This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/HeSZlksbTLA8N88AjDTrmX2uk88.roa File: HeSZlksbTLA8N88AjDTrmX2uk88.roa (raw, json) Hash identifier: MfWlXQd6/+y+QIEgFdqX3cMg9aLFaxN2h3g3GICOFJI= Subject key identifier: 1D:E4:99:96:4B:1B:4C:B0:3C:37:CF:00:8C:34:EB:99:7D:AE:93:CF Certificate issuer: /CN=b9ab361394683e4f24397cfc8f23eab2c6828dea Certificate serial: 019B7BA538113C0DC3E61689F07BF0EF426A Authority key identifier: B9:AB:36:13:94:68:3E:4F:24:39:7C:FC:8F:23:EA:B2:C6:82:8D:EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uas2E5RoPk8kOXz8jyPqssaCjeo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/HeSZlksbTLA8N88AjDTrmX2uk88.roa Signing time: Thu 01 Jan 2026 22:19:43 +0000 ROA not before: Thu 01 Jan 2026 22:19:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 2a13:2e00::/36 maxlen: 48 2a13:2e01::/36 maxlen: 48 2a13:2e02::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/uas2E5RoPk8kOXz8jyPqssaCjeo.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/uas2E5RoPk8kOXz8jyPqssaCjeo.mft rsync://rpki.ripe.net/repository/DEFAULT/uas2E5RoPk8kOXz8jyPqssaCjeo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 16:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:38:11:3c:0d:c3:e6:16:89:f0:7b:f0:ef:42:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b9ab361394683e4f24397cfc8f23eab2c6828dea Validity Not Before: Jan 1 22:19:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1de499964b1b4cb03c37cf008c34eb997dae93cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:30:e7:c4:81:01:f7:2e:d9:61:dd:8e:db:83: ca:5f:c0:15:0f:03:eb:dd:63:e1:b0:17:14:48:cf: c5:a9:06:4d:f2:96:a7:67:80:2b:16:21:3a:b3:8f: 96:54:f5:dd:31:d1:33:f2:e4:a9:f9:bd:be:3a:1d: 34:a1:e6:f1:7f:c2:ed:1a:55:1a:cc:0f:8d:9b:7f: 31:85:12:86:5b:f1:69:e9:92:04:17:89:90:9d:05: 73:fb:2c:0d:cf:9d:23:e3:d0:e6:5b:32:27:b9:e9: cb:cd:f7:1a:aa:9b:e0:69:47:35:56:2e:77:9a:a8: e9:9a:38:dc:df:dc:7b:3c:a1:a2:13:16:39:ce:0c: 4f:fc:99:75:54:59:65:05:52:91:55:bb:54:ec:61: 27:21:d1:08:82:1a:7a:e5:4c:9f:c7:e5:e4:a1:3e: b2:81:15:c2:ec:6f:8f:64:50:7a:f2:36:fd:bc:25: fa:b7:70:1a:d7:53:a7:e1:67:4e:d6:10:a0:70:5c: 10:1a:76:3a:bd:9a:fd:93:e0:d1:22:d8:f9:45:8f: 81:36:1b:fb:e6:e2:61:cc:e5:a7:7e:e3:7d:5c:7d: 5e:aa:89:28:48:9b:17:2e:53:0b:a0:34:77:9f:b4: d0:26:99:b5:be:46:2b:3e:6c:4a:bd:75:82:b9:fe: 2b:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:E4:99:96:4B:1B:4C:B0:3C:37:CF:00:8C:34:EB:99:7D:AE:93:CF X509v3 Authority Key Identifier: keyid:B9:AB:36:13:94:68:3E:4F:24:39:7C:FC:8F:23:EA:B2:C6:82:8D:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uas2E5RoPk8kOXz8jyPqssaCjeo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/HeSZlksbTLA8N88AjDTrmX2uk88.