This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/hcS0FWEKBHU-zDotkcZOlJwtP2U.roa File: hcS0FWEKBHU-zDotkcZOlJwtP2U.roa (raw, json) Hash identifier: WtgqGoAtHK4QE/3S3ar/C9SyFwoXYF7WS3gKUYf+F7M= Subject key identifier: 85:C4:B4:15:61:0A:04:75:3E:CC:3A:2D:91:C6:4E:94:9C:2D:3F:65 Certificate issuer: /CN=0b4cfabe47e9285f65f1f2d686baaf15b8b41773 Certificate serial: 019B77C6F5B08F1B92F38AB6647434826092 Authority key identifier: 0B:4C:FA:BE:47:E9:28:5F:65:F1:F2:D6:86:BA:AF:15:B8:B4:17:73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C0z6vkfpKF9l8fLWhrqvFbi0F3M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/hcS0FWEKBHU-zDotkcZOlJwtP2U.roa Signing time: Thu 01 Jan 2026 04:18:06 +0000 ROA not before: Thu 01 Jan 2026 04:18:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 64520 IP address blocks: 2a02:d58:200a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/C0z6vkfpKF9l8fLWhrqvFbi0F3M.crl rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/C0z6vkfpKF9l8fLWhrqvFbi0F3M.mft rsync://rpki.ripe.net/repository/DEFAULT/C0z6vkfpKF9l8fLWhrqvFbi0F3M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:f5:b0:8f:1b:92:f3:8a:b6:64:74:34:82:60:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b4cfabe47e9285f65f1f2d686baaf15b8b41773 Validity Not Before: Jan 1 04:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85c4b415610a04753ecc3a2d91c64e949c2d3f65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:9f:e9:fe:3d:fd:1a:40:71:12:76:cc:10:ff: ac:4b:38:44:a8:20:86:1d:d4:ff:64:e4:27:03:35: e0:aa:7f:bc:c8:d4:28:52:3b:51:d1:f7:6e:36:ac: 02:69:87:de:d1:65:77:2d:8e:dd:40:0d:e7:e3:32: b2:b5:30:92:cd:7f:06:23:b0:b0:0a:f9:bc:e1:07: f5:5e:91:7e:8a:b8:53:59:d0:a0:d7:12:88:9b:60: 84:1c:81:31:dd:a1:ea:85:a6:a9:5a:22:a9:af:40: 7e:8b:57:9c:03:e6:64:71:48:80:a6:6d:ba:1f:97: c8:89:25:11:fb:49:b5:fd:8f:12:ac:94:7a:d8:84: e5:65:37:b9:67:dd:56:4d:fb:c1:cf:3b:2b:3c:6c: 27:dd:6a:a1:3d:92:ec:2d:e5:a4:ec:9a:f0:13:74: f4:55:82:b1:32:09:1c:47:69:65:4c:50:87:3d:22: f6:b8:e9:f7:ea:44:e2:b7:69:d1:ca:18:fe:50:a9: 27:98:8f:77:02:87:16:ad:fe:6c:9c:6f:10:3c:c5: 30:75:49:22:3f:6e:b8:2d:5c:30:6a:4e:82:f3:95: 12:bc:a0:19:b3:e4:0f:cc:53:f3:e1:7e:d6:bd:7a: af:49:da:21:a4:48:af:a7:38:7e:59:0e:e7:e5:41: 77:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:C4:B4:15:61:0A:04:75:3E:CC:3A:2D:91:C6:4E:94:9C:2D:3F:65 X509v3 Authority Key Identifier: keyid:0B:4C:FA:BE:47:E9:28:5F:65:F1:F2:D6:86:BA:AF:15:B8:B4:17:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0z6vkfpKF9l8fLWhrqvFbi0F3M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/hcS0FWEKBHU-zDotkcZOlJwtP2U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/C0z6vkfpKF9l8fLWhrqvFbi0F3M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a02:d58:200a::/48 