This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/45fee7-6985-4abe-afab-0142fef672ec/1/SHDXj_xwhAMVfYnaUaq_lG5zauc.roa File: SHDXj_xwhAMVfYnaUaq_lG5zauc.roa (raw, json) Hash identifier: MB2dIAduhPhYPhIRpSuDV9xRkl4km+qKHZKpVfYJMNs= Subject key identifier: 48:70:D7:8F:FC:70:84:03:15:7D:89:DA:51:AA:BF:94:6E:73:6A:E7 Certificate issuer: /CN=f5d6b1d90ed4bf1651aa2270e6ecbac2d87922ac Certificate serial: 019B7B356D0FD2F0D36670D5BF4EBFD194F3 Authority key identifier: F5:D6:B1:D9:0E:D4:BF:16:51:AA:22:70:E6:EC:BA:C2:D8:79:22:AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dax2Q7UvxZRqiJw5uy6wth5Iqw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/45fee7-6985-4abe-afab-0142fef672ec/1/SHDXj_xwhAMVfYnaUaq_lG5zauc.roa Signing time: Thu 01 Jan 2026 20:17:37 +0000 ROA not before: Thu 01 Jan 2026 20:17:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216041 IP address blocks: 2a0c:fc80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/45fee7-6985-4abe-afab-0142fef672ec/1/9dax2Q7UvxZRqiJw5uy6wth5Iqw.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/45fee7-6985-4abe-afab-0142fef672ec/1/9dax2Q7UvxZRqiJw5uy6wth5Iqw.mft rsync://rpki.ripe.net/repository/DEFAULT/9dax2Q7UvxZRqiJw5uy6wth5Iqw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:6d:0f:d2:f0:d3:66:70:d5:bf:4e:bf:d1:94:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f5d6b1d90ed4bf1651aa2270e6ecbac2d87922ac Validity Not Before: Jan 1 20:17:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4870d78ffc708403157d89da51aabf946e736ae7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:4c:e2:b9:8a:f8:7a:8f:4b:35:49:95:6e:99: 9b:bb:a9:d1:c0:b2:5d:07:6b:72:ad:fb:31:ec:b3: 0e:88:4b:8e:2c:fc:ac:bc:31:4b:7e:4b:6a:a7:35: c9:5c:f6:14:0b:54:57:36:52:3f:c6:91:a2:8c:c5: f3:8f:6c:40:00:20:03:18:c1:ba:6f:98:d1:95:03: 37:80:c7:b7:c5:d4:a4:9a:2e:47:46:41:b7:3f:74: 22:29:75:f3:39:bf:eb:e5:fb:f2:23:01:b2:5e:ca: 03:e0:24:d8:9f:ce:37:3b:a1:f2:a3:8a:8c:2d:a6: 03:64:27:61:d8:1b:d6:25:b0:06:b8:61:c1:ac:db: e3:0e:bc:13:b7:ba:50:a7:cc:06:73:e1:0d:fa:51: 9e:e0:32:d0:be:eb:17:ff:ee:cb:9b:b3:30:4c:c2: d4:4a:19:2f:7d:dc:2b:32:eb:d3:6c:35:9a:e9:85: 24:89:dd:0e:f8:8d:92:88:ce:12:f7:87:e3:ea:88: 68:78:ea:43:7b:95:d0:ec:e1:5c:0f:03:f5:fc:2c: bc:bb:d7:fa:b1:a5:94:86:13:f9:51:c8:80:7f:dc: 1e:02:3e:61:72:f7:1f:14:c1:d1:a3:33:de:c0:78: be:ad:1f:fb:51:d8:2f:bb:54:dc:d1:53:3e:42:ab: f9:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:70:D7:8F:FC:70:84:03:15:7D:89:DA:51:AA:BF:94:6E:73:6A:E7 X509v3 Authority Key Identifier: keyid:F5:D6:B1:D9:0E:D4:BF:16:51:AA:22:70:E6:EC:BA:C2:D8:79:22:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dax2Q7UvxZRqiJw5uy6wth5Iqw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/45fee7-6985-4abe-afab-0142fef672ec/1/SHDXj_xwhAMVfYnaUaq_lG5zauc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/45fee7-6985-4abe-afab-0142fef672ec/1/9dax2Q7UvxZRqiJw5uy6wth5Iqw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:fc80::/29 