This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/hFqXENq7P7QUMtqEsRtgqERPZCs.roa File: hFqXENq7P7QUMtqEsRtgqERPZCs.roa (raw, json) Hash identifier: q+KMtUDFdWB6VE5Bue6DG/HBife4LzHOWxTx2yB51Oc= Subject key identifier: 84:5A:97:10:DA:BB:3F:B4:14:32:DA:84:B1:1B:60:A8:44:4F:64:2B Certificate issuer: /CN=7a8bae923305a71c526a6fcf57c29d6c16a4269e Certificate serial: 019B76EB6EB9D1C6865D058AC49FDA71CFE7 Authority key identifier: 7A:8B:AE:92:33:05:A7:1C:52:6A:6F:CF:57:C2:9D:6C:16:A4:26:9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eouukjMFpxxSam_PV8KdbBakJp4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/hFqXENq7P7QUMtqEsRtgqERPZCs.roa Signing time: Thu 01 Jan 2026 00:18:19 +0000 ROA not before: Thu 01 Jan 2026 00:18:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34907 IP address blocks: 193.3.162.0/24 maxlen: 24 194.31.232.0/24 maxlen: 24 195.245.200.0/24 maxlen: 24 2001:67c:178c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/eouukjMFpxxSam_PV8KdbBakJp4.crl rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/eouukjMFpxxSam_PV8KdbBakJp4.mft rsync://rpki.ripe.net/repository/DEFAULT/eouukjMFpxxSam_PV8KdbBakJp4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:6e:b9:d1:c6:86:5d:05:8a:c4:9f:da:71:cf:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7a8bae923305a71c526a6fcf57c29d6c16a4269e Validity Not Before: Jan 1 00:18:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=845a9710dabb3fb41432da84b11b60a8444f642b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:2a:f5:e6:59:e6:e7:10:eb:ce:13:31:4d:e5: a7:41:97:82:95:7b:c8:5d:81:b6:bc:44:34:23:32: 58:2d:c8:60:6f:0f:6e:ac:a3:56:42:d2:e4:1a:aa: 4d:8f:51:f7:d5:83:73:cf:b2:b3:69:c5:f0:5d:3a: ba:25:1e:a7:4d:bd:a8:3b:75:9c:dc:f9:14:6a:c0: dc:bb:78:af:05:6d:ba:84:ea:ad:5e:8c:fa:0e:df: 4f:89:79:29:25:47:f2:83:a1:b1:39:c2:4a:19:14: 60:6e:77:ed:23:00:05:ea:46:87:54:7c:1e:94:5c: ae:f0:44:98:3e:34:a2:c9:69:45:3c:a4:ff:ce:16: a1:ca:5a:01:a7:24:3f:73:80:51:f5:ce:8a:6b:cd: b0:f7:53:51:99:74:42:3e:8f:6d:ce:68:89:65:59: 63:8e:0d:69:a8:c7:5a:88:af:58:6d:ac:1d:bd:c6: 0b:fc:36:62:b2:fa:d4:77:6a:b3:95:cf:50:14:64: e8:29:99:92:4e:7b:a7:af:37:da:d8:55:13:7f:50: 1c:fa:20:e6:f2:13:2f:47:37:fa:e3:5b:13:75:9a: 3a:35:ad:55:11:9a:86:d6:00:31:a9:45:bf:91:69: 42:25:b5:ef:43:2b:ff:fe:1b:77:f7:e6:34:79:9f: cc:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:5A:97:10:DA:BB:3F:B4:14:32:DA:84:B1:1B:60:A8:44:4F:64:2B X509v3 Authority Key Identifier: keyid:7A:8B:AE:92:33:05:A7:1C:52:6A:6F:CF:57:C2:9D:6C:16:A4:26:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eouukjMFpxxSam_PV8KdbBakJp4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/hFqXENq7P7QUMtqEsRtgqERPZCs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/eouukjMFpxxSam_PV8KdbBakJp4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.3.162.0/24 