This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/24Hwto-BpXx4ZNDaWCPO8Ea-hlI.roa File: 24Hwto-BpXx4ZNDaWCPO8Ea-hlI.roa (raw, json) Hash identifier: iK9kCH46Oumb8kgSKUedbFMHCOpgazvLt/ANMQHFNJk= Subject key identifier: DB:81:F0:B6:8F:81:A5:7C:78:64:D0:DA:58:23:CE:F0:46:BE:86:52 Certificate issuer: /CN=6f2c0c66b6b4612c8949800f09291cafa3865fd3 Certificate serial: 019B77C66D359CD79807CA2B1DEA1FF013AA Authority key identifier: 6F:2C:0C:66:B6:B4:61:2C:89:49:80:0F:09:29:1C:AF:A3:86:5F:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bywMZra0YSyJSYAPCSkcr6OGX9M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/24Hwto-BpXx4ZNDaWCPO8Ea-hlI.roa Signing time: Thu 01 Jan 2026 04:17:31 +0000 ROA not before: Thu 01 Jan 2026 04:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206946 IP address blocks: 2001:678:2b8::/48 maxlen: 48 2001:678:2b9::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/bywMZra0YSyJSYAPCSkcr6OGX9M.crl rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/bywMZra0YSyJSYAPCSkcr6OGX9M.mft rsync://rpki.ripe.net/repository/DEFAULT/bywMZra0YSyJSYAPCSkcr6OGX9M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 15:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:6d:35:9c:d7:98:07:ca:2b:1d:ea:1f:f0:13:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f2c0c66b6b4612c8949800f09291cafa3865fd3 Validity Not Before: Jan 1 04:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=db81f0b68f81a57c7864d0da5823cef046be8652 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:58:64:e4:2e:d3:32:b5:4e:1d:86:03:3f:46: 78:87:77:7c:b0:e3:9d:29:3b:fc:c3:8c:d0:58:81: c4:5f:4c:46:64:57:c0:90:c4:2e:01:a1:ff:89:7d: d7:8b:89:fa:c9:5c:21:e9:4d:8f:7d:9e:f8:af:0e: 85:f7:9b:df:a1:60:93:fa:75:de:c3:58:0f:8a:44: 47:6b:12:48:37:c5:60:af:c2:31:a9:7c:71:5f:c4: 8f:51:ae:19:27:b7:bc:02:9b:7b:65:dc:fc:23:95: e6:bb:4f:86:03:9f:7c:f1:52:6e:79:90:9e:f5:d2: 94:0b:8c:48:45:7d:ad:f0:9f:1e:94:a0:2d:fb:20: 69:04:55:80:d1:ec:0d:9a:d1:d1:b0:a6:a9:73:7a: f9:bd:d5:e9:80:da:39:c0:08:98:34:be:83:ea:e7: 9d:9a:06:ed:2e:a0:09:3d:0b:19:8d:0b:63:65:89: 54:6a:72:a6:b3:9f:4d:5e:64:43:6b:6b:37:d3:b6: 2e:5e:e7:10:7d:fa:79:ec:8a:54:aa:81:b4:45:23: 94:36:7d:6e:0b:85:43:fa:75:1c:42:9f:62:31:60: 4e:e5:7b:cd:82:63:63:1a:cb:45:72:96:2c:ee:74: ce:2e:61:87:0f:bb:46:93:60:47:73:4f:23:b4:15: 3d:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:81:F0:B6:8F:81:A5:7C:78:64:D0:DA:58:23:CE:F0:46:BE:86:52 X509v3 Authority Key Identifier: keyid:6F:2C:0C:66:B6:B4:61:2C:89:49:80:0F:09:29:1C:AF:A3:86:5F:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bywMZra0YSyJSYAPCSkcr6OGX9M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/24Hwto-BpXx4ZNDaWCPO8Ea-hlI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/bywMZra0YSyJSYAPCSkcr6OGX9M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:2b8::/47 