This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Hbu5RG1WITt4dZwuNiIlTQ_mX00.roa File: Hbu5RG1WITt4dZwuNiIlTQ_mX00.roa (raw, json) Hash identifier: aCrEHSodGqCCmRBLdU/1JktVlyOvhKbQHPwTFuk6lVE= Subject key identifier: 1D:BB:B9:44:6D:56:21:3B:78:75:9C:2E:36:22:25:4D:0F:E6:5F:4D Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa Certificate serial: 019B797EBA6D960CB4E56909FD701531E213 Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Hbu5RG1WITt4dZwuNiIlTQ_mX00.roa Signing time: Thu 01 Jan 2026 12:18:26 +0000 ROA not before: Thu 01 Jan 2026 12:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212982 IP address blocks: 2a0e:aa07:e210::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 Jan 2026 14:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:ba:6d:96:0c:b4:e5:69:09:fd:70:15:31:e2:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa Validity Not Before: Jan 1 12:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1dbbb9446d56213b78759c2e3622254d0fe65f4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:97:c5:c3:bf:14:fb:0a:b9:a8:0e:fb:73:24: 5b:e9:8e:33:e2:c7:92:8d:c6:70:63:06:32:fe:8b: 9f:d4:53:57:1d:c2:95:d5:55:da:c8:29:18:b4:2e: 57:59:fa:34:88:e1:ad:13:1d:c8:0d:4e:15:d4:b2: f3:f3:59:95:0a:ce:3c:6f:da:90:3a:0b:5e:08:8d: 90:45:d7:db:c4:08:eb:3c:7e:fe:82:a2:18:81:8c: 18:a6:3d:05:7d:a6:16:81:1f:98:72:3d:53:55:fa: 3d:bc:1c:41:f8:36:c5:9b:c2:24:b5:2c:0a:37:59: eb:d5:9b:03:57:45:23:5c:ac:a8:81:ac:98:5a:c0: 89:25:f2:79:62:97:64:7d:c1:64:3f:25:e6:06:36: 72:42:d1:08:2c:85:88:ff:c1:56:b6:02:68:93:8f: 4e:82:e6:12:20:43:34:b5:d2:8f:89:f2:31:bf:27: 5d:7d:33:74:21:cc:00:11:a5:05:b5:2d:05:30:74: e9:19:ef:c8:19:ff:e8:06:fb:d4:18:42:87:38:f2: ea:ac:49:b6:35:a1:a5:db:c1:da:f6:c9:a8:48:af: d1:8b:36:62:70:7b:19:f2:3a:f9:72:d5:fa:d9:7c: 4d:7e:90:84:da:61:fa:9f:18:17:fe:1f:20:fd:67: 12:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:BB:B9:44:6D:56:21:3B:78:75:9C:2E:36:22:25:4D:0F:E6:5F:4D X509v3 Authority Key Identifier: keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Hbu5RG1WITt4dZwuNiIlTQ_mX00.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:aa07:e210::/44 Signature Algorithm: sha256WithRSAEncryption 9a:09:02:b2:a5:3a:52:59:51:46:35:c0:9e:ca:dc:9b:87:2d: 73:f6:9b:ff:b7:c6:1c:b0:ce:25:92:cb:8b:c9:a7:c7:f6:06: 1e:94:b3:85:89:f5:df:0c:3d:45:5f:58:49:12:57:a2:ea:95: d2:4d:df:3b:31:b7:42:1c:76:bb:f0:6e:6c:f6:51:19:2f:34: 0f:43:6f:c0:b0:ec:b1:3d:61:f9:ba:8c:f5:62:38:43:b8:ab: ea:88:43:9d:15:4e:2f:31:cf:75:87:d3:16:b1:d3:18:35:3e: fc:6b:fc:5f:df:37:3f:d4:24:0b:f6:66:d3:dc:05:3c:99:aa: ec:de:92:21:5a:bb:d5:e6:ae:03:62:3e:21:57:e9:d9:ac:f4: 5d:e1:20:8b:e2:26:4c:2b:c9:db:59:96:08:69:8d:11:a9:41: f3:74:91:a8:a0:9e:22:ff:3e:f4:0c:ab:8e:f2:90:95:23:77: 58:08:6d:46:f6:34:e2:d8:b0:5f:57:8b:18:90:99:db:a4:d5: f0:ae:8b:a8:62:24:3c:93:52:ac:6f:c4:59:f0:3b:c2:07:a9: 0e:83:0b:aa:01:cf:6e:78:71:f6:57:3e:23:4a:6d:23:1c:5f: ff:54:ec:16:91:27:49:ef:f7:77:15:b2:88:45:f9:42:a8:a7: bb:1b:86:84 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5frptlgy05WkJ/XAVMeITMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0 ZWYzYWEwHhcNMjYwMTAxMTIxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZGJiYjk0NDZkNTYyMTNiNzg3NTljMmUzNjIyMjU0ZDBmZTY1ZjRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJfFw78U+wq5qA77cyRb6Y4z4seS jcZwYwYy/ouf1FNXHcKV1VXayCkYtC5XWfo0iOGtEx3IDU4V1LLz81mVCs48b9qQ OgteCI2QRdfbxAjrPH7+gqIYgYwYpj0FfaYWgR+Ycj1TVfo9vBxB+DbFm8IktSwK N1nr1ZsDV0UjXKyogayYWsCJJfJ5YpdkfcFkPyXmBjZyQtEILIWI/8FWtgJok49O guYSIEM0tdKPifIxvyddfTN0IcwAEaUFtS0FMHTpGe/IGf/oBvvUGEKHOPLqrEm2 NaGl28Ha9smoSK/RizZicHsZ8jr5ctX62XxNfpCE2mH6nxgX/h8g/WcSwwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFB27uURtViE7eHWcLjYiJU0P5l9NMB8GA1UdIwQY MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt YTU0MWQxYmNlZTE5LzEvSGJ1NVJHMVdJVHQ0ZFp3dU5pSWxUUV9tWDAwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5 LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+IQ MA0GCSqGSIb3DQEBCwUAA4IBAQCaCQKypTpSWVFGNcCeytybhy1z9pv/t8YcsM4l ksuLyafH9gYelLOFifXfDD1FX1hJElei6pXSTd87MbdCHHa78G5s9lEZLzQPQ2/A sOyxPWH5uoz1YjhDuKvqiEOdFU4vMc91h9MWsdMYNT78a/xf3zc/1CQL9mbT3AU8 mars3pIhWrvV5q4DYj4hV+nZrPRd4SCL4iZMK8nbWZYIaY0RqUHzdJGooJ4i/z70 DKuO8pCVI3dYCG1G9jTi2LBfV4sYkJnbpNXwrouoYiQ8k1Ksb8RZ8DvCB6kOgwuq Ac9ueHH2Vz4jSm0jHF//VOwWkSdJ7/d3FbKIRflCqKe7G4aE -----END CERTIFICATE-----Generated at Tue Jan 6 21:32:03 2026 by rpki-client