This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/7_SHifYIXSDLBw6-a-X9w02vEJU.roa File: 7_SHifYIXSDLBw6-a-X9w02vEJU.roa (raw, json) Hash identifier: d8U0YjKp3nXs9UZKs93jR65ryJ0Ofo6mrTUHfTrd2BM= Subject key identifier: EF:F4:87:89:F6:08:5D:20:CB:07:0E:BE:6B:E5:FD:C3:4D:AF:10:95 Certificate issuer: /CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10 Certificate serial: 019B7C8081AEC255C6C4624CEB31A8790AAF Authority key identifier: 1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/7_SHifYIXSDLBw6-a-X9w02vEJU.roa Signing time: Fri 02 Jan 2026 02:19:15 +0000 ROA not before: Fri 02 Jan 2026 02:19:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198930 IP address blocks: 91.106.128.0/18 maxlen: 24 170.133.0.0/18 maxlen: 24 185.78.60.0/22 maxlen: 24 185.161.144.0/22 maxlen: 22 2a07:c540::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.crl rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.mft rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:81:ae:c2:55:c6:c4:62:4c:eb:31:a8:79:0a:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10 Validity Not Before: Jan 2 02:19:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=eff48789f6085d20cb070ebe6be5fdc34daf1095 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a2:76:b8:0f:e9:79:0d:3e:86:57:02:4c:9c: e8:e6:79:5a:f7:c6:07:80:88:d1:85:cd:72:a2:b9: 6a:1f:32:c5:ab:49:9d:75:83:5e:8b:44:b5:7b:8d: 34:2a:23:1e:61:ce:72:8e:64:08:e7:7c:3b:be:18: 40:d9:bd:f3:da:2d:d1:e9:af:de:c6:10:07:24:2b: ec:15:49:fc:af:21:c0:f5:7e:7f:eb:64:1c:e3:b7: 76:73:de:e0:a4:a7:c2:37:3e:97:c1:2c:72:47:af: e2:d3:5c:84:15:37:ff:c8:7d:40:5f:9b:d1:cf:fd: 1c:36:5f:0f:96:aa:43:1c:30:b1:ac:3a:f2:ab:c1: f6:c9:23:ff:57:37:cd:eb:8c:a8:59:f3:cb:dc:e4: 02:bb:c6:39:4d:35:69:28:a2:3a:65:d1:a1:d8:c3: 4c:b4:78:2e:ee:dd:0b:f8:a6:65:f7:dc:39:ce:48: 69:64:0c:30:9d:b5:82:e1:2d:ac:12:3f:87:fd:00: 0d:cd:35:82:67:fa:e7:47:39:72:1e:84:2a:62:03: a3:12:29:bc:0b:b4:4c:d5:22:64:6a:ae:8a:72:82: 2c:6b:b4:61:87:1d:4d:30:b6:0e:b4:5c:81:c9:f4: e1:b3:51:94:7a:51:2e:7d:fb:09:bc:70:b6:f7:ab: 64:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:F4:87:89:F6:08:5D:20:CB:07:0E:BE:6B:E5:FD:C3:4D:AF:10:95 X509v3 Authority Key Identifier: keyid:1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/7_SHifYIXSDLBw6-a-X9w02vEJU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.106.128.0/18 170.133.0.0/18 185.78.60.0/22 185.161.144.0/22 IPv6: 2a07:c540::/29 