This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/hrEIqJAwCku3aKDnRzlzuarP4tc.roa File: hrEIqJAwCku3aKDnRzlzuarP4tc.roa (raw, json) Hash identifier: /EQ3061AHFPZuvaT0q5zSvf6uilyT/zCrLJMTA/SNVM= Subject key identifier: 86:B1:08:A8:90:30:0A:4B:B7:68:A0:E7:47:39:73:B9:AA:CF:E2:D7 Certificate issuer: /CN=dc1089c942b68033683b4dd506c0c36f74be0ea3 Certificate serial: 019B7D5B1056BBD8EBC3BC99660810E3FC33 Authority key identifier: DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/hrEIqJAwCku3aKDnRzlzuarP4tc.roa Signing time: Fri 02 Jan 2026 06:17:58 +0000 ROA not before: Fri 02 Jan 2026 06:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31898 IP address blocks: 2a09:a447:ac1e::/48 maxlen: 64 2a09:a447:ac1f::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.mft rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 13:16:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:10:56:bb:d8:eb:c3:bc:99:66:08:10:e3:fc:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc1089c942b68033683b4dd506c0c36f74be0ea3 Validity Not Before: Jan 2 06:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=86b108a890300a4bb768a0e7473973b9aacfe2d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:eb:70:4e:e1:48:6d:2e:fc:8b:d2:23:b7:41: 53:00:bb:32:32:97:6d:54:3f:35:78:8d:1c:79:de: fa:b2:c7:9b:d2:53:41:a0:5b:41:b6:52:f4:0f:78: b2:05:10:4a:7f:de:07:6a:50:4d:09:cc:28:e9:dc: 54:83:f5:0e:57:39:89:87:39:c4:42:00:22:b6:a3: 08:d2:f7:ad:32:9d:6a:5d:8a:0c:1a:f8:97:e9:5d: 5e:22:d4:1a:79:fc:b4:4b:ff:89:e1:bc:97:f7:06: 45:aa:54:4d:51:c1:29:ea:07:08:4e:77:2d:f3:5d: 0d:b0:ef:8a:17:70:98:b9:bf:cc:37:7f:2b:07:76: a4:d6:af:ee:98:fc:61:c7:39:29:be:0b:51:ae:13: e8:c6:ff:5e:01:d1:79:fa:ff:7b:44:6e:49:58:c1: 9e:0c:9a:9b:73:05:b1:b8:30:7e:35:3b:e1:04:4c: 6a:b0:b7:22:dd:03:96:6b:0b:b0:d8:31:b5:71:0a: f0:d5:5d:8c:f2:78:2b:e0:ee:39:2e:23:e8:19:0c: a2:19:e8:4c:7c:44:a0:f2:f2:e8:ae:04:62:05:c7: 84:7f:df:9c:17:e4:e1:8d:ad:ce:8a:d1:9b:2c:d0: a4:9e:a8:54:a0:fc:6a:de:12:6a:3b:af:b4:72:b3: 6a:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:B1:08:A8:90:30:0A:4B:B7:68:A0:E7:47:39:73:B9:AA:CF:E2:D7 X509v3 Authority Key Identifier: keyid:DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/hrEIqJAwCku3aKDnRzlzuarP4tc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:a447:ac1e::/47 Signature Algorithm: sha256WithRSAEncryption a0:96:9d:10:c8:8f:cb:0f:63:c8:0e:22:4c:6f:7f:61:4f:cf: b4:eb:d9:4a:30:d2:f4:e1:81:0b:4b:3d:fc:65:60:e8:51:64: 38:d6:13:a1:89:8a:54:c1:c2:49:2b:91:65:74:47:00:1f:62: 8c:33:72:e4:75:20:34:28:68:17:fe:48:f4:ca:8c:00:3f:a4: e1:6a:63:ce:e7:45:ac:45:ee:55:43:f5:b6:d8:74:b6:1c:4f: c2:4a:0b:0c:45:86:79:6a:c3:d9:9c:88:e3:e3:ac:0e:76:ec: 38:d7:10:68:47:38:98:3f:1c:67:20:19:38:93:5e:8a:78:82: 56:70:82:0a:a5:59:bb:b9:b1:8c:f1:b0:a8:13:07:cd:c3:ee: 8e:21:25:00:f9:fb:54:df:bb:de:dc:e5:49:39:a2:ba:38:41: 34:e2:4d:fa:49:bb:14:ef:33:b0:7b:84:0b:c2:f9:97:ec:65: bc:e9:6e:a5:95:67:27:86:21:d4:2f:3b:36:0f:f1:b0:94:31: cd:c7:e2:42:4c:e9:bb:13:0f:f2:3a:c4:d2:76:da:8b:9a:44: d5:f1:d0:69:e8:bc:37:de:58:bc:2f:51:99:c8:1c:86:e3:7e: 8a:c9:ac:55:f8:5e:27:08:a2:4a:98:e7:3f:7e:32:f9:3c:bb: 95:8d:bd:c3 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9WxBWu9jrw7yZZggQ4/wzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMTA4OWM5NDJiNjgwMzM2ODNiNGRkNTA2YzBjMzZmNzRi ZTBlYTMwHhcNMjYwMTAyMDYxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NmIxMDhhODkwMzAwYTRiYjc2OGEwZTc0NzM5NzNiOWFhY2ZlMmQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+twTuFIbS78i9Ijt0FTALsyMpdt VD81eI0ced76sseb0lNBoFtBtlL0D3iyBRBKf94HalBNCcwo6dxUg/UOVzmJhznE QgAitqMI0vetMp1qXYoMGviX6V1eItQaefy0S/+J4byX9wZFqlRNUcEp6gcITnct 810NsO+KF3CYub/MN38rB3ak1q/umPxhxzkpvgtRrhPoxv9eAdF5+v97RG5JWMGe DJqbcwWxuDB+NTvhBExqsLci3QOWawuw2DG1cQrw1V2M8ngr4O45LiPoGQyiGehM fESg8vLorgRiBceEf9+cF+Thja3OitGbLNCknqhUoPxq3hJqO6+0crNqKwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFIaxCKiQMApLt2ig50c5c7mqz+LXMB8GA1UdIwQY MBaAFNwQiclCtoAzaDtN1QbAw290vg6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0JDSnlVSzJnRE5vTzAzVkJzRERiM1MtRHFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8yNDE0OWQtZDExNS00MzMwLWJkNDkt Y2I1NmVkM2VhN2ZhLzEvaHJFSXFKQXdDa3UzYUtEblJ6bHp1YXJQNHRjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy8yNDE0OWQtZDExNS00MzMwLWJkNDktY2I1NmVkM2VhN2Zh LzEvM0JDSnlVSzJnRE5vTzAzVkJzRERiM1MtRHFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgmkR6we MA0GCSqGSIb3DQEBCwUAA4IBAQCglp0QyI/LD2PIDiJMb39hT8+069lKMNL04YEL Sz38ZWDoUWQ41hOhiYpUwcJJK5FldEcAH2KMM3LkdSA0KGgX/kj0yowAP6ThamPO 50WsRe5VQ/W22HS2HE/CSgsMRYZ5asPZnIjj46wOduw41xBoRziYPxxnIBk4k16K eIJWcIIKpVm7ubGM8bCoEwfNw+6OISUA+ftU37ve3OVJOaK6OEE04k36SbsU7zOw e4QLwvmX7GW86W6llWcnhiHULzs2D/GwlDHNx+JCTOm7Ew/yOsTSdtqLmkTV8dBp 6Lw33li8L1GZyByG436KyaxV+F4nCKJKmOc/fjL5PLuVjb3D -----END CERTIFICATE-----Generated at Sat Jan 10 20:49:50 2026 by rpki-client