This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/oi0HFw6JtNN08QaNsA8THU8Vbms.roa File: oi0HFw6JtNN08QaNsA8THU8Vbms.roa (raw, json) Hash identifier: zHlUEhPLG1p2ScID/nk2LlCxjRARDuLVIC4jlOT5y58= Subject key identifier: A2:2D:07:17:0E:89:B4:D3:74:F1:06:8D:B0:0F:13:1D:4F:15:6E:6B Certificate issuer: /CN=93503061e1ae503ec63d970b30875dd93ffabbdf Certificate serial: 019B7D5AEF26C4B252ABE34DC0840DCA2ED3 Authority key identifier: 93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/oi0HFw6JtNN08QaNsA8THU8Vbms.roa Signing time: Fri 02 Jan 2026 06:17:50 +0000 ROA not before: Fri 02 Jan 2026 06:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 2a01:bb20::/29 maxlen: 29 2a01:bb22::/33 maxlen: 33 2a01:bb22:8000::/33 maxlen: 33 2a01:bb24::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.crl rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.mft rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5a:ef:26:c4:b2:52:ab:e3:4d:c0:84:0d:ca:2e:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=93503061e1ae503ec63d970b30875dd93ffabbdf Validity Not Before: Jan 2 06:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a22d07170e89b4d374f1068db00f131d4f156e6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:11:62:43:0f:54:16:7e:d9:fe:00:6b:07:91: 42:b4:f4:f6:4f:22:10:ef:5d:96:21:e3:f9:16:08: 7f:0c:2b:5b:8d:93:4b:de:d1:6a:3a:3c:7d:d1:f1: 50:76:f5:8f:ea:4f:84:15:d4:41:b9:42:ec:89:3b: 2f:e6:d5:a3:e5:22:ef:4b:70:a1:6c:a3:e1:39:c6: 1c:5b:48:e8:1a:86:f7:d3:bb:de:11:06:f5:05:ed: 87:59:54:24:15:11:a1:dd:e0:18:81:9d:4c:35:34: 02:22:bf:e7:8a:6a:69:52:09:ca:fa:e2:03:56:40: a4:13:5d:37:a4:59:4a:a1:b6:32:59:02:6c:8a:20: 0d:81:84:a8:fa:9c:69:2e:ad:12:87:c4:70:dd:09: 3f:28:dd:18:bb:6d:b9:29:52:66:0b:50:32:a7:bf: 4a:0a:f4:1f:bf:25:00:c8:28:9c:49:7e:2e:d5:31: 36:8f:bb:95:e1:35:d6:5e:a1:f6:ee:68:a0:0d:17: 03:b8:06:44:8d:b0:09:42:69:1a:b4:16:a0:de:5e: ff:4a:6b:b7:17:32:2c:20:8e:b2:c3:2b:57:05:8e: 83:48:84:79:05:4a:d0:ee:a3:51:1d:46:26:e8:d6: 6d:3f:22:28:d6:87:3f:fc:d7:13:95:3e:40:f1:12: 8f:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:2D:07:17:0E:89:B4:D3:74:F1:06:8D:B0:0F:13:1D:4F:15:6E:6B X509v3 Authority Key Identifier: keyid:93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/oi0HFw6JtNN08QaNsA8THU8Vbms.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:bb20::/29 Signature Algorithm: sha256WithRSAEncryption 94:65:87:e8:d7:8a:74:17:1e:e9:65:3c:b3:55:56:a3:c7:ce: c0:19:0a:47:1e:27:9d:49:dd:c2:91:5e:e2:cc:18:48:08:91: b8:f5:3d:68:e5:e9:4d:5e:7a:05:3f:d4:3e:41:0b:09:87:d2: 6c:98:c9:df:d9:72:2f:7a:5b:19:1e:ef:dd:5d:5c:64:46:1e: 55:9f:e0:bf:cf:6d:f5:a7:aa:92:f4:ce:89:2f:6e:4f:5d:73: ff:fa:3d:67:e1:5a:cf:2c:24:6b:fa:be:8b:aa:a8:1f:82:35: 3d:3e:b0:24:6f:ef:2c:73:a3:6b:53:60:77:ee:9e:43:5d:f6: a4:15:cc:00:b1:de:7d:df:97:1f:bd:68:de:29:0d:22:9f:70: 47:e1:01:95:d1:4c:39:c8:e2:6c:31:21:57:dc:3f:43:29:0b: 8d:cf:52:6b:5a:73:41:54:0b:1a:6e:05:c7:1c:2a:3c:bb:df: dc:09:04:df:56:92:58:72:1d:09:d8:47:fb:e8:3e:43:80:c6: 1d:48:58:4d:47:cb:ff:fb:b6:7b:2f:3e:7b:cb:ff:e5:e5:de: 00:21:87:0e:71:6c:b6:70:c8:3f:6e:86:cb:d9:da:43:95:0b: 89:57:08:2f:9e:83:ea:47:98:4b:55:37:47:54:c9:59:24:27: 6c:f7:bf:bb -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt9Wu8mxLJSq+NNwIQNyi7TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzNTAzMDYxZTFhZTUwM2VjNjNkOTcwYjMwODc1ZGQ5M2Zm YWJiZGYwHhcNMjYwMTAyMDYxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjJkMDcxNzBlODliNGQzNzRmMTA2OGRiMDBmMTMxZDRmMTU2ZTZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhFiQw9UFn7Z/gBrB5FCtPT2TyIQ 712WIeP5Fgh/DCtbjZNL3tFqOjx90fFQdvWP6k+EFdRBuULsiTsv5tWj5SLvS3Ch bKPhOcYcW0joGob307veEQb1Be2HWVQkFRGh3eAYgZ1MNTQCIr/nimppUgnK+uID VkCkE103pFlKobYyWQJsiiANgYSo+pxpLq0Sh8Rw3Qk/KN0Yu225KVJmC1Ayp79K CvQfvyUAyCicSX4u1TE2j7uV4TXWXqH27migDRcDuAZEjbAJQmkatBag3l7/Smu3 FzIsII6ywytXBY6DSIR5BUrQ7qNRHUYm6NZtPyIo1oc//NcTlT5A8RKPywIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFKItBxcOibTTdPEGjbAPEx1PFW5rMB8GA1UdIwQY MBaAFJNQMGHhrlA+xj2XCzCHXdk/+rvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEt YzYyM2VkOGYyZjI4LzEvb2kwSEZ3Nkp0Tk4wOFFhTnNBOFRIVThWYm1zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEtYzYyM2VkOGYyZjI4 LzEvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgG7IDAN BgkqhkiG9w0BAQsFAAOCAQEAlGWH6NeKdBce6WU8s1VWo8fOwBkKRx4nnUndwpFe 4swYSAiRuPU9aOXpTV56BT/UPkELCYfSbJjJ39lyL3pbGR7v3V1cZEYeVZ/gv89t 9aeqkvTOiS9uT11z//o9Z+Fazywka/q+i6qoH4I1PT6wJG/vLHOja1Ngd+6eQ132 pBXMALHefd+XH71o3ikNIp9wR+EBldFMOcjibDEhV9w/QykLjc9Sa1pzQVQLGm4F xxwqPLvf3AkE31aSWHIdCdhH++g+Q4DGHUhYTUfL//u2ey8+e8v/5eXeACGHDnFs tnDIP26Gy9naQ5ULiVcIL56D6keYS1U3R1TJWSQnbPe/uw== -----END CERTIFICATE-----Generated at Fri Jan 2 11:03:56 2026 by rpki-client