This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/hdJu7f4kSdt-uKkfr1zrXBPa9Ks.roa File: hdJu7f4kSdt-uKkfr1zrXBPa9Ks.roa (raw, json) Hash identifier: GG98Q1bl7OyANKUpp9Wym8WZdgAzVgCTFjDl+3fraHo= Subject key identifier: 85:D2:6E:ED:FE:24:49:DB:7E:B8:A9:1F:AF:5C:EB:5C:13:DA:F4:AB Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Certificate serial: 019B7D5CDE09124ABB036AA4B4F86A3BD945 Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/hdJu7f4kSdt-uKkfr1zrXBPa9Ks.roa Signing time: Fri 02 Jan 2026 06:19:56 +0000 ROA not before: Fri 02 Jan 2026 06:19:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216246 IP address blocks: 2a11:fc80::/30 maxlen: 30 2a11:fc84::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:de:09:12:4a:bb:03:6a:a4:b4:f8:6a:3b:d9:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Validity Not Before: Jan 2 06:19:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85d26eedfe2449db7eb8a91faf5ceb5c13daf4ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:7f:09:a0:a0:3b:5d:ad:f2:dc:48:d0:51:9f: c0:eb:5a:53:98:eb:fe:1e:0b:16:92:05:a3:8d:19: 3a:6c:2e:b5:c1:98:53:8b:26:a0:93:db:bb:89:c4: fe:77:2f:97:29:95:36:8b:c7:bf:1a:c7:8e:45:32: 1d:60:7e:dc:5e:2b:87:11:7d:ff:db:f0:31:26:e6: 8f:28:92:7c:b8:6d:97:f8:3a:34:45:b5:00:ea:e9: 7c:ed:ea:e1:b1:ed:df:a1:76:38:45:82:7f:40:12: e2:17:ea:61:47:29:69:4c:2e:88:2f:09:3e:44:d2: 2c:38:e4:d9:00:43:0d:7f:d2:8b:40:35:4c:87:fa: d2:f1:25:c6:7a:3e:ae:de:5c:df:6a:9a:16:91:d2: 47:f1:c3:4f:ed:ce:fb:a2:d0:3d:9c:8d:af:91:57: fd:20:1b:30:c8:25:d4:23:ce:a0:b9:39:a5:d0:ae: 5b:c0:fd:c3:d8:10:82:08:fa:d0:af:a3:ad:f1:93: 75:50:8d:ca:74:0e:97:3a:f9:84:99:8a:ae:99:b9: 3a:5c:61:5b:c4:ab:30:c9:c3:1d:4e:1f:24:23:49: 50:c5:0d:26:fc:99:76:ef:dd:76:6e:70:5b:6c:00: 75:15:ad:e2:15:71:7a:4d:1d:74:1a:e5:29:f6:f7: 8f:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:D2:6E:ED:FE:24:49:DB:7E:B8:A9:1F:AF:5C:EB:5C:13:DA:F4:AB X509v3 Authority Key Identifier: keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/hdJu7f4kSdt-uKkfr1zrXBPa9Ks.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:fc80::/29 Signature Algorithm: sha256WithRSAEncryption 0d:a4:d8:73:56:1d:54:72:e5:b5:ec:b2:42:49:5c:12:41:40: 91:da:dd:d8:3c:10:fe:87:87:6f:83:f2:99:c8:48:5a:b6:e7: 57:ab:83:37:e1:9e:a7:71:ce:e8:68:12:dc:7f:05:90:22:9d: 59:a1:4f:ea:67:bb:c0:33:7e:45:9b:c3:2f:32:8b:ea:1c:29: 8e:fe:fd:ca:60:79:77:5c:e5:ae:ab:96:e2:dd:bd:0d:be:fa: 9b:be:93:7c:13:ab:af:de:81:ca:5b:4e:88:35:86:76:09:21: 4d:be:41:45:57:28:51:1d:05:cf:32:f1:3f:f8:56:19:65:2d: 94:54:b6:7c:1f:6e:56:91:ac:a4:45:76:90:c4:e5:0d:a7:2b: e4:f3:c1:97:22:2f:7a:81:d8:40:45:ee:6e:13:4b:cd:d5:7c: 74:5a:c9:79:fc:03:57:57:5f:98:f2:89:26:0d:2e:2e:86:a7: 10:ae:f7:56:4e:36:69:01:ce:b4:5b:3f:68:12:ff:ce:3d:31: 09:4e:3b:5d:0d:bb:77:1e:b7:5d:ae:d3:8f:f9:0e:77:bf:23: 74:8a:bf:df:d3:1e:41:7c:2a:03:8f:7e:db:27:cc:92:90:e8: d1:af:23:19:e1:b8:b7:3a:27:c2:9c:26:94:3c:00:6a:8d:6c: 31:31:71:11 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt9XN4JEkq7A2qktPhqO9lFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl NWVjZjIwHhcNMjYwMTAyMDYxOTU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWQyNmVlZGZlMjQ0OWRiN2ViOGE5MWZhZjVjZWI1YzEzZGFmNGFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH8JoKA7Xa3y3EjQUZ/A61pTmOv+ HgsWkgWjjRk6bC61wZhTiyagk9u7icT+dy+XKZU2i8e/GseORTIdYH7cXiuHEX3/ 2/AxJuaPKJJ8uG2X+Do0RbUA6ul87erhse3foXY4RYJ/QBLiF+phRylpTC6ILwk+ RNIsOOTZAEMNf9KLQDVMh/rS8SXGej6u3lzfapoWkdJH8cNP7c77otA9nI2vkVf9 IBswyCXUI86guTml0K5bwP3D2BCCCPrQr6Ot8ZN1UI3KdA6XOvmEmYqumbk6XGFb xKswycMdTh8kI0lQxQ0m/Jl27912bnBbbAB1Fa3iFXF6TR10GuUp9vePNwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFIXSbu3+JEnbfripH69c61wT2vSrMB8GA1UdIwQY MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt MTcxYzM2N2JlNzgyLzEvaGRKdTdmNGtTZHQtdUtrZnIxenJYQlBhOUtzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhH8gDAN BgkqhkiG9w0BAQsFAAOCAQEADaTYc1YdVHLlteyyQklcEkFAkdrd2DwQ/oeHb4Py mchIWrbnV6uDN+Gep3HO6GgS3H8FkCKdWaFP6me7wDN+RZvDLzKL6hwpjv79ymB5 d1zlrquW4t29Db76m76TfBOrr96ByltOiDWGdgkhTb5BRVcoUR0FzzLxP/hWGWUt lFS2fB9uVpGspEV2kMTlDacr5PPBlyIveoHYQEXubhNLzdV8dFrJefwDV1dfmPKJ Jg0uLoanEK73Vk42aQHOtFs/aBL/zj0xCU47XQ27dx63Xa7Tj/kOd78jdIq/39Me QXwqA49+2yfMkpDo0a8jGeG4tzonwpwmlDwAao1sMTFxEQ== -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:03 2026 by rpki-client