This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/NHpHHZAIDzgwPpSy6ezW1FtmeD8.roa File: NHpHHZAIDzgwPpSy6ezW1FtmeD8.roa (raw, json) Hash identifier: np0ySnVq+ohTQoZSQT/qPIOylTE9F9ExAUt5D1kOcwE= Subject key identifier: 34:7A:47:1D:90:08:0F:38:30:3E:94:B2:E9:EC:D6:D4:5B:66:78:3F Certificate issuer: /CN=a81297b1d36a42de38e8480bb929b45bc9030c9d Certificate serial: 019B7C7F1A1722976EFFC30DCD7C73F77464 Authority key identifier: A8:12:97:B1:D3:6A:42:DE:38:E8:48:0B:B9:29:B4:5B:C9:03:0C:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBKXsdNqQt446EgLuSm0W8kDDJ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/NHpHHZAIDzgwPpSy6ezW1FtmeD8.roa Signing time: Fri 02 Jan 2026 02:17:43 +0000 ROA not before: Fri 02 Jan 2026 02:17:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 2a14:3244:2470::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/qBKXsdNqQt446EgLuSm0W8kDDJ0.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/qBKXsdNqQt446EgLuSm0W8kDDJ0.mft rsync://rpki.ripe.net/repository/DEFAULT/qBKXsdNqQt446EgLuSm0W8kDDJ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:1a:17:22:97:6e:ff:c3:0d:cd:7c:73:f7:74:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a81297b1d36a42de38e8480bb929b45bc9030c9d Validity Not Before: Jan 2 02:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=347a471d90080f38303e94b2e9ecd6d45b66783f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:bf:59:53:04:00:88:3f:93:5c:f4:87:7b:bf: 30:74:7e:2e:c1:6f:92:bd:fe:51:c0:ef:4b:8a:ce: 5f:48:94:55:72:45:fa:3d:c4:4a:c8:43:96:b1:2e: 12:27:b6:03:61:fc:4b:d3:68:93:20:4a:5d:d4:6c: 3d:15:23:ab:37:fd:68:68:d5:a6:ef:ac:c0:da:96: 77:7c:77:92:d3:73:40:84:03:95:7e:95:68:ef:35: ef:e8:03:fc:87:a2:ca:bc:a6:33:dc:c7:c2:92:e4: ec:04:11:96:29:b2:43:1a:e7:14:56:dd:46:25:a2: 90:03:e9:c2:2e:72:a3:04:0a:ff:cf:7e:5e:4f:1e: e8:a0:e5:7c:ae:26:bf:69:ab:a4:3c:9a:22:1a:58: a5:df:6b:86:81:a5:71:97:d4:e2:5c:cb:eb:c8:f2: 39:37:d7:00:8a:f6:54:36:ab:0a:3f:d6:e9:9c:36: 82:f8:47:9f:f4:8e:8c:08:e4:f2:10:06:76:59:74: 0d:99:6f:f2:ba:28:86:4e:81:e7:97:56:62:4d:0f: 32:61:22:1b:b4:e0:81:e6:bb:04:a5:c0:e2:61:b4: af:30:9d:6d:50:ac:d9:c7:c2:ce:06:f6:7d:ee:d3: e6:2c:19:82:5f:18:8c:18:5a:57:63:52:6e:4c:3f: 34:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:7A:47:1D:90:08:0F:38:30:3E:94:B2:E9:EC:D6:D4:5B:66:78:3F X509v3 Authority Key Identifier: keyid:A8:12:97:B1:D3:6A:42:DE:38:E8:48:0B:B9:29:B4:5B:C9:03:0C:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBKXsdNqQt446EgLuSm0W8kDDJ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/NHpHHZAIDzgwPpSy6ezW1FtmeD8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/qBKXsdNqQt446EgLuSm0W8kDDJ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:3244:2470::/48 