This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/HrFuB2F4P326FdIKDHmR_z_oGqs.roa File: HrFuB2F4P326FdIKDHmR_z_oGqs.roa (raw, json) Hash identifier: d1+J0bs8Jd4Tmg8E7c67C6CZ18CYNi+0jZ3ouxTsd3M= Subject key identifier: 1E:B1:6E:07:61:78:3F:7D:BA:15:D2:0A:0C:79:91:FF:3F:E8:1A:AB Certificate issuer: /CN=255876412d20fbb6cab823481782ac47703b4404 Certificate serial: 019B7B36C93F28FDF9416B46B9F03CD6F9F2 Authority key identifier: 25:58:76:41:2D:20:FB:B6:CA:B8:23:48:17:82:AC:47:70:3B:44:04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/HrFuB2F4P326FdIKDHmR_z_oGqs.roa Signing time: Thu 01 Jan 2026 20:19:06 +0000 ROA not before: Thu 01 Jan 2026 20:19:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210152 IP address blocks: 2a01:ffc6:4000::/34 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.crl rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.mft rsync://rpki.ripe.net/repository/DEFAULT/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:c9:3f:28:fd:f9:41:6b:46:b9:f0:3c:d6:f9:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=255876412d20fbb6cab823481782ac47703b4404 Validity Not Before: Jan 1 20:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1eb16e0761783f7dba15d20a0c7991ff3fe81aab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:d0:67:63:13:76:fd:0c:52:d1:4e:9c:c4:bf: 37:ac:c9:32:24:f1:70:23:fe:8f:d1:a6:67:e9:fb: a9:88:cd:5b:09:e0:a2:6e:5c:86:31:34:a9:12:f9: 9d:3e:a2:17:d4:62:2e:31:df:2d:e3:eb:19:aa:04: 3a:09:23:96:b3:ff:84:6a:e9:37:e3:56:3f:cc:9c: aa:26:96:83:d9:f0:22:68:10:8b:68:62:e6:dd:d8: 8c:4e:5b:5d:97:8d:45:0e:5b:6b:f6:05:40:88:60: e5:ad:be:d8:c5:10:48:bc:e2:74:bb:c3:2b:1c:c5: 5f:67:ae:7a:61:47:f1:30:ad:92:a6:bd:2d:14:bb: ec:f7:20:01:d9:57:f5:f3:2b:98:9c:d1:5c:53:f0: 6a:94:07:83:20:cc:8f:7b:fe:a3:e4:f4:49:a4:af: 2e:dd:05:73:f7:5f:1a:b3:10:85:67:29:b5:5b:07: 8c:05:9b:76:98:f1:ee:b3:6e:e4:c2:31:e2:4a:d8: ca:40:93:2f:bf:83:79:63:84:b5:77:17:a8:d6:83: ef:c6:21:d4:84:10:8e:b9:7c:1a:52:67:99:c5:fd: b9:b2:9d:33:b3:3a:c7:b5:12:b4:1f:e4:f4:37:a0: d2:eb:f0:21:51:49:92:a2:6a:ea:d2:6e:7f:7a:f3: 24:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:B1:6E:07:61:78:3F:7D:BA:15:D2:0A:0C:79:91:FF:3F:E8:1A:AB X509v3 Authority Key Identifier: keyid:25:58:76:41:2D:20:FB:B6:CA:B8:23:48:17:82:AC:47:70:3B:44:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/HrFuB2F4P326FdIKDHmR_z_oGqs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:ffc6:4000::/34 Signature Algorithm: sha256WithRSAEncryption 