This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hiOQSBdS2DRbOgKFoMoP7iKhKPs.roa File: hiOQSBdS2DRbOgKFoMoP7iKhKPs.roa (raw, json) Hash identifier: j5f0I5DLadnNwscMqYSYZ5CP+jl5XYXJweeFVga4Wow= Subject key identifier: 86:23:90:48:17:52:D8:34:5B:3A:02:85:A0:CA:0F:EE:22:A1:28:FB Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343 Certificate serial: 019B7C12151AA33794EEAFB3DAB704412028 Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hiOQSBdS2DRbOgKFoMoP7iKhKPs.roa Signing time: Fri 02 Jan 2026 00:18:38 +0000 ROA not before: Fri 02 Jan 2026 00:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43758 IP address blocks: 91.198.146.0/24 maxlen: 24 91.213.206.0/24 maxlen: 24 91.224.38.0/23 maxlen: 24 91.225.28.0/22 maxlen: 24 185.180.208.0/22 maxlen: 24 2001:67c:2e0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.mft rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 09:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:15:1a:a3:37:94:ee:af:b3:da:b7:04:41:20:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343 Validity Not Before: Jan 2 00:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=862390481752d8345b3a0285a0ca0fee22a128fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:82:7b:29:85:fd:66:16:cc:3f:bf:61:50:f8:6a: 46:b3:d4:ca:e6:48:1a:42:27:1e:24:62:0e:a5:e4: 8d:c7:f1:1a:26:87:ef:e4:fe:a3:ef:eb:0d:c7:5f: c1:46:5f:38:1c:95:f3:6d:25:00:f5:7a:17:11:5b: c1:cf:46:3c:c9:9e:7f:ff:09:18:c3:6c:e0:a0:89: 4f:f2:e6:40:ee:92:57:26:15:df:30:2b:21:51:01: ba:5e:72:63:7f:64:00:18:ff:e1:2a:25:79:2c:d6: 9f:00:08:48:f1:cc:db:32:d1:2e:a0:81:4d:ec:4c: 3e:25:75:0b:54:fa:1d:90:db:f4:8e:df:94:03:09: 70:fe:03:8d:f2:10:c8:3a:ff:4d:54:21:2a:ca:7a: 26:fc:c2:f8:f7:ac:ef:7d:c6:fc:69:a0:19:1b:bc: b4:e3:e0:ff:ae:e7:61:2c:63:27:90:43:1b:ec:7d: d4:92:03:ed:31:ed:9d:12:05:c5:41:9b:d5:01:cb: 4f:66:90:e8:49:9a:8d:7f:84:b6:aa:f6:06:aa:d4: 19:5d:40:99:74:81:f5:bc:cf:cf:e9:f0:7c:04:85: 82:05:4e:5f:f5:db:15:49:66:af:f6:c5:65:c9:d7: 87:c3:ba:f7:a2:ea:c1:eb:7c:26:ea:0e:c7:60:0a: 01:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:23:90:48:17:52:D8:34:5B:3A:02:85:A0:CA:0F:EE:22:A1:28:FB X509v3 Authority Key Identifier: keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hiOQSBdS2DRbOgKFoMoP7iKhKPs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.198.146.0/24 91.213.206.0/24 91.224.38.0/23 91.225.28.0/22 185.180.208.0/22 IPv6: 2001:67c:2e0::/48 Signature Algorithm: sha256WithRSAEncryption 20:9e:ac:f8:0e:15:d0:3c:ed:22:79:30:6e:6d:11:c5:2c:da: be:b6:07:d8:5e:97:8e:f8:06:4e:b3:90:a0:76:f4:52:ae:44: 5b:e9:8c:f7:65:e7:10:97:5a:3e:3b:a6:13:32:66:96:13:aa: fe:b0:55:96:96:a2:d9:8c:4a:e8:ff:58:9d:4b:02:e8:92:ad: bd:59:73:09:7f:34:a8:b5:29:f6:44:27:62:8f:c7:65:94:a8: db:51:ad:6b:11:bd:f9:47:4a:e1:a3:ee:d9:c7:fd:45:39:97: 8a:dd:8f:8c:cf:29:5a:9d:9f:18:34:19:4b:cb:a7:44:a1:d3: 9f:66:a4:ba:58:58:cb:13:68:b8:b3:34:11:27:9b:54:08:c8: 8e:78:9f:0e:fa:12:d9:73:5e:63:91:24:57:6e:e8:67:0f:41: 53:3c:74:37:82:06:e2:d9:5a:5d:5a:4b:68:65:58:29:88:d0: 72:51:da:f1:f7:b0:79:f1:4f:f9:8d:88:18:dc:fa:3e:15:56: 74:23:83:d5:6f:d8:76:2d:87:55:ef:1e:ba:ec:9c:2b:34:90: e4:e3:a9:a8:9b:ba:a8:45:f2:db:33:20:88:20:ac:36:24:6d: d2:dc:4a:f8:fe:0f:4d:b7:d4:7f:ad:4d:84:fa:c3:64:c5:af: e9:11:02:f3 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt8EhUaozeU7q+z2rcEQSAoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw N2IzNDMwHhcNMjYwMTAyMDAxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjIzOTA0ODE3NTJkODM0NWIzYTAyODVhMGNhMGZlZTIyYTEyOGZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnsphf1mFsw/v2FQ+GpGs9TK5kga QiceJGIOpeSNx/EaJofv5P6j7+sNx1/BRl84HJXzbSUA9XoXEVvBz0Y8yZ5//wkY w2zgoIlP8uZA7pJXJhXfMCshUQG6XnJjf2QAGP/hKiV5LNafAAhI8czbMtEuoIFN 7Ew+JXULVPodkNv0jt+UAwlw/gON8hDIOv9NVCEqynom/ML496zvfcb8aaAZG7y0 4+D/rudhLGMnkEMb7H3UkgPtMe2dEgXFQZvVActPZpDoSZqNf4S2qvYGqtQZXUCZ dIH1vM/P6fB8BIWCBU5f9dsVSWav9sVlydeHw7r3ourB63wm6g7HYAoBAQIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFIYjkEgXUtg0WzoChaDKD+4ioSj7MB8GA1UdIwQY MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt Mjk3ZTI4MmQ2NmE4LzEvaGlPUVNCZFMyRFJiT2dLRm9Nb1A3aUtoS1BzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4 LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW8aSAwQA W9XOAwQBW+AmAwQCW+EcAwQCubTQMA8EAgACMAkDBwAgAQZ8AuAwDQYJKoZIhvcN AQELBQADggEBACCerPgOFdA87SJ5MG5tEcUs2r62B9hel474Bk6zkKB29FKuRFvp jPdl5xCXWj47phMyZpYTqv6wVZaWotmMSuj/WJ1LAuiSrb1Zcwl/NKi1KfZEJ2KP x2WUqNtRrWsRvflHSuGj7tnH/UU5l4rdj4zPKVqdnxg0GUvLp0Sh059mpLpYWMsT aLizNBEnm1QIyI54nw76EtlzXmORJFdu6GcPQVM8dDeCBuLZWl1aS2hlWCmI0HJR 2vH3sHnxT/mNiBjc+j4VVnQjg9Vv2HYth1XvHrrsnCs0kOTjqaibuqhF8tszIIgg rDYkbdLcSvj+D0231H+tTYT6w2TFr+kRAvM= -----END CERTIFICATE-----Generated at Mon Jan 26 12:37:15 2026 by rpki-client