This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b52e02-3af8-4ebb-99d3-851d9c044e70/1/1-h29TFu81qQRwRTQtKfc7V6oGgw.roa File: 1-h29TFu81qQRwRTQtKfc7V6oGgw.roa (raw, json) Hash identifier: j/GCQjpdQOAVMzUdmUHPipCJ4VSAK8zR3xsINI1wkiE= Subject key identifier: FA:1D:BD:4C:5B:BC:D6:A4:11:C1:14:D0:B4:A7:DC:ED:5E:A8:1A:0C Certificate issuer: /CN=d716209d7def98a2bb34977f65009b3520da256e Certificate serial: 019B7F13D298752CBFD55918456F427C967A Authority key identifier: D7:16:20:9D:7D:EF:98:A2:BB:34:97:7F:65:00:9B:35:20:DA:25:6E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1xYgnX3vmKK7NJd_ZQCbNSDaJW4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b52e02-3af8-4ebb-99d3-851d9c044e70/1/1-h29TFu81qQRwRTQtKfc7V6oGgw.roa Signing time: Fri 02 Jan 2026 14:19:24 +0000 ROA not before: Fri 02 Jan 2026 14:19:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212027 IP address blocks: 2a14:1bc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b52e02-3af8-4ebb-99d3-851d9c044e70/1/1xYgnX3vmKK7NJd_ZQCbNSDaJW4.crl rsync://rpki.ripe.net/repository/DEFAULT/6f/b52e02-3af8-4ebb-99d3-851d9c044e70/1/1xYgnX3vmKK7NJd_ZQCbNSDaJW4.mft rsync://rpki.ripe.net/repository/DEFAULT/1xYgnX3vmKK7NJd_ZQCbNSDaJW4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 23:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:d2:98:75:2c:bf:d5:59:18:45:6f:42:7c:96:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d716209d7def98a2bb34977f65009b3520da256e Validity Not Before: Jan 2 14:19:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fa1dbd4c5bbcd6a411c114d0b4a7dced5ea81a0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:e7:d6:0a:e0:04:cd:0e:33:4f:44:00:89:50: e4:25:80:e0:23:fa:80:9d:c1:de:d4:9e:a0:69:37: 76:1c:3d:a5:26:27:92:16:bf:cb:4e:58:0b:15:9a: ad:9a:96:b0:ad:17:7d:2b:ce:17:96:a5:82:f7:8a: 17:b9:7e:dc:21:32:2d:60:d2:69:a0:fa:5d:03:09: 30:b6:9e:fd:79:ec:16:e8:81:72:66:e5:a7:3c:55: 70:ac:f6:dd:bb:a9:7d:83:7c:2a:c7:08:97:01:27: d2:d8:f9:43:91:34:a0:fb:73:47:c3:35:e4:77:d1: 67:c5:d3:ce:c1:2c:6b:57:00:e8:27:dc:60:ed:6e: da:2b:a5:74:b6:92:f4:2a:f5:40:2b:fa:30:6a:f8: 9a:67:ec:9a:41:75:cc:b3:2a:bd:1d:43:d8:21:96: ed:04:86:54:80:51:85:c2:fc:4d:de:8c:38:63:44: 6c:61:36:7c:7b:87:db:52:4c:5a:16:1d:56:d9:38: 6d:8a:d1:22:c1:16:76:b4:98:23:83:d1:fe:bf:03: a9:58:d9:94:a1:79:64:04:2c:3b:b9:61:7a:37:ea: 5d:02:b2:fe:82:82:62:4e:02:68:7b:24:10:4b:28: 1c:07:02:e8:ee:8f:16:cd:0e:cf:ed:01:1f:90:52: 2f:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:1D:BD:4C:5B:BC:D6:A4:11:C1:14:D0:B4:A7:DC:ED:5E:A8:1A:0C X509v3 Authority Key Identifier: