This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/_qfnh0B1Q9kr326hHKH4PHRx7H0.roa File: _qfnh0B1Q9kr326hHKH4PHRx7H0.roa (raw, json) Hash identifier: TtfUGrmkL3QzIvzYnYw9WDKqe/CRP54QUVhnblV7rQ0= Subject key identifier: FE:A7:E7:87:40:75:43:D9:2B:DF:6E:A1:1C:A1:F8:3C:74:71:EC:7D Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da Certificate serial: 019BEB3C36D2F908A4D3F2BF163BBA9B2967 Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/_qfnh0B1Q9kr326hHKH4PHRx7H0.roa Signing time: Fri 23 Jan 2026 14:22:30 +0000 ROA not before: Fri 23 Jan 2026 14:22:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204464 IP address blocks: 2a07:2486:400f::/48 maxlen: 48 2a07:2486:4e00::/40 maxlen: 40 2a07:2486:4e01::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.mft rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:eb:3c:36:d2:f9:08:a4:d3:f2:bf:16:3b:ba:9b:29:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da Validity Not Before: Jan 23 14:22:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fea7e787407543d92bdf6ea11ca1f83c7471ec7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:3f:d3:7f:dd:72:1a:de:d0:45:c9:8d:b6:15: 07:07:55:46:8a:a2:2b:82:18:b8:6b:7b:51:75:09: 39:4d:47:e6:9e:a6:39:b8:7b:6d:2e:c3:ce:4b:57: 91:14:c4:c9:a7:58:4e:a8:5c:c5:a7:2f:af:3c:20: 98:01:20:48:3c:0d:6d:4b:43:38:9f:63:57:55:1d: 53:ea:b5:0b:aa:01:4e:3c:2d:1b:7a:ee:a3:b8:dc: 96:4b:8d:e1:ba:e1:29:92:73:bb:bb:4e:e0:51:95: 17:4e:31:95:74:e1:57:8e:1a:ce:91:bd:cf:d1:3a: 22:54:64:fe:66:8d:64:96:82:be:fc:4c:2e:ae:83: fa:1e:19:82:2a:df:44:a1:a1:8e:4c:c5:0e:75:db: 4e:28:84:f4:8b:96:24:0d:e3:64:24:9c:d9:bc:4c: c6:b0:e5:80:f9:b7:be:e7:d2:03:67:30:99:ea:02: 2d:c9:b6:e8:2f:88:b8:9b:de:a6:1c:68:0e:96:22: 60:99:43:d7:79:45:48:bf:78:a7:20:58:7c:17:4f: 4c:88:00:78:f6:fb:78:8c:aa:a5:60:ad:39:5a:26: 3c:56:2c:b9:27:99:1b:27:56:a9:3a:46:8c:c9:20: bf:34:49:00:1e:f5:8f:c3:30:b8:2c:91:90:53:7a: 34:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:A7:E7:87:40:75:43:D9:2B:DF:6E:A1:1C:A1:F8:3C:74:71:EC:7D X509v3 Authority Key Identifier: keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/_qfnh0B1Q9kr326hHKH4PHRx7H0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:2486:400f::/48 2a07:2486:4e00::/40 Signature Algorithm: sha256WithRSAEncryption 07:48:3c:16:39:9b:e4:18:ce:b5:48:ee:13:e4:3d:19:96:c4: 95:10:45:b9:06:aa:8a:08:95:98:e0:a3:fe:7a:70:b8:b4:6f: b6:c3:72:c2:ef:63:6a:27:b2:01:26:5e:97:2c:fd:19:bb:1c: 26:4a:b2:a2:d2:aa:69:cd:3d:bf:19:d4:6e:45:e5:9b:02:6c: f5:e9:35:20:f1:e0:1a:2b:1d:ee:8e:e8:40:22:42:bf:e0:8f: 9f:0d:d0:d3:26:05:b6:34:37:20:e0:33:6c:13:5e:f5:39:c8: 33:9f:6c:ef:d5:22:a1:36:62:a0:dc:f8:6f:8e:b4:93:e5:5c: e7:35:a2:a1:13:86:3e:bf:a8:e6:68:6d:ad:02:20:e6:57:d9: db:84:d4:22:46:f1:ce:ec:77:89:e6:35:99:f7:36:7a:60:df: 66:c6:25:7a:65:f4:10:ef:cf:b8:00:a6:e5:38:5f:8b:5f:fd: d2:45:21:38:71:97:f0:8e:bf:ea:f7:04:75:5a:40:4e:12:3a: 65:9d:65:04:8c:3b:bf:54:78:55:fb:9d:33:19:71:c3:a8:e9: e8:52:66:4a:39:b7:b1:24:1e:55:93:a4:19:d2:98:6f:02:a5: e0:f3:c3:ba:7e:e9:90:16:6f:82:7e:f3:f3:be:a2:32:48:a6: 82:45:4b:c0 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZvrPDbS+Qik0/K/Fju6mylnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh YmE1ZGEwHhcNMjYwMTIzMTQyMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZWE3ZTc4NzQwNzU0M2Q5MmJkZjZlYTExY2ExZjgzYzc0NzFlYzdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD/Tf91yGt7QRcmNthUHB1VGiqIr ghi4a3tRdQk5TUfmnqY5uHttLsPOS1eRFMTJp1hOqFzFpy+vPCCYASBIPA1tS0M4 n2NXVR1T6rULqgFOPC0beu6juNyWS43huuEpknO7u07gUZUXTjGVdOFXjhrOkb3P 0ToiVGT+Zo1kloK+/EwuroP6HhmCKt9EoaGOTMUOddtOKIT0i5YkDeNkJJzZvEzG sOWA+be+59IDZzCZ6gItybboL4i4m96mHGgOliJgmUPXeUVIv3inIFh8F09MiAB4 9vt4jKqlYK05WiY8Viy5J5kbJ1apOkaMySC/NEkAHvWPwzC4LJGQU3o02wIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFP6n54dAdUPZK99uoRyh+Dx0cex9MB8GA1UdIwQY MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt Mzg0ZmZjZTc3ZjUyLzEvX3FmbmgwQjFROWtyMzI2aEhLSDRQSFJ4N0gwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKgckhkAP AwYAKgckhk4wDQYJKoZIhvcNAQELBQADggEBAAdIPBY5m+QYzrVI7hPkPRmWxJUQ RbkGqooIlZjgo/56cLi0b7bDcsLvY2onsgEmXpcs/Rm7HCZKsqLSqmnNPb8Z1G5F 5ZsCbPXpNSDx4BorHe6O6EAiQr/gj58N0NMmBbY0NyDgM2wTXvU5yDOfbO/VIqE2 YqDc+G+OtJPlXOc1oqEThj6/qOZoba0CIOZX2duE1CJG8c7sd4nmNZn3Nnpg32bG JXpl9BDvz7gApuU4X4tf/dJFIThxl/COv+r3BHVaQE4SOmWdZQSMO79UeFX7nTMZ ccOo6ehSZko5t7EkHlWTpBnSmG8CpeDzw7p+6ZAWb4J+8/O+ojJIpoJFS8A= -----END CERTIFICATE-----Generated at Sun Jan 25 13:02:03 2026 by rpki-client