This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/L-HwD3a1YvSj02j1QCP8hdaPo2Q.roa File: L-HwD3a1YvSj02j1QCP8hdaPo2Q.roa (raw, json) Hash identifier: 5Wk7yg6Zqe4Rx0Uz4L8PVzxHV08SwQbCHKVJQ29cOi4= Subject key identifier: 2F:E1:F0:0F:76:B5:62:F4:A3:D3:68:F5:40:23:FC:85:D6:8F:A3:64 Certificate issuer: /CN=aafc41aafbbccaa96711849745ef722a5260ac7e Certificate serial: 019B7C122926A04434E9DC020FA5FC8F51D4 Authority key identifier: AA:FC:41:AA:FB:BC:CA:A9:67:11:84:97:45:EF:72:2A:52:60:AC:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvxBqvu8yqlnEYSXRe9yKlJgrH4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/L-HwD3a1YvSj02j1QCP8hdaPo2Q.roa Signing time: Fri 02 Jan 2026 00:18:43 +0000 ROA not before: Fri 02 Jan 2026 00:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31027 IP address blocks: 45.67.92.0/22 maxlen: 24 2a09:7440::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/qvxBqvu8yqlnEYSXRe9yKlJgrH4.crl rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/qvxBqvu8yqlnEYSXRe9yKlJgrH4.mft rsync://rpki.ripe.net/repository/DEFAULT/qvxBqvu8yqlnEYSXRe9yKlJgrH4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:29:26:a0:44:34:e9:dc:02:0f:a5:fc:8f:51:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aafc41aafbbccaa96711849745ef722a5260ac7e Validity Not Before: Jan 2 00:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2fe1f00f76b562f4a3d368f54023fc85d68fa364 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5b:28:21:b2:36:0d:27:fd:dd:8e:74:3e:ea: 66:80:d6:7e:be:08:47:40:b1:3e:e2:12:78:4a:5d: 36:f0:8f:df:5d:61:6c:df:20:4b:0c:43:f1:1e:e3: d0:89:45:df:6b:a0:e2:04:70:3a:fb:a1:77:ae:67: 28:74:75:f2:2e:51:81:b0:ca:7e:92:fe:36:b7:dc: e3:dd:3f:e9:d3:12:df:59:cd:9a:9b:63:94:5d:33: 60:82:c8:6f:94:8f:8f:0a:d2:01:5c:5d:ea:ad:d3: 33:c5:c3:e8:f6:c1:40:5f:e7:96:2d:ae:28:29:8b: 9a:d1:e9:c2:36:17:77:2d:50:d4:17:60:14:61:d8: 02:1f:90:1b:e9:94:5d:f9:30:19:b7:96:07:ce:23: 2f:ca:35:27:20:ca:d3:22:d6:9e:4c:18:58:99:e3: 3b:5e:13:c2:f3:f7:6d:c4:5b:d9:43:3e:78:05:ad: 26:83:16:74:27:0a:fc:44:1a:74:53:7a:06:d4:46: 2b:b7:b8:b9:ba:e2:63:b8:cb:3d:de:b1:47:4e:b9: cb:11:1e:2b:d7:ab:95:33:55:a5:c2:8f:9a:fb:1e: cb:07:ef:a2:5a:5b:10:a3:7b:41:0d:bf:92:b1:f2: 7d:5a:6d:56:32:4f:dd:92:0a:e6:23:39:14:b6:75: 36:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:E1:F0:0F:76:B5:62:F4:A3:D3:68:F5:40:23:FC:85:D6:8F:A3:64 X509v3 Authority Key Identifier: keyid:AA:FC:41:AA:FB:BC:CA:A9:67:11:84:97:45:EF:72:2A:52:60:AC:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvxBqvu8yqlnEYSXRe9yKlJgrH4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/L-HwD3a1YvSj02j1QCP8hdaPo2Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/qvxBqvu8yqlnEYSXRe9yKlJgrH4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.92.0/22 