This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/hFnmNOKW4VwG1L1cgkH2-7kwQYY.roa File: hFnmNOKW4VwG1L1cgkH2-7kwQYY.roa (raw, json) Hash identifier: pN5OZ7yqB0KQcRu9o2xu1dN+mo2xhCvSiOFOo/LmpdE= Subject key identifier: 84:59:E6:34:E2:96:E1:5C:06:D4:BD:5C:82:41:F6:FB:B9:30:41:86 Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511 Certificate serial: 019B7C8022D52CE34513EBF9E17DBD4B4FEB Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/hFnmNOKW4VwG1L1cgkH2-7kwQYY.roa Signing time: Fri 02 Jan 2026 02:18:50 +0000 ROA not before: Fri 02 Jan 2026 02:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205113 IP address blocks: 86.240.128.0/22 maxlen: 24 86.240.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:22:d5:2c:e3:45:13:eb:f9:e1:7d:bd:4b:4f:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511 Validity Not Before: Jan 2 02:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8459e634e296e15c06d4bd5c8241f6fbb9304186 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:85:de:88:8f:dc:5f:e8:3d:f7:92:7d:d1:ad: d6:45:3e:8b:24:3f:a6:a6:d8:78:73:d9:89:4b:86: 49:c6:9d:cf:3f:e8:76:03:29:a1:3a:7a:ba:e7:0e: 8c:72:68:76:6f:9e:02:78:6e:a0:45:cc:31:fe:3f: 53:ac:9e:ce:ce:f6:1f:3f:32:9f:50:e5:ce:bb:e0: 61:96:47:01:66:96:cf:f5:9f:e8:12:f7:b3:f2:b6: e8:4e:2d:43:9b:dd:87:7e:c1:ea:a4:6a:d3:7b:a9: cd:ea:f0:57:77:8b:5c:e8:a8:69:8a:8d:cf:2e:4d: b5:d2:f2:3b:c8:92:5b:1e:81:27:b2:7b:71:2e:2d: 51:47:fe:ab:c3:cf:be:7d:e3:6c:ac:9b:74:b8:67: 73:20:cb:24:47:85:58:6a:22:07:ca:3a:fa:ce:92: 04:c6:75:3c:5f:86:4d:fc:a8:7d:ba:65:2c:97:05: cd:63:23:33:5f:5a:a3:e0:09:2f:a6:fa:ae:85:de: fb:9f:25:f7:65:7b:bf:73:77:94:eb:e6:98:b3:e8: ae:bc:01:91:96:9d:b6:52:50:c7:2d:65:88:07:2d: 56:16:9e:97:ae:37:a0:5a:0e:6b:8f:58:a2:53:9a: be:69:21:f2:8b:9e:7f:7c:7a:2a:59:ff:2d:24:7c: a9:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:59:E6:34:E2:96:E1:5C:06:D4:BD:5C:82:41:F6:FB:B9:30:41:86 X509v3 Authority Key Identifier: keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/hFnmNOKW4VwG1L1cgkH2-7kwQYY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.240.128.0/22 86.240.240.0/24 Signature Algorithm: sha256WithRSAEncryption ac:9a:06:15:48:c1:26:5f:63:16:56:12:ec:25:c1:f4:1b:7e: 9f:f6:71:65:43:36:4a:5f:51:67:cd:56:9f:58:04:b0:c0:7d: 7c:f5:7a:4d:70:ee:67:df:a7:c6:98:77:e5:5a:5f:fb:22:a8: 3d:14:83:15:ab:88:26:9b:35:83:bf:71:a7:0c:08:d8:39:f4: 61:44:39:1a:6a:26:9d:40:c7:cf:da:5e:73:63:82:0e:56:ed: 23:7a:bf:b6:d3:a4:95:8d:58:f2:68:94:2f:80:dd:52:44:ae: 95:d6:37:e9:b8:15:b4:6f:09:66:c5:f0:c0:42:74:37:e7:55: 3c:62:27:bd:75:5a:03:bd:f9:ec:91:09:75:2b:7a:65:ac:3e: eb:0b:e7:b4:48:5d:85:6f:ff:40:2d:22:b3:05:97:ec:2f:40: 5b:fa:34:89:6e:39:d8:0f:eb:8a:6a:e3:7a:4f:de:be:7b:f3: f7:35:2a:ae:97:4a:89:c8:bc:04:ca:cd:68:ed:eb:cb:73:25: cd:46:96:5f:f8:29:c7:5d:6c:b4:f4:8c:bc:11:de:9b:0d:36: a4:a0:6b:c9:74:5c:50:9d:f1:6a:59:b5:5d:e6:48:e9:46:22: 3c:ec:83:ac:16:9e:da:d7:80:16:96:86:19:b4:7e:62:17:35: 05:47:1f:40 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8gCLVLONFE+v54X29S0/rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh MTA1MTEwHhcNMjYwMTAyMDIxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDU5ZTYzNGUyOTZlMTVjMDZkNGJkNWM4MjQxZjZmYmI5MzA0MTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IXeiI/cX+g995J90a3WRT6LJD+m pth4c9mJS4ZJxp3PP+h2AymhOnq65w6Mcmh2b54CeG6gRcwx/j9TrJ7OzvYfPzKf UOXOu+BhlkcBZpbP9Z/oEvez8rboTi1Dm92HfsHqpGrTe6nN6vBXd4tc6Khpio3P Lk210vI7yJJbHoEnsntxLi1RR/6rw8++feNsrJt0uGdzIMskR4VYaiIHyjr6zpIE xnU8X4ZN/Kh9umUslwXNYyMzX1qj4Akvpvquhd77nyX3ZXu/c3eU6+aYs+iuvAGR lp22UlDHLWWIBy1WFp6XrjegWg5rj1iiU5q+aSHyi55/fHoqWf8tJHypmwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIRZ5jTiluFcBtS9XIJB9vu5MEGGMB8GA1UdIwQY MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt NDU5MzVmNTA2YTEyLzEvaEZubU5PS1c0VndHMUwxY2drSDItN2t3UVlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVvCAAwQA VvDwMA0GCSqGSIb3DQEBCwUAA4IBAQCsmgYVSMEmX2MWVhLsJcH0G36f9nFlQzZK X1FnzVafWASwwH189XpNcO5n36fGmHflWl/7Iqg9FIMVq4gmmzWDv3GnDAjYOfRh RDkaaiadQMfP2l5zY4IOVu0jer+206SVjVjyaJQvgN1SRK6V1jfpuBW0bwlmxfDA QnQ351U8Yie9dVoDvfnskQl1K3plrD7rC+e0SF2Fb/9ALSKzBZfsL0Bb+jSJbjnY D+uKauN6T96+e/P3NSqul0qJyLwEys1o7evLcyXNRpZf+CnHXWy09Iy8Ed6bDTak oGvJdFxQnfFqWbVd5kjpRiI87IOsFp7a14AWloYZtH5iFzUFRx9A -----END CERTIFICATE-----Generated at Sun Jan 25 21:28:24 2026 by rpki-client