194.31.232.0/24 195.245.200.0/24 IPv6: 2001:67c:178c::/48 Signature Algorithm: sha256WithRSAEncryption 03:09:a0:ab:a3:a2:32:12:7b:d7:4e:61:08:93:14:2f:f7:f1: b0:d5:de:59:8c:7d:64:92:25:3e:2f:45:09:31:ce:c7:fc:b0: 81:03:e6:c0:11:fc:09:04:71:2d:ad:83:ec:c4:d4:97:73:7b: 8d:34:fb:bd:8c:53:e8:8e:49:61:47:60:e7:c3:1a:31:83:e0: ba:2a:07:02:42:31:31:f9:70:c0:31:d8:26:15:6f:c5:f4:1e: c3:1f:2a:63:99:e3:69:e2:6d:de:2e:96:af:9d:12:67:be:21: e1:fd:b7:49:1e:ae:b9:34:e5:41:51:6a:89:e0:c3:12:7f:70: 21:8b:61:03:10:53:df:18:d9:70:80:59:69:5f:93:42:cd:29: 23:31:3a:00:24:79:d5:f9:2a:ef:e9:cf:39:1c:21:df:73:be: c2:70:aa:35:72:5c:9f:1d:74:4d:3e:4b:7f:6b:e8:1f:e2:9a: 7f:c1:20:38:33:f6:39:16:e4:89:e7:d8:8a:d8:88:c1:cc:f8: 0c:7c:3d:5a:76:f5:93:09:af:6a:17:46:29:62:3b:ba:d4:6b: 0a:a7:37:3e:42:6a:59:ed:80:66:84:89:9c:4c:45:0f:71:66: f4:37:26:59:52:5e:4b:bc:c9:4a:84:1c:bd:e6:a0:0f:a9:e1: 70:ab:f6:d2 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt262650caGXQWKxJ/acc/nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdhOGJhZTkyMzMwNWE3MWM1MjZhNmZjZjU3YzI5ZDZjMTZh NDI2OWUwHhcNMjYwMTAxMDAxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDVhOTcxMGRhYmIzZmI0MTQzMmRhODRiMTFiNjBhODQ0NGY2NDJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyr15lnm5xDrzhMxTeWnQZeClXvI XYG2vEQ0IzJYLchgbw9urKNWQtLkGqpNj1H31YNzz7KzacXwXTq6JR6nTb2oO3Wc 3PkUasDcu3ivBW26hOqtXoz6Dt9PiXkpJUfyg6GxOcJKGRRgbnftIwAF6kaHVHwe lFyu8ESYPjSiyWlFPKT/zhahyloBpyQ/c4BR9c6Ka82w91NRmXRCPo9tzmiJZVlj jg1pqMdaiK9YbawdvcYL/DZisvrUd2qzlc9QFGToKZmSTnunrzfa2FUTf1Ac+iDm 8hMvRzf641sTdZo6Na1VEZqG1gAxqUW/kWlCJbXvQyv//ht39+Y0eZ/MFwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFIRalxDauz+0FDLahLEbYKhET2QrMB8GA1UdIwQY MBaAFHqLrpIzBaccUmpvz1fCnWwWpCaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZW91dWtqTUZweHhTYW1fUFY4S2RiQmFrSnA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yYTFlNWMtMTAxMC00MDk4LTk0Yzkt ZGUwYzU3MGJhODUwLzEvaEZxWEVOcTdQN1FVTXRxRXNSdGdxRVJQWkNzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi8yYTFlNWMtMTAxMC00MDk4LTk0YzktZGUwYzU3MGJhODUw LzEvZW91dWtqTUZweHhTYW1fUFY4S2RiQmFrSnA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAwQOiAwQA wh/oAwQAw/XIMA8EAgACMAkDBwAgAQZ8F4wwDQYJKoZIhvcNAQELBQADggEBAAMJ oKujojISe9dOYQiTFC/38bDV3lmMfWSSJT4vRQkxzsf8sIED5sAR/AkEcS2tg+zE 1Jdze400+72MU+iOSWFHYOfDGjGD4LoqBwJCMTH5cMAx2CYVb8X0HsMfKmOZ42ni bd4ulq+dEme+IeH9t0kerrk05UFRaongwxJ/cCGLYQMQU98Y2XCAWWlfk0LNKSMx OgAkedX5Ku/pzzkcId9zvsJwqjVyXJ8ddE0+S39r6B/imn/BIDgz9jkW5Inn2IrY iMHM+Ax8PVp29ZMJr2oXRiliO7rUawqnNz5CalntgGaEiZxMRQ9xZvQ3JllSXku8 yUqEHL3moA+p4XCr9tI= -----END CERTIFICATE-----Generated at Mon Jan 26 15:35:02 2026 by rpki-client