This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/HXd1HSvZn5fzs8j_asSEiUVbJWU.roa File: HXd1HSvZn5fzs8j_asSEiUVbJWU.roa (raw, json) Hash identifier: a0G7HmkQ7N7zsMujDSXCSXpTfVqpxnZMoO++ZO+ge+I= Subject key identifier: 1D:77:75:1D:2B:D9:9F:97:F3:B3:C8:FF:6A:C4:84:89:45:5B:25:65 Certificate issuer: /CN=107807c2518915138f555123605c0133dfdbb4fa Certificate serial: 019B7C80C97CFBE46E134ECF80EEC21476C7 Authority key identifier: 10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/HXd1HSvZn5fzs8j_asSEiUVbJWU.roa Signing time: Fri 02 Jan 2026 02:19:33 +0000 ROA not before: Fri 02 Jan 2026 02:19:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 378 IP address blocks: 132.70.0.0/15 maxlen: 15 132.70.0.0/16 maxlen: 16 132.71.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/EHgHwlGJFROPVVEjYFwBM9_btPo.crl rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/EHgHwlGJFROPVVEjYFwBM9_btPo.mft rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:c9:7c:fb:e4:6e:13:4e:cf:80:ee:c2:14:76:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=107807c2518915138f555123605c0133dfdbb4fa Validity Not Before: Jan 2 02:19:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1d77751d2bd99f97f3b3c8ff6ac48489455b2565 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:55:5f:3b:ed:09:c2:33:e1:ed:da:55:a2:a5: 90:73:13:4c:45:12:7e:40:a3:e8:dd:eb:a5:eb:75: e2:6c:d3:84:79:40:96:ad:f5:c4:9c:8d:53:f4:90: 0f:36:93:2e:75:66:e8:2c:9c:1e:50:a7:64:6b:9a: 22:02:c8:73:30:f2:da:74:fd:17:ea:71:ca:c4:5c: 56:89:01:af:2b:27:8a:24:6f:3b:bb:80:48:57:10: 12:af:a4:9b:cb:46:42:a2:70:4d:10:81:aa:13:8d: f4:a3:7f:80:1f:3b:a4:05:23:67:cb:c0:22:92:d4: c0:e7:bf:69:0c:a9:13:00:9e:f0:34:98:68:10:11: 20:47:c1:fc:4c:70:df:3d:3a:06:11:f1:83:37:40: b0:0d:09:a8:dc:2c:94:26:7b:bb:52:67:07:bc:63: 9b:35:df:c8:82:74:48:c8:63:ac:d1:7e:5a:5b:2a: 7a:cb:30:20:2a:c5:08:6a:2d:7b:d3:83:5a:f5:81: a6:5f:cf:df:5a:37:31:88:90:c0:92:2e:c9:63:0e: 84:3d:58:1a:e3:51:89:7d:2b:72:2c:8f:06:f3:1b: a0:53:13:2e:3f:07:52:6d:4b:35:24:60:70:d1:2f: e9:8a:0b:b3:69:43:ee:d5:ea:85:d4:ec:78:35:30: a5:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:77:75:1D:2B:D9:9F:97:F3:B3:C8:FF:6A:C4:84:89:45:5B:25:65 X509v3 Authority Key Identifier: keyid:10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/HXd1HSvZn5fzs8j_asSEiUVbJWU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/EHgHwlGJFROPVVEjYFwBM9_btPo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 