This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/bcdcca-f06b-40cf-8e21-2145220994ce/1/HlrwIab2M9srn4RxDvYJgsLRgu0.roa File: HlrwIab2M9srn4RxDvYJgsLRgu0.roa (raw, json) Hash identifier: 7RDUg5q6/CoL8hnKalD+rZmIPoU5JzkF0lqwqiGYim4= Subject key identifier: 1E:5A:F0:21:A6:F6:33:DB:2B:9F:84:71:0E:F6:09:82:C2:D1:82:ED Certificate issuer: /CN=a3ca7b1c13a7d7b31231412b8fb6947a1747db9d Certificate serial: 019B76EB997DBD1A3EF1501E429531D6612A Authority key identifier: A3:CA:7B:1C:13:A7:D7:B3:12:31:41:2B:8F:B6:94:7A:17:47:DB:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8p7HBOn17MSMUErj7aUehdH250.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/bcdcca-f06b-40cf-8e21-2145220994ce/1/HlrwIab2M9srn4RxDvYJgsLRgu0.roa Signing time: Thu 01 Jan 2026 00:18:30 +0000 ROA not before: Thu 01 Jan 2026 00:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212027 IP address blocks: 2a14:1c40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/bcdcca-f06b-40cf-8e21-2145220994ce/1/o8p7HBOn17MSMUErj7aUehdH250.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/bcdcca-f06b-40cf-8e21-2145220994ce/1/o8p7HBOn17MSMUErj7aUehdH250.mft rsync://rpki.ripe.net/repository/DEFAULT/o8p7HBOn17MSMUErj7aUehdH250.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 09:01:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:99:7d:bd:1a:3e:f1:50:1e:42:95:31:d6:61:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3ca7b1c13a7d7b31231412b8fb6947a1747db9d Validity Not Before: Jan 1 00:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1e5af021a6f633db2b9f84710ef60982c2d182ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e3:fd:d5:32:00:b3:47:5b:6c:e5:4d:5b:07: de:15:b9:85:76:5a:cb:9f:d7:7a:10:74:36:6b:71: 78:33:1f:d5:d5:f5:90:f8:1c:c7:59:9f:13:bc:cc: ab:24:a1:ca:e7:39:a7:32:c2:e0:c2:28:c6:76:66: e3:79:c5:d6:cb:a8:8c:bf:14:32:ea:b6:d2:d8:69: 11:5b:2f:13:97:15:54:f8:0b:83:52:ac:29:75:f4: 9f:fe:06:98:f3:ce:bf:80:81:e3:ab:08:e6:f4:ed: 86:5e:07:38:c0:a8:4d:c5:52:20:b1:a2:15:15:36: 0f:28:29:ef:1f:91:e2:d0:06:9b:fa:93:d1:ec:e5: 50:9d:41:28:bb:02:c3:f3:55:f7:e4:33:a6:0d:fb: 07:a3:0e:8c:79:1f:12:17:af:34:f4:22:19:05:c5: 33:e0:8e:88:81:1e:5a:10:25:b8:f6:fc:ff:b9:9a: a6:41:8e:e3:52:41:1c:c7:ff:be:29:fb:34:c8:0b: 02:af:f6:b5:ce:37:02:20:eb:18:25:e3:58:fe:04: 17:5a:f0:6c:44:4a:51:83:41:c9:de:a7:99:66:15: 6d:67:d9:9d:e9:bb:fd:7e:0e:0e:a5:fa:00:32:c8: cf:5f:81:6f:dc:f6:73:f7:4d:b5:b5:37:a7:0e:e1: 6a:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:5A:F0:21:A6:F6:33:DB:2B:9F:84:71:0E:F6:09:82:C2:D1:82:ED X509v3 Authority Key Identifier: keyid:A3:CA:7B:1C:13:A7:D7:B3:12:31:41:2B:8F:B6:94:7A:17:47:DB:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8p7HBOn17MSMUErj7aUehdH250.