This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/HwD5SaOkw2GcQjJ8vtIOPujM0uo.roa File: HwD5SaOkw2GcQjJ8vtIOPujM0uo.roa (raw, json) Hash identifier: mDWTwIvOWof5eDuz+Sdr9ZXulcB95GgPMYlPUKpdvO4= Subject key identifier: 1F:00:F9:49:A3:A4:C3:61:9C:42:32:7C:BE:D2:0E:3E:E8:CC:D2:EA Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813 Certificate serial: 019B7B35945A8EC15A1B8A6A6111C2B65800 Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/HwD5SaOkw2GcQjJ8vtIOPujM0uo.roa Signing time: Thu 01 Jan 2026 20:17:47 +0000 ROA not before: Thu 01 Jan 2026 20:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39251 IP address blocks: 77.76.16.0/20 maxlen: 20 77.76.16.0/24 maxlen: 24 85.217.252.0/22 maxlen: 24 91.92.72.0/21 maxlen: 24 91.92.80.0/20 maxlen: 24 91.92.96.0/21 maxlen: 24 91.207.190.0/23 maxlen: 23 91.207.190.0/24 maxlen: 24 91.207.191.0/24 maxlen: 24 91.223.66.0/24 maxlen: 24 91.245.192.0/24 maxlen: 24 185.163.140.0/22 maxlen: 24 185.225.84.0/22 maxlen: 24 185.229.252.0/22 maxlen: 24 193.37.238.0/24 maxlen: 24 194.169.223.0/24 maxlen: 24 194.169.230.0/24 maxlen: 24 194.169.237.0/24 maxlen: 24 194.169.242.0/24 maxlen: 24 195.238.84.0/23 maxlen: 23 195.238.84.0/24 maxlen: 24 195.238.85.0/24 maxlen: 24 212.70.140.0/24 maxlen: 24 212.70.141.0/24 maxlen: 24 213.232.88.0/22 maxlen: 24 2a0b:f800::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.mft rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:94:5a:8e:c1:5a:1b:8a:6a:61:11:c2:b6:58:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813 Validity Not Before: Jan 1 20:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f00f949a3a4c3619c42327cbed20e3ee8ccd2ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:3a:6d:91:b5:65:4c:1c:15:bb:79:58:13:34: fd:b9:0a:87:d7:d6:c4:d2:79:5d:4d:8e:6f:0a:2b: 7b:3f:31:45:8f:6d:09:4e:a6:6d:27:49:68:bc:a7: 06:9d:61:d1:ee:8a:d8:56:13:7c:ed:ce:36:a3:ed: 1a:0f:1f:af:2f:f4:c3:73:eb:1a:88:08:45:db:c6: 9d:08:9a:bb:a6:b8:71:ef:3d:fe:7b:ab:23:92:a0: 80:b6:07:63:f9:0a:6b:6f:a8:20:a1:17:91:44:da: 2d:76:37:c4:db:c3:78:12:87:38:ea:45:02:df:0d: 3e:24:0c:1c:90:fe:35:b8:54:55:c6:9e:9a:ea:ee: ec:f9:3a:c9:d5:5d:1b:0d:66:a3:bc:9b:ec:7d:fe: c2:7a:88:41:3b:92:ce:54:fa:18:e0:09:50:99:fa: cb:a2:97:03:f2:67:1d:01:dd:80:9a:4f:1d:66:f8: e4:a3:95:f7:57:bc:5b:d1:1d:cc:ad:8e:f6:f8:b4: 6d:a7:16:d7:b1:fd:87:98:67:db:e2:ae:9c:e3:5d: dd:51:03:00:f6:ec:86:dc:df:14:e5:ae:93:18:63: 6d:2f:cf:90:d5:c5:fa:e5:8d:a9:4e:d6:f8:a4:d6: f3:f9:8b:16:fe:f5:99:01:45:6e:4d:59:9e:66:96: 6d:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:00:F9:49:A3:A4:C3:61:9C:42:32:7C:BE:D2:0E:3E:E8:CC:D2:EA X509v3 Authority Key Identifier: keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/HwD5SaOkw2GcQjJ8vtIOPujM0uo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.76.16.0/20 