This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/hu91eptdAFd4k7N2X-lYRfqIVrc.roa File: hu91eptdAFd4k7N2X-lYRfqIVrc.roa (raw, json) Hash identifier: kln7Y6L3wRP0u8/zb61+91BrSDoi8uK+w6C+NBr2dw4= Subject key identifier: 86:EF:75:7A:9B:5D:00:57:78:93:B3:76:5F:E9:58:45:FA:88:56:B7 Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Certificate serial: 019B797F228E96075061E0767B4B0B029BA3 Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/hu91eptdAFd4k7N2X-lYRfqIVrc.roa Signing time: Thu 01 Jan 2026 12:18:53 +0000 ROA not before: Thu 01 Jan 2026 12:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41798 IP address blocks: 170.168.33.0/24 maxlen: 24 170.168.34.0/24 maxlen: 24 170.168.100.0/24 maxlen: 24 170.168.101.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:22:8e:96:07:50:61:e0:76:7b:4b:0b:02:9b:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Validity Not Before: Jan 1 12:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=86ef757a9b5d00577893b3765fe95845fa8856b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:26:d8:61:ab:c2:6d:00:7b:a6:5a:77:d1:3c: 9c:c1:47:9e:98:70:b0:c5:12:7e:de:fa:f6:d3:27: d2:3a:4f:10:cb:4d:7c:49:7b:a5:d4:f8:fc:03:50: f9:32:28:aa:fa:00:4b:0b:5b:da:dc:fd:5f:a8:0b: 1f:fc:63:8d:d4:66:4b:0a:ec:0a:53:0c:17:ea:2f: ca:b7:94:57:83:ad:59:0d:72:67:65:14:5e:89:e0: 91:9b:88:d8:14:6e:ee:84:03:b8:30:2b:e4:64:0c: 8a:ae:2e:e3:d2:4e:21:cb:99:d0:d6:fb:16:74:02: ba:7c:6d:9c:f0:38:c2:a7:e1:40:91:e9:e0:99:2e: 9b:8e:42:27:26:ea:21:37:09:38:ac:b7:c9:4f:e3: 46:d3:ba:6f:e9:c3:b9:f6:cc:b6:2e:94:b9:db:ef: 6f:6b:9c:9b:58:93:90:61:68:b3:61:65:49:50:84: 7d:84:44:b1:e2:de:cc:01:87:16:b9:79:26:4a:4e: 66:a0:6b:d7:c2:56:d1:a7:6f:48:9a:e0:f1:d9:63: ea:3f:3f:4c:80:d0:6a:c8:57:e4:c5:6c:89:a3:d2: b0:c2:68:43:ae:53:3a:15:9e:31:49:c4:df:12:eb: cf:03:c8:2c:87:2d:0b:9a:18:3d:36:de:f6:21:4d: 6e:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:EF:75:7A:9B:5D:00:57:78:93:B3:76:5F:E9:58:45:FA:88:56:B7 X509v3 Authority Key Identifier: keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/hu91eptdAFd4k7N2X-lYRfqIVrc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 170.168.33.0-170.168.34.255 170.168.100.0/23 Signature Algorithm: sha256WithRSAEncryption 13:b6:c0:fb:60:74:49:b5:b9:95:c4:fa:63:01:9b:5c:d6:4a: 54:b9:b7:92:63:48:81:f7:6f:95:13:45:68:cf:30:ff:0f:5a: 5d:cf:d4:a5:ac:22:91:eb:c7:37:ae:73:cd:af:2a:15:27:6c: b7:ee:d1:36:84:b4:e1:36:e7:14:04:6e:89:f4:96:19:cd:6a: 0a:95:7b:b5:c6:5e:f8:54:a3:46:58:b7:c0:b1:0d:69:4f:1e: 2d:36:3f:d4:33:f0:8d:56:6a:c6:78:6a:b8:c1:bb:95:1c:f1: c1:fa:e0:76:ff:46:4d:3d:25:60:4d:e1:2a:88:4b:be:d8:46: 2b:b3:13:3e:47:89:32:3e:a7:16:92:63:1a:06:56:0a:d7:ba: b1:18:6c:11:4b:59:3f:b2:10:f2:cc:07:f3:54:1e:cb:0f:3a: 80:27:b3:85:7a:8b:4f:bc:4c:29:cb:69:53:3c:ba:3d:f1:8f: 9f:04:99:22:0b:b5:42:61:89:33:f5:56:77:c9:dd:78:7e:bc: 25:74:d1:70:c3:d1:ee:60:81:33:87:ab:6d:f0:a5:85:98:28: b6:78:21:64:d4:0d:b0:ec:a9:52:4f:af:c0:75:da:6b:de:12: 31:1f:63:1c:46:48:66:42:8a:b6:90:6e:9b:d6:f3:96:4b:1b: 45:f7:3c:25 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt5fyKOlgdQYeB2e0sLApujMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh MGYwY2UwHhcNMjYwMTAxMTIxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NmVmNzU3YTliNWQwMDU3Nzg5M2IzNzY1ZmU5NTg0NWZhODg1NmI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzybYYavCbQB7plp30TycwUeemHCw xRJ+3vr20yfSOk8Qy018SXul1Pj8A1D5Miiq+gBLC1va3P1fqAsf/GON1GZLCuwK UwwX6i/Kt5RXg61ZDXJnZRReieCRm4jYFG7uhAO4MCvkZAyKri7j0k4hy5nQ1vsW dAK6fG2c8DjCp+FAkengmS6bjkInJuohNwk4rLfJT+NG07pv6cO59sy2LpS52+9v a5ybWJOQYWizYWVJUIR9hESx4t7MAYcWuXkmSk5moGvXwlbRp29ImuDx2WPqPz9M gNBqyFfkxWyJo9KwwmhDrlM6FZ4xScTfEuvPA8gshy0Lmhg9Nt72IU1u7wIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFIbvdXqbXQBXeJOzdl/pWEX6iFa3MB8GA1UdIwQY MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et YTY2N2JiNzY1MDYwLzEvaHU5MWVwdGRBRmQ0azdOMlgtbFlSZnFJVnJjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACqqCED BACqqCIDBAGqqGQwDQYJKoZIhvcNAQELBQADggEBABO2wPtgdEm1uZXE+mMBm1zW SlS5t5JjSIH3b5UTRWjPMP8PWl3P1KWsIpHrxzeuc82vKhUnbLfu0TaEtOE25xQE bon0lhnNagqVe7XGXvhUo0ZYt8CxDWlPHi02P9Qz8I1WasZ4arjBu5Uc8cH64Hb/ Rk09JWBN4SqIS77YRiuzEz5HiTI+pxaSYxoGVgrXurEYbBFLWT+yEPLMB/NUHssP OoAns4V6i0+8TCnLaVM8uj3xj58EmSILtUJhiTP1VnfJ3Xh+vCV00XDD0e5ggTOH q23wpYWYKLZ4IWTUDbDsqVJPr8B12mveEjEfYxxGSGZCiraQbpvW85ZLG0X3PCU= -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:41 2026 by rpki-client