This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/hNMQhsjYM6Uq0dSSqIKPHdkys8Y.roa File: hNMQhsjYM6Uq0dSSqIKPHdkys8Y.roa (raw, json) Hash identifier: LTzNdEe/1x0DanrXSog92pL9Bszed1eMmLw8IlaTktM= Subject key identifier: 84:D3:10:86:C8:D8:33:A5:2A:D1:D4:92:A8:82:8F:1D:D9:32:B3:C6 Certificate issuer: /CN=5954b6183e459748c89ee5431b8f31de692ae3b7 Certificate serial: 019B7F1411E9B629EA9D6B47E04E608494FF Authority key identifier: 59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/hNMQhsjYM6Uq0dSSqIKPHdkys8Y.roa Signing time: Fri 02 Jan 2026 14:19:40 +0000 ROA not before: Fri 02 Jan 2026 14:19:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212238 IP address blocks: 84.37.34.0/23 maxlen: 24 84.37.38.0/23 maxlen: 24 84.37.178.0/23 maxlen: 24 84.37.180.0/23 maxlen: 24 84.37.182.0/23 maxlen: 24 84.37.194.0/23 maxlen: 24 84.37.220.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.mft rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:11:e9:b6:29:ea:9d:6b:47:e0:4e:60:84:94:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5954b6183e459748c89ee5431b8f31de692ae3b7 Validity Not Before: Jan 2 14:19:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=84d31086c8d833a52ad1d492a8828f1dd932b3c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:2a:79:1d:8b:57:d4:24:e4:af:cd:8e:e2:8b: 87:6a:4e:27:0c:32:b4:c6:bd:ef:d8:1e:a4:72:b3: 4a:82:ff:2f:7e:52:e3:cf:59:2d:7e:32:21:73:da: 98:9e:17:6b:3f:58:4a:8e:a5:c4:d7:21:19:63:4f: 1e:f1:d5:2a:05:49:0e:e7:97:d5:d4:ef:b0:6a:0c: 06:ce:3a:ae:a2:c8:15:50:a7:6a:ab:e7:97:12:6b: f4:e8:ad:ee:49:12:7a:1b:f1:0a:0f:61:93:c8:17: 31:fa:c7:95:cf:84:bc:76:11:8d:db:4a:a9:f5:06: 05:fc:ce:95:a2:3f:73:0d:84:55:0e:65:f4:3f:5a: 71:01:25:f0:0e:3b:85:40:14:bc:95:e2:0d:88:49: 5b:b2:a2:9e:3f:a5:8e:03:aa:30:50:e0:df:82:ce: 3c:96:cc:47:02:cf:9a:f7:b0:e3:f8:a5:1e:4b:cb: b4:60:66:f4:bd:6f:45:dc:5b:c8:03:0f:7b:c6:d6: b5:c7:4d:f0:19:9f:21:81:fc:3e:a5:2c:2d:e0:cc: 44:ec:df:3a:0f:2b:72:f9:3f:81:04:31:fe:10:a8: 8d:9d:a5:08:81:61:f0:47:a0:90:33:47:b4:b0:f4: cd:8c:4e:79:96:cb:19:b9:62:85:6a:c3:dd:0b:13: f7:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:D3:10:86:C8:D8:33:A5:2A:D1:D4:92:A8:82:8F:1D:D9:32:B3:C6 X509v3 Authority Key Identifier: keyid:59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/hNMQhsjYM6Uq0dSSqIKPHdkys8Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.37.34.0/23 84.37.38.0/23 84.37.178.0-84.37.183.255 84.37.194.0/23 