This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/7f02b0-d9ad-4f5d-9b69-48f621acb9b7/1/EhjDtKMsVMUs0ZuH-lX2Q3No4_k.roa File: EhjDtKMsVMUs0ZuH-lX2Q3No4_k.roa (raw, json) Hash identifier: dyUmYbTgpywEf3UhaQdBj3HPVSQs7lYIPuCIHhpwi/A= Subject key identifier: 12:18:C3:B4:A3:2C:54:C5:2C:D1:9B:87:FA:55:F6:43:73:68:E3:F9 Certificate issuer: /CN=9474b5241b63c3afbdb342cc47634c55ab2ff846 Certificate serial: 019B7FF28CD84068B1A9CA74286894171A44 Authority key identifier: 94:74:B5:24:1B:63:C3:AF:BD:B3:42:CC:47:63:4C:55:AB:2F:F8:46 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHS1JBtjw6-9s0LMR2NMVasv-EY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/7f02b0-d9ad-4f5d-9b69-48f621acb9b7/1/EhjDtKMsVMUs0ZuH-lX2Q3No4_k.roa Signing time: Fri 02 Jan 2026 18:22:40 +0000 ROA not before: Fri 02 Jan 2026 18:22:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210320 IP address blocks: 2001:67c:d4::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/7f02b0-d9ad-4f5d-9b69-48f621acb9b7/1/lHS1JBtjw6-9s0LMR2NMVasv-EY.crl rsync://rpki.ripe.net/repository/DEFAULT/00/7f02b0-d9ad-4f5d-9b69-48f621acb9b7/1/lHS1JBtjw6-9s0LMR2NMVasv-EY.mft rsync://rpki.ripe.net/repository/DEFAULT/lHS1JBtjw6-9s0LMR2NMVasv-EY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 13:16:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:8c:d8:40:68:b1:a9:ca:74:28:68:94:17:1a:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9474b5241b63c3afbdb342cc47634c55ab2ff846 Validity Not Before: Jan 2 18:22:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1218c3b4a32c54c52cd19b87fa55f6437368e3f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:13:c9:04:0c:74:52:66:f7:e2:bc:2a:ef:de: 5d:7e:ea:39:64:35:04:84:1c:99:24:ea:7b:90:6c: ff:2e:b7:c3:fc:1b:e3:1d:aa:33:e5:7b:ef:e9:e1: 0c:49:4e:68:78:1f:0a:69:8a:9f:6a:ec:05:8c:8e: d2:0a:4d:9a:42:eb:8b:fa:72:bb:e9:e5:c0:03:ec: 0a:70:d9:56:8c:e2:ab:f0:42:06:44:c9:80:1e:fe: 0a:d0:95:ad:a0:b9:41:68:99:cc:66:4b:1e:38:47: 94:1f:79:66:c2:96:cc:88:25:5d:c2:16:f6:45:98: cb:42:84:74:06:96:57:c6:55:b4:64:bc:4a:b9:f5: 6f:04:36:ba:39:92:1a:f5:9d:47:a5:23:90:7c:45: 49:22:ee:51:d4:61:80:c2:78:b6:47:b1:88:89:cd: 21:67:27:c7:c3:b1:24:42:1b:02:4e:21:0a:16:3a: e9:f8:de:a5:39:e5:68:ef:3f:03:d1:e5:ff:f4:f2: d8:43:f6:80:63:9b:c3:d0:80:57:25:9c:e7:64:3d: 62:75:fd:d8:02:28:e9:b1:b3:0f:96:37:48:26:ae: 0c:76:44:01:1c:b4:3f:d2:e2:6f:21:68:05:11:72: ed:04:c0:fe:00:ab:af:8b:23:40:8f:51:59:c0:75: 6c:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:18:C3:B4:A3:2C:54:C5:2C:D1:9B:87:FA:55:F6:43:73:68:E3:F9 X509v3 Authority Key Identifier: keyid:94:74:B5:24:1B:63:C3:AF:BD:B3:42:CC:47:63:4C:55:AB:2F:F8:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHS1JBtjw6-9s0LMR2NMVasv-EY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/7f02b0-d9ad-4f5d-9b69-48f621acb9b7/1/EhjDtKMsVMUs0ZuH-lX2Q3No4_k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/7f02b0-d9ad-4f5d-9b69-48f621acb9b7/1/lHS1JBtjw6-9s0LMR2NMVasv-EY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:d4::/48 Signature Algorithm: sha256WithRSAEncryption 16:43:b7:56:2a:02:69:85:68:cc:40:b0:fa:73:15:0a:9e:a7: 1d:43:b5:c0:36:ab:26:8a:0b:07:f1:51:40:e1:c3:d3:47:43: 33:6a:74:dc:9e:b1:7d:a2:5a:4c:7b:58:6d:aa:24:89:24:bc: 17:e4:11:04:65:a8:02:20:69:7e:24:a3:11:02:23:51:b1:0b: 87:25:17:dd:79:68:86:07:1e:bc:ac:01:52:67:99:e3:df:16: 4b:33:63:6c:c9:b4:8a:18:3a:0e:af:75:de:83:2a:dc:5d:53: 4e:88:d5:5e:a6:6b:da:34:1d:29:26:7b:ef:4e:13:a8:a7:dc: 5a:40:be:ba:2c:c5:13:8a:40:9b:0f:5f:e5:b0:65:a9:2e:78: 81:32:86:45:82:82:09:11:e5:3d:50:5a:47:6d:36:43:6d:65: 21:c3:92:7b:17:e4:cc:d5:a8:79:2b:eb:70:f0:f2:b0:69:85: ed:c5:d9:5f:e5:b2:5c:c6:01:06:d3:bf:1f:4c:16:cd:29:dc: dc:3a:fe:3e:28:a9:55:13:da:07:aa:e5:9e:80:57:cc:98:72: 13:35:9c:77:c6:21:c4:48:88:9c:ee:30:42:3f:82:15:b7:ae: ab:0f:ff:31:50:73:6f:62:23:cb:92:f8:2a:92:a8:5a:2c:ca: 79:22:d3:f9 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/8ozYQGixqcp0KGiUFxpEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0NzRiNTI0MWI2M2MzYWZiZGIzNDJjYzQ3NjM0YzU1YWIy ZmY4NDYwHhcNMjYwMTAyMTgyMjQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMjE4YzNiNGEzMmM1NGM1MmNkMTliODdmYTU1ZjY0MzczNjhlM2Y5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhPJBAx0Umb34rwq795dfuo5ZDUE hByZJOp7kGz/LrfD/BvjHaoz5Xvv6eEMSU5oeB8KaYqfauwFjI7SCk2aQuuL+nK7 6eXAA+wKcNlWjOKr8EIGRMmAHv4K0JWtoLlBaJnMZkseOEeUH3lmwpbMiCVdwhb2 RZjLQoR0BpZXxlW0ZLxKufVvBDa6OZIa9Z1HpSOQfEVJIu5R1GGAwni2R7GIic0h ZyfHw7EkQhsCTiEKFjrp+N6lOeVo7z8D0eX/9PLYQ/aAY5vD0IBXJZznZD1idf3Y AijpsbMPljdIJq4MdkQBHLQ/0uJvIWgFEXLtBMD+AKuviyNAj1FZwHVs8QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFBIYw7SjLFTFLNGbh/pV9kNzaOP5MB8GA1UdIwQY MBaAFJR0tSQbY8OvvbNCzEdjTFWrL/hGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEhTMUpCdGp3Ni05czBMTVIyTk1WYXN2LUVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83ZjAyYjAtZDlhZC00ZjVkLTliNjkt NDhmNjIxYWNiOWI3LzEvRWhqRHRLTXNWTVVzMFp1SC1sWDJRM05vNF9rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC83ZjAyYjAtZDlhZC00ZjVkLTliNjktNDhmNjIxYWNiOWI3 LzEvbEhTMUpCdGp3Ni05czBMTVIyTk1WYXN2LUVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfADU MA0GCSqGSIb3DQEBCwUAA4IBAQAWQ7dWKgJphWjMQLD6cxUKnqcdQ7XANqsmigsH 8VFA4cPTR0MzanTcnrF9olpMe1htqiSJJLwX5BEEZagCIGl+JKMRAiNRsQuHJRfd eWiGBx68rAFSZ5nj3xZLM2NsybSKGDoOr3XegyrcXVNOiNVepmvaNB0pJnvvThOo p9xaQL66LMUTikCbD1/lsGWpLniBMoZFgoIJEeU9UFpHbTZDbWUhw5J7F+TM1ah5 K+tw8PKwaYXtxdlf5bJcxgEG078fTBbNKdzcOv4+KKlVE9oHquWegFfMmHITNZx3 xiHESIic7jBCP4IVt66rD/8xUHNvYiPLkvgqkqhaLMp5ItP5 -----END CERTIFICATE-----Generated at Sat Jan 10 20:12:59 2026 by rpki-client