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/uas2E5RoPk8kOXz8jyPqssaCjeo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:2e00::/36 2a13:2e01::/36 2a13:2e02::/36 Signature Algorithm: sha256WithRSAEncryption 2e:de:1b:5d:ae:4a:cf:4b:3a:c5:21:04:a6:64:07:5f:78:9f: 78:25:d1:a1:8c:60:b5:c0:7a:54:30:e9:0b:85:1c:55:17:05: 16:7d:23:01:27:30:e6:26:22:69:16:e3:7d:7e:91:7a:65:d8: 95:c4:e1:18:05:d8:a1:78:ba:bd:c2:65:10:b3:8f:6a:58:99: a3:e3:80:1d:a0:bc:4a:aa:c6:22:cc:ac:0c:47:b3:b6:57:9c: d4:92:44:4e:38:b6:4b:93:07:20:86:41:7b:b9:c5:51:dd:d1: 3e:0e:c0:1e:89:86:28:55:b9:35:f2:8e:c8:3a:1f:0c:2c:f9: d4:ee:15:29:15:1d:7f:1a:65:44:db:73:2c:bc:a7:d9:8e:bc: a0:b1:23:2b:df:7a:15:7b:fd:7e:72:49:49:3c:f8:32:9f:d0: a0:cb:b8:22:4a:70:15:2a:24:d0:5d:2d:6b:6e:ca:31:81:6a: b2:e3:ef:a5:d3:95:0e:20:7f:9d:d8:58:2c:05:b0:a6:04:eb: 8c:99:b8:26:34:5c:8e:26:4c:e8:e2:86:2f:61:81:48:c6:45: 21:6d:46:64:0a:68:45:71:37:a9:e7:95:50:50:2c:ff:82:8f: b4:f7:cb:f6:81:9b:6f:17:c3:78:ff:81:8d:97:82:ae:d0:24: 3e:08:e6:b5 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt7pTgRPA3D5haJ8Hvw70JqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5YWIzNjEzOTQ2ODNlNGYyNDM5N2NmYzhmMjNlYWIyYzY4 MjhkZWEwHhcNMjYwMTAxMjIxOTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZGU0OTk5NjRiMWI0Y2IwM2MzN2NmMDA4YzM0ZWI5OTdkYWU5M2NmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzDnxIEB9y7ZYd2O24PKX8AVDwPr 3WPhsBcUSM/FqQZN8panZ4ArFiE6s4+WVPXdMdEz8uSp+b2+Oh00oebxf8LtGlUa zA+Nm38xhRKGW/Fp6ZIEF4mQnQVz+ywNz50j49DmWzInuenLzfcaqpvgaUc1Vi53 mqjpmjjc39x7PKGiExY5zgxP/Jl1VFllBVKRVbtU7GEnIdEIghp65Uyfx+XkoT6y gRXC7G+PZFB68jb9vCX6t3Aa11On4WdO1hCgcFwQGnY6vZr9k+DRItj5RY+BNhv7 5uJhzOWnfuN9XH1eqokoSJsXLlMLoDR3n7TQJpm1vkYrPmxKvXWCuf4rzwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFB3kmZZLG0ywPDfPAIw065l9rpPPMB8GA1UdIwQY MBaAFLmrNhOUaD5PJDl8/I8j6rLGgo3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWFzMkU1Um9QazhrT1h6OGp5UHFzc2FDamVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8zNjBlZjktZWMyMC00ZTEzLTk2NDct ZGRmZWI0MjRhZGY1LzEvSGVTWmxrc2JUTEE4Tjg4QWpEVHJtWDJ1azg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi8zNjBlZjktZWMyMC00ZTEzLTk2NDctZGRmZWI0MjRhZGY1 LzEvdWFzMkU1Um9QazhrT1h6OGp5UHFzc2FDamVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYEKhMuAAAD BgQqEy4BAAMGBCoTLgIAMA0GCSqGSIb3DQEBCwUAA4IBAQAu3htdrkrPSzrFIQSm ZAdfeJ94JdGhjGC1wHpUMOkLhRxVFwUWfSMBJzDmJiJpFuN9fpF6ZdiVxOEYBdih eLq9wmUQs49qWJmj44AdoLxKqsYizKwMR7O2V5zUkkROOLZLkwcghkF7ucVR3dE+ DsAeiYYoVbk18o7IOh8MLPnU7hUpFR1/GmVE23MsvKfZjrygsSMr33oVe/1+cklJ PPgyn9Cgy7giSnAVKiTQXS1rbsoxgWqy4++l05UOIH+d2FgsBbCmBOuMmbgmNFyO Jkzo4oYvYYFIxkUhbUZkCmhFcTep55VQUCz/go+098v2gZtvF8N4/4GNl4Ku0CQ+ COa1 -----END CERTIFICATE-----Generated at Fri Jan 9 00:57:57 2026 by rpki-client