84.37.220.0/23 Signature Algorithm: sha256WithRSAEncryption 76:fc:71:1b:48:60:05:e6:f7:5d:45:eb:cb:ec:be:2b:63:e1: 53:65:7e:f2:5f:16:13:b0:6e:49:43:96:31:60:c1:49:bf:ee: 55:84:11:91:5c:2a:40:68:b0:23:91:f5:fc:e4:84:e1:ae:26: ff:6e:d2:70:a1:0f:1f:11:44:3b:b3:41:28:06:55:5b:cd:45: d4:c3:31:65:7e:b5:8f:32:1c:91:30:be:c0:5c:0b:15:df:b5: ef:aa:0c:cf:3e:07:e4:0c:67:5e:3a:11:2a:fd:b0:cc:a2:96: 29:a3:80:6e:b3:67:88:22:f0:7f:4c:29:73:d2:58:f9:d1:84: fd:2c:db:54:47:d2:46:56:b5:8f:c6:4a:55:f7:05:21:9d:b4: 4a:6b:64:9f:db:e2:6c:89:72:55:55:15:78:93:49:fa:23:31: 4b:25:7f:e9:52:b7:1d:3d:a3:98:6e:bd:ec:1e:c6:30:22:73: e1:65:4c:6f:db:9e:58:1b:05:e5:64:6a:c3:92:30:bd:f0:6f: bf:48:e2:34:d0:05:04:21:2e:4a:ed:06:02:3b:fe:45:35:9e: 9b:7b:c5:2f:b2:2e:c8:e5:6d:f9:ab:33:f1:a8:30:cd:d6:a1: e3:10:27:72:8e:cd:a8:0e:30:a2:f6:84:c3:0a:ba:b7:4f:cd: f4:92:7e:0b -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZt/FBHptinqnWtH4E5ghJT/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU5NTRiNjE4M2U0NTk3NDhjODllZTU0MzFiOGYzMWRlNjky YWUzYjcwHhcNMjYwMTAyMTQxOTQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NGQzMTA4NmM4ZDgzM2E1MmFkMWQ0OTJhODgyOGYxZGQ5MzJiM2M2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyp5HYtX1CTkr82O4ouHak4nDDK0 xr3v2B6kcrNKgv8vflLjz1ktfjIhc9qYnhdrP1hKjqXE1yEZY08e8dUqBUkO55fV 1O+wagwGzjquosgVUKdqq+eXEmv06K3uSRJ6G/EKD2GTyBcx+seVz4S8dhGN20qp 9QYF/M6Voj9zDYRVDmX0P1pxASXwDjuFQBS8leINiElbsqKeP6WOA6owUODfgs48 lsxHAs+a97Dj+KUeS8u0YGb0vW9F3FvIAw97xta1x03wGZ8hgfw+pSwt4MxE7N86 Dyty+T+BBDH+EKiNnaUIgWHwR6CQM0e0sPTNjE55lssZuWKFasPdCxP3DwIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFITTEIbI2DOlKtHUkqiCjx3ZMrPGMB8GA1UdIwQY MBaAFFlUthg+RZdIyJ7lQxuPMd5pKuO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMt ZDJhZGVlZDc1NWQ4LzEvaE5NUWhzallNNlVxMGRTU3FJS1BIZGt5czhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMtZDJhZGVlZDc1NWQ4 LzEvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBVCUiAwQB VCUmMAwDBAFUJbIDBANUJbADBAFUJcIDBAFUJdwwDQYJKoZIhvcNAQELBQADggEB AHb8cRtIYAXm911F68vsvitj4VNlfvJfFhOwbklDljFgwUm/7lWEEZFcKkBosCOR 9fzkhOGuJv9u0nChDx8RRDuzQSgGVVvNRdTDMWV+tY8yHJEwvsBcCxXfte+qDM8+ B+QMZ146ESr9sMyilimjgG6zZ4gi8H9MKXPSWPnRhP0s21RH0kZWtY/GSlX3BSGd tEprZJ/b4myJclVVFXiTSfojMUslf+lStx09o5huvewexjAic+FlTG/bnlgbBeVk asOSML3wb79I4jTQBQQhLkrtBgI7/kU1npt7xS+yLsjlbfmrM/GoMM3WoeMQJ3KO zagOMKL2hMMKurdPzfSSfgs= -----END CERTIFICATE-----Generated at Sun Jan 25 15:12:32 2026 by rpki-client