This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/ca3649-c29f-4e90-8822-bc65ef6b27b6/1/gHuLcIKcn2iD6YpXmVRm72KupiQ.roa File: gHuLcIKcn2iD6YpXmVRm72KupiQ.roa (raw, json) Hash identifier: FWAOBqOIoer8EKcUh4bDcvJog66L4foyvXVuyT1R4Xg= Subject key identifier: 80:7B:8B:70:82:9C:9F:68:83:E9:8A:57:99:54:66:EF:62:AE:A6:24 Certificate issuer: /CN=3ea18c91b2be28a074b9a3874a90b446013ce1be Certificate serial: 019B7DC9CD2EEF91188D8BA4DEE05B33138C Authority key identifier: 3E:A1:8C:91:B2:BE:28:A0:74:B9:A3:87:4A:90:B4:46:01:3C:E1:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqGMkbK-KKB0uaOHSpC0RgE84b4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/ca3649-c29f-4e90-8822-bc65ef6b27b6/1/gHuLcIKcn2iD6YpXmVRm72KupiQ.roa Signing time: Fri 02 Jan 2026 08:18:55 +0000 ROA not before: Fri 02 Jan 2026 08:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214400 IP address blocks: 2001:67c:4b0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/ca3649-c29f-4e90-8822-bc65ef6b27b6/1/PqGMkbK-KKB0uaOHSpC0RgE84b4.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/ca3649-c29f-4e90-8822-bc65ef6b27b6/1/PqGMkbK-KKB0uaOHSpC0RgE84b4.mft rsync://rpki.ripe.net/repository/DEFAULT/PqGMkbK-KKB0uaOHSpC0RgE84b4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:cd:2e:ef:91:18:8d:8b:a4:de:e0:5b:33:13:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ea18c91b2be28a074b9a3874a90b446013ce1be Validity Not Before: Jan 2 08:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=807b8b70829c9f6883e98a57995466ef62aea624 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:0d:ed:bf:e9:4a:31:59:aa:29:a0:4e:0b:ac: 2e:5c:1b:0a:c1:09:af:6b:73:33:b7:66:da:dc:f5: 3f:0a:06:a0:9b:c0:7b:24:61:17:25:58:09:2e:80: 10:72:68:39:a5:86:de:74:69:b4:e2:fa:80:9a:36: 10:98:7f:a8:17:5f:d3:75:e6:6a:49:f1:85:f2:09: a9:66:3b:fb:73:71:4e:b9:80:26:ce:55:73:32:5d: b2:ba:f4:7b:62:eb:31:cd:79:93:38:d9:11:95:15: 38:75:df:c5:31:12:02:df:68:f7:d8:a6:61:a0:33: 63:c9:89:64:bf:87:2c:47:6f:db:5f:b3:a9:71:ce: ef:cf:40:9e:dc:38:c8:c6:65:1d:1f:7f:22:87:cf: 0f:3d:98:2a:d0:ee:17:3e:ac:ac:c8:9c:8b:58:da: c4:c4:a0:99:3b:c4:b6:5a:0e:1e:52:9f:4f:ee:97: 31:78:8c:f8:f4:4c:ae:0d:a0:d9:f1:25:50:0d:0c: d7:1d:73:87:64:da:a1:2e:0c:80:7b:77:a9:7f:50: 96:42:7d:96:28:52:bc:75:85:e1:67:97:31:37:eb: 14:87:22:e2:5b:f0:38:13:78:bf:5c:62:e6:09:49: db:ab:0e:e6:75:46:a3:db:89:b8:29:24:55:ee:fe: a2:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:7B:8B:70:82:9C:9F:68:83:E9:8A:57:99:54:66:EF:62:AE:A6:24 X509v3 Authority Key Identifier: keyid:3E:A1:8C:91:B2:BE:28:A0:74:B9:A3:87:4A:90:B4:46:01:3C:E1:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqGMkbK-KKB0uaOHSpC0RgE84b4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ca3649-c29f-4e90-8822-bc65ef6b27b6/1/gHuLcIKcn2iD6YpXmVRm72KupiQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ca3649-c29f-4e90-8822-bc65ef6b27b6/1/PqGMkbK-KKB0uaOHSpC0RgE84b4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:4b0::/48 