This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/HJJWsiDjzBz_irl7pQIQoPI3r70.roa File: HJJWsiDjzBz_irl7pQIQoPI3r70.roa (raw, json) Hash identifier: MiTsGuoftnJ+n/jpkv9HxUxKGLPjJtM51AFiqQ8gQdM= Subject key identifier: 1C:92:56:B2:20:E3:CC:1C:FF:8A:B9:7B:A5:02:10:A0:F2:37:AF:BD Certificate issuer: /CN=b689299bc49584a645940c1dd87df0afc8aaa0fd Certificate serial: 019B7910AB53AA95544A63B9716E3BDBCF56 Authority key identifier: B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/HJJWsiDjzBz_irl7pQIQoPI3r70.roa Signing time: Thu 01 Jan 2026 10:18:14 +0000 ROA not before: Thu 01 Jan 2026 10:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7922 IP address blocks: 2a0c:93c0:8000::/48 maxlen: 48 2a0c:93c0:8002::/48 maxlen: 48 2a0c:93c0:c002::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.mft rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:ab:53:aa:95:54:4a:63:b9:71:6e:3b:db:cf:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b689299bc49584a645940c1dd87df0afc8aaa0fd Validity Not Before: Jan 1 10:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1c9256b220e3cc1cff8ab97ba50210a0f237afbd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:64:07:5d:54:1b:7e:f7:da:98:98:37:03:2d: c4:4b:95:fc:41:59:52:d0:87:c5:16:28:e5:ad:8a: 8f:a7:9e:1f:49:eb:3f:25:10:39:59:e6:d2:71:71: 75:07:82:cf:d9:89:b7:dc:8b:e5:74:38:95:f1:7c: e4:36:b6:fe:c1:51:a4:ef:69:ab:f6:4c:2f:e7:a1: 33:a1:d3:23:4c:60:b1:f8:f3:1e:cf:6e:f0:d0:b4: 97:8a:ed:a1:d4:26:6d:54:46:83:0c:1b:a7:71:35: 27:48:20:94:98:e2:3a:42:11:90:53:6d:7b:21:2d: 87:2a:f9:a0:ee:e2:5a:5c:01:9b:e4:9a:75:8c:1a: 1b:77:94:32:07:bc:b9:38:5e:6c:10:76:1c:45:4f: e7:2a:86:ee:ca:4a:6d:7f:ad:2e:0f:9a:fc:d4:cd: f3:09:9d:81:28:1b:76:9a:c3:f1:2c:0e:1f:b9:1a: 5c:fa:54:6a:c9:91:78:a6:a8:86:16:d1:e9:51:b9: 43:0c:29:83:ec:11:d7:45:c0:dd:5e:2a:af:08:4c: c3:d6:e7:9e:eb:27:e5:06:55:a0:86:cc:84:60:2e: 04:8e:a7:9b:0e:50:42:18:6d:48:c8:55:ca:4d:e7: 88:c2:74:90:d6:a2:1d:68:65:e2:28:74:e2:c6:ba: 6a:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:92:56:B2:20:E3:CC:1C:FF:8A:B9:7B:A5:02:10:A0:F2:37:AF:BD X509v3 Authority Key Identifier: keyid:B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/HJJWsiDjzBz_irl7pQIQoPI3r70.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:93c0:8000::/48 2a0c:93c0:8002::/48 2a0c:93c0:c002::/48 Signature Algorithm: sha256WithRSAEncryption b6:b0:0c:53:db:04:32:56:62:02:99:f4:05:6c:77:3e:a0:83: 81:a5:7b:65:4b:93:61:3b:70:39:69:b1:4b:63:25:57:b9:e8: e7:b5:e5:02:d4:21:0a:74:b2:f8:ac:1f:91:68:84:6d:b6:57: 8a:95:bd:31:e4:18:58:92:0e:06:8e:50:50:4f:81:85:9d:26: b8:a2:02:b1:9a:2d:e1:2d:bf:66:54:1c:5a:43:b4:5e:44:71: 87:b4:68:e2:88:42:6c:e4:84:f7:a4:fd:11:b1:92:e2:e7:f9: b8:db:0a:ef:6c:cf:6a:e1:35:92:a1:64:3a:bf:62:d3:01:09: 2a:55:e6:b0:c6:f6:ca:70:68:a3:54:dd:0a:f3:b2:60:8d:c8: 0a:7d:b9:49:23:fb:e0:26:3b:d9:07:d2:26:92:40:31:fd:47: 31:73:37:21:55:b0:72:37:ec:b0:c6:43:3e:54:9f:d5:c2:d2: f6:7c:29:5d:7b:45:a1:1d:94:5c:46:85:7b:e5:94:b9:a0:3b: 12:39:d5:6b:57:37:0a:9f:d6:70:c5:19:1b:25:a4:d5:58:e7: fd:11:5f:7f:5b:96:72:fe:f3:f2:04:a8:1f:66:90:7c:c9:91: 65:d0:f2:c6:ea:fc:3f:49:0b:22:7e:b2:7c:5f:ae:68:5d:d0: 38:04:04:72 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5EKtTqpVUSmO5cW47289WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2ODkyOTliYzQ5NTg0YTY0NTk0MGMxZGQ4N2RmMGFmYzhh YWEwZmQwHhcNMjYwMTAxMTAxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYzkyNTZiMjIwZTNjYzFjZmY4YWI5N2JhNTAyMTBhMGYyMzdhZmJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2QHXVQbfvfamJg3Ay3ES5X8QVlS 0IfFFijlrYqPp54fSes/JRA5WebScXF1B4LP2Ym33IvldDiV8XzkNrb+wVGk72mr 9kwv56EzodMjTGCx+PMez27w0LSXiu2h1CZtVEaDDBuncTUnSCCUmOI6QhGQU217 IS2HKvmg7uJaXAGb5Jp1jBobd5QyB7y5OF5sEHYcRU/nKobuykptf60uD5r81M3z CZ2BKBt2msPxLA4fuRpc+lRqyZF4pqiGFtHpUblDDCmD7BHXRcDdXiqvCEzD1uee 6yflBlWghsyEYC4EjqebDlBCGG1IyFXKTeeIwnSQ1qIdaGXiKHTixrpqOwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFBySVrIg48wc/4q5e6UCEKDyN6+9MB8GA1UdIwQY MBaAFLaJKZvElYSmRZQMHdh98K/IqqD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAt YzBmM2JhZDk5YTQwLzEvSEpKV3NpRGp6QnpfaXJsN3BRSVFvUEkzcjcwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAtYzBmM2JhZDk5YTQw LzEvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgyTwIAA AwcAKgyTwIACAwcAKgyTwMACMA0GCSqGSIb3DQEBCwUAA4IBAQC2sAxT2wQyVmIC mfQFbHc+oIOBpXtlS5NhO3A5abFLYyVXuejnteUC1CEKdLL4rB+RaIRttleKlb0x 5BhYkg4GjlBQT4GFnSa4ogKxmi3hLb9mVBxaQ7ReRHGHtGjiiEJs5IT3pP0RsZLi 5/m42wrvbM9q4TWSoWQ6v2LTAQkqVeawxvbKcGijVN0K87JgjcgKfblJI/vgJjvZ B9ImkkAx/UcxczchVbByN+ywxkM+VJ/VwtL2fClde0WhHZRcRoV75ZS5oDsSOdVr VzcKn9ZwxRkbJaTVWOf9EV9/W5Zy/vPyBKgfZpB8yZFl0PLG6vw/SQsifrJ8X65o XdA4BARy -----END CERTIFICATE-----Generated at Fri Jan 9 12:02:28 2026 by rpki-client