This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/K1HUiGG1cCFKhkgGlYZsKZwPZZc.roa File: K1HUiGG1cCFKhkgGlYZsKZwPZZc.roa (raw, json) Hash identifier: 5THF+ZI2Cl1LaAbd4ReHxi5JGpgi0vvqv7eHZ7XC+o0= Subject key identifier: 2B:51:D4:88:61:B5:70:21:4A:86:48:06:95:86:6C:29:9C:0F:65:97 Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019B7910C5E0C3BD4B89E540D4DAE3141B81 Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/K1HUiGG1cCFKhkgGlYZsKZwPZZc.roa Signing time: Thu 01 Jan 2026 10:18:20 +0000 ROA not before: Thu 01 Jan 2026 10:18:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216061 IP address blocks: 2a12:bec0:580::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:c5:e0:c3:bd:4b:89:e5:40:d4:da:e3:14:1b:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 1 10:18:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2b51d48861b570214a86480695866c299c0f6597 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:9e:68:ec:73:96:e8:5b:8a:35:fe:b6:75:d6: f8:62:ef:f7:a0:0e:f4:24:67:1b:41:f9:8e:68:10: 75:f4:bd:07:be:d9:fa:4d:ef:02:82:f5:d0:1f:32: eb:f8:61:69:74:a5:68:fa:25:af:c5:83:8f:fe:5b: 2f:9c:09:45:65:2c:da:a7:1c:0a:58:94:15:09:08: dd:85:13:da:a3:60:68:e0:ce:95:51:2b:4d:b0:f6: c9:9a:bb:98:35:81:da:13:e3:4a:06:41:7c:3b:bc: f2:d4:1d:55:e8:04:7d:1d:4e:88:c5:13:04:61:15: 6e:03:3c:b1:73:69:ff:b9:d8:be:64:14:0e:e2:cf: 77:ae:c7:3d:e8:f6:2b:6b:b4:3d:78:82:d5:d9:cb: 03:31:00:bc:1f:04:34:98:46:5a:09:e4:95:0b:24: 79:b7:76:10:d0:d3:c2:b3:28:59:8e:02:ce:f9:f1: 7d:35:e2:5b:11:3a:e1:d1:c6:f5:af:c7:1d:cc:7a: 3f:3b:7c:c1:d1:33:2c:8d:fd:dd:5c:d0:77:2d:d9: b0:4a:7d:10:5f:d0:56:ad:8d:0c:47:60:88:5e:62: 51:35:31:c6:e6:6d:e7:e7:34:d3:19:e7:e7:b6:83: 2c:52:cd:ec:32:81:75:32:a4:b2:76:88:94:54:a4: cb:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:51:D4:88:61:B5:70:21:4A:86:48:06:95:86:6C:29:9C:0F:65:97 X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/K1HUiGG1cCFKhkgGlYZsKZwPZZc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec0:580::/44 Signature Algorithm: sha256WithRSAEncryption 91:3c:21:b2:f1:29:ad:79:68:2e:18:62:aa:1d:c2:c4:71:f6: bd:04:9f:0a:ec:b6:64:d8:fd:4d:f5:a6:bc:80:91:96:57:aa: 16:5f:10:e2:f5:e0:69:94:37:ae:4d:ac:11:a7:6f:d3:9a:2a: 1d:fb:34:0f:44:a0:df:ff:bd:e1:d7:6e:2e:27:94:1c:39:d0: c4:4b:7a:99:98:5a:53:23:a3:1f:d0:71:a0:b2:53:f5:cc:8f: 07:a7:ef:ce:5d:91:94:9b:c7:e3:4e:65:90:7a:9a:5f:3a:05: 3f:05:1e:64:8c:ba:e9:f9:79:84:06:98:0d:e9:0f:18:76:83: e1:16:92:fb:4c:21:6a:5a:af:2a:aa:04:ae:c4:86:ea:d1:6e: 35:23:ee:18:1f:c8:8e:bf:f6:ba:e3:bc:40:02:35:47:3b:4d: 65:99:2c:8f:82:31:eb:25:2e:8e:db:45:77:64:30:e6:5a:86: 8f:8c:a9:19:7e:3a:aa:09:b4:33:06:6e:ea:11:42:7b:1c:ed: 4d:fe:6e:1d:8a:7d:63:aa:95:05:a5:28:e1:05:0e:10:42:f4: 45:ff:c6:c7:38:69:2a:d2:38:48:8e:7a:7b:a8:99:b0:04:d0: 7e:ff:a2:7a:82:85:13:c6:37:8e:29:bc:3a:d2:46:cc:74:dc: 28:a4:34:42 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5EMXgw71LieVA1NrjFBuBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTAxMTAxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYjUxZDQ4ODYxYjU3MDIxNGE4NjQ4MDY5NTg2NmMyOTljMGY2NTk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw55o7HOW6FuKNf62ddb4Yu/3oA70 JGcbQfmOaBB19L0Hvtn6Te8CgvXQHzLr+GFpdKVo+iWvxYOP/lsvnAlFZSzapxwK WJQVCQjdhRPao2Bo4M6VUStNsPbJmruYNYHaE+NKBkF8O7zy1B1V6AR9HU6IxRME YRVuAzyxc2n/udi+ZBQO4s93rsc96PYra7Q9eILV2csDMQC8HwQ0mEZaCeSVCyR5 t3YQ0NPCsyhZjgLO+fF9NeJbETrh0cb1r8cdzHo/O3zB0TMsjf3dXNB3LdmwSn0Q X9BWrY0MR2CIXmJRNTHG5m3n5zTTGefntoMsUs3sMoF1MqSydoiUVKTL/wIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFCtR1IhhtXAhSoZIBpWGbCmcD2WXMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvSzFIVWlHRzFjQ0ZLaGtnR2xZWnNLWndQWlpjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAWA MA0GCSqGSIb3DQEBCwUAA4IBAQCRPCGy8SmteWguGGKqHcLEcfa9BJ8K7LZk2P1N 9aa8gJGWV6oWXxDi9eBplDeuTawRp2/Tmiod+zQPRKDf/73h124uJ5QcOdDES3qZ mFpTI6Mf0HGgslP1zI8Hp+/OXZGUm8fjTmWQeppfOgU/BR5kjLrp+XmEBpgN6Q8Y doPhFpL7TCFqWq8qqgSuxIbq0W41I+4YH8iOv/a647xAAjVHO01lmSyPgjHrJS6O 20V3ZDDmWoaPjKkZfjqqCbQzBm7qEUJ7HO1N/m4din1jqpUFpSjhBQ4QQvRF/8bH OGkq0jhIjnp7qJmwBNB+/6J6goUTxjeOKbw60kbMdNwopDRC -----END CERTIFICATE-----Generated at Tue Jan 20 02:50:00 2026 by rpki-client