Signature Algorithm: sha256WithRSAEncryption 4e:f9:b4:1d:4c:3b:28:0c:96:71:f4:61:80:bd:00:75:82:42: b3:18:5d:9e:f7:d3:d7:14:56:16:46:38:f5:d2:f0:fa:60:e8: a6:1c:f1:1a:26:c7:7c:a4:6e:ea:b0:8b:3d:d9:af:8c:4c:f3: 9e:85:ba:8a:19:97:94:1b:db:3d:82:f0:0f:34:2e:32:c5:54: 28:45:60:a5:b7:8c:04:3b:c2:48:5c:24:00:89:98:e1:16:8e: 53:1b:39:e2:56:40:52:bc:a2:a0:a5:4d:51:79:8d:a0:8f:0b: 15:3f:3b:15:24:32:3a:93:db:9d:c4:20:95:e9:da:88:57:49: 80:e0:a2:d7:48:de:a0:8c:21:4a:fb:6f:16:5e:06:aa:1a:73: 85:7f:88:d9:b5:55:96:8c:54:d1:e3:8d:37:17:f3:9a:b7:e9: cf:1c:92:3f:46:5d:f1:a5:d7:68:bf:de:8c:be:32:79:5d:13: 15:43:f2:da:4f:d4:a9:94:bb:3d:d7:58:a3:7f:9a:c1:f8:37: 66:f5:54:57:f3:cf:88:87:ec:a2:98:eb:7d:3d:75:13:25:33: 69:49:55:56:bf:0e:65:20:07:c6:df:c4:2b:b0:5d:1e:05:20: c9:69:42:5b:fd:6d:e8:68:be:f6:50:26:31:84:98:ed:28:a4: 59:51:9a:4f -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt3xm01nNeYB8orHeof8BOqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmMmMwYzY2YjZiNDYxMmM4OTQ5ODAwZjA5MjkxY2FmYTM4 NjVmZDMwHhcNMjYwMTAxMDQxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYjgxZjBiNjhmODFhNTdjNzg2NGQwZGE1ODIzY2VmMDQ2YmU4NjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFhk5C7TMrVOHYYDP0Z4h3d8sOOd KTv8w4zQWIHEX0xGZFfAkMQuAaH/iX3Xi4n6yVwh6U2PfZ74rw6F95vfoWCT+nXe w1gPikRHaxJIN8Vgr8IxqXxxX8SPUa4ZJ7e8Apt7Zdz8I5Xmu0+GA5988VJueZCe 9dKUC4xIRX2t8J8elKAt+yBpBFWA0ewNmtHRsKapc3r5vdXpgNo5wAiYNL6D6ued mgbtLqAJPQsZjQtjZYlUanKms59NXmRDa2s307YuXucQffp57IpUqoG0RSOUNn1u C4VD+nUcQp9iMWBO5XvNgmNjGstFcpYs7nTOLmGHD7tGk2BHc08jtBU95QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFNuB8LaPgaV8eGTQ2lgjzvBGvoZSMB8GA1UdIwQY MBaAFG8sDGa2tGEsiUmADwkpHK+jhl/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYnl3TVpyYTBZU3lKU1lBUENTa2NyNk9HWDlNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDhhNzQtNjBiOC00MTBlLWFhMzUt MzkyYTc1MjQ2NGIxLzEvMjRId3RvLUJwWHg0Wk5EYVdDUE84RWEtaGxJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC80ZDhhNzQtNjBiOC00MTBlLWFhMzUtMzkyYTc1MjQ2NGIx LzEvYnl3TVpyYTBZU3lKU1lBUENTa2NyNk9HWDlNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBIAEGeAK4 MA0GCSqGSIb3DQEBCwUAA4IBAQBO+bQdTDsoDJZx9GGAvQB1gkKzGF2e99PXFFYW Rjj10vD6YOimHPEaJsd8pG7qsIs92a+MTPOehbqKGZeUG9s9gvAPNC4yxVQoRWCl t4wEO8JIXCQAiZjhFo5TGzniVkBSvKKgpU1ReY2gjwsVPzsVJDI6k9udxCCV6dqI V0mA4KLXSN6gjCFK+28WXgaqGnOFf4jZtVWWjFTR4403F/Oat+nPHJI/Rl3xpddo v96MvjJ5XRMVQ/LaT9SplLs911ijf5rB+Ddm9VRX88+Ih+yimOt9PXUTJTNpSVVW vw5lIAfG38QrsF0eBSDJaUJb/W3oaL72UCYxhJjtKKRZUZpP -----END CERTIFICATE-----Generated at Wed Jan 21 01:34:18 2026 by rpki-client