This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PHFHXUdCUykxD4WNagrsv4JMx94.roa File: PHFHXUdCUykxD4WNagrsv4JMx94.roa (raw, json) Hash identifier: PHW5sOZJgKyEudiTGQBFbeY+YdWxWMKUZjoe9eZ16aA= Subject key identifier: 3C:71:47:5D:47:42:53:29:31:0F:85:8D:6A:0A:EC:BF:82:4C:C7:DE Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c Certificate serial: 019A96A9A7889C87F26839C150A94FF14F5C Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PHFHXUdCUykxD4WNagrsv4JMx94.roa Signing time: Tue 18 Nov 2025 11:11:32 +0000 ROA not before: Tue 18 Nov 2025 11:11:32 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 213294 IP address blocks: 2a0d:a3c0::/29 maxlen: 29 2a0d:c1c0::/29 maxlen: 29 2a0d:ce40::/29 maxlen: 29 2a0d:f140::/29 maxlen: 29 2a11:4480::/29 maxlen: 29 2a12:bc00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 08:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:96:a9:a7:88:9c:87:f2:68:39:c1:50:a9:4f:f1:4f:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c Validity Not Before: Nov 18 11:11:32 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=3c71475d47425329310f858d6a0aecbf824cc7de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:03:bc:7f:41:00:6e:7e:5f:58:18:bb:cb:e7: cc:48:9c:26:43:c0:c2:05:f3:16:6f:28:66:61:a9: c9:45:2f:fd:aa:37:c4:b0:75:90:ec:bc:e5:d6:60: a0:a0:05:78:53:6f:8a:d7:fa:f1:a1:ec:b5:e6:a6: a0:29:37:ec:20:13:11:6f:d1:18:fc:90:a3:0f:56: f3:57:12:2d:83:72:af:17:36:e4:f3:98:16:ba:bd: cd:80:bb:b8:66:fc:34:1b:41:b8:d9:fe:b7:9f:24: 71:65:12:14:3f:c0:aa:4b:16:95:21:00:12:34:30: 26:d1:a1:23:37:b0:30:7b:9a:ea:65:f6:c3:7b:0a: 3d:03:28:b3:3e:30:fe:c9:fe:c7:ae:71:f3:48:24: 44:36:49:f5:2e:81:25:84:23:b4:47:4a:86:2b:36: 55:b9:9d:67:5d:6f:57:39:fe:20:a5:df:40:08:13: 81:57:a7:56:cd:35:b0:99:19:58:87:da:01:80:fa: 75:27:07:a7:82:48:ac:53:af:16:7d:48:90:d2:bf: b5:d3:9b:a4:e6:85:0e:c2:0b:af:79:94:ce:46:29: 33:d4:c3:fa:52:4f:99:63:ff:d8:98:48:b0:6c:c6: 98:32:83:06:45:0e:b2:ee:c3:9e:51:bb:07:1f:3b: a2:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:71:47:5D:47:42:53:29:31:0F:85:8D:6A:0A:EC:BF:82:4C:C7:DE X509v3 Authority Key Identifier: keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PHFHXUdCUykxD4WNagrsv4JMx94.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:a3c0::/29 2a0d:c1c0::/29 2a0d:ce40::/29 2a0d:f140::/29 2a11:4480::/29 2a12:bc00::/29 Signature Algorithm: sha256WithRSAEncryption 44:02:d5:53:db:68:8b:4c:59:f0:65:d7:57:ef:59:8b:1e:ef: 5a:3e:fd:61:2a:50:14:da:e6:32:b9:85:0b:9b:a0:e7:f6:16: 46:1d:20:5e:94:81:9b:de:31:93:21:53:36:eb:d3:19:cc:aa: ed:2b:40:e1:2d:71:1a:7b:c4:15:7b:5d:9c:ef:b1:21:cd:96: c6:95:07:17:6c:00:c3:a7:db:a1:69:10:a1:e0:69:1a:69:fa: 35:76:03:4e:25:5d:52:d6:cc:70:5d:77:d1:95:5c:6b:2e:31: 25:1e:d0:66:d8:c0:fc:1a:d4:b5:60:75:c7:b3:f8:ab:85:ff: 46:c3:8a:fa:e7:69:e2:00:33:99:bf:a8:71:9c:d9:76:7a:c4: b0:56:7a:24:c9:42:d6:b2:b0:28:65:1d:25:24:74:9e:ed:12: 4f:8d:3f:80:80:b8:2b:ad:2a:d3:48:dc:fd:28:a2:80:98:4c: bd:96:e0:3e:fb:5a:00:85:44:64:3d:17:37:f8:5e:d7:b4:34: d7:38:2d:6b:6e:1a:7f:d6:38:60:cd:39:91:ba:e2:1b:92:65: 5e:6e:62:ea:cc:5a:0d:7e:d8:14:55:ac:ce:c4:b0:ef:d3:eb: 42:9d:38:2f:c1:28:47:68:af:05:3d:20:d5:8d:a0:a1:39:17: fc:c8:c9:9d -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZqWqaeInIfyaDnBUKlP8U9cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4 ZmNjNGMwHhcNMjUxMTE4MTExMTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYzcxNDc1ZDQ3NDI1MzI5MzEwZjg1OGQ2YTBhZWNiZjgyNGNjN2RlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgO8f0EAbn5fWBi7y+fMSJwmQ8DC BfMWbyhmYanJRS/9qjfEsHWQ7Lzl1mCgoAV4U2+K1/rxoey15qagKTfsIBMRb9EY /JCjD1bzVxItg3KvFzbk85gWur3NgLu4Zvw0G0G42f63nyRxZRIUP8CqSxaVIQAS NDAm0aEjN7Awe5rqZfbDewo9AyizPjD+yf7HrnHzSCRENkn1LoElhCO0R0qGKzZV uZ1nXW9XOf4gpd9ACBOBV6dWzTWwmRlYh9oBgPp1JwengkisU68WfUiQ0r+105uk 5oUOwguveZTORikz1MP6Uk+ZY//YmEiwbMaYMoMGRQ6y7sOeUbsHHzuidwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFDxxR11HQlMpMQ+FjWoK7L+CTMfeMB8GA1UdIwQY MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt MjM5ZDJmZTM5OGIxLzEvUEhGSFhVZENVeWt4RDRXTmFncnN2NEpNeDk0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg2jwAMF AyoNwcADBQMqDc5AAwUDKg3xQAMFAyoRRIADBQMqErwAMA0GCSqGSIb3DQEBCwUA A4IBAQBEAtVT22iLTFnwZddX71mLHu9aPv1hKlAU2uYyuYULm6Dn9hZGHSBelIGb 3jGTIVM269MZzKrtK0DhLXEae8QVe12c77EhzZbGlQcXbADDp9uhaRCh4Gkaafo1 dgNOJV1S1sxwXXfRlVxrLjElHtBm2MD8GtS1YHXHs/irhf9Gw4r652niADOZv6hx nNl2esSwVnokyULWsrAoZR0lJHSe7RJPjT+AgLgrrSrTSNz9KKKAmEy9luA++1oA hURkPRc3+F7XtDTXOC1rbhp/1jhgzTmRuuIbkmVebmLqzFoNftgUVazOxLDv0+tC nTgvwShHaK8FPSDVjaChORf8yMmd -----END CERTIFICATE-----Generated at Fri Dec 5 13:23:01 2025 by rpki-client