This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/CHNXC3Z7q99hc7adVoxJZxDHWcQ.roa File: CHNXC3Z7q99hc7adVoxJZxDHWcQ.roa (raw, json) Hash identifier: J59ogE/mSWqNwSaq5zDJFpLck2CQta+up20YJBmZqb0= Subject key identifier: 08:73:57:0B:76:7B:AB:DF:61:73:B6:9D:56:8C:49:67:10:C7:59:C4 Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Certificate serial: 019B76EB82253C32070A4AE97E5F38FC1A7E Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/CHNXC3Z7q99hc7adVoxJZxDHWcQ.roa Signing time: Thu 01 Jan 2026 00:18:24 +0000 ROA not before: Thu 01 Jan 2026 00:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43443 IP address blocks: 2a03:9c00:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 06:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:82:25:3c:32:07:0a:4a:e9:7e:5f:38:fc:1a:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Validity Not Before: Jan 1 00:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0873570b767babdf6173b69d568c496710c759c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:ef:b2:88:3f:7b:58:6a:4a:51:3a:9e:95:05: f9:e1:83:e4:1a:59:0c:7e:4f:ea:c9:0c:ee:95:d8: 6e:5c:1f:b1:a8:b6:05:4f:1b:93:99:95:2c:32:a0: fb:d4:91:34:86:d9:97:0a:f9:30:4b:c6:f9:ea:65: 67:65:66:1e:36:e9:fd:31:c7:e2:a9:5e:ed:a0:88: 82:2a:1e:4f:d8:f1:60:c3:19:da:1e:63:56:c3:6d: c2:c0:c7:d6:c7:99:b3:1a:e1:5f:69:f1:8a:ee:2b: 72:9a:12:1a:3f:85:3a:a8:3f:5d:28:bb:f6:a4:a4: 3e:4b:c8:aa:3a:7e:8f:8f:a1:2a:4b:5f:bb:5e:02: 10:3e:43:cb:cd:1c:7a:bf:ff:72:96:6f:df:55:ae: b9:56:6b:c1:82:6e:7c:93:93:bb:13:03:56:d4:e6: 6a:97:d2:68:b2:75:c5:a5:fd:d4:e6:4b:89:14:e2: 01:03:9d:ab:e8:a5:ab:8d:71:a8:65:4c:b2:53:01: be:54:de:06:aa:36:34:0a:8b:46:26:f9:f0:65:36: 4d:1e:85:e7:30:9d:12:72:c4:47:e9:01:ca:c5:12: ed:a8:56:8d:a9:b0:28:83:0e:60:b8:8d:ed:f6:2c: e4:f1:aa:18:4f:97:58:03:d2:af:14:6a:23:44:43: 9f:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:73:57:0B:76:7B:AB:DF:61:73:B6:9D:56:8C:49:67:10:C7:59:C4 X509v3 Authority Key Identifier: keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/CHNXC3Z7q99hc7adVoxJZxDHWcQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:9c00:a::/48 Signature Algorithm: sha256WithRSAEncryption 88:8c:1b:6b:c8:77:d4:0e:76:8f:c4:36:34:e8:b3:eb:ab:a4: 19:7f:a3:ce:b9:2e:4c:9b:4f:d3:54:0f:c1:cb:50:be:03:1d: 0f:2f:18:2b:9e:49:00:b8:30:69:55:f1:22:74:3c:d2:57:83: 01:39:71:05:c5:fe:78:bf:cd:17:6a:4c:a9:a1:c5:bd:34:42: de:48:f5:20:4c:16:a3:9f:5e:32:79:bf:68:dd:eb:a7:d1:21: 54:7b:5c:a7:16:69:21:44:ce:27:b5:86:ef:96:48:3f:35:cf: 03:52:09:63:3e:2b:fd:cf:9b:fa:b4:fd:01:f5:a3:05:8e:6d: dd:ec:20:00:61:ba:7e:fa:35:65:dd:4c:37:5d:c1:23:c1:50: 5c:5d:e7:74:ef:18:ac:45:ad:1d:fe:cb:98:f5:e9:74:0e:fa: 9b:6b:9e:46:f9:38:2a:c7:ed:d9:9d:6c:79:e5:7b:de:12:5b: 87:9c:77:4c:95:49:ec:ba:0d:d3:b7:8e:78:b2:bf:7f:c6:57: 49:95:fd:99:49:61:d3:81:dd:c5:94:f5:35:37:51:dd:50:70: c8:05:54:a1:0f:9b:3f:d8:c8:f6:b0:da:b0:16:9b:a1:5d:ca: 06:1c:ef:45:72:8c:8c:b3:06:f6:c1:9b:1b:3e:2d:02:ca:de: 30:df:eb:2a -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt264IlPDIHCkrpfl84/Bp+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3 YjQ1ODkwHhcNMjYwMTAxMDAxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODczNTcwYjc2N2JhYmRmNjE3M2I2OWQ1NjhjNDk2NzEwYzc1OWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv++yiD97WGpKUTqelQX54YPkGlkM fk/qyQzuldhuXB+xqLYFTxuTmZUsMqD71JE0htmXCvkwS8b56mVnZWYeNun9Mcfi qV7toIiCKh5P2PFgwxnaHmNWw23CwMfWx5mzGuFfafGK7itymhIaP4U6qD9dKLv2 pKQ+S8iqOn6Pj6EqS1+7XgIQPkPLzRx6v/9ylm/fVa65VmvBgm58k5O7EwNW1OZq l9JosnXFpf3U5kuJFOIBA52r6KWrjXGoZUyyUwG+VN4GqjY0CotGJvnwZTZNHoXn MJ0ScsRH6QHKxRLtqFaNqbAogw5guI3t9izk8aoYT5dYA9KvFGojREOfjwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAhzVwt2e6vfYXO2nVaMSWcQx1nEMB8GA1UdIwQY MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt MmVjZTA0ZTE4NWMyLzEvQ0hOWEMzWjdxOTloYzdhZFZveEpaeERIV2NRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOcAAAK MA0GCSqGSIb3DQEBCwUAA4IBAQCIjBtryHfUDnaPxDY06LPrq6QZf6POuS5Mm0/T VA/By1C+Ax0PLxgrnkkAuDBpVfEidDzSV4MBOXEFxf54v80XakypocW9NELeSPUg TBajn14yeb9o3eun0SFUe1ynFmkhRM4ntYbvlkg/Nc8DUgljPiv9z5v6tP0B9aMF jm3d7CAAYbp++jVl3Uw3XcEjwVBcXed07xisRa0d/suY9el0Dvqba55G+Tgqx+3Z nWx55XveEluHnHdMlUnsug3Tt454sr9/xldJlf2ZSWHTgd3FlPU1N1HdUHDIBVSh D5s/2Mj2sNqwFpuhXcoGHO9FcoyMswb2wZsbPi0Cyt4w3+sq -----END CERTIFICATE-----Generated at Wed Jan 21 11:08:31 2026 by rpki-client