This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/HZCYv3XVf8stA2z1f6A42gk7L3U.roa File: HZCYv3XVf8stA2z1f6A42gk7L3U.roa (raw, json) Hash identifier: ZlU9fEu/YjlkJi8uUrs5+R1MZnAxuJEhvmuRNoG+/ec= Subject key identifier: 1D:90:98:BF:75:D5:7F:CB:2D:03:6C:F5:7F:A0:38:DA:09:3B:2F:75 Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e Certificate serial: 019B7AC7EF72E30A44F7631A28DEBA7CE454 Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/HZCYv3XVf8stA2z1f6A42gk7L3U.roa Signing time: Thu 01 Jan 2026 18:18:01 +0000 ROA not before: Thu 01 Jan 2026 18:18:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6900 IP address blocks: 145.61.196.0/24 maxlen: 24 145.61.200.0/22 maxlen: 22 145.61.200.0/23 maxlen: 23 145.61.200.0/24 maxlen: 24 145.61.201.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:ef:72:e3:0a:44:f7:63:1a:28:de:ba:7c:e4:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e Validity Not Before: Jan 1 18:18:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1d9098bf75d57fcb2d036cf57fa038da093b2f75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:7f:f7:a8:a1:b9:52:37:e7:78:5a:d8:98:d5: 1a:d9:29:46:2f:de:0e:78:03:52:52:1c:e8:1f:b9: 78:61:27:0d:3f:1a:cb:61:c1:37:51:89:43:a9:61: cc:a7:0b:ed:90:c9:89:42:65:c5:87:10:eb:d1:ed: 31:e5:01:c8:52:03:03:06:64:6d:b2:c5:39:64:09: cb:3a:3f:b4:b2:13:f8:cb:40:5e:26:a0:0b:0a:54: c2:ba:0e:2a:1b:9e:05:e8:14:83:50:3a:e0:c9:81: 64:ae:49:9c:0d:26:c4:e3:ab:80:cb:50:5a:08:91: 06:93:8d:f5:d6:00:02:9b:ba:c9:80:e4:20:31:14: b7:52:15:e1:76:9d:cb:c2:dd:c7:00:87:97:91:24: d3:9c:ba:d6:ad:c1:37:9c:c0:9a:48:3f:a0:4c:24: cf:c7:07:52:d8:17:cf:ad:eb:4f:d0:34:97:07:1a: 09:24:cb:79:90:65:8e:32:48:d5:4d:1d:9d:a0:8d: 74:79:d8:4e:de:ea:ac:76:c1:52:62:43:e5:f2:ed: 23:a1:dd:d3:42:7e:38:6d:35:2d:6a:be:0e:7b:69: 5f:51:dc:65:c0:de:d1:2b:f0:c3:eb:23:8e:fd:ea: b1:ec:cc:55:cd:17:23:90:93:a4:32:1a:c4:cd:29: 9e:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:90:98:BF:75:D5:7F:CB:2D:03:6C:F5:7F:A0:38:DA:09:3B:2F:75 X509v3 Authority Key Identifier: keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/HZCYv3XVf8stA2z1f6A42gk7L3U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 145.61.196.0/24 145.61.200.0/22 Signature Algorithm: sha256WithRSAEncryption 95:f9:06:b1:81:dd:d3:8a:5e:c1:51:5f:6c:d3:e0:ed:c9:1b: 72:fa:2f:ff:5f:db:bc:53:40:21:c3:78:b5:6d:be:c5:f9:73: d9:7e:5a:65:1a:23:eb:c4:e7:e8:5a:d3:a8:37:02:77:93:57: bf:9d:21:dc:19:4f:d0:3a:f7:74:80:32:54:73:6f:a7:a3:0e: 03:d6:53:d5:f4:83:dd:6c:02:1d:a8:14:08:5a:d3:92:fe:69: 61:bf:8e:d6:77:1c:b1:ab:28:36:86:f7:41:66:e5:89:19:42: 27:48:3a:9f:70:52:18:5c:33:33:26:8d:60:e1:02:68:de:f0: bc:67:17:7e:9c:2a:16:0c:d7:1d:45:0d:61:a1:6b:eb:40:34: f0:ba:cf:92:a9:3c:7b:ef:ad:91:1e:4a:e6:06:b7:16:16:a2: 19:6e:83:6a:c9:8a:c5:88:7f:2a:cb:2e:2c:e3:c8:4d:ab:8a: 93:c6:66:d5:b3:97:b4:09:0d:7a:cb:87:0b:37:36:5b:a9:ad: b1:df:88:03:41:cc:22:ca:df:cd:0e:2a:b5:8f:05:e0:81:cf: c3:f1:7a:4e:6a:c2:34:ff:89:c2:ec:12:4e:65:4f:c1:76:25: 49:92:4e:9f:2a:40:45:41:a4:d4:dc:56:db:57:d3:4a:ba:a5: 74:d2:b6:7d -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6x+9y4wpE92MaKN66fORUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm NDUyM2UwHhcNMjYwMTAxMTgxODAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZDkwOThiZjc1ZDU3ZmNiMmQwMzZjZjU3ZmEwMzhkYTA5M2IyZjc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8n/3qKG5UjfneFrYmNUa2SlGL94O eANSUhzoH7l4YScNPxrLYcE3UYlDqWHMpwvtkMmJQmXFhxDr0e0x5QHIUgMDBmRt ssU5ZAnLOj+0shP4y0BeJqALClTCug4qG54F6BSDUDrgyYFkrkmcDSbE46uAy1Ba CJEGk4311gACm7rJgOQgMRS3UhXhdp3Lwt3HAIeXkSTