This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/rHk667_7e1f5CM1H6jMGDJQ1_rI.roa File: rHk667_7e1f5CM1H6jMGDJQ1_rI.roa (raw, json) Hash identifier: eJy0wY8fT6hZGfxYTUIN+SEKm4c/Wt9buTzlEZ5VOng= Subject key identifier: AC:79:3A:EB:BF:FB:7B:57:F9:08:CD:47:EA:33:06:0C:94:35:FE:B2 Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e Certificate serial: 019B7C122DFA0C7CA55F073022A5D78A2430 Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/rHk667_7e1f5CM1H6jMGDJQ1_rI.roa Signing time: Fri 02 Jan 2026 00:18:44 +0000 ROA not before: Fri 02 Jan 2026 00:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214379 IP address blocks: 185.126.255.0/24 maxlen: 24 194.4.71.0/24 maxlen: 24 212.79.125.0/24 maxlen: 24 212.87.168.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.mft rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:2d:fa:0c:7c:a5:5f:07:30:22:a5:d7:8a:24:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e Validity Not Before: Jan 2 00:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ac793aebbffb7b57f908cd47ea33060c9435feb2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:05:dc:8a:c0:4e:cb:8c:97:66:8c:9a:79:91: bb:b5:50:c2:b7:4b:b7:65:98:8a:4e:b0:6a:8c:9e: 84:82:34:62:e2:3f:d0:a6:bb:a3:e2:29:91:a8:aa: 7d:2c:5c:fc:5c:41:26:57:8d:2e:32:6e:ea:c9:93: 77:aa:f3:dc:ab:ca:0f:45:ea:89:8c:01:55:6b:7b: 24:7c:06:d7:05:94:fd:2e:da:85:3a:bb:f4:09:64: 46:80:2c:20:b7:48:10:04:c4:14:db:0c:5c:a3:a3: 74:17:f2:2a:23:86:1b:30:a9:ce:f7:9e:82:7b:c1: 3c:83:5b:25:bd:c3:6f:aa:fe:da:8f:6b:21:fe:d8: 2b:f6:6d:f7:6a:cd:b9:cd:d0:e2:fa:e9:c5:ea:64: b3:d7:bd:58:b8:97:d5:09:6a:22:52:67:85:55:4b: db:48:26:f5:ec:bf:a2:08:10:5c:04:fa:6d:a4:ba: e2:25:8c:a6:fb:6a:a3:12:34:52:b9:38:65:1c:44: 5e:d0:8b:81:40:1f:14:b3:18:3c:85:bd:88:ba:50: 8e:2d:82:1a:f7:7d:b8:60:b3:d9:50:35:c2:05:8b: 2d:99:05:aa:c5:62:6c:f4:0d:e9:22:8d:8a:36:93: 68:7b:04:ab:13:04:9d:2e:60:b9:2f:55:a9:5c:fa: b2:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:79:3A:EB:BF:FB:7B:57:F9:08:CD:47:EA:33:06:0C:94:35:FE:B2 X509v3 Authority Key Identifier: keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/rHk667_7e1f5CM1H6jMGDJQ1_rI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.126.255.0/24 194.4.71.0/24 212.79.125.0/24 212.87.168.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:b1:07:69:e1:3b:8f:bf:aa:00:9f:7c:7f:e2:3f:ee:32:67: b2:f4:bf:dd:e3:53:b5:61:01:a4:0f:82:c5:e9:66:ca:28:78: de:5f:66:c2:9e:3b:82:42:71:80:8d:34:cc:dc:c0:77:56:ec: 10:10:80:0d:ba:df:9d:93:38:da:68:a9:9a:3a:e7:4e:7a:0c: 95:5d:68:b5:75:dc:bb:9e:35:ce:74:2e:a9:af:91:c4:8b:58: a3:69:16:22:16:a4:63:97:88:fb:8c:77:18:00:f2:2c:c1:9d: db:85:2f:94:72:64:4c:a9:7f:02:15:0d:eb:e6:29:38:37:fb: c4:c1:f1:d2:d2:33:a4:82:d8:79:eb:e0:b0:3a:55:1b:fe:16: 4a:7e:a0:e0:e0:42:ca:bb:16:8e:89:63:ef:cb:da:55:2b:a8: 94:a1:37:f8:c1:01:ad:f5:a1:b3:87:16:42:12:1f:fe:fe:76: 72:7d:b9:6a:22:c7:fd:b4:20:17:c4:92:90:3c:7d:5a:2c:d6: 70:fe:47:d5:1d:66:29:c7:70:8b:67:b4:c4:18:d3:a8:ea:09: 87:3f:0a:65:5f:6d:0b:91:b2:5c:08:f6:87:5f:6a:36:9e:29: dd:e5:78:5d:b6:67:18:4f:12:17:20:82:d6:41:83:ec:b1:03: e8:8e:f0:ce -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt8Ei36DHylXwcwIqXXiiQwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3 YWJjMWUwHhcNMjYwMTAyMDAxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYzc5M2FlYmJmZmI3YjU3ZjkwOGNkNDdlYTMzMDYwYzk0MzVmZWIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AXcisBOy4yXZoyaeZG7tVDCt0u3 ZZiKTrBqjJ6EgjRi4j/Qpruj4imRqKp9LFz8XEEmV40uMm7qyZN3qvPcq8oPReqJ jAFVa3skfAbXBZT9LtqFOrv0CWRGgCwgt0gQBMQU2wxco6N0F/IqI4YbMKnO956C e8E8g1slvcNvqv7aj2sh/tgr9m33as25zdDi+unF6mSz171YuJfVCWoiUmeFVUvb SCb17L+iCBBcBPptpLriJYym+2qjEjRSuThlHERe0IuBQB8Usxg8hb2IulCOLYIa 9324YLPZUDXCBYstmQWqxWJs9A3pIo2KNpNoewSrEwSdLmC5L1WpXPqyaQIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFKx5Ouu/+3tX+QjNR+ozBgyUNf6yMB8GA1UdIwQY MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt MWI2Zjc1MGNmOWEyLzEvckhrNjY3XzdlMWY1Q00xSDZqTUdESlExX3JJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuX7/AwQA wgRHAwQA1E99AwQA1FeoMA0GCSqGSIb3DQEBCwUAA4IBAQBbsQdp4TuPv6oAn3x/ 4j/uMmey9L/d41O1YQGkD4LF6WbKKHjeX2bCnjuCQnGAjTTM3MB3VuwQEIANut+d kzjaaKmaOudOegyVXWi1ddy7njXOdC6pr5HEi1ijaRYiFqRjl4j7jHcYAPIswZ3b hS+UcmRMqX8CFQ3r5ik4N/vEwfHS0jOkgth56+CwOlUb/hZKfqDg4ELKuxaOiWPv y9pVK6iUoTf4wQGt9aGzhxZCEh/+/nZyfblqIsf9tCAXxJKQPH1aLNZw/kfVHWYp x3CLZ7TEGNOo6gmHPwplX20LkbJcCPaHX2o2nind5XhdtmcYTxIXIILWQYPssQPo jvDO -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:18 2026 by rpki-client