Signature Algorithm: sha256WithRSAEncryption 67:f8:9c:c7:33:5c:0f:c9:6e:7a:aa:9f:0b:8c:4e:bb:27:8f: e6:7d:77:85:f3:c4:2e:9b:cf:3c:5c:89:15:f9:20:7f:e3:cc: b0:95:af:db:cd:76:5a:f2:71:5d:d5:80:6c:6f:14:96:0c:0e: 50:28:c3:93:03:c1:a1:51:09:ed:ec:4f:9a:e3:0e:06:6c:7e: 6a:03:ee:4d:74:3c:47:f6:a0:19:d5:49:a0:6a:2f:b0:3b:8f: 39:0f:ba:0d:75:34:6f:e8:df:54:b0:4a:71:bd:65:5c:7f:ef: 17:14:8d:0e:5e:f1:bd:bd:58:c2:02:3b:a1:1d:75:e3:b9:ee: 05:c0:ff:48:a5:bb:10:a0:65:52:ad:19:95:b5:00:41:c6:12: 4f:34:69:9c:75:ef:b5:71:72:8c:d7:09:f9:c0:a2:1a:c7:29: 06:64:92:7a:20:bf:13:cc:45:fa:03:85:cd:22:a7:ad:20:bd: 1f:f8:a3:b6:4d:d8:a4:c5:2d:b5:58:f9:84:c3:7a:e5:b0:23: 96:96:fe:03:a6:41:d6:53:09:f3:3a:3d:6a:04:6d:ec:3a:04: 9d:8a:6b:3b:bb:0e:bc:d4:61:f3:75:ed:05:f1:aa:00:65:e0: 3f:8b:95:20:6b:e5:31:ab:65:6f:95:75:21:c3:89:e7:97:25: c2:a7:58:47 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt8gIGuwlXGxGJM6zGoeQqvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjZjJlYzgyNWZhNjM4MWU4ZTk0ZmQzOWIwNmVhMzhiNjNl NDFhMTAwHhcNMjYwMTAyMDIxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlZmY0ODc4OWY2MDg1ZDIwY2IwNzBlYmU2YmU1ZmRjMzRkYWYxMDk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6J2uA/peQ0+hlcCTJzo5nla98YH gIjRhc1yorlqHzLFq0mddYNei0S1e400KiMeYc5yjmQI53w7vhhA2b3z2i3R6a/e xhAHJCvsFUn8ryHA9X5/62Qc47d2c97gpKfCNz6XwSxyR6/i01yEFTf/yH1AX5vR z/0cNl8PlqpDHDCxrDryq8H2ySP/VzfN64yoWfPL3OQCu8Y5TTVpKKI6ZdGh2MNM tHgu7t0L+KZl99w5zkhpZAwwnbWC4S2sEj+H/QANzTWCZ/rnRzlyHoQqYgOjEim8 C7RM1SJkaq6KcoIsa7Rhhx1NMLYOtFyByfThs1GUelEuffsJvHC296tkuQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFO/0h4n2CF0gywcOvmvl/cNNrxCVMB8GA1UdIwQY MBaAFBzy7IJfpjgejpT9ObBuo4tj5BoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2Ut YzRjNjM5ODNiNTBjLzEvN19TSGlmWUlYU0RMQnc2LWEtWDl3MDJ2RUpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2UtYzRjNjM5ODNiNTBj LzEvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGW2qAAwQG qoUAAwQCuU48AwQCuaGQMA0EAgACMAcDBQMqB8VAMA0GCSqGSIb3DQEBCwUAA4IB AQBn+JzHM1wPyW56qp8LjE67J4/mfXeF88Qum888XIkV+SB/48ywla/bzXZa8nFd 1YBsbxSWDA5QKMOTA8GhUQnt7E+a4w4GbH5qA+5NdDxH9qAZ1Umgai+wO485D7oN dTRv6N9UsEpxvWVcf+8XFI0OXvG9vVjCAjuhHXXjue4FwP9IpbsQoGVSrRmVtQBB xhJPNGmcde+1cXKM1wn5wKIaxykGZJJ6IL8TzEX6A4XNIqetIL0f+KO2TdikxS21 WPmEw3rlsCOWlv4DpkHWUwnzOj1qBG3sOgSdims7uw681GHzde0F8aoAZeA/i5Ug a+Uxq2VvlXUhw4nnlyXCp1hH -----END CERTIFICATE-----Generated at Mon Jan 26 00:13:51 2026 by rpki-client