50:7b:91:ea:25:8f:f1:29:ad:3a:ad:1c:2d:4c:38:da:6b:f8: 09:85:43:42:37:67:17:24:fc:5e:ed:83:ee:c2:e0:36:88:17: bc:0e:96:6c:8e:03:20:e1:c2:97:c5:7d:05:4e:87:ae:ba:99: a0:ca:6d:14:28:d5:b2:fe:47:e3:34:01:b3:93:0b:e1:8d:c5: ba:f1:de:b0:30:ba:bf:24:03:c7:3b:ce:32:56:de:e3:9c:33: 4e:ba:d3:bb:e8:d0:69:7b:c8:fc:15:06:96:f2:46:b8:d5:48: 72:a9:49:0e:e1:75:45:7a:7b:63:f4:9b:af:9f:86:66:f9:e4: 81:2a:a1:3a:c6:c8:88:f4:b1:32:66:f9:9a:6a:e4:86:f9:9f: 8f:10:cb:78:7b:e2:3c:f2:9e:e3:97:2d:0a:b4:d4:ce:7f:00: 70:11:e4:3c:eb:db:5a:03:2a:4d:01:fc:07:f6:2c:c7:42:df: 9a:f8:11:3f:55:d7:f1:a8:9c:55:af:10:15:21:fb:fe:78:c6: 96:21:c6:64:88:62:87:ec:52:f9:62:c2:bb:c2:a6:41:10:a2: f7:5b:93:24:57:a8:74:07:f8:8d:a3:da:8a:9e:3d:b8:c2:f6: c8:7e:88:0d:5c:9b:ac:f9:a7:15:44:02:7b:ef:2d:00:26:17: ec:84:8f:ca -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt7Nsk/KP35QWtGufA81vnyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1NTg3NjQxMmQyMGZiYjZjYWI4MjM0ODE3ODJhYzQ3NzAz YjQ0MDQwHhcNMjYwMTAxMjAxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZWIxNmUwNzYxNzgzZjdkYmExNWQyMGEwYzc5OTFmZjNmZTgxYWFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttBnYxN2/QxS0U6cxL83rMkyJPFw I/6P0aZn6fupiM1bCeCiblyGMTSpEvmdPqIX1GIuMd8t4+sZqgQ6CSOWs/+Eauk3 41Y/zJyqJpaD2fAiaBCLaGLm3diMTltdl41FDltr9gVAiGDlrb7YxRBIvOJ0u8Mr HMVfZ656YUfxMK2Spr0tFLvs9yAB2Vf18yuYnNFcU/BqlAeDIMyPe/6j5PRJpK8u 3QVz918asxCFZym1WweMBZt2mPHus27kwjHiStjKQJMvv4N5Y4S1dxeo1oPvxiHU hBCOuXwaUmeZxf25sp0zszrHtRK0H+T0N6DS6/AhUUmSomrq0m5/evMkgQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFB6xbgdheD99uhXSCgx5kf8/6BqrMB8GA1UdIwQY MBaAFCVYdkEtIPu2yrgjSBeCrEdwO0QEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlZoMlFTMGctN2JLdUNOSUY0S3NSM0E3UkFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kZDA2MmEtMTMxOS00MDE5LWE1NTEt ODc2YzdmY2E0YjM0LzEvSHJGdUIyRjRQMzI2RmRJS0RIbVJfel9vR3FzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC9kZDA2MmEtMTMxOS00MDE5LWE1NTEtODc2YzdmY2E0YjM0 LzEvSlZoMlFTMGctN2JLdUNOSUY0S3NSM0E3UkFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGKgH/xkAw DQYJKoZIhvcNAQELBQADggEBAFB7keolj/EprTqtHC1MONpr+AmFQ0I3Zxck/F7t g+7C4DaIF7wOlmyOAyDhwpfFfQVOh666maDKbRQo1bL+R+M0AbOTC+GNxbrx3rAw ur8kA8c7zjJW3uOcM06607vo0Gl7yPwVBpbyRrjVSHKpSQ7hdUV6e2P0m6+fhmb5 5IEqoTrGyIj0sTJm+Zpq5Ib5n48Qy3h74jzynuOXLQq01M5/AHAR5Dzr21oDKk0B /Af2LMdC35r4ET9V1/GonFWvEBUh+/54xpYhxmSIYofsUvliwrvCpkEQovdbkyRX qHQH+I2j2oqePbjC9sh+iA1cm6z5pxVEAnvvLQAmF+yEj8o= -----END CERTIFICATE-----Generated at Mon Jan 26 15:34:03 2026 by rpki-client