Signature Algorithm: sha256WithRSAEncryption 37:10:95:e5:85:8f:2e:0c:35:ec:f8:b2:b4:ce:3c:1c:94:ba: 01:86:61:da:e9:0f:69:eb:22:ca:22:4a:58:5a:4c:17:f1:91: 3c:24:59:b7:9b:a4:1a:e4:af:15:1c:e3:70:b6:a3:9f:09:19: 6c:89:71:1b:08:d4:25:2c:a3:7a:2e:a4:69:4e:fc:11:43:6b: 45:33:01:49:c4:67:a3:0b:16:a8:55:94:f3:1d:d4:dc:55:4e: 07:f4:8c:2d:0f:3c:c5:5c:8a:3d:e7:02:07:a1:c2:0b:51:ae: 60:71:3e:9b:b1:8a:94:ec:95:fe:a7:1d:20:68:84:44:64:7a: 63:de:be:14:46:51:2b:67:5c:29:2b:06:89:b1:1a:27:72:1c: 0b:d4:ed:9c:e7:d3:c0:ae:8f:a0:17:c6:42:14:0e:d1:d4:c4: 03:25:ff:2d:c6:7b:97:41:64:0c:7e:94:17:2b:ec:a1:72:1c: b1:3c:58:d1:fb:18:71:b5:14:f8:5e:d7:e0:a6:72:42:c3:a8: 6a:40:57:bf:48:42:9c:52:a0:8b:16:08:38:00:75:70:c3:4f: 17:86:9e:01:b1:56:07:98:3d:98:dd:fb:e2:b9:ff:f8:fe:82: e0:be:8e:c1:36:27:7a:5e:f6:07:e0:61:27:cd:8e:6d:8e:1c: 25:81:e6:7c -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt3xvWwjxuS84q2ZHQ0gmCSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiNGNmYWJlNDdlOTI4NWY2NWYxZjJkNjg2YmFhZjE1Yjhi NDE3NzMwHhcNMjYwMTAxMDQxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWM0YjQxNTYxMGEwNDc1M2VjYzNhMmQ5MWM2NGU5NDljMmQzZjY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ/p/j39GkBxEnbMEP+sSzhEqCCG HdT/ZOQnAzXgqn+8yNQoUjtR0fduNqwCaYfe0WV3LY7dQA3n4zKytTCSzX8GI7Cw Cvm84Qf1XpF+irhTWdCg1xKIm2CEHIEx3aHqhaapWiKpr0B+i1ecA+ZkcUiApm26 H5fIiSUR+0m1/Y8SrJR62ITlZTe5Z91WTfvBzzsrPGwn3WqhPZLsLeWk7JrwE3T0 VYKxMgkcR2llTFCHPSL2uOn36kTit2nRyhj+UKknmI93AocWrf5snG8QPMUwdUki P264LVwwak6C85USvKAZs+QPzFPz4X7WvXqvSdohpEivpzh+WQ7n5UF3gQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFIXEtBVhCgR1Psw6LZHGTpScLT9lMB8GA1UdIwQY MBaAFAtM+r5H6ShfZfHy1oa6rxW4tBdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzB6NnZrZnBLRjlsOGZMV2hycXZGYmkwRjNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8xYWJlOGEtNDVhMi00MTU2LTk4ZDct NjgwNmUzZDRjZTRmLzEvaGNTMEZXRUtCSFUtekRvdGtjWk9sSnd0UDJVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOS8xYWJlOGEtNDVhMi00MTU2LTk4ZDctNjgwNmUzZDRjZTRm LzEvQzB6NnZrZnBLRjlsOGZMV2hycXZGYmkwRjNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgINWCAK MA0GCSqGSIb3DQEBCwUAA4IBAQA3EJXlhY8uDDXs+LK0zjwclLoBhmHa6Q9p6yLK IkpYWkwX8ZE8JFm3m6Qa5K8VHONwtqOfCRlsiXEbCNQlLKN6LqRpTvwRQ2tFMwFJ xGejCxaoVZTzHdTcVU4H9IwtDzzFXIo95wIHocILUa5gcT6bsYqU7JX+px0gaIRE ZHpj3r4URlErZ1wpKwaJsRonchwL1O2c59PAro+gF8ZCFA7R1MQDJf8txnuXQWQM fpQXK+yhchyxPFjR+xhxtRT4XtfgpnJCw6hqQFe/SEKcUqCLFgg4AHVww08Xhp4B sVYHmD2Y3fviuf/4/oLgvo7BNid6XvYH4GEnzY5tjhwlgeZ8 -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:14 2026 by rpki-client