This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/HzFTZdkopOatxmT8SJoCjlcxdc0.roa File: HzFTZdkopOatxmT8SJoCjlcxdc0.roa (raw, json) Hash identifier: I1Ib8bFn387ZjrpbY8wVvj9uXx/C8O51hNGVXUP18g8= Subject key identifier: 1F:31:53:65:D9:28:A4:E6:AD:C6:64:FC:48:9A:02:8E:57:31:75:CD Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019A91B87B13B77894885DDA6B53FA71CF46 Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/HzFTZdkopOatxmT8SJoCjlcxdc0.roa Signing time: Mon 17 Nov 2025 12:09:37 +0000 ROA not before: Mon 17 Nov 2025 12:09:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 214630 IP address blocks: 2a12:bec4:1c40::/44 maxlen: 48 2a12:bec4:1d50::/44 maxlen: 48 2a12:bec4:1dc0::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:91:b8:7b:13:b7:78:94:88:5d:da:6b:53:fa:71:cf:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Nov 17 12:09:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=1f315365d928a4e6adc664fc489a028e573175cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:86:38:fe:2c:d8:4a:2d:c3:48:85:94:40:b2: 2b:4e:9a:32:f5:10:57:c0:1a:fc:1c:ba:86:3b:55: a8:32:c9:40:48:fc:52:ac:e9:40:bf:6e:dc:83:ed: 4f:85:25:ae:df:d0:f4:0a:8d:64:de:28:ce:ca:83: d2:4c:f5:08:22:96:10:b5:e6:31:28:59:21:60:dd: a5:eb:44:1d:6a:4c:40:ee:af:4c:bd:ff:52:19:6a: 0f:5d:65:7f:62:97:38:49:ad:dc:25:64:c5:50:c9: e7:35:a6:83:b9:88:5a:02:c4:40:40:03:95:e8:f7: 19:d1:37:ee:7c:1e:72:1e:d5:22:be:12:d9:9b:e7: 3f:7e:e2:f3:87:05:44:0f:a7:d2:75:4e:ec:66:66: 07:0b:b8:90:ff:9a:13:6f:12:f7:93:ef:2e:ea:77: 35:6b:ba:67:9d:20:de:20:8b:d6:a5:98:66:9b:c0: d4:25:ff:a4:e2:89:f9:c3:d5:65:7f:f0:64:89:a6: e3:37:66:20:5c:8f:bd:cb:5b:e4:d4:85:85:26:19: 43:a0:0b:68:43:52:c9:53:45:ba:49:05:4c:5f:c9: a7:8d:f9:dc:f5:6f:cf:43:34:5f:2f:0f:6d:6e:24: 0e:16:87:ea:e2:79:5a:a5:38:42:f8:37:1a:29:26: a9:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:31:53:65:D9:28:A4:E6:AD:C6:64:FC:48:9A:02:8E:57:31:75:CD X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/HzFTZdkopOatxmT8SJoCjlcxdc0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec4:1c40::/44 2a12:bec4:1d50::/44 2a12:bec4:1dc0::/44 Signature Algorithm: sha256WithRSAEncryption a9:e5:f5:55:fe:aa:ce:38:74:29:b4:a3:bd:bc:ca:9e:ed:8f: ce:89:a8:64:1c:ab:94:7c:84:ed:fe:a8:b2:56:b8:05:bd:80: 1e:e4:d7:95:dc:70:c3:a4:67:86:04:d1:77:d6:41:69:bc:97: b6:f9:69:28:5f:73:ea:71:18:69:11:79:9a:1f:ab:45:48:97: 32:63:ff:91:f1:53:fb:eb:72:34:60:df:b6:7a:d5:33:47:26: fb:b2:9b:81:6e:ba:70:35:e3:d6:d8:52:51:b7:2a:d0:42:5c: 0f:33:e7:63:a3:57:c7:91:09:4b:1e:56:b0:5a:53:82:a9:b3: 19:7b:46:3a:4e:28:2c:ff:d8:d5:a1:c7:dd:16:4e:e3:ac:1c: 1a:cd:19:9a:2b:6f:99:53:22:09:7d:83:a2:19:0c:d4:91:8d: 1d:0c:fe:72:3d:68:23:e4:0d:39:60:65:7f:05:0c:fe:b1:08: 73:d3:ed:9e:4c:7c:15:cf:1b:1d:e5:c8:fb:cb:48:19:11:d5: 0a:f2:8e:92:77:bf:29:e0:31:f2:b0:e5:fd:f9:e6:18:52:dc: 70:9d:1d:c8:ed:cd:c0:93:85:f1:e8:42:ab:d5:d6:bd:8b:b6: 20:fb:b4:7f:89:3d:d1:8e:cb:4a:7f:d1:92:cf:67:a2:8f:bd: ed:da:cb:23 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZqRuHsTt3iUiF3aa1P6cc9GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjUxMTE3MTIwOTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjMxNTM2NWQ5MjhhNGU2YWRjNjY0ZmM0ODlhMDI4ZTU3MzE3NWNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34Y4/izYSi3DSIWUQLIrTpoy9RBX wBr8HLqGO1WoMslASPxSrOlAv27cg+1PhSWu39D0Co1k3ijOyoPSTPUIIpYQteYx KFkhYN2l60QdakxA7q9Mvf9SGWoPXWV/Ypc4Sa3cJWTFUMnnNaaDuYhaAsRAQAOV 6PcZ0TfufB5yHtUivhLZm+c/fuLzhwVED6fSdU7sZmYHC7iQ/5oTbxL3k+8u6nc1 a7pnnSDeIIvWpZhmm8DUJf+k4on5w9Vlf/BkiabjN2YgXI+9y1vk1IWFJhlDoAto Q1LJU0W6SQVMX8mnjfnc9W/PQzRfLw9tbiQOFofq4nlapThC+DcaKSapAQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFB8xU2XZKKTmrcZk/EiaAo5XMXXNMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvSHpGVFpka29wT2F0eG1UOFNKb0NqbGN4ZGMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKhK+xBxA AwcEKhK+xB1QAwcEKhK+xB3AMA0GCSqGSIb3DQEBCwUAA4IBAQCp5fVV/qrOOHQp tKO9vMqe7Y/OiahkHKuUfITt/qiyVrgFvYAe5NeV3HDDpGeGBNF31kFpvJe2+Wko X3PqcRhpEXmaH6tFSJcyY/+R8VP763I0YN+2etUzRyb7spuBbrpwNePW2FJRtyrQ QlwPM+djo1fHkQlLHlawWlOCqbMZe0Y6Tigs/9jVocfdFk7jrBwazRmaK2+ZUyIJ fYOiGQzUkY0dDP5yPWgj5A05YGV/BQz+sQhz0+2eTHwVzxsd5cj7y0gZEdUK8o6S d78p4DHysOX9+eYYUtxwnR3I7c3Ak4Xx6EKr1da9i7Yg+7R/iT3RjstKf9GSz2ei j73t2ssj -----END CERTIFICATE-----Generated at Sat Nov 22 22:04:42 2025 by rpki-client