This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iH-oKNUba3B3FV6RyiI9E5313Os.roa File: iH-oKNUba3B3FV6RyiI9E5313Os.roa (raw, json) Hash identifier: qbGkhJuBt85629+Ix4Axf+mFiKy/K5eMZOJDXm7mhNM= Subject key identifier: 88:7F:A8:28:D5:1B:6B:70:77:15:5E:91:CA:22:3D:13:9D:F5:DC:EB Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B7D5D2DBF463CCC05CE70DF31483A3A35 Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iH-oKNUba3B3FV6RyiI9E5313Os.roa Signing time: Fri 02 Jan 2026 06:20:17 +0000 ROA not before: Fri 02 Jan 2026 06:20:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210825 IP address blocks: 2a0e:b107:24f0::/48 maxlen: 48 2a10:ccc0:1330::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 17:27:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:2d:bf:46:3c:cc:05:ce:70:df:31:48:3a:3a:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Jan 2 06:20:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=887fa828d51b6b7077155e91ca223d139df5dceb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:0f:d1:3b:65:a7:44:20:cc:55:9a:e3:a5:75: cb:b3:c1:8c:73:e1:7b:f5:a3:df:f3:ac:4e:87:0b: 91:af:24:bc:7d:41:c5:ad:80:95:dc:1d:ef:b7:d8: 2a:be:d6:81:3b:75:e0:2e:f4:34:1f:7d:f8:20:1e: 7d:2f:fc:c4:ac:1a:8b:99:3d:78:70:4a:75:5b:b4: d6:40:04:98:7d:6c:c9:79:74:19:78:ae:b1:b1:56: 28:79:ae:c6:db:b2:8c:46:b1:ad:04:2a:39:0f:8a: c2:f9:dd:7b:12:5d:3c:bd:6d:ef:e0:73:00:67:99: da:d1:8d:8f:77:0d:be:c9:0a:7e:2d:d3:7c:f5:cc: 96:28:93:d5:f5:65:93:db:03:4f:d9:58:28:d1:e9: 4a:48:91:b7:85:c2:d5:0e:bf:ff:ed:79:97:9d:21: b9:2c:36:3a:b1:c4:77:e4:80:be:d2:05:0d:ce:6b: 59:c7:ca:f8:35:16:39:12:10:ad:92:7d:75:52:15: 15:2a:c9:34:6c:34:0c:37:ba:bc:eb:ba:56:d4:d4: 18:67:d6:16:be:cb:c1:3a:e4:a2:4c:b2:5d:9a:7e: 59:52:d4:7d:e8:63:ab:04:9c:2a:be:b3:dd:f1:0f: 87:b4:35:39:ff:b3:8a:52:36:32:da:69:b2:5b:ef: c3:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:7F:A8:28:D5:1B:6B:70:77:15:5E:91:CA:22:3D:13:9D:F5:DC:EB X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iH-oKNUba3B3FV6RyiI9E5313Os.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:b107:24f0::/48 2a10:ccc0:1330::/44 Signature Algorithm: sha256WithRSAEncryption b2:a0:ea:7e:22:f5:35:07:01:c8:85:eb:d7:dd:60:97:22:59: 2f:14:ca:5a:22:f8:f2:b6:89:5d:ff:5a:a2:fb:88:4a:45:38: 73:a9:3c:f4:a5:e0:a6:1a:56:92:8f:e5:c3:14:db:7d:84:cf: 77:c8:59:ae:d8:14:19:61:71:39:56:85:85:95:ce:2d:ec:96: 7b:7d:20:f9:6a:1f:24:d2:bd:a5:a2:69:80:72:ee:1a:bd:8b: cb:97:fd:5f:08:95:db:c1:a7:8a:dc:11:54:48:a3:b2:9e:5a: e3:ca:d1:23:83:07:1b:1e:c8:77:44:f1:06:96:a7:22:c6:bb: 92:e7:12:8b:f7:90:33:72:eb:ab:bb:31:40:ed:f2:4d:5f:6c: 9e:42:c8:6e:bb:2e:e2:cf:22:e1:c5:b6:f0:3a:c8:b5:1e:32: 0d:b4:e9:67:d1:22:53:86:b4:9a:7b:14:f3:cc:af:8d:6e:d4: 22:b2:d4:77:32:bd:6a:52:d3:9b:0d:6f:f1:f3:60:76:aa:5f: c2:62:98:aa:ac:80:12:5e:d5:27:d8:ef:6c:a8:b7:a3:9a:44: a6:ad:31:c8:78:1f:8a:ab:b9:1a:3f:0c:1c:a2:f5:13:c8:a0: 54:7b:1b:83:93:2f:c5:ad:4a:66:9f:0c:00:92:4d:d1:19:29: bb:98:4e:31 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9XS2/RjzMBc5w3zFIOjo1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjYwMTAyMDYyMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ODdmYTgyOGQ1MWI2YjcwNzcxNTVlOTFjYTIyM2QxMzlkZjVkY2ViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg/RO2WnRCDMVZrjpXXLs8GMc+F7 9aPf86xOhwuRryS8fUHFrYCV3B3vt9gqvtaBO3XgLvQ0H334IB59L/zErBqLmT14 cEp1W7TWQASYfWzJeXQZeK6xsVYoea7G27KMRrGtBCo5D4rC+d17El08vW3v4HMA Z5na0Y2Pdw2+yQp+LdN89cyWKJPV9WWT2wNP2Vgo0elKSJG3hcLVDr//7XmXnSG5 LDY6scR35IC+0gUNzmtZx8r4NRY5EhCtkn11UhUVKsk0bDQMN7q867pW1NQYZ9YW vsvBOuSiTLJdmn5ZUtR96GOrBJwqvrPd8Q+HtDU5/7OKUjYy2mmyW+/DFwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFIh/qCjVG2twdxVekcoiPROd9dzrMB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvaUgtb0tOVWJhM0IzRlY2UnlpSTlFNTMxM09zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xByTw AwcEKhDMwBMwMA0GCSqGSIb3DQEBCwUAA4IBAQCyoOp+IvU1BwHIhevX3WCXIlkv FMpaIvjytold/1qi+4hKRThzqTz0peCmGlaSj+XDFNt9hM93yFmu2BQZYXE5VoWF lc4t7JZ7fSD5ah8k0r2lommAcu4avYvLl/1fCJXbwaeK3BFUSKOynlrjytEjgwcb Hsh3RPEGlqcixruS5xKL95AzcuuruzFA7fJNX2yeQshuuy7izyLhxbbwOsi1HjIN tOln0SJThrSaexTzzK+NbtQistR3Mr1qUtObDW/x82B2ql/CYpiqrIASXtUn2O9s qLejmkSmrTHIeB+Kq7kaPwwcovUTyKBUexuDky/FrUpmnwwAkk3RGSm7mE4x -----END CERTIFICATE-----Generated at Sat Jan 10 02:19:25 2026 by rpki-client