This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/hAf22SRJwgs0SWkdAxUs95Fa0v0.roa File: hAf22SRJwgs0SWkdAxUs95Fa0v0.roa (raw, json) Hash identifier: 7vak+mJ/sIQOwdjrAkPrbLJTSGMQ1rFuipgFbAcPiHo= Subject key identifier: 84:07:F6:D9:24:49:C2:0B:34:49:69:1D:03:15:2C:F7:91:5A:D2:FD Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250 Certificate serial: 019B7A5B5CB87329D35D2E27335763F61B8D Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/hAf22SRJwgs0SWkdAxUs95Fa0v0.roa Signing time: Thu 01 Jan 2026 16:19:26 +0000 ROA not before: Thu 01 Jan 2026 16:19:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56766 IP address blocks: 31.133.38.0/23 maxlen: 24 31.133.43.0/24 maxlen: 24 176.124.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.mft rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:5c:b8:73:29:d3:5d:2e:27:33:57:63:f6:1b:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250 Validity Not Before: Jan 1 16:19:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8407f6d92449c20b3449691d03152cf7915ad2fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f4:00:e3:44:a1:0e:8d:78:a1:e1:de:12:74: 60:90:4b:b9:99:53:08:f7:9d:58:a0:3c:c9:78:5a: 4c:ef:66:22:20:9e:44:cf:27:dc:be:33:6c:ff:a7: 8f:78:e2:b0:75:c8:41:a4:1f:ea:99:46:2e:bd:98: b3:8c:f7:07:5b:c6:01:82:cd:de:f4:9b:56:fa:1f: c0:ff:6e:ff:83:ea:bd:95:d2:66:61:ca:03:ed:bb: ab:b4:ca:97:78:ef:4e:68:49:2b:0d:d8:1f:16:32: ad:57:0d:7d:f3:fd:34:7e:e9:a0:b6:c6:d2:d8:98: e5:54:33:5c:29:7a:06:a5:bc:3e:fe:16:21:66:96: 79:90:9a:b7:76:a7:b0:61:a4:ef:47:4c:1d:10:65: 2a:ee:e8:aa:70:8b:04:aa:5e:d0:98:c5:43:02:04: 97:78:0e:fe:34:ea:ae:bf:17:ea:d1:5c:e8:0f:2f: 28:04:86:8c:1a:6d:b5:02:73:7f:83:0a:ae:9e:13: db:9a:f1:ef:3d:38:5f:29:23:9e:af:5a:8d:b3:aa: 69:4b:b3:eb:4b:7d:17:7a:bd:34:22:23:58:e1:87: 21:74:bf:86:b6:7c:c5:82:7e:0d:7b:fb:39:ec:79: 01:ef:0d:b2:5a:f0:99:09:31:9f:04:cb:0d:7c:3a: 5a:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:07:F6:D9:24:49:C2:0B:34:49:69:1D:03:15:2C:F7:91:5A:D2:FD X509v3 Authority Key Identifier: keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/hAf22SRJwgs0SWkdAxUs95Fa0v0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.133.38.0/23 31.133.43.0/24 176.124.20.0/24 Signature Algorithm: sha256WithRSAEncryption 4f:77:73:d7:f5:72:f3:a4:6e:2d:3f:5f:62:f5:1f:60:29:02: ac:1c:49:87:c6:a1:bd:42:80:41:dc:0d:a5:16:a3:10:9e:12: 81:e9:41:8e:79:0d:f5:d4:b8:fa:59:d1:7e:c3:22:a3:47:f3: 9d:6f:d5:3f:55:f1:57:90:07:9f:72:86:2d:aa:94:97:05:08: 3b:c4:ad:a0:1e:e5:08:47:51:ce:84:51:20:c6:59:e0:c6:a7: fe:b2:3e:72:11:aa:71:6b:bd:62:f1:86:2a:dd:07:f5:43:b8: d6:fb:f1:18:4b:fb:ed:44:bb:c7:68:91:a1:d4:91:03:68:66: 5c:af:6f:b3:2f:e0:db:30:0b:ea:5b:50:27:20:7a:fb:8b:69: ae:c7:db:b7:66:1a:23:aa:63:a7:e3:62:6c:21:63:52:60:d1: a9:a6:e2:6e:b9:74:08:98:86:e8:55:e1:1b:8b:71:8a:98:c5: 8d:55:28:0c:24:84:5b:97:c5:f0:13:2f:c4:96:ad:27:e8:a5: 8c:b9:56:72:6c:14:26:54:6d:8b:0e:23:71:11:2a:99:f0:f5: bd:16:a3:0e:39:0b:bc:2d:86:73:1f:e4:ab:d9:73:4a:29:51: 18:e9:13:54:cf:92:26:dc:b0:f6:17:33:ac:21:fa:9a:ee:67: f3:86:0a:44 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt6W1y4cynTXS4nM1dj9huNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh NTAyNTAwHhcNMjYwMTAxMTYxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDA3ZjZkOTI0NDljMjBiMzQ0OTY5MWQwMzE1MmNmNzkxNWFkMmZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvQA40ShDo14oeHeEnRgkEu5mVMI 951YoDzJeFpM72YiIJ5EzyfcvjNs/6ePeOKwdchBpB/qmUYuvZizjPcHW8YBgs3e 9JtW+h/A/27/g+q9ldJmYcoD7burtMqXeO9OaEkrDdgfFjKtVw198/00fumgtsbS 2JjlVDNcKXoGpbw+/hYhZpZ5kJq3dqewYaTvR0wdEGUq7uiqcIsEql7QmMVDAgSX eA7+NOquvxfq0VzoDy8oBIaMGm21AnN/gwqunhPbmvHvPThfKSOer1qNs6ppS7Pr S30Xer00IiNY4YchdL+GtnzFgn4Ne/s57HkB7w2yWvCZCTGfBMsNfDpaqwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFIQH9tkkScILNElpHQMVLPeRWtL9MB8GA1UdIwQY MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt YjY2ZmE0ZjQ3NjNhLzEvaEFmMjJTUkp3Z3MwU1drZEF4VXM5NUZhMHYwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH4UmAwQA H4UrAwQAsHwUMA0GCSqGSIb3DQEBCwUAA4IBAQBPd3PX9XLzpG4tP19i9R9gKQKs HEmHxqG9QoBB3A2lFqMQnhKB6UGOeQ311Lj6WdF+wyKjR/Odb9U/VfFXkAefcoYt qpSXBQg7xK2gHuUIR1HOhFEgxlngxqf+sj5yEapxa71i8YYq3Qf1Q7jW+/EYS/vt RLvHaJGh1JEDaGZcr2+zL+DbMAvqW1AnIHr7i2mux9u3ZhojqmOn42JsIWNSYNGp puJuuXQImIboVeEbi3GKmMWNVSgMJIRbl8XwEy/Elq0n6KWMuVZybBQmVG2LDiNx ESqZ8PW9FqMOOQu8LYZzH+Sr2XNKKVEY6RNUz5Im3LD2FzOsIfqa7mfzhgpE -----END CERTIFICATE-----Generated at Mon Jan 26 04:55:36 2026 by rpki-client