Signature Algorithm: sha256WithRSAEncryption 62:43:8c:9f:0b:59:74:e0:de:f3:17:c3:9d:9b:82:95:b7:34: 29:d8:ec:57:e5:da:48:dc:9a:59:50:c1:fc:56:6b:78:22:02: 2e:16:19:27:f6:3e:77:41:49:e9:45:f4:0e:bd:9d:c7:c3:60: 0c:73:40:76:db:e3:09:84:26:0c:ba:b3:0d:5e:28:a7:64:64: 27:00:cf:44:a4:da:9c:86:d3:cb:3b:11:7b:a2:87:03:d5:87: d5:f8:9f:7b:eb:91:43:ff:8c:d5:db:01:f0:1a:b7:e9:f9:22: 8d:e6:8b:cc:71:58:76:f4:7a:1a:92:e9:1f:59:18:33:ad:0f: b0:66:e9:50:90:63:b5:06:22:14:cd:db:0b:54:23:67:9d:62: d7:35:75:96:fe:ac:8f:54:a9:d9:27:b9:02:e9:0c:c7:f2:e0: 87:72:97:db:bc:b4:22:ab:79:a4:16:74:fd:f6:e3:ee:f9:86: 33:90:73:af:cd:11:32:a0:b4:68:dc:69:ad:87:0b:ff:e9:c3: 6c:98:f8:59:4d:9f:88:0b:72:1f:c6:59:31:42:22:bc:4c:8b: aa:4d:88:88:20:1f:49:e1:f8:5b:e8:1e:b0:97:5f:4a:3c:1d: 07:ce:bd:f5:0b:38:6f:f0:ce:38:67:da:e9:1d:a5:4c:62:b6: 0f:89:6c:bf -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt8fxoXIpdu/8MNzXxz93RkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4MTI5N2IxZDM2YTQyZGUzOGU4NDgwYmI5MjliNDViYzkw MzBjOWQwHhcNMjYwMTAyMDIxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNDdhNDcxZDkwMDgwZjM4MzAzZTk0YjJlOWVjZDZkNDViNjY3ODNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL9ZUwQAiD+TXPSHe78wdH4uwW+S vf5RwO9Lis5fSJRVckX6PcRKyEOWsS4SJ7YDYfxL02iTIEpd1Gw9FSOrN/1oaNWm 76zA2pZ3fHeS03NAhAOVfpVo7zXv6AP8h6LKvKYz3MfCkuTsBBGWKbJDGucUVt1G JaKQA+nCLnKjBAr/z35eTx7ooOV8ria/aaukPJoiGlil32uGgaVxl9TiXMvryPI5 N9cAivZUNqsKP9bpnDaC+Eef9I6MCOTyEAZ2WXQNmW/yuiiGToHnl1ZiTQ8yYSIb tOCB5rsEpcDiYbSvMJ1tUKzZx8LOBvZ97tPmLBmCXxiMGFpXY1JuTD80bQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDR6Rx2QCA84MD6Usuns1tRbZng/MB8GA1UdIwQY MBaAFKgSl7HTakLeOOhIC7kptFvJAwydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUJLWHNkTnFRdDQ0NkVnTHVTbTBXOGtEREowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MjBlNWYtN2YzMy00ZDlkLThjZGUt MjJkZDBmMzkyOGQ1LzEvTkhwSEhaQUlEemd3UHBTeTZlelcxRnRtZUQ4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi83MjBlNWYtN2YzMy00ZDlkLThjZGUtMjJkZDBmMzkyOGQ1 LzEvcUJLWHNkTnFRdDQ0NkVnTHVTbTBXOGtEREowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhQyRCRw MA0GCSqGSIb3DQEBCwUAA4IBAQBiQ4yfC1l04N7zF8Odm4KVtzQp2OxX5dpI3JpZ UMH8Vmt4IgIuFhkn9j53QUnpRfQOvZ3Hw2AMc0B22+MJhCYMurMNXiinZGQnAM9E pNqchtPLOxF7oocD1YfV+J9765FD/4zV2wHwGrfp+SKN5ovMcVh29HoakukfWRgz rQ+wZulQkGO1BiIUzdsLVCNnnWLXNXWW/qyPVKnZJ7kC6QzH8uCHcpfbvLQiq3mk FnT99uPu+YYzkHOvzREyoLRo3Gmthwv/6cNsmPhZTZ+IC3IfxlkxQiK8TIuqTYiI IB9J4fhb6B6wl19KPB0Hzr31Czhv8M44Z9rpHaVMYrYPiWy/ -----END CERTIFICATE-----Generated at Fri Jan 9 17:04:38 2026 by rpki-client