This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/HtGQIpHAPKS2IevaWc8VL3DWeIM.roa File: HtGQIpHAPKS2IevaWc8VL3DWeIM.roa (raw, json) Hash identifier: /rQu16h4DcYMkcNPHJR3YCk2IAWB5wnMHUy1jbHfhpU= Subject key identifier: 1E:D1:90:22:91:C0:3C:A4:B6:21:EB:DA:59:CF:15:2F:70:D6:78:83 Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c Certificate serial: 019B7DCB86CBEECE334D007021A8004087E8 Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/HtGQIpHAPKS2IevaWc8VL3DWeIM.roa Signing time: Fri 02 Jan 2026 08:20:48 +0000 ROA not before: Fri 02 Jan 2026 08:20:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215330 IP address blocks: 2a0d:6b40::/29 maxlen: 29 2a0d:e340::/29 maxlen: 29 2a11:6040::/29 maxlen: 29 2a11:8bc0::/29 maxlen: 29 2a12:57c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:86:cb:ee:ce:33:4d:00:70:21:a8:00:40:87:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c Validity Not Before: Jan 2 08:20:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1ed1902291c03ca4b621ebda59cf152f70d67883 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ef:eb:a0:dd:3f:9e:83:39:c3:f3:87:10:e3: d1:c0:13:56:b2:10:ca:5d:ad:84:56:d5:20:80:ac: 5f:ca:09:cb:49:9e:0b:1e:0b:5d:0b:9b:70:56:4f: 65:99:d2:63:f8:4e:7d:a0:ce:18:95:e3:ae:f7:75: d0:b8:48:98:60:86:7a:f6:e5:6a:f9:65:2d:ae:c5: 00:9a:bd:5c:d2:d5:e1:a5:b4:56:4f:51:c2:31:92: 65:14:2b:50:ed:8c:dc:b8:8d:7d:5d:14:07:f5:d8: 35:c5:48:4c:1c:8e:48:10:3e:d1:be:b3:c2:91:98: ee:d4:b0:07:90:e9:1b:55:47:b1:c9:a7:86:c3:08: 76:60:78:21:b6:8d:e4:70:84:83:ae:ed:01:4d:da: 33:48:32:ab:64:d7:b3:d0:81:23:84:8c:81:9f:d6: ad:e1:fd:95:a0:7c:ef:71:17:2f:98:79:45:1a:aa: 3f:9a:44:75:82:8f:c5:75:98:f9:ed:d6:c7:c5:ce: 9d:62:27:92:4b:ba:6f:ae:c8:ea:e9:33:4d:7d:10: 68:12:6b:67:57:ab:69:49:18:6f:5b:99:df:3d:55: 76:75:44:a4:24:f4:a7:ac:03:3c:f6:b7:0c:6c:0f: 61:eb:c1:b2:e1:fc:9c:e9:52:8b:f0:2e:c0:83:f8: 61:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:D1:90:22:91:C0:3C:A4:B6:21:EB:DA:59:CF:15:2F:70:D6:78:83 X509v3 Authority Key Identifier: keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/HtGQIpHAPKS2IevaWc8VL3DWeIM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:6b40::/29 2a0d:e340::/29 2a11:6040::/29 2a11:8bc0::/29 2a12:57c0::/29 Signature Algorithm: sha256WithRSAEncryption 67:bb:88:1b:1c:1f:6c:8a:70:d7:91:d2:db:e7:bb:6c:31:ee: 0e:6c:e6:aa:c6:ef:1f:92:a7:f2:78:6d:8e:36:0b:87:7e:0f: 0a:84:37:97:62:c7:ed:09:6a:07:33:e4:d0:21:bd:72:f0:8e: ae:c9:c5:41:9c:13:90:ca:e2:16:9c:11:37:16:35:54:65:e1: 6f:9c:68:5a:5c:06:13:be:2c:71:32:7f:81:cb:fd:db:47:0d: ee:db:ee:41:ee:00:b6:74:5f:f8:4c:2b:3e:c0:1a:6d:78:d1: 8e:4c:c3:77:bc:e5:20:fb:8a:d7:f9:d2:3a:6d:85:e8:ac:49: f9:56:8f:ab:c1:b5:47:a5:81:8e:a4:c7:b0:63:40:67:4e:41: a3:85:1e:76:82:32:d7:f1:3a:30:2e:6a:c9:87:9c:5b:37:ed: de:22:07:c0:48:ed:3f:80:3e:bc:7f:2f:97:ff:72:59:e1:9a: 28:77:e5:11:ea:27:99:6e:03:1a:75:81:84:6f:01:ee:7b:b9: 90:0d:ad:7e:69:fd:4c:c5:f0:31:b8:96:3f:aa:55:67:76:ca: 0b:ec:c6:53:27:ff:fe:dc:7b:ba:c0:68:df:e8:41:13:e7:62: 96:13:78:ee:28:a2:c3:81:4a:d3:94:6d:2d:2a:c9:b2:db:a3: 61:a3:4c:4c -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt9y4bL7s4zTQBwIagAQIfoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4 ZmNjNGMwHhcNMjYwMTAyMDgyMDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZWQxOTAyMjkxYzAzY2E0YjYyMWViZGE1OWNmMTUyZjcwZDY3ODgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte/roN0/noM5w/OHEOPRwBNWshDK Xa2EVtUggKxfygnLSZ4LHgtdC5twVk9lmdJj+E59oM4YleOu93XQuEiYYIZ69uVq +WUtrsUAmr1c0tXhpbRWT1HCMZJlFCtQ7YzcuI19XRQH9dg1xUhMHI5IED7RvrPC kZju1LAHkOkbVUexyaeGwwh2YHghto3kcISDru0BTdozSDKrZNez0IEjhIyBn9at 4f2VoHzvcRcvmHlFGqo/mkR1go/FdZj57dbHxc6dYieSS7pvrsjq6TNNfRBoEmtn V6tpSRhvW5nfPVV2dUSkJPSnrAM89rcMbA9h68Gy4fyc6VKL8C7Ag/hh/wIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFB7RkCKRwDyktiHr2lnPFS9w1niDMB8GA1UdIwQY MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt MjM5ZDJmZTM5OGIxLzEvSHRHUUlwSEFQS1MySWV2YVdjOFZMM0RXZUlNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg1rQAMF AyoN40ADBQMqEWBAAwUDKhGLwAMFAyoSV8AwDQYJKoZIhvcNAQELBQADggEBAGe7 iBscH2yKcNeR0tvnu2wx7g5s5qrG7x+Sp/J4bY42C4d+DwqEN5dix+0Jagcz5NAh vXLwjq7JxUGcE5DK4hacETcWNVRl4W+caFpcBhO+LHEyf4HL/dtHDe7b7kHuALZ0 X/hMKz7AGm140Y5Mw3e85SD7itf50jptheisSflWj6vBtUelgY6kx7BjQGdOQaOF HnaCMtfxOjAuasmHnFs37d4iB8BI7T+APrx/L5f/clnhmih35RHqJ5luAxp1gYRv Ae57uZANrX5p/UzF8DG4lj+qVWd2ygvsxlMn//7ce7rAaN/oQRPnYpYTeO4oosOB StOUbS0qybLbo2GjTEw= -----END CERTIFICATE-----Generated at Tue Jan 20 02:45:00 2026 by rpki-client