8 Ypdo8pJ28V4xHqL5JDlECSqxX0MFwwjM6rJWltWdXtExIHmWZ6PFSJefwMlY05ix 0ETKahXrborp0PPBCGsskftGX+/IZow12drfyY8XZZ+A4wcMbEl3UQv7Sp/DoB9m oOw7Wn8t2s+Kq+tIqh9X08B7yuusxiwPr+jURKpve4+SVJZwu+NTieXzzwZLmHT8 FjwHgiHuDPabHjwFgLXP8Iwwz86FknbyPH7HutN9UOCLWi9c -----END CERTIFICATE-----Generated at Sun Jan 25 17:32:49 2026 by rpki-client