IPv6: 2a09:7440::/32 Signature Algorithm: sha256WithRSAEncryption 8e:31:b1:9b:57:3e:12:b5:48:31:60:15:16:d8:6f:36:40:b5: c9:e4:a6:a5:b3:75:1b:12:a1:2a:9c:0c:5c:c0:a7:90:fd:e4: b5:d6:6a:ec:3f:75:0c:8a:ed:0f:a7:05:42:80:0c:bd:de:4d: 25:2b:1a:11:03:c5:e3:cf:b3:ea:9d:13:cc:92:f3:85:97:8d: 13:77:f2:ea:61:4b:b0:11:3e:c6:37:ad:14:40:5d:ca:3c:f1: 71:34:77:80:25:b2:44:c6:d1:e8:3d:33:3d:ef:9d:b6:69:cf: f2:b8:46:dc:1f:0f:40:33:8f:b4:10:19:d4:83:37:2b:f8:96: 40:d8:09:2e:5c:c6:cc:4f:af:b6:98:e3:04:3a:e5:c3:b8:7e: 28:0f:94:b3:74:9f:e8:66:11:76:d1:e2:2d:a4:3b:5c:65:2b: a5:83:3f:09:e1:bc:e4:f1:45:2d:4f:47:33:3e:16:dd:ee:74: 1e:b2:d7:5c:3f:b1:b5:94:54:7f:96:b3:0b:45:29:b3:d3:f9: 3e:0e:24:eb:40:10:a0:03:03:7c:87:75:2f:14:69:c6:74:2f: 5f:e0:63:4b:57:96:ea:16:e0:45:24:20:b2:8a:2b:d1:81:1f: 82:5e:84:7a:d9:d2:a2:8c:cd:9c:50:45:59:a3:fd:c3:07:d8: ee:c8:b7:68 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8EikmoEQ06dwCD6X8j1HUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhZmM0MWFhZmJiY2NhYTk2NzExODQ5NzQ1ZWY3MjJhNTI2 MGFjN2UwHhcNMjYwMTAyMDAxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZmUxZjAwZjc2YjU2MmY0YTNkMzY4ZjU0MDIzZmM4NWQ2OGZhMzY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFsoIbI2DSf93Y50PupmgNZ+vghH QLE+4hJ4Sl028I/fXWFs3yBLDEPxHuPQiUXfa6DiBHA6+6F3rmcodHXyLlGBsMp+ kv42t9zj3T/p0xLfWc2am2OUXTNggshvlI+PCtIBXF3qrdMzxcPo9sFAX+eWLa4o KYua0enCNhd3LVDUF2AUYdgCH5Ab6ZRd+TAZt5YHziMvyjUnIMrTItaeTBhYmeM7 XhPC8/dtxFvZQz54Ba0mgxZ0Jwr8RBp0U3oG1EYrt7i5uuJjuMs93rFHTrnLER4r 16uVM1Wlwo+a+x7LB++iWlsQo3tBDb+SsfJ9Wm1WMk/dkgrmIzkUtnU2EwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFC/h8A92tWL0o9No9UAj/IXWj6NkMB8GA1UdIwQY MBaAFKr8Qar7vMqpZxGEl0XvcipSYKx+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXZ4QnF2dTh5cWxuRVlTWFJlOXlLbEpnckg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85ZmRkZDQtNTI2YS00ODA3LWIxMjct MWJjMzFjNjI0MDFmLzEvTC1Id0QzYTFZdlNqMDJqMVFDUDhoZGFQbzJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS85ZmRkZDQtNTI2YS00ODA3LWIxMjctMWJjMzFjNjI0MDFm LzEvcXZ4QnF2dTh5cWxuRVlTWFJlOXlLbEpnckg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUNcMA0E AgACMAcDBQAqCXRAMA0GCSqGSIb3DQEBCwUAA4IBAQCOMbGbVz4StUgxYBUW2G82 QLXJ5Kals3UbEqEqnAxcwKeQ/eS11mrsP3UMiu0PpwVCgAy93k0lKxoRA8Xjz7Pq nRPMkvOFl40Td/LqYUuwET7GN60UQF3KPPFxNHeAJbJExtHoPTM97522ac/yuEbc Hw9AM4+0EBnUgzcr+JZA2AkuXMbMT6+2mOMEOuXDuH4oD5SzdJ/oZhF20eItpDtc ZSulgz8J4bzk8UUtT0czPhbd7nQestdcP7G1lFR/lrMLRSmz0/k+DiTrQBCgAwN8 h3UvFGnGdC9f4GNLV5bqFuBFJCCyiivRgR+CXoR62dKijM2cUEVZo/3DB9juyLdo -----END CERTIFICATE-----Generated at Mon Jan 26 01:41:56 2026 by rpki-client