This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/hjWKjeV-jJppeG0fD1H6zmH-Ykw.roa File: hjWKjeV-jJppeG0fD1H6zmH-Ykw.roa (raw, json) Hash identifier: OeUU/W5Kc0WkJxZpiZAujOCtL2D7yZcVNpe7fsq3VBQ= Subject key identifier: 86:35:8A:8D:E5:7E:8C:9A:69:78:6D:1F:0F:51:FA:CE:61:FE:62:4C Certificate issuer: /CN=ce5bf5201f18b402b8e628bc77f2252f769e70f2 Certificate serial: 019B791078021AA6D36A9715C4221FE70CFD Authority key identifier: CE:5B:F5:20:1F:18:B4:02:B8:E6:28:BC:77:F2:25:2F:76:9E:70:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zlv1IB8YtAK45ii8d_IlL3aecPI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/hjWKjeV-jJppeG0fD1H6zmH-Ykw.roa Signing time: Thu 01 Jan 2026 10:18:00 +0000 ROA not before: Thu 01 Jan 2026 10:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8075 IP address blocks: 2a02:d21::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/zlv1IB8YtAK45ii8d_IlL3aecPI.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/zlv1IB8YtAK45ii8d_IlL3aecPI.mft rsync://rpki.ripe.net/repository/DEFAULT/zlv1IB8YtAK45ii8d_IlL3aecPI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:78:02:1a:a6:d3:6a:97:15:c4:22:1f:e7:0c:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce5bf5201f18b402b8e628bc77f2252f769e70f2 Validity Not Before: Jan 1 10:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=86358a8de57e8c9a69786d1f0f51face61fe624c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a8:58:be:0e:ef:a5:a2:6f:be:e9:13:72:3e: 12:3b:72:91:13:5f:fe:ab:30:ff:f8:3a:4a:3c:a7: 21:e7:f6:63:11:8a:6d:15:ad:2a:33:6f:8c:cb:45: c8:4e:13:6f:17:ba:71:29:05:bd:d2:a6:ac:1e:be: 03:1a:81:fc:36:3f:c3:bd:08:6d:77:63:14:b1:3d: 2a:a3:fd:a5:d7:37:69:e2:20:65:07:43:58:b8:cd: 80:ff:e1:de:05:6a:d1:ae:d1:d3:7c:ec:cf:51:66: f3:86:a1:85:51:23:24:3c:6a:32:dd:e1:98:2c:53: 42:49:b2:09:2d:30:8e:13:65:24:b2:9a:3f:75:be: e2:8f:f1:c6:7d:59:83:90:eb:cc:e6:93:eb:67:e8: 3e:7f:06:41:cc:4e:20:e6:06:e7:af:8b:c4:46:a0: cb:2f:c8:0b:5f:29:78:f5:c6:17:d4:65:cb:c1:4f: 92:37:7d:f5:93:dc:73:e7:93:99:1b:f2:90:f1:24: 11:31:be:6d:4e:8d:e8:de:ad:c0:83:c9:44:5b:a6: 42:fc:38:e3:2f:c8:79:4d:b4:70:a5:27:e8:a4:b4: ce:02:4e:ad:f1:4d:6d:f5:1a:28:f1:10:e9:03:f1: de:87:4d:f4:41:37:4c:d5:ab:e3:77:a9:28:65:50: 13:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:35:8A:8D:E5:7E:8C:9A:69:78:6D:1F:0F:51:FA:CE:61:FE:62:4C X509v3 Authority Key Identifier: keyid:CE:5B:F5:20:1F:18:B4:02:B8:E6:28:BC:77:F2:25:2F:76:9E:70:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zlv1IB8YtAK45ii8d_IlL3aecPI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/hjWKjeV-jJppeG0fD1H6zmH-Ykw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/zlv1IB8YtAK45ii8d_IlL3aecPI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a02:d21::/48 