This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/HQm537DA2Rt_gLXH5dIBcaR4gcY.roa File: HQm537DA2Rt_gLXH5dIBcaR4gcY.roa (raw, json) Hash identifier: A6esoRRzZBkkNQYtZos5wiiS1Mq3h7ghGv25Qr0rnQ0= Subject key identifier: 1D:09:B9:DF:B0:C0:D9:1B:7F:80:B5:C7:E5:D2:01:71:A4:78:81:C6 Certificate issuer: /CN=bf1b489e6d9b8c7d83ca1e727a5984dbe577afbc Certificate serial: 019B7EA6D6F815F48ABD2BF41BACCAFE37A3 Authority key identifier: BF:1B:48:9E:6D:9B:8C:7D:83:CA:1E:72:7A:59:84:DB:E5:77:AF:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxtInm2bjH2Dyh5yelmE2-V3r7w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/HQm537DA2Rt_gLXH5dIBcaR4gcY.roa Signing time: Fri 02 Jan 2026 12:20:21 +0000 ROA not before: Fri 02 Jan 2026 12:20:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47721 IP address blocks: 91.241.55.0/24 maxlen: 24 146.19.74.0/24 maxlen: 24 185.124.84.0/24 maxlen: 24 185.124.85.0/24 maxlen: 24 185.124.86.0/24 maxlen: 24 185.124.87.0/24 maxlen: 24 193.9.51.0/24 maxlen: 24 195.96.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/vxtInm2bjH2Dyh5yelmE2-V3r7w.crl rsync://rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/vxtInm2bjH2Dyh5yelmE2-V3r7w.mft rsync://rpki.ripe.net/repository/DEFAULT/vxtInm2bjH2Dyh5yelmE2-V3r7w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:d6:f8:15:f4:8a:bd:2b:f4:1b:ac:ca:fe:37:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bf1b489e6d9b8c7d83ca1e727a5984dbe577afbc Validity Not Before: Jan 2 12:20:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1d09b9dfb0c0d91b7f80b5c7e5d20171a47881c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:0d:f9:21:de:28:41:ba:4a:56:87:d2:78:52: 2c:19:18:18:8b:2c:20:33:2a:19:bf:58:38:af:cf: 75:80:1b:e7:a3:9b:f9:39:37:a2:73:24:30:aa:90: fd:d0:8d:fe:ce:85:2d:78:44:0b:bd:99:51:8e:c2: f2:73:e1:a5:30:bf:4e:09:26:91:cd:43:d8:b7:e9: 97:57:b3:ee:8f:29:a8:3d:d8:1e:74:94:f3:de:73: 9e:00:de:04:21:03:50:b4:7b:6d:da:08:c3:6a:f2: 4c:b0:4c:16:f0:c1:d0:63:c3:a2:46:af:b6:6e:e4: f0:bd:20:e0:ee:05:86:59:da:8d:a5:86:6b:15:fb: 00:a2:68:c2:6c:a4:d4:b0:9b:b7:38:9e:c6:ed:73: 2f:fe:78:ed:90:fd:be:2d:0c:02:2c:75:be:f8:86: 9e:79:34:c7:3f:94:99:e5:6c:ab:b3:6c:a5:92:f8: 2e:8b:a1:63:2b:51:ed:f6:fd:71:23:86:0d:1a:8c: 21:a1:60:aa:67:50:62:28:02:44:4b:6a:96:85:16: 5c:14:c5:74:08:3a:d6:6e:dc:8f:4b:55:58:8c:5a: 80:b0:44:fe:58:8b:81:9e:ec:03:5d:05:bc:ac:67: 50:48:d2:1e:f6:14:d8:f1:96:9c:4e:a7:f3:f1:b5: de:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:09:B9:DF:B0:C0:D9:1B:7F:80:B5:C7:E5:D2:01:71:A4:78:81:C6 X509v3 Authority Key Identifier: keyid:BF:1B:48:9E:6D:9B:8C:7D:83:CA:1E:72:7A:59:84:DB:E5:77:AF:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxtInm2bjH2Dyh5yelmE2-V3r7w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/HQm537DA2Rt_gLXH5dIBcaR4gcY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/vxtInm2bjH2Dyh5yelmE2-V3r7w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.241.55.0/24 