This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/chFHZOw2ZMRNN1XOHYi82xzbAuc.roa File: chFHZOw2ZMRNN1XOHYi82xzbAuc.roa (raw, json) Hash identifier: BDlEvflpPKXaJaRmk/bAwxo1+xdDB2Z8mFK1sRkxBc8= Subject key identifier: 72:11:47:64:EC:36:64:C4:4D:37:55:CE:1D:88:BC:DB:1C:DB:02:E7 Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Certificate serial: 019B7EA7032B2C172B98D55C88293F0A2ACD Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/chFHZOw2ZMRNN1XOHYi82xzbAuc.roa Signing time: Fri 02 Jan 2026 12:20:33 +0000 ROA not before: Fri 02 Jan 2026 12:20:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213253 IP address blocks: 2a0c:9a40:81fb::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 02:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:03:2b:2c:17:2b:98:d5:5c:88:29:3f:0a:2a:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Validity Not Before: Jan 2 12:20:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=72114764ec3664c44d3755ce1d88bcdb1cdb02e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ac:d9:1f:d0:42:e5:70:b9:dd:f8:e4:61:70: 6a:c5:2c:13:f0:b4:85:64:28:63:7a:75:d8:12:2b: 05:e2:7f:9f:97:fe:83:6a:45:f6:ac:55:00:09:9d: 7a:4f:9e:51:97:e6:e8:42:10:9c:33:a6:60:b0:75: 12:20:15:12:a6:ed:8f:a2:a1:39:97:21:95:58:9c: 0d:20:ca:f4:9c:71:18:ca:db:a2:9a:7e:6f:2e:f0: 35:db:97:6e:61:c6:06:f9:ad:ca:e6:30:98:26:bd: 04:73:19:1b:cf:7d:bd:42:98:04:ff:02:49:b5:c6: 88:ef:eb:7d:78:6d:80:06:44:8f:03:1b:90:a8:0f: 3b:e8:93:93:32:80:f6:0e:9a:8f:6e:c4:c6:52:f5: 8b:d2:5f:f9:58:5e:ff:33:bb:6c:e3:15:6d:3b:c4: 8a:7a:be:44:54:ec:aa:65:da:7a:ec:40:12:63:7e: 35:3c:b3:26:4b:9d:7c:cc:10:a4:78:7b:41:66:b6: fa:9b:99:8e:b1:cb:4a:0f:fe:eb:30:10:74:63:40: c9:2e:e0:54:de:8f:a6:6a:99:7a:f3:e8:71:62:88: fc:83:67:a4:c2:fd:ef:2c:d6:62:61:91:f3:f2:5a: 72:a0:e5:34:8a:f4:3f:8b:7b:b1:85:12:27:ce:b7: 2c:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:11:47:64:EC:36:64:C4:4D:37:55:CE:1D:88:BC:DB:1C:DB:02:E7 X509v3 Authority Key Identifier: keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/chFHZOw2ZMRNN1XOHYi82xzbAuc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:9a40:81fb::/48 Signature Algorithm: sha256WithRSAEncryption 29:18:27:bc:2a:c8:95:b3:df:74:dc:12:22:8e:88:5f:ec:0c: ac:41:dd:75:bf:e3:f0:ef:ef:1a:9b:c5:87:d0:11:d6:b5:e2: e7:b6:56:0d:62:31:dd:6d:7e:12:59:f5:cd:80:09:9c:c2:08: f1:b9:31:dd:6d:98:07:cc:42:ad:b6:79:e5:52:ee:55:5f:93: bc:bb:df:a2:41:95:9e:42:4c:01:6e:29:66:74:6d:cd:d9:4d: 3c:52:db:e9:27:4d:1a:14:e2:68:0b:d3:12:36:bf:de:6a:15: 89:d1:d9:78:6d:4c:6d:57:a6:16:3f:b0:bb:1d:68:90:3c:ce: ad:a9:d2:72:01:ce:61:34:d7:93:0a:99:a2:03:9e:72:06:8c: e6:fe:d3:cc:8a:3b:22:46:01:a0:71:84:8d:2c:31:d9:ca:0e: c7:fc:11:bb:11:be:e3:8c:88:90:8c:0f:14:14:7d:67:de:9c: 01:dc:29:10:3f:c4:1f:4c:04:d0:55:9a:22:a9:fa:38:08:e5: 61:46:c9:7c:ec:a8:95:e6:0c:bf:7a:c0:0c:83:76:73:08:19: 49:bf:bd:4c:70:4e:34:7c:4c:cc:50:55:e9:3f:ad:69:c2:6a: 6c:2f:5c:a4:d2:b5:9e:fe:e5:73:76:03:b1:f1:5b:77:7a:87: 55:de:55:98 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+pwMrLBcrmNVciCk/CirNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl NDgwMDgwHhcNMjYwMTAyMTIyMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjExNDc2NGVjMzY2NGM0NGQzNzU1Y2UxZDg4YmNkYjFjZGIwMmU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6zZH9BC5XC53fjkYXBqxSwT8LSF ZChjenXYEisF4n+fl/6DakX2rFUACZ16T55Rl+boQhCcM6ZgsHUSIBUSpu2PoqE5 lyGVWJwNIMr0nHEYytuimn5vLvA125duYcYG+a3K5jCYJr0Ecxkbz329QpgE/wJJ tcaI7+t9eG2ABkSPAxuQqA876JOTMoD2DpqPbsTGUvWL0l/5WF7/M7ts4xVtO8SK er5EVOyqZdp67EASY341PLMmS518zBCkeHtBZrb6m5mOsctKD/7rMBB0Y0DJLuBU 3o+mapl68+hxYoj8g2ekwv3vLNZiYZHz8lpyoOU0ivQ/i3uxhRInzrcsnQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFHIRR2TsNmTETTdVzh2IvNsc2wLnMB8GA1UdIwQY MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt YmY0ZTUyN2I5ZmE4LzEvY2hGSFpPdzJaTVJOTjFYT0hZaTgyeHpiQXVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4 LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIH7 MA0GCSqGSIb3DQEBCwUAA4IBAQApGCe8KsiVs9903BIijohf7AysQd11v+Pw7+8a m8WH0BHWteLntlYNYjHdbX4SWfXNgAmcwgjxuTHdbZgHzEKttnnlUu5VX5O8u9+i QZWeQkwBbilmdG3N2U08UtvpJ00aFOJoC9MSNr/eahWJ0dl4bUxtV6YWP7C7HWiQ PM6tqdJyAc5hNNeTCpmiA55yBozm/tPMijsiRgGgcYSNLDHZyg7H/BG7Eb7jjIiQ jA8UFH1n3pwB3CkQP8QfTATQVZoiqfo4COVhRsl87KiV5gy/esAMg3ZzCBlJv71M cE40fEzMUFXpP61pwmpsL1yk0rWe/uVzdgOx8Vt3eodV3lWY -----END CERTIFICATE-----Generated at Tue Jan 20 09:06:50 2026 by rpki-client