keyid:D7:16:20:9D:7D:EF:98:A2:BB:34:97:7F:65:00:9B:35:20:DA:25:6E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1xYgnX3vmKK7NJd_ZQCbNSDaJW4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b52e02-3af8-4ebb-99d3-851d9c044e70/1/1-h29TFu81qQRwRTQtKfc7V6oGgw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b52e02-3af8-4ebb-99d3-851d9c044e70/1/1xYgnX3vmKK7NJd_ZQCbNSDaJW4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1bc0::/29 Signature Algorithm: sha256WithRSAEncryption a5:85:d2:b4:fd:3d:95:55:48:06:ee:da:c5:08:98:b1:8e:76: 40:28:c3:f5:0f:e3:55:e1:8f:2f:52:8a:62:69:cc:a3:db:35: 30:be:bc:de:2d:cd:f1:9e:6e:b5:7c:87:45:bf:60:11:22:fc: 3d:c3:b6:25:21:fd:01:a5:ec:1a:75:5c:60:71:d8:42:5d:f9: 58:4c:13:eb:a9:27:4d:63:8c:d1:01:89:c6:f5:66:b9:45:39: 4d:b7:c3:99:99:62:83:89:76:c4:d8:a0:05:cd:02:eb:85:d3: 6b:d7:8d:9d:59:cd:c7:b1:21:2e:b9:a1:48:5f:f0:bb:70:75: 98:69:66:f1:5b:f0:90:b8:50:c8:05:d5:fe:a1:ec:8c:b2:4f: 7f:71:2d:e9:f3:94:ad:1f:b0:a0:19:02:7c:a1:f2:44:be:1c: 23:b2:c0:d4:17:49:12:5f:ea:e6:67:bb:91:a4:7b:a4:64:73: 47:0c:cf:0b:9b:5b:89:5f:24:6e:05:7e:8d:94:de:db:df:98: ac:07:02:84:eb:df:16:81:aa:1d:42:0e:26:d0:fe:db:7f:f8: c6:dd:d3:b8:f7:ed:83:b3:68:be:9e:01:0d:52:44:cd:17:60: 56:7f:dd:74:b4:be:a8:eb:ab:6f:d0:b0:7e:af:5a:c2:9e:ed: df:5c:33:4c -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt/E9KYdSy/1VkYRW9CfJZ6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3MTYyMDlkN2RlZjk4YTJiYjM0OTc3ZjY1MDA5YjM1MjBk YTI1NmUwHhcNMjYwMTAyMTQxOTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYTFkYmQ0YzViYmNkNmE0MTFjMTE0ZDBiNGE3ZGNlZDVlYTgxYTBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOfWCuAEzQ4zT0QAiVDkJYDgI/qA ncHe1J6gaTd2HD2lJieSFr/LTlgLFZqtmpawrRd9K84XlqWC94oXuX7cITItYNJp oPpdAwkwtp79eewW6IFyZuWnPFVwrPbdu6l9g3wqxwiXASfS2PlDkTSg+3NHwzXk d9FnxdPOwSxrVwDoJ9xg7W7aK6V0tpL0KvVAK/owaviaZ+yaQXXMsyq9HUPYIZbt BIZUgFGFwvxN3ow4Y0RsYTZ8e4fbUkxaFh1W2ThtitEiwRZ2tJgjg9H+vwOpWNmU oXlkBCw7uWF6N+pdArL+goJiTgJoeyQQSygcBwLo7o8WzQ7P7QEfkFIvvQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFPodvUxbvNakEcEU0LSn3O1eqBoMMB8GA1UdIwQY MBaAFNcWIJ1975iiuzSXf2UAmzUg2iVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMXhZZ25YM3ZtS0s3TkpkX1pRQ2JOU0RhSlc0LmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iNTJlMDItM2FmOC00ZWJiLTk5ZDMt ODUxZDljMDQ0ZTcwLzEvMS1oMjlURnU4MXFRUndSVFF0S2ZjN1Y2b0dndy5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNmYvYjUyZTAyLTNhZjgtNGViYi05OWQzLTg1MWQ5YzA0NGU3 MC8xLzF4WWduWDN2bUtLN05KZF9aUUNiTlNEYUpXNC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoUG8Aw DQYJKoZIhvcNAQELBQADggEBAKWF0rT9PZVVSAbu2sUImLGOdkAow/UP41Xhjy9S imJpzKPbNTC+vN4tzfGebrV8h0W/YBEi/D3DtiUh/QGl7Bp1XGBx2EJd+VhME+up J01jjNEBicb1ZrlFOU23w5mZYoOJdsTYoAXNAuuF02vXjZ1ZzcexIS65oUhf8Ltw dZhpZvFb8JC4UMgF1f6h7IyyT39xLenzlK0fsKAZAnyh8kS+HCOywNQXSRJf6uZn u5Gke6Rkc0cMzwubW4lfJG4Ffo2U3tvfmKwHAoTr3xaBqh1CDibQ/tt/+Mbd07j3 7YOzaL6eAQ1SRM0XYFZ/3XS0vqjrq2/QsH6vWsKe7d9cM0w= -----END CERTIFICATE-----Generated at Wed Jan 21 07:23:29 2026 by rpki-client