This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/HXOFYv-072FsOVg35mkckEgbyio.roa File: HXOFYv-072FsOVg35mkckEgbyio.roa (raw, json) Hash identifier: rr27UIRFNz1qEQQUakpKnuloBOEhVERRXmaajk2GDbc= Subject key identifier: 1D:73:85:62:FF:B4:EF:61:6C:39:58:37:E6:69:1C:90:48:1B:CA:2A Certificate issuer: /CN=d3592aac489522d5db18fd6391e035a9778ea3b1 Certificate serial: 019B7C7FC6857FB6A2ACA6D7605DB4AF5069 Authority key identifier: D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/HXOFYv-072FsOVg35mkckEgbyio.roa Signing time: Fri 02 Jan 2026 02:18:27 +0000 ROA not before: Fri 02 Jan 2026 02:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33876 IP address blocks: 91.198.47.0/24 maxlen: 24 94.126.168.0/21 maxlen: 24 176.61.144.0/21 maxlen: 21 176.111.104.0/22 maxlen: 22 176.111.104.0/24 maxlen: 24 185.11.164.0/22 maxlen: 24 185.12.116.0/22 maxlen: 24 185.76.4.0/22 maxlen: 24 194.8.30.0/24 maxlen: 24 2a03:8bc0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.mft rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:c6:85:7f:b6:a2:ac:a6:d7:60:5d:b4:af:50:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3592aac489522d5db18fd6391e035a9778ea3b1 Validity Not Before: Jan 2 02:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1d738562ffb4ef616c395837e6691c90481bca2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:4b:e8:a5:c8:0c:6f:1a:90:e9:ca:ac:14:26: cc:19:c7:e7:e6:7c:ff:5b:50:17:3c:61:c6:41:d4: 35:98:24:de:b7:c0:36:a3:0d:2c:45:dd:c1:10:e8: bc:2c:bf:a0:fc:73:b5:2e:f0:16:7c:59:56:f1:7a: df:3d:31:66:01:f2:08:b7:c3:5b:0b:f4:2e:1d:d5: 74:d6:73:b9:55:67:28:da:37:ec:8f:a0:42:42:d7: 0b:c4:18:85:25:cb:2d:67:ca:c1:00:19:38:65:eb: 79:dc:29:cd:a5:16:f7:24:53:8e:98:13:c2:ac:bf: 30:85:df:de:68:c5:9b:23:77:e7:92:e8:7c:5e:ad: 70:9f:bd:83:ef:62:fa:60:cc:70:fb:1e:9c:aa:67: 33:b8:68:31:a0:e7:2e:b3:0c:b4:ca:14:cc:90:e8: fc:dc:fd:50:33:1b:c3:94:a3:ab:11:da:66:6e:1c: e9:ea:c4:a4:f5:51:8a:b1:80:68:a0:8c:1e:95:13: 46:f6:0e:64:74:50:79:66:50:dd:ac:33:41:e6:37: 94:38:10:a4:69:8d:c1:db:3e:7a:cb:56:a7:6b:0c: a4:62:33:93:1e:30:6a:43:63:35:12:76:ac:ca:8f: b5:31:e8:8f:8c:73:3f:2a:31:6f:40:02:e9:4b:7b: 20:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:73:85:62:FF:B4:EF:61:6C:39:58:37:E6:69:1C:90:48:1B:CA:2A X509v3 Authority Key Identifier: keyid:D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/HXOFYv-072FsOVg35mkckEgbyio.