85.217.252.0/22 91.92.72.0-91.92.103.255 91.207.190.0/23 91.223.66.0/24 91.245.192.0/24 185.163.140.0/22 185.225.84.0/22 185.229.252.0/22 193.37.238.0/24 194.169.223.0/24 194.169.230.0/24 194.169.237.0/24 194.169.242.0/24 195.238.84.0/23 212.70.140.0/23 213.232.88.0/22 IPv6: 2a0b:f800::/32 Signature Algorithm: sha256WithRSAEncryption 87:ad:04:8a:61:77:b6:a4:9f:3d:d4:de:07:de:74:69:56:d5: 89:01:13:1a:19:14:fc:20:6e:88:c5:3c:51:f5:85:72:c2:90: d9:eb:25:62:8f:69:aa:70:53:ca:75:45:82:e8:ff:03:35:ff: b9:f7:1c:2c:1c:40:a4:2e:5f:a8:a6:89:91:ab:41:8a:88:a5: 15:27:b3:8b:b8:a3:2d:01:2c:aa:47:a1:09:b8:b9:0d:2a:7f: 95:24:fc:d0:f3:f1:f7:77:8b:4a:f5:c8:7d:a5:d9:8b:35:82: 54:56:a4:7c:65:38:14:e1:f5:63:c1:1d:c1:19:b7:8a:23:72: 3c:8b:a1:3a:79:7f:49:3f:ce:19:0e:b4:7e:94:ee:4a:71:49: c5:b2:08:74:53:5f:86:35:b7:0f:f0:90:39:57:cc:b1:0f:72: f6:e5:23:97:56:ac:f0:1a:35:bd:a2:50:50:74:b1:7f:83:08: 70:9d:2e:3e:59:33:a8:9d:06:e3:53:3d:11:cf:34:1b:03:56: 53:dd:e4:97:90:a9:de:0a:d2:e4:99:64:3f:8f:7b:4e:e0:39: c0:9e:24:c0:20:e5:71:23:7f:07:08:63:89:83:f1:18:e3:f3: d7:e7:38:b9:5d:4f:0a:55:07:a4:b6:c5:13:55:77:c5:45:7e: 07:46:e0:82 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgISAZt7NZRajsFaG4pqYRHCtlgAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey NTY4MTMwHhcNMjYwMTAxMjAxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjAwZjk0OWEzYTRjMzYxOWM0MjMyN2NiZWQyMGUzZWU4Y2NkMmVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozptkbVlTBwVu3lYEzT9uQqH19bE 0nldTY5vCit7PzFFj20JTqZtJ0lovKcGnWHR7orYVhN87c42o+0aDx+vL/TDc+sa iAhF28adCJq7prhx7z3+e6sjkqCAtgdj+Qprb6ggoReRRNotdjfE28N4Eoc46kUC 3w0+JAwckP41uFRVxp6a6u7s+TrJ1V0bDWajvJvsff7CeohBO5LOVPoY4AlQmfrL opcD8mcdAd2Amk8dZvjko5X3V7xb0R3MrY72+LRtpxbXsf2HmGfb4q6c413dUQMA 9uyG3N8U5a6TGGNtL8+Q1cX65Y2pTtb4pNbz+YsW/vWZAUVuTVmeZpZtTwIDAQAB o4ICgzCCAn8wHQYDVR0OBBYEFB8A+UmjpMNhnEIyfL7SDj7ozNLqMB8GA1UdIwQY MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt NjRkMjljODZiZjNlLzEvSHdENVNhT2t3MkdjUWpKOHZ0SU9QdWpNMHVvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQETUwQ AwQCVdn8MAwDBANbXEgDBANbXGADBAFbz74DBABb30IDBABb9cADBAK5o4wDBAK5 4VQDBAK55fwDBADBJe4DBADCqd8DBADCqeYDBADCqe0DBADCqfIDBAHD7lQDBAHU RowDBALV6FgwDQQCAAIwBwMFACoL+AAwDQYJKoZIhvcNAQELBQADggEBAIetBIph d7aknz3U3gfedGlW1YkBExoZFPwgbojFPFH1hXLCkNnrJWKPaapwU8p1RYLo/wM1 /7n3HCwcQKQuX6imiZGrQYqIpRUns4u4oy0BLKpHoQm4uQ0qf5Uk/NDz8fd3i0r1 yH2l2Ys1glRWpHxlOBTh9WPBHcEZt4ojcjyLoTp5f0k/zhkOtH6U7kpxScWyCHRT X4Y1tw/wkDlXzLEPcvblI5dWrPAaNb2iUFB0sX+DCHCdLj5ZM6idBuNTPRHPNBsD VlPd5JeQqd4K0uSZZD+Pe07gOcCeJMAg5XEjfwcIY4mD8Rjj89fnOLldTwpVB6S2 xRNVd8VFfgdG4II= -----END CERTIFICATE-----Generated at Sun Jan 25 17:34:11 2026 by rpki-client