This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/cPKzl4MAM1VPvGgqdoHotmjF_TQ.roa File: cPKzl4MAM1VPvGgqdoHotmjF_TQ.roa (raw, json) Hash identifier: Kwq91RaELM7PU5xhh1ZgTtP0NFXJmqvp86LKfBSRLfM= Subject key identifier: 70:F2:B3:97:83:00:33:55:4F:BC:68:2A:76:81:E8:B6:68:C5:FD:34 Certificate issuer: /CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b Certificate serial: 019B7BA508FF1252047F5AE661E5977FC3A7 Authority key identifier: 84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/cPKzl4MAM1VPvGgqdoHotmjF_TQ.roa Signing time: Thu 01 Jan 2026 22:19:31 +0000 ROA not before: Thu 01 Jan 2026 22:19:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59771 IP address blocks: 2a00:1560:d::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.mft rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 07:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:08:ff:12:52:04:7f:5a:e6:61:e5:97:7f:c3:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b Validity Not Before: Jan 1 22:19:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=70f2b397830033554fbc682a7681e8b668c5fd34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:47:26:7f:7a:e3:3a:f6:36:98:27:aa:38:03: df:0b:94:43:66:37:34:e7:37:78:68:8a:f4:ef:34: 01:8c:c1:84:30:7e:20:73:e5:37:bb:7c:62:5e:8f: 85:4e:73:b2:58:e3:c3:91:e4:ea:33:a7:13:e4:e9: 9b:21:a5:bd:00:f6:56:e4:8d:90:44:c8:59:7d:6e: 17:62:09:fb:6a:91:f9:d7:26:6b:e3:97:92:d3:c6: 5a:c9:15:9e:7e:6d:02:ef:58:1f:c0:b3:0e:0c:5e: fa:86:4b:fb:a6:19:cb:07:5c:50:a3:07:2f:e5:6e: 33:db:02:c4:b2:22:8a:97:06:b4:4a:de:69:01:17: 90:a2:60:71:f0:b7:f6:05:ad:97:b1:a8:86:09:9b: 83:9f:e6:b5:81:54:81:59:2b:bd:c0:3d:ab:b9:ed: af:6e:17:23:99:68:5d:3b:65:22:47:29:0c:8a:73: 0f:59:1d:59:c0:4c:c5:fe:d5:48:73:08:6e:1c:08: 74:ec:53:50:00:6f:a8:a9:88:6e:95:a0:b9:86:da: 4b:5a:72:ee:d8:d2:b1:bc:35:04:8e:78:e5:53:50: ff:10:88:21:27:60:92:7e:8c:ef:33:79:79:bc:f3: 3a:5b:a2:25:d1:69:53:37:cb:c8:46:b9:0e:f4:83: 42:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:F2:B3:97:83:00:33:55:4F:BC:68:2A:76:81:E8:B6:68:C5:FD:34 X509v3 Authority Key Identifier: keyid:84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/cPKzl4MAM1VPvGgqdoHotmjF_TQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:1560:d::/48 Signature Algorithm: sha256WithRSAEncryption 2c:a8:c9:fb:e1:da:b3:11:f5:95:66:6a:f8:da:50:52:cb:7f: ce:c4:d3:24:da:73:ea:5f:7e:04:ad:c9:ee:99:89:26:98:13: 6e:fc:8d:e6:f9:51:3e:0d:ac:fd:b7:42:de:42:40:5b:73:fb: bb:db:af:89:fc:77:de:53:dc:59:91:51:29:64:63:e3:d1:47: c0:9c:72:65:c4:3b:4d:b8:e3:30:1e:5f:9e:a2:a6:f3:16:c4: 98:e1:56:8d:ae:68:91:b9:1b:76:54:2c:52:15:0a:27:be:3c: ee:f5:e8:94:5c:2b:b7:64:69:cc:63:4e:3e:eb:c8:87:19:44: 1b:1f:67:91:52:0f:37:be:8e:07:af:33:6f:f6:c0:c2:e7:34: 9d:3a:d2:d5:6c:d7:ef:e6:56:a1:4f:76:e9:01:7e:e7:2d:c1: 22:7e:43:69:52:36:40:18:7d:ce:bd:7e:9e:a3:64:ba:fa:b0: 89:2e:8e:e1:3e:0c:6d:35:5b:34:9a:1c:6a:ba:40:fe:e9:8d: 16:ac:eb:5f:93:07:c9:9c:1c:2f:07:23:6e:a1:2e:aa:0d:41: 1f:33:d1:84:b3:fb:0b:8b:e7:19:6b:ff:4b:e8:34:b6:14:52: 3b:d3:35:d8:56:59:9b:c5:ff:a3:fa:0b:9e:bd:0b:de:7a:c8: ef:6e:79:69 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt7pQj/ElIEf1rmYeWXf8OnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NDQ5MmRiOWNiYjBhMGViNmJmNjljMjVjODY5NjFmNDkx ODNjOWIwHhcNMjYwMTAxMjIxOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MGYyYjM5NzgzMDAzMzU1NGZiYzY4MmE3NjgxZThiNjY4YzVmZDM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEcmf3rjOvY2mCeqOAPfC5RDZjc0 5zd4aIr07zQBjMGEMH4gc+U3u3xiXo+FTnOyWOPDkeTqM6cT5OmbIaW9APZW5I2Q RMhZfW4XYgn7apH51yZr45eS08ZayRWefm0C71gfwLMODF76hkv7phnLB1xQowcv 5W4z2wLEsiKKlwa0St5pAReQomBx8Lf2Ba2XsaiGCZuDn+a1gVSBWSu9wD2rue2v bhcjmWhdO2UiRykMinMPWR1ZwEzF/tVIcwhuHAh07FNQAG+oqYhulaC5htpLWnLu 2NKxvDUEjnjlU1D/EIghJ2CSfozvM3l5vPM6W6Il0WlTN8vIRrkO9INCDQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFHDys5eDADNVT7xoKnaB6LZoxf00MB8GA1UdIwQY MBaAFIREktucuwoOtr9pwlyGlh9JGDybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTct YTFlMGRiMWExN2RmLzEvY1BLemw0TUFNMVZQdkdncWRvSG90bWpGX1RRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTctYTFlMGRiMWExN2Rm LzEvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAVYAAN MA0GCSqGSIb3DQEBCwUAA4IBAQAsqMn74dqzEfWVZmr42lBSy3/OxNMk2nPqX34E rcnumYkmmBNu/I3m+VE+Daz9t0LeQkBbc/u726+J/HfeU9xZkVEpZGPj0UfAnHJl xDtNuOMwHl+eoqbzFsSY4VaNrmiRuRt2VCxSFQonvjzu9eiUXCu3ZGnMY04+68iH GUQbH2eRUg83vo4HrzNv9sDC5zSdOtLVbNfv5lahT3bpAX7nLcEifkNpUjZAGH3O vX6eo2S6+rCJLo7hPgxtNVs0mhxqukD+6Y0WrOtfkwfJnBwvByNuoS6qDUEfM9GE s/sLi+cZa/9L6DS2FFI70zXYVlmbxf+j+guevQveesjvbnlp -----END CERTIFICATE-----Generated at Tue Jan 20 14:14:17 2026 by rpki-client