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.198.47.0/24 94.126.168.0/21 176.61.144.0/21 176.111.104.0/22 185.11.164.0/22 185.12.116.0/22 185.76.4.0/22 194.8.30.0/24 IPv6: 2a03:8bc0::/32 Signature Algorithm: sha256WithRSAEncryption 66:9e:c5:63:ac:25:ba:13:db:8c:38:26:fd:70:56:c9:2f:5a: fe:39:fa:b2:81:c9:bc:2d:6a:f2:b0:bd:d3:96:79:19:33:bb: 8f:7e:b8:05:84:c7:49:3d:34:a4:01:aa:90:80:d3:a9:50:7a: c0:fa:59:c6:dc:ce:02:14:4d:de:a8:3d:73:36:1d:5d:f7:fc: 54:2c:66:bd:75:ad:d3:58:16:e6:6b:81:26:3e:3c:13:9e:85: d9:dd:8f:e6:b1:aa:c5:03:24:1a:3c:d5:5b:3c:1e:d1:46:c8: 37:b0:c8:f9:65:25:32:b9:02:3f:49:18:7b:8d:57:61:87:e5: a0:8c:3a:7f:c0:c5:6a:7c:ca:7f:80:de:64:cd:22:a7:b4:c8: da:8c:62:e9:34:3b:be:7a:84:62:36:10:21:72:19:4c:d8:7e: 4e:77:85:17:f7:b1:03:4c:6c:1d:a6:56:e1:6f:b2:c4:d3:a5: ec:04:96:dc:85:9e:1b:62:42:11:9e:14:24:26:a0:77:6c:a4: 33:0b:a7:6b:bf:7f:0a:a2:15:b3:84:2b:00:95:b8:cb:41:b0: a5:d6:0a:55:29:b3:77:84:85:fa:2f:ef:40:8d:00:0b:ef:0a: be:77:1c:ea:f3:b5:c8:02:67:ab:dc:af:d9:f5:3c:ff:14:4b: 99:7c:56:28 -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt8f8aFf7airKbXYF20r1BpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNTkyYWFjNDg5NTIyZDVkYjE4ZmQ2MzkxZTAzNWE5Nzc4 ZWEzYjEwHhcNMjYwMTAyMDIxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZDczODU2MmZmYjRlZjYxNmMzOTU4MzdlNjY5MWM5MDQ4MWJjYTJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUvopcgMbxqQ6cqsFCbMGcfn5nz/ W1AXPGHGQdQ1mCTet8A2ow0sRd3BEOi8LL+g/HO1LvAWfFlW8XrfPTFmAfIIt8Nb C/QuHdV01nO5VWco2jfsj6BCQtcLxBiFJcstZ8rBABk4Zet53CnNpRb3JFOOmBPC rL8whd/eaMWbI3fnkuh8Xq1wn72D72L6YMxw+x6cqmczuGgxoOcuswy0yhTMkOj8 3P1QMxvDlKOrEdpmbhzp6sSk9VGKsYBooIwelRNG9g5kdFB5ZlDdrDNB5jeUOBCk aY3B2z56y1anawykYjOTHjBqQ2M1Enasyo+1MeiPjHM/KjFvQALpS3sgYQIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFB1zhWL/tO9hbDlYN+ZpHJBIG8oqMB8GA1UdIwQY MBaAFNNZKqxIlSLV2xj9Y5HgNal3jqOxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUt ZTMzYWUxMDZiNTRkLzEvSFhPRll2LTA3MkZzT1ZnMzVta2NrRWdieWlvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUtZTMzYWUxMDZiNTRk LzEvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQAW8YvAwQD Xn6oAwQDsD2QAwQCsG9oAwQCuQukAwQCuQx0AwQCuUwEAwQAwggeMA0EAgACMAcD BQAqA4vAMA0GCSqGSIb3DQEBCwUAA4IBAQBmnsVjrCW6E9uMOCb9cFbJL1r+Ofqy gcm8LWrysL3TlnkZM7uPfrgFhMdJPTSkAaqQgNOpUHrA+lnG3M4CFE3eqD1zNh1d 9/xULGa9da3TWBbma4EmPjwTnoXZ3Y/msarFAyQaPNVbPB7RRsg3sMj5ZSUyuQI/ SRh7jVdhh+WgjDp/wMVqfMp/gN5kzSKntMjajGLpNDu+eoRiNhAhchlM2H5Od4UX 97EDTGwdplbhb7LE06XsBJbchZ4bYkIRnhQkJqB3bKQzC6drv38KohWzhCsAlbjL QbCl1gpVKbN3hIX6L+9AjQAL7wq+dxzq87XIAmer3K/Z9Tz/FEuZfFYo -----END CERTIFICATE-----Generated at Mon Jan 26 05:30:40 2026 by rpki-client