This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/NHdPBfPmipm0yEKY4SmuyEobyDE.roa File: NHdPBfPmipm0yEKY4SmuyEobyDE.roa (raw, json) Hash identifier: 3eNKl/tbRAzpwL64wIm+yHmzOKILIVY2CUnjotC/1vQ= Subject key identifier: 34:77:4F:05:F3:E6:8A:99:B4:C8:42:98:E1:29:AE:C8:4A:1B:C8:31 Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Certificate serial: 019AE342AB14AC5D2E48D00267516882ED12 Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/NHdPBfPmipm0yEKY4SmuyEobyDE.roa Signing time: Wed 03 Dec 2025 08:09:48 +0000 ROA not before: Wed 03 Dec 2025 08:09:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 210705 IP address blocks: 2a05:9080:3::/48 maxlen: 48 2a05:9080:11::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 08:09:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e3:42:ab:14:ac:5d:2e:48:d0:02:67:51:68:82:ed:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Validity Not Before: Dec 3 08:09:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=34774f05f3e68a99b4c84298e129aec84a1bc831 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:7c:30:17:6c:f1:83:e0:74:3a:87:14:78:08: 13:53:80:73:e7:5a:19:4a:ab:de:4c:8d:83:8a:f9: 5f:1d:7c:f1:52:ee:2b:7f:97:2c:eb:5a:b3:03:cb: 63:26:37:c5:0f:95:fa:01:55:67:d2:bd:a9:1e:31: b8:8f:6e:0a:e2:94:45:47:d2:c4:a3:b7:f7:4d:db: 8f:9e:44:76:9b:43:71:b6:7b:92:40:22:0c:31:42: 34:d8:3d:51:ed:98:74:5a:54:ce:e2:15:43:d8:3a: 5d:cc:45:75:c7:b3:35:61:64:60:5d:b4:af:11:1c: 4e:d8:29:f2:11:7a:6a:88:1b:39:46:ee:82:60:12: ab:7e:1b:d9:19:a0:fa:c0:d8:a5:30:93:53:4d:39: dd:da:fc:6a:d5:e4:ee:a1:e7:35:c2:f3:31:68:d5: aa:be:b4:65:4b:ab:26:0c:1e:aa:a9:51:c5:18:18: ea:65:ed:e8:1f:91:6e:5c:d0:c1:90:2e:b2:2e:53: e1:f6:af:43:63:48:78:af:b5:fc:bd:ef:a0:f1:bc: 2e:4f:67:88:73:90:b9:fd:8c:94:8d:6f:0b:fc:c3: ac:07:58:33:43:54:78:13:2d:04:e8:24:3d:07:80: 20:ba:58:bb:46:e5:14:09:04:80:29:58:1a:2e:80: 32:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:77:4F:05:F3:E6:8A:99:B4:C8:42:98:E1:29:AE:C8:4A:1B:C8:31 X509v3 Authority Key Identifier: keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/NHdPBfPmipm0yEKY4SmuyEobyDE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:9080:3::/48 2a05:9080:11::/48 Signature Algorithm: sha256WithRSAEncryption ca:da:8f:43:db:cb:7c:93:94:ac:2b:4d:1c:ab:7e:8e:ed:ae: a2:4f:e3:ca:ca:b7:44:44:93:22:dd:36:84:e7:4e:56:a6:5b: e6:b0:98:24:ca:b2:dd:d6:f1:9a:bc:9e:60:9d:d9:3b:3f:87: 35:44:1d:57:7a:d1:16:3b:49:19:95:e7:32:ae:a5:5c:1d:8d: 1a:68:73:4b:29:82:ce:ab:0e:d4:83:48:a8:f9:9b:76:1f:63: 7a:fc:63:b2:5c:fa:9d:10:22:3c:6d:aa:18:cc:41:7f:ad:08: 3a:12:41:21:5c:1c:a6:76:f8:83:e9:31:49:67:c9:16:a7:7e: fb:65:85:b0:d3:c7:5e:cd:3a:9d:10:91:27:d9:da:8a:81:bf: 87:71:06:cb:04:b1:76:bf:b9:94:8c:ff:38:96:1d:11:a0:5f: 14:c9:e9:76:e9:13:e6:2d:24:d2:12:11:09:a2:bf:60:16:ab: d1:eb:3c:96:c4:c7:c5:e7:17:31:8a:89:ba:51:01:ed:3a:db: 5b:a0:eb:8d:aa:8b:0a:42:46:4d:bb:b9:1c:dc:cd:8b:21:c4: 34:df:b2:14:f2:67:fc:be:02:eb:49:53:2e:44:38:99:60:b0: de:c2:17:70:4d:02:54:15:1a:19:f8:5c:91:3c:84:1e:83:2c: 0b:5e:52:9e -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZrjQqsUrF0uSNACZ1Fogu0SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw Y2MzNGIwHhcNMjUxMjAzMDgwOTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNDc3NGYwNWYzZTY4YTk5YjRjODQyOThlMTI5YWVjODRhMWJjODMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHwwF2zxg+B0OocUeAgTU4Bz51oZ SqveTI2DivlfHXzxUu4rf5cs61qzA8tjJjfFD5X6AVVn0r2pHjG4j24K4pRFR9LE o7f3TduPnkR2m0NxtnuSQCIMMUI02D1R7Zh0WlTO4hVD2DpdzEV1x7M1YWRgXbSv ERxO2CnyEXpqiBs5Ru6CYBKrfhvZGaD6wNilMJNTTTnd2vxq1eTuoec1wvMxaNWq vrRlS6smDB6qqVHFGBjqZe3oH5FuXNDBkC6yLlPh9q9DY0h4r7X8ve+g8bwuT2eI c5C5/YyUjW8L/MOsB1gzQ1R4Ey0E6CQ9B4Aguli7RuUUCQSAKVgaLoAyuQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFDR3TwXz5oqZtMhCmOEprshKG8gxMB8GA1UdIwQY MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt MDk0ODk4OWU2ZDU1LzEvTkhkUEJmUG1pcG0weUVLWTRTbXV5RW9ieURFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1 LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgWQgAAD AwcAKgWQgAARMA0GCSqGSIb3DQEBCwUAA4IBAQDK2o9D28t8k5SsK00cq36O7a6i T+PKyrdERJMi3TaE505WplvmsJgkyrLd1vGavJ5gndk7P4c1RB1XetEWO0kZlecy rqVcHY0aaHNLKYLOqw7Ug0io+Zt2H2N6/GOyXPqdECI8baoYzEF/rQg6EkEhXBym dviD6TFJZ8kWp377ZYWw08dezTqdEJEn2dqKgb+HcQbLBLF2v7mUjP84lh0RoF8U yel26RPmLSTSEhEJor9gFqvR6zyWxMfF5xcxiom6UQHtOttboOuNqosKQkZNu7kc 3M2LIcQ037IU8mf8vgLrSVMuRDiZYLDewhdwTQJUFRoZ+FyRPIQegywLXlKe -----END CERTIFICATE-----Generated at Wed Dec 3 11:45:22 2025 by rpki-client