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/bcdcca-f06b-40cf-8e21-2145220994ce/1/HlrwIab2M9srn4RxDvYJgsLRgu0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/bcdcca-f06b-40cf-8e21-2145220994ce/1/o8p7HBOn17MSMUErj7aUehdH250.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1c40::/29 Signature Algorithm: sha256WithRSAEncryption 81:0a:0e:ea:e6:eb:43:72:cd:e4:67:d6:8d:68:ea:80:0a:9c: ce:2e:8c:58:8b:93:77:c0:77:71:2c:62:61:5f:3d:66:32:b5: 23:2e:76:ac:96:54:51:9c:9b:c9:f7:14:4c:12:4a:0e:35:71: a1:e1:ce:10:f2:91:c6:32:a9:e2:45:e6:0c:3d:53:99:1a:42: e7:95:bd:13:7b:c8:2a:18:6c:b9:b9:5b:d4:d7:5f:ec:d6:e8: 07:28:c6:84:05:ab:56:b9:92:cc:98:bd:64:9c:e9:0e:16:96: 07:be:46:b2:0d:cd:62:ab:4a:ee:ae:29:8b:dc:72:15:74:c6: 43:f0:74:12:0b:d9:d2:57:c9:77:ae:69:b8:cc:38:d6:a0:bf: ad:a6:7e:af:25:e7:72:a0:ca:09:ac:40:9b:70:6a:54:a5:ad: e6:92:2d:f2:65:22:03:e4:52:80:9e:78:31:90:8a:69:64:9f: 00:d5:de:30:7e:30:96:bd:29:a7:d6:73:22:59:54:d2:e0:28: 7a:70:fd:35:7b:82:e8:db:6c:c5:3e:4f:e3:ba:1a:25:3a:f5: c3:94:dd:46:c0:3b:64:33:46:08:3f:c5:3b:63:18:2a:81:96: 68:db:7f:72:b3:d8:c9:a3:71:2a:cf:33:65:57:25:a8:58:27: 86:a7:93:f9 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt265l9vRo+8VAeQpUx1mEqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzY2E3YjFjMTNhN2Q3YjMxMjMxNDEyYjhmYjY5NDdhMTc0 N2RiOWQwHhcNMjYwMTAxMDAxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZTVhZjAyMWE2ZjYzM2RiMmI5Zjg0NzEwZWY2MDk4MmMyZDE4MmVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuP91TIAs0dbbOVNWwfeFbmFdlrL n9d6EHQ2a3F4Mx/V1fWQ+BzHWZ8TvMyrJKHK5zmnMsLgwijGdmbjecXWy6iMvxQy 6rbS2GkRWy8TlxVU+AuDUqwpdfSf/gaY886/gIHjqwjm9O2GXgc4wKhNxVIgsaIV FTYPKCnvH5Hi0Aab+pPR7OVQnUEouwLD81X35DOmDfsHow6MeR8SF6809CIZBcUz 4I6IgR5aECW49vz/uZqmQY7jUkEcx/++Kfs0yAsCr/a1zjcCIOsYJeNY/gQXWvBs REpRg0HJ3qeZZhVtZ9md6bv9fg4OpfoAMsjPX4Fv3PZz9021tTenDuFqGwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFB5a8CGm9jPbK5+EcQ72CYLC0YLtMB8GA1UdIwQY MBaAFKPKexwTp9ezEjFBK4+2lHoXR9udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzhwN0hCT24xN01TTVVFcmo3YVVlaGRIMjUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iY2RjY2EtZjA2Yi00MGNmLThlMjEt MjE0NTIyMDk5NGNlLzEvSGxyd0lhYjJNOXNybjRSeER2WUpnc0xSZ3UwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy9iY2RjY2EtZjA2Yi00MGNmLThlMjEtMjE0NTIyMDk5NGNl LzEvbzhwN0hCT24xN01TTVVFcmo3YVVlaGRIMjUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQcQDAN BgkqhkiG9w0BAQsFAAOCAQEAgQoO6ubrQ3LN5GfWjWjqgAqczi6MWIuTd8B3cSxi YV89ZjK1Iy52rJZUUZybyfcUTBJKDjVxoeHOEPKRxjKp4kXmDD1TmRpC55W9E3vI Khhsublb1Ndf7NboByjGhAWrVrmSzJi9ZJzpDhaWB75Gsg3NYqtK7q4pi9xyFXTG Q/B0EgvZ0lfJd65puMw41qC/raZ+ryXncqDKCaxAm3BqVKWt5pIt8mUiA+RSgJ54 MZCKaWSfANXeMH4wlr0pp9ZzIllU0uAoenD9NXuC6NtsxT5P47oaJTr1w5TdRsA7 ZDNGCD/FO2MYKoGWaNt/crPYyaNxKs8zZVclqFgnhqeT+Q== -----END CERTIFICATE-----Generated at Wed Jan 7 14:15:07 2026 by rpki-client