This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/hkQ88zOSgL4atfbl_CcFBxTBpMY.roa File: hkQ88zOSgL4atfbl_CcFBxTBpMY.roa (raw, json) Hash identifier: QfIMWKJdhAsqkN5y4A+7qRa4j8KqfYUn3J+ymPaywHU= Subject key identifier: 86:44:3C:F3:33:92:80:BE:1A:B5:F6:E5:FC:27:05:07:14:C1:A4:C6 Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Certificate serial: 019B7F84949A9841C4DA73B937D349E984BD Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/hkQ88zOSgL4atfbl_CcFBxTBpMY.roa Signing time: Fri 02 Jan 2026 16:22:33 +0000 ROA not before: Fri 02 Jan 2026 16:22:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35004 IP address blocks: 93.170.116.0/22 maxlen: 24 95.46.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:94:9a:98:41:c4:da:73:b9:37:d3:49:e9:84:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Validity Not Before: Jan 2 16:22:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=86443cf3339280be1ab5f6e5fc27050714c1a4c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:f4:1a:e5:d2:89:5a:ce:b0:57:5d:3c:cf:b7: cb:f2:9e:2a:d5:0b:ab:ab:8e:9e:c0:02:de:8d:78: 54:53:6c:9a:4e:a8:15:3f:4e:c0:2f:ef:71:e6:ed: 4e:2f:fc:43:76:d1:a3:e8:ba:f1:d5:b9:d8:41:47: 54:2e:5b:48:58:a1:d8:23:da:a1:0c:ad:f1:8c:cd: de:b7:52:79:70:61:49:b3:9e:c6:e0:d6:04:ea:13: ed:fa:58:a8:bd:c7:66:85:d5:69:77:82:4e:6f:00: c1:4e:c3:6b:be:79:b9:31:44:c3:04:49:56:03:d9: e5:b1:bd:19:6d:c4:39:8a:c8:20:a4:9e:72:21:84: 55:5d:8c:bd:2b:c6:34:16:08:af:0b:75:6a:e1:92: d8:5f:32:de:71:06:3d:12:c8:61:ee:b9:45:a6:67: 5e:d5:d9:e2:82:5c:6d:5e:de:07:cc:af:da:4d:c2: 23:e9:1d:89:e3:1c:60:10:f8:a0:2e:95:ca:6f:cc: c8:8c:9c:35:6a:bb:70:0f:b0:bf:f2:80:9c:01:11: d2:2f:25:41:36:fc:53:31:16:6d:46:90:57:77:64: 36:31:55:26:68:28:d3:77:5f:10:3b:ac:5d:32:ee: f4:ac:5b:31:d7:55:5f:1d:00:0d:d3:db:ce:b0:7d: 7f:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:44:3C:F3:33:92:80:BE:1A:B5:F6:E5:FC:27:05:07:14:C1:A4:C6 X509v3 Authority Key Identifier: keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/hkQ88zOSgL4atfbl_CcFBxTBpMY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 93.170.116.0/22 95.46.212.0/22 Signature Algorithm: sha256WithRSAEncryption 29:21:23:a2:92:76:3b:41:af:96:ae:67:db:8e:b7:74:00:a8: 74:a2:89:68:95:30:71:2c:f2:f8:f3:c7:f0:40:1e:ee:ce:57: 95:c8:33:97:1d:b9:66:32:35:c3:f0:1c:88:04:9b:f0:3a:b2: f0:32:f2:a4:d0:a6:01:9d:f0:d7:60:df:e9:e5:f0:71:40:9f: 37:80:fc:17:01:74:0b:f4:4d:7c:38:1d:74:2a:67:c6:ab:3f: 2a:cb:a4:23:51:57:4e:14:99:7c:2c:8b:2c:a5:02:a6:f8:1f: 61:66:ae:95:cf:54:fb:eb:d0:3b:e4:a4:94:6e:cb:4b:11:f0: ec:76:5d:54:0b:0e:dd:7a:30:7b:e7:c3:8a:bb:46:72:4e:18: 41:3f:a0:ec:37:98:7d:2b:d5:e5:7b:ce:cd:1d:a1:c7:8b:a5: a9:33:da:b7:a9:eb:fe:99:bb:49:dc:e6:e0:85:f4:7c:86:78: 36:4e:89:ec:6b:94:95:7e:7e:89:db:1f:13:9d:72:d7:ba:fc: c9:32:82:08:07:ae:c1:14:65:51:6a:6a:35:b9:e6:ed:3d:b1: b7:8e:c4:db:f6:3d:79:ae:ee:b2:09:b3:d6:f3:77:4f:b7:ba: 15:20:6e:07:1e:3c:a3:45:ac:63:4f:f5:72:84:cb:65:94:97: e4:62:1c:f5 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/hJSamEHE2nO5N9NJ6YS9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh YWVmNDIwHhcNMjYwMTAyMTYyMjMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjQ0M2NmMzMzOTI4MGJlMWFiNWY2ZTVmYzI3MDUwNzE0YzFhNGM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/Qa5dKJWs6wV108z7fL8p4q1Qur q46ewALejXhUU2yaTqgVP07AL+9x5u1OL/xDdtGj6Lrx1bnYQUdULltIWKHYI9qh DK3xjM3et1J5cGFJs57G4NYE6hPt+liovcdmhdVpd4JObwDBTsNrvnm5MUTDBElW A9nlsb0ZbcQ5isggpJ5yIYRVXYy9K8Y0FgivC3Vq4ZLYXzLecQY9Eshh7rlFpmde 1dniglxtXt4HzK/aTcIj6R2J4xxgEPigLpXKb8zIjJw1artwD7C/8oCcARHSLyVB NvxTMRZtRpBXd2Q2MVUmaCjTd18QO6xdMu70rFsx11VfHQAN09vOsH1/SwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIZEPPMzkoC+GrX25fwnBQcUwaTGMB8GA1UdIwQY MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt MDYyYzY5MzNhYmVkLzEvaGtRODh6T1NnTDRhdGZibF9DY0ZCeFRCcE1ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXap0AwQC Xy7UMA0GCSqGSIb3DQEBCwUAA4IBAQApISOiknY7Qa+Wrmfbjrd0AKh0oololTBx LPL488fwQB7uzleVyDOXHblmMjXD8ByIBJvwOrLwMvKk0KYBnfDXYN/p5fBxQJ83 gPwXAXQL9E18OB10KmfGqz8qy6QjUVdOFJl8LIsspQKm+B9hZq6Vz1T769A75KSU bstLEfDsdl1UCw7dejB758OKu0ZyThhBP6DsN5h9K9Xle87NHaHHi6WpM9q3qev+ mbtJ3ObghfR8hng2Tonsa5SVfn6J2x8TnXLXuvzJMoIIB67BFGVRamo1uebtPbG3 jsTb9j15ru6yCbPW83dPt7oVIG4HHjyjRaxjT/VyhMtllJfkYhz1 -----END CERTIFICATE-----Generated at Sun Jan 25 20:46:19 2026 by rpki-client