This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/hBOwYB4WPoz5Ydpk13_H2gELiUw.roa File: hBOwYB4WPoz5Ydpk13_H2gELiUw.roa (raw, json) Hash identifier: mXK7s89fKob65sg2A4oB0uIh32CHyH4+/5qmpuXXrpA= Subject key identifier: 84:13:B0:60:1E:16:3E:8C:F9:61:DA:64:D7:7F:C7:DA:01:0B:89:4C Certificate issuer: /CN=d8012faf98275ae4f3f8d87f084ee4ff8420c485 Certificate serial: 019B797F16052FC38D8DBCD39BE70FAB5650 Authority key identifier: D8:01:2F:AF:98:27:5A:E4:F3:F8:D8:7F:08:4E:E4:FF:84:20:C4:85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/hBOwYB4WPoz5Ydpk13_H2gELiUw.roa Signing time: Thu 01 Jan 2026 12:18:50 +0000 ROA not before: Thu 01 Jan 2026 12:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 2a01:f4c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.mft rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 09:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:16:05:2f:c3:8d:8d:bc:d3:9b:e7:0f:ab:56:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8012faf98275ae4f3f8d87f084ee4ff8420c485 Validity Not Before: Jan 1 12:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8413b0601e163e8cf961da64d77fc7da010b894c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:01:78:7c:85:d0:d8:d8:b6:07:c3:cd:65:4f: ed:4b:b5:b8:8c:e1:96:65:91:28:39:45:36:c8:6c: b2:68:c4:b5:61:e5:6c:d2:63:3c:49:c9:74:9c:72: e7:ed:38:fb:5c:d5:e9:01:25:7d:9d:18:95:83:e1: db:72:5b:3a:0f:ee:22:aa:d3:34:40:41:13:ab:32: 72:02:cb:7d:af:59:cb:12:80:5e:25:6d:e4:be:c9: 10:2c:50:70:9f:1d:6b:d6:9a:84:d4:d6:75:b1:89: a1:f2:ee:84:63:25:3d:58:c3:c4:d8:aa:1d:61:c5: 88:31:22:ea:5b:f9:30:54:f1:82:8c:6c:e2:0b:16: 4f:95:e2:64:cf:96:a7:0d:14:94:a9:c1:5b:9a:42: 11:74:f1:f5:6a:5d:f6:6a:18:69:ed:cf:4e:32:16: e9:43:03:07:70:ba:56:94:41:dc:fc:8f:66:30:6a: e7:27:29:dc:41:8a:f4:00:7c:73:9d:d8:37:26:79: 4e:f4:39:84:06:e4:33:ed:45:6a:82:fd:f6:69:a2: b9:8b:ba:81:d9:24:b4:a5:dd:9d:fc:74:37:2c:85: be:c0:03:9d:1c:fd:fc:03:88:ed:93:51:dd:cd:26: 44:d5:d8:58:a5:11:40:96:66:1a:44:b2:19:78:23: ac:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:13:B0:60:1E:16:3E:8C:F9:61:DA:64:D7:7F:C7:DA:01:0B:89:4C X509v3 Authority Key Identifier: keyid:D8:01:2F:AF:98:27:5A:E4:F3:F8:D8:7F:08:4E:E4:FF:84:20:C4:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/hBOwYB4WPoz5Ydpk13_H2gELiUw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:f4c0::/29 Signature Algorithm: sha256WithRSAEncryption ae:ce:1a:50:a6:6f:ce:33:0d:d8:17:a3:d9:0b:a1:a4:04:7a: b4:74:0e:48:ae:6d:ee:19:fe:98:96:9f:a7:3f:5d:44:c1:4d: 0b:08:a1:aa:de:5a:f6:5d:3f:5d:45:2b:63:81:d4:7e:71:23: b9:47:72:4e:49:c4:17:e3:ec:fb:59:a2:b1:a7:cf:19:f4:a0: a8:ac:6f:b6:3c:22:21:0c:06:a4:f1:40:23:1a:cf:ba:64:e4: 66:fb:19:e7:42:d0:40:d7:70:74:9b:83:22:5c:f8:31:91:c8: f2:c4:d0:b4:60:f4:b7:c5:82:23:12:33:31:8a:d5:0e:54:89: 0f:06:cf:c3:9d:60:ff:c9:33:33:43:37:b1:df:49:ed:35:3e: 8f:e8:e3:20:1a:50:86:e5:6e:7c:36:3c:dd:98:4d:47:be:0d: 68:fb:49:42:f4:ea:28:70:a8:e8:f8:1d:b7:5f:45:05:e8:fa: 68:ca:51:4b:e2:89:cf:fe:8e:51:4b:2a:7f:5d:60:77:e5:64: 32:ac:d3:3d:ec:96:b5:a4:9b:0c:be:54:89:93:c5:2f:fb:11: eb:94:5a:69:07:71:44:94:74:c6:77:be:75:ca:21:e8:04:a0: 1e:6e:0e:1f:cf:a9:d3:11:a5:a9:59:5c:7e:b2:51:7f:f4:59: b1:89:72:97 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt5fxYFL8ONjbzTm+cPq1ZQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MDEyZmFmOTgyNzVhZTRmM2Y4ZDg3ZjA4NGVlNGZmODQy MGM0ODUwHhcNMjYwMTAxMTIxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDEzYjA2MDFlMTYzZThjZjk2MWRhNjRkNzdmYzdkYTAxMGI4OTRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywF4fIXQ2Ni2B8PNZU/tS7W4jOGW ZZEoOUU2yGyyaMS1YeVs0mM8Scl0nHLn7Tj7XNXpASV9nRiVg+Hbcls6D+4iqtM0 QEETqzJyAst9r1nLEoBeJW3kvskQLFBwnx1r1pqE1NZ1sYmh8u6EYyU9WMPE2Kod YcWIMSLqW/kwVPGCjGziCxZPleJkz5anDRSUqcFbmkIRdPH1al32ahhp7c9OMhbp QwMHcLpWlEHc/I9mMGrnJyncQYr0AHxzndg3JnlO9DmEBuQz7UVqgv32aaK5i7qB 2SS0pd2d/HQ3LIW+wAOdHP38A4jtk1HdzSZE1dhYpRFAlmYaRLIZeCOs7wIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFIQTsGAeFj6M+WHaZNd/x9oBC4lMMB8GA1UdIwQY MBaAFNgBL6+YJ1rk8/jYfwhO5P+EIMSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkFFdnI1Z25XdVR6LU5oX0NFN2tfNFFneElVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mNjdhYTgtNTFjMi00M2IyLWIwMjIt NmQ1NjBkZWJmN2IzLzEvaEJPd1lCNFdQb3o1WWRwazEzX0gyZ0VMaVV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC9mNjdhYTgtNTFjMi00M2IyLWIwMjItNmQ1NjBkZWJmN2Iz LzEvMkFFdnI1Z25XdVR6LU5oX0NFN2tfNFFneElVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgH0wDAN BgkqhkiG9w0BAQsFAAOCAQEArs4aUKZvzjMN2Bej2QuhpAR6tHQOSK5t7hn+mJaf pz9dRMFNCwihqt5a9l0/XUUrY4HUfnEjuUdyTknEF+Ps+1misafPGfSgqKxvtjwi IQwGpPFAIxrPumTkZvsZ50LQQNdwdJuDIlz4MZHI8sTQtGD0t8WCIxIzMYrVDlSJ DwbPw51g/8kzM0M3sd9J7TU+j+jjIBpQhuVufDY83ZhNR74NaPtJQvTqKHCo6Pgd t19FBej6aMpRS+KJz/6OUUsqf11gd+VkMqzTPeyWtaSbDL5UiZPFL/sR65RaaQdx RJR0xne+dcoh6ASgHm4OH8+p0xGlqVlcfrJRf/RZsYlylw== -----END CERTIFICATE-----Generated at Fri Jan 9 17:06:59 2026 by rpki-client