Signature Algorithm: sha256WithRSAEncryption 9a:1f:1b:f0:81:cb:b9:63:ce:62:57:dc:ba:08:86:e3:75:68: fb:1f:3a:0a:9a:8e:88:70:80:e6:db:1b:ab:a4:c9:b8:4b:ed: 5b:7b:f8:13:bd:60:1f:92:11:5b:41:60:8f:86:7c:34:c5:2d: 56:a6:59:f4:3a:be:7c:30:d0:6b:ee:08:68:af:2f:09:a4:53: 2c:59:5f:ae:1a:f1:02:5e:8b:55:33:da:6b:73:57:74:e0:26: 27:17:25:61:e6:6a:34:af:24:f1:52:e7:9a:a6:42:16:59:89: 9d:bc:9e:aa:ae:3d:5e:75:48:b4:a7:4f:af:4c:af:c8:e1:5f: 15:ac:a4:94:b6:71:b0:c1:05:38:ef:4e:49:1e:6f:ff:22:e0: 2f:fc:7c:8f:32:45:bf:9d:98:d9:9e:09:e1:5a:8f:2a:1f:60: 72:05:8c:78:38:4d:57:11:ed:4c:8c:50:47:50:65:00:60:d1: de:3c:f2:0c:ff:6e:77:73:dd:79:d0:31:70:f6:05:ff:b4:10: 7f:5f:07:52:cd:35:17:39:c0:8b:5d:c1:6f:0c:8d:47:a3:ba: 78:ef:c5:83:c5:61:15:a8:e1:9b:64:df:a6:b5:04:23:0e:a5: b0:5a:71:29:71:f1:16:bc:cf:0c:69:28:73:7c:bb:4d:c1:4f: 56:90:30:84 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt7NW0P0vDTZnDVv06/0ZTzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1ZDZiMWQ5MGVkNGJmMTY1MWFhMjI3MGU2ZWNiYWMyZDg3 OTIyYWMwHhcNMjYwMTAxMjAxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ODcwZDc4ZmZjNzA4NDAzMTU3ZDg5ZGE1MWFhYmY5NDZlNzM2YWU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0ziuYr4eo9LNUmVbpmbu6nRwLJd B2tyrfsx7LMOiEuOLPysvDFLfktqpzXJXPYUC1RXNlI/xpGijMXzj2xAACADGMG6 b5jRlQM3gMe3xdSkmi5HRkG3P3QiKXXzOb/r5fvyIwGyXsoD4CTYn843O6Hyo4qM LaYDZCdh2BvWJbAGuGHBrNvjDrwTt7pQp8wGc+EN+lGe4DLQvusX/+7Lm7MwTMLU ShkvfdwrMuvTbDWa6YUkid0O+I2SiM4S94fj6ohoeOpDe5XQ7OFcDwP1/Cy8u9f6 saWUhhP5UciAf9weAj5hcvcfFMHRozPewHi+rR/7Udgvu1Tc0VM+Qqv5KQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFEhw14/8cIQDFX2J2lGqv5Ruc2rnMB8GA1UdIwQY MBaAFPXWsdkO1L8WUaoicObsusLYeSKsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOWRheDJRN1V2eFpScWlKdzV1eTZ3dGg1SXF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS80NWZlZTctNjk4NS00YWJlLWFmYWIt MDE0MmZlZjY3MmVjLzEvU0hEWGpfeHdoQU1WZlluYVVhcV9sRzV6YXVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS80NWZlZTctNjk4NS00YWJlLWFmYWItMDE0MmZlZjY3MmVj LzEvOWRheDJRN1V2eFpScWlKdzV1eTZ3dGg1SXF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgz8gDAN BgkqhkiG9w0BAQsFAAOCAQEAmh8b8IHLuWPOYlfcugiG43Vo+x86CpqOiHCA5tsb q6TJuEvtW3v4E71gH5IRW0Fgj4Z8NMUtVqZZ9Dq+fDDQa+4IaK8vCaRTLFlfrhrx Al6LVTPaa3NXdOAmJxclYeZqNK8k8VLnmqZCFlmJnbyeqq49XnVItKdPr0yvyOFf FayklLZxsMEFOO9OSR5v/yLgL/x8jzJFv52Y2Z4J4VqPKh9gcgWMeDhNVxHtTIxQ R1BlAGDR3jzyDP9ud3PdedAxcPYF/7QQf18HUs01FznAi13BbwyNR6O6eO/Fg8Vh Fajhm2TfprUEIw6lsFpxKXHxFrzPDGkoc3y7TcFPVpAwhA== -----END CERTIFICATE-----Generated at Mon Feb 9 22:28:38 2026 by rpki-client