132.70.0.0/15 Signature Algorithm: sha256WithRSAEncryption 24:dc:0f:b2:59:50:1d:20:3c:1a:80:6d:8a:73:91:4a:f7:60: 64:e1:07:64:d9:6d:54:bc:e2:52:f8:39:22:61:03:a4:3c:02: cc:a9:8a:b7:97:89:f4:b0:a1:ab:79:85:c9:b7:07:e8:ea:42: d0:ab:d2:d2:ed:1a:35:3d:8f:f1:b7:46:eb:df:8f:97:f9:31: bb:0f:5f:34:ab:25:f5:c7:80:91:3b:9c:69:b8:25:c8:9a:57: d4:ef:25:3d:30:ee:da:13:ac:05:c8:c8:18:c1:1f:8b:a5:d8: 58:4e:79:ed:08:47:96:c2:d8:23:fa:85:87:d1:26:03:7b:a6: 64:20:40:4d:31:a4:77:45:0f:e8:12:c1:18:6f:b8:e0:d2:24: 43:69:96:18:85:94:44:ba:53:09:2c:27:55:6c:b2:37:b3:3b: dd:60:a3:52:75:42:0c:74:5d:bd:07:19:5a:74:ad:82:cc:b5: ff:5d:9f:28:5e:b9:19:61:e6:fd:33:2f:d7:c3:51:ed:b3:e5: e1:8b:ad:17:e1:05:a3:f3:73:f5:e0:6c:7b:02:fc:d2:2f:e3: 8f:59:9d:67:0f:b8:8c:9f:a3:e7:45:d4:67:02:a8:d1:11:66: 2b:35:bb:35:e0:9f:92:25:7f:02:4e:dd:90:f2:e5:75:fe:5a: 5b:f5:23:fa -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISAZt8gMl8++RuE07PgO7CFHbHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEwNzgwN2MyNTE4OTE1MTM4ZjU1NTEyMzYwNWMwMTMzZGZk YmI0ZmEwHhcNMjYwMTAyMDIxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZDc3NzUxZDJiZDk5Zjk3ZjNiM2M4ZmY2YWM0ODQ4OTQ1NWIyNTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31VfO+0JwjPh7dpVoqWQcxNMRRJ+ QKPo3eul63XibNOEeUCWrfXEnI1T9JAPNpMudWboLJweUKdka5oiAshzMPLadP0X 6nHKxFxWiQGvKyeKJG87u4BIVxASr6Sby0ZConBNEIGqE430o3+AHzukBSNny8Ai ktTA579pDKkTAJ7wNJhoEBEgR8H8THDfPToGEfGDN0CwDQmo3CyUJnu7UmcHvGOb Nd/IgnRIyGOs0X5aWyp6yzAgKsUIai1704Na9YGmX8/fWjcxiJDAki7JYw6EPVga 41GJfStyLI8G8xugUxMuPwdSbUs1JGBw0S/piguzaUPu1eqF1Ox4NTClCwIDAQAB o4ICCDCCAgQwHQYDVR0OBBYEFB13dR0r2Z+X87PI/2rEhIlFWyVlMB8GA1UdIwQY MBaAFBB4B8JRiRUTj1VRI2BcATPf27T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTIt ZjlhYzE1ZTY2Mzg2LzEvSFhkMUhTdlpuNWZ6czhqX2FzU0VpVVZiSldVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTItZjlhYzE1ZTY2Mzg2 LzEvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEYwDQYJ KoZIhvcNAQELBQADggEBACTcD7JZUB0gPBqAbYpzkUr3YGThB2TZbVS84lL4OSJh A6Q8AsypireXifSwoat5hcm3B+jqQtCr0tLtGjU9j/G3Ruvfj5f5MbsPXzSrJfXH gJE7nGm4JciaV9TvJT0w7toTrAXIyBjBH4ul2FhOee0IR5bC2CP6hYfRJgN7pmQg QE0xpHdFD+gSwRhvuODSJENplhiFlES6UwksJ1VssjezO91go1J1Qgx0Xb0HGVp0 rYLMtf9dnyheuRlh5v0zL9fDUe2z5eGLrRfhBaPzc/XgbHsC/NIv449ZnWcPuIyf o+dF1GcCqNERZis1uzXgn5IlfwJO3ZDy5XX+Wlv1I/o= -----END CERTIFICATE-----Generated at Sun Jan 25 20:49:03 2026 by rpki-client