Signature Algorithm: sha256WithRSAEncryption 59:03:1b:fd:8b:55:c1:95:5a:2f:1d:3c:53:41:8a:8a:41:1a: 2e:3c:94:ff:fd:b7:cf:58:39:92:f1:64:da:ce:5e:87:08:e4: 6e:7c:8a:45:39:29:22:bf:63:2f:11:ec:27:24:26:0f:6d:ce: df:ba:f9:eb:f5:16:c2:08:14:6e:ae:88:2f:24:95:bc:0b:a5: a9:dd:e3:22:79:6c:ae:81:19:5b:5c:57:0f:5d:73:7e:eb:71: 4d:b7:9c:f6:c1:70:47:f7:20:8c:a0:97:f7:3a:7c:c5:ab:5d: 44:6a:cd:fa:64:01:22:88:4b:49:92:6a:e7:4f:a3:e6:fc:d4: d4:4c:e9:6c:eb:65:ca:c0:98:20:b1:13:c7:49:1a:9f:2f:83: 1f:cd:db:d9:1f:e9:80:0d:5f:79:39:10:24:93:5a:f0:be:47: bf:12:6a:f6:ad:5f:93:bf:bf:10:93:ba:a1:c4:90:f0:96:06: ab:d2:6a:96:75:c2:2b:74:fc:ec:85:16:93:39:31:50:87:80: 1b:7a:02:d4:3f:a8:bd:af:52:8a:8d:01:b9:ff:ac:91:30:01: a3:30:78:4b:86:78:3e:1a:02:78:99:ca:a8:e3:c2:a6:f3:d2: ae:b2:c3:9b:b6:16:73:0b:d0:79:0f:f4:ff:d1:52:ff:f6:e5: 27:9a:5f:2f -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9yc0u75EYjYuk3uBbMxOMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlYTE4YzkxYjJiZTI4YTA3NGI5YTM4NzRhOTBiNDQ2MDEz Y2UxYmUwHhcNMjYwMTAyMDgxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MDdiOGI3MDgyOWM5ZjY4ODNlOThhNTc5OTU0NjZlZjYyYWVhNjI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAww3tv+lKMVmqKaBOC6wuXBsKwQmv a3Mzt2ba3PU/Cgagm8B7JGEXJVgJLoAQcmg5pYbedGm04vqAmjYQmH+oF1/TdeZq SfGF8gmpZjv7c3FOuYAmzlVzMl2yuvR7YusxzXmTONkRlRU4dd/FMRIC32j32KZh oDNjyYlkv4csR2/bX7Opcc7vz0Ce3DjIxmUdH38ih88PPZgq0O4XPqysyJyLWNrE xKCZO8S2Wg4eUp9P7pcxeIz49EyuDaDZ8SVQDQzXHXOHZNqhLgyAe3epf1CWQn2W KFK8dYXhZ5cxN+sUhyLiW/A4E3i/XGLmCUnbqw7mdUaj24m4KSRV7v6iGQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFIB7i3CCnJ9og+mKV5lUZu9irqYkMB8GA1UdIwQY MBaAFD6hjJGyviigdLmjh0qQtEYBPOG+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHFHTWtiSy1LS0IwdWFPSFNwQzBSZ0U4NGI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9jYTM2NDktYzI5Zi00ZTkwLTg4MjIt YmM2NWVmNmIyN2I2LzEvZ0h1TGNJS2NuMmlENllwWG1WUm03Mkt1cGlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC9jYTM2NDktYzI5Zi00ZTkwLTg4MjItYmM2NWVmNmIyN2I2 LzEvUHFHTWtiSy1LS0IwdWFPSFNwQzBSZ0U4NGI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfASw MA0GCSqGSIb3DQEBCwUAA4IBAQBZAxv9i1XBlVovHTxTQYqKQRouPJT//bfPWDmS 8WTazl6HCORufIpFOSkiv2MvEewnJCYPbc7fuvnr9RbCCBRurogvJJW8C6Wp3eMi eWyugRlbXFcPXXN+63FNt5z2wXBH9yCMoJf3OnzFq11Eas36ZAEiiEtJkmrnT6Pm /NTUTOls62XKwJggsRPHSRqfL4MfzdvZH+mADV95ORAkk1rwvke/Emr2rV+Tv78Q k7qhxJDwlgar0mqWdcIrdPzshRaTOTFQh4AbegLUP6i9r1KKjQG5/6yRMAGjMHhL hng+GgJ4mcqo48Km89KussObthZzC9B5D/T/0VL/9uUnml8v -----END CERTIFICATE-----Generated at Sun Jan 25 10:20:04 2026 by rpki-client