Signature Algorithm: sha256WithRSAEncryption 0c:79:59:4a:ab:7d:a4:07:70:41:2d:91:1a:4b:b4:06:d8:21: d7:d9:4d:f3:e8:3d:8a:be:03:0f:ac:b7:0a:1f:9d:a8:35:47: 1d:f5:ca:27:16:96:7c:2a:7f:f7:68:d7:62:3e:06:81:eb:9f: fa:44:4a:e4:c3:86:5d:d3:ff:10:93:65:2c:2a:03:3f:ba:41: b8:27:fe:f6:5b:16:a6:47:33:30:23:2e:ca:02:ff:90:2d:fb: d4:b7:c4:65:e1:d4:26:6e:1a:e7:b1:e3:d2:1d:c9:a5:a7:31: 4e:d5:00:7d:88:27:80:5c:97:b1:a8:c4:bb:44:cd:ad:fb:63: 26:a3:c2:db:18:22:70:2c:5d:e6:e6:94:d8:98:48:9a:c2:82: d5:88:9a:0d:35:ed:14:85:e6:a7:d7:a0:b0:31:42:41:e9:16: 0d:c8:a1:bb:35:05:b1:f9:3c:b1:3f:79:d5:75:ec:29:0a:3c: 38:7d:13:da:de:3c:0e:b2:7b:dc:37:2c:0a:f7:96:37:ac:b7: b6:c8:ad:9b:36:0c:8d:1c:2d:90:6f:e8:37:14:60:46:22:4b: ff:e6:89:e0:9a:23:80:36:11:05:86:8f:24:cf:6f:46:df:8b: 61:96:a9:91:fe:5f:2c:05:15:0e:ae:eb:07:93:95:ec:29:8d: 8f:f5:04:7e -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5EHgCGqbTapcVxCIf5wz9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNWJmNTIwMWYxOGI0MDJiOGU2MjhiYzc3ZjIyNTJmNzY5 ZTcwZjIwHhcNMjYwMTAxMTAxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjM1OGE4ZGU1N2U4YzlhNjk3ODZkMWYwZjUxZmFjZTYxZmU2MjRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqhYvg7vpaJvvukTcj4SO3KRE1/+ qzD/+DpKPKch5/ZjEYptFa0qM2+My0XIThNvF7pxKQW90qasHr4DGoH8Nj/DvQht d2MUsT0qo/2l1zdp4iBlB0NYuM2A/+HeBWrRrtHTfOzPUWbzhqGFUSMkPGoy3eGY LFNCSbIJLTCOE2Ukspo/db7ij/HGfVmDkOvM5pPrZ+g+fwZBzE4g5gbnr4vERqDL L8gLXyl49cYX1GXLwU+SN331k9xz55OZG/KQ8SQRMb5tTo3o3q3Ag8lEW6ZC/Djj L8h5TbRwpSfopLTOAk6t8U1t9Roo8RDpA/Heh030QTdM1avjd6koZVATgwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFIY1io3lfoyaaXhtHw9R+s5h/mJMMB8GA1UdIwQY MBaAFM5b9SAfGLQCuOYovHfyJS92nnDyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemx2MUlCOFl0QUs0NWlpOGRfSWxMM2FlY1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xYzc5MTctOGFhNi00YzQzLTkyZGQt NzQ3NmY0MmYyZDljLzEvaGpXS2plVi1qSnBwZUcwZkQxSDZ6bUgtWWt3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC8xYzc5MTctOGFhNi00YzQzLTkyZGQtNzQ3NmY0MmYyZDlj LzEvemx2MUlCOFl0QUs0NWlpOGRfSWxMM2FlY1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgINIQAA MA0GCSqGSIb3DQEBCwUAA4IBAQAMeVlKq32kB3BBLZEaS7QG2CHX2U3z6D2KvgMP rLcKH52oNUcd9conFpZ8Kn/3aNdiPgaB65/6RErkw4Zd0/8Qk2UsKgM/ukG4J/72 WxamRzMwIy7KAv+QLfvUt8Rl4dQmbhrnsePSHcmlpzFO1QB9iCeAXJexqMS7RM2t +2Mmo8LbGCJwLF3m5pTYmEiawoLViJoNNe0Uhean16CwMUJB6RYNyKG7NQWx+Tyx P3nVdewpCjw4fRPa3jwOsnvcNywK95Y3rLe2yK2bNgyNHC2Qb+g3FGBGIkv/5ong miOANhEFho8kz29G34thlqmR/l8sBRUOrusHk5XsKY2P9QR+ -----END CERTIFICATE-----Generated at Sun Jan 18 15:29:15 2026 by rpki-client