146.19.74.0/24 185.124.84.0/22 193.9.51.0/24 195.96.145.0/24 Signature Algorithm: sha256WithRSAEncryption 5f:4e:09:68:7c:67:90:a7:fa:43:a2:74:21:f6:d4:36:b7:21: 7c:e9:c2:cd:7e:43:0f:fb:e7:c9:20:25:4d:ec:a3:3c:01:2e: 59:9a:75:50:34:06:f1:0b:7b:74:b7:3a:a7:f3:e5:28:19:3a: bd:18:9b:6e:d0:78:6e:d3:0c:36:4f:0b:e8:21:16:fc:7e:e6: 62:46:df:7b:cc:f2:5f:ac:75:8d:5d:85:8a:c5:6e:9d:82:e4: 76:fa:f9:b1:da:34:2a:85:2f:5c:6e:38:3f:33:b4:ba:73:8e: 48:fb:11:8e:0c:a7:64:20:7f:b9:b8:1a:01:12:d8:b1:c3:67: 6c:36:b4:5f:c2:52:e2:5c:37:4d:a0:b2:a0:ca:ee:e7:db:fe: 42:c0:90:e4:2b:6e:2c:20:bf:21:80:20:08:f1:a2:1b:17:38: 35:31:51:31:2c:77:63:7c:bb:51:e5:ff:9d:3e:25:18:cc:ce: 7e:ed:3e:f8:99:d0:81:fe:fc:a7:27:c1:78:25:af:79:e7:ce: 16:d6:d5:25:56:54:1a:c5:ec:7a:ff:bc:dc:4c:ed:e9:19:0b: 3c:06:01:a5:69:21:27:ba:09:3d:e6:13:ec:13:c1:04:b8:5c: 92:bb:df:65:85:10:fa:3a:14:c5:95:ce:39:89:a8:e6:b2:a7: 7f:d3:de:fe -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt+ptb4FfSKvSv0G6zK/jejMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmMWI0ODllNmQ5YjhjN2Q4M2NhMWU3MjdhNTk4NGRiZTU3 N2FmYmMwHhcNMjYwMTAyMTIyMDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZDA5YjlkZmIwYzBkOTFiN2Y4MGI1YzdlNWQyMDE3MWE0Nzg4MWM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA35Id4oQbpKVofSeFIsGRgYiywg MyoZv1g4r891gBvno5v5OTeicyQwqpD90I3+zoUteEQLvZlRjsLyc+GlML9OCSaR zUPYt+mXV7PujymoPdgedJTz3nOeAN4EIQNQtHtt2gjDavJMsEwW8MHQY8OiRq+2 buTwvSDg7gWGWdqNpYZrFfsAomjCbKTUsJu3OJ7G7XMv/njtkP2+LQwCLHW++Iae eTTHP5SZ5Wyrs2ylkvgui6FjK1Ht9v1xI4YNGowhoWCqZ1BiKAJES2qWhRZcFMV0 CDrWbtyPS1VYjFqAsET+WIuBnuwDXQW8rGdQSNIe9hTY8ZacTqfz8bXemwIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFB0Jud+wwNkbf4C1x+XSAXGkeIHGMB8GA1UdIwQY MBaAFL8bSJ5tm4x9g8oecnpZhNvld6+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdnh0SW5tMmJqSDJEeWg1eWVsbUUyLVYzcjd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iNDQxY2EtZTc3Yy00MjExLTg3MTIt MTgyY2Q0YWFjNDM2LzEvSFFtNTM3REEyUnRfZ0xYSDVkSUJjYVI0Z2NZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9iNDQxY2EtZTc3Yy00MjExLTg3MTItMTgyY2Q0YWFjNDM2 LzEvdnh0SW5tMmJqSDJEeWg1eWVsbUUyLVYzcjd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW/E3AwQA khNKAwQCuXxUAwQAwQkzAwQAw2CRMA0GCSqGSIb3DQEBCwUAA4IBAQBfTglofGeQ p/pDonQh9tQ2tyF86cLNfkMP++fJICVN7KM8AS5ZmnVQNAbxC3t0tzqn8+UoGTq9 GJtu0Hhu0ww2TwvoIRb8fuZiRt97zPJfrHWNXYWKxW6dguR2+vmx2jQqhS9cbjg/ M7S6c45I+xGODKdkIH+5uBoBEtixw2dsNrRfwlLiXDdNoLKgyu7n2/5CwJDkK24s IL8hgCAI8aIbFzg1MVExLHdjfLtR5f+dPiUYzM5+7T74mdCB/vynJ8F4Ja95584W 1tUlVlQaxex6/7zcTO3pGQs8BgGlaSEnugk95hPsE8EEuFySu99lhRD6OhTFlc45 iajmsqd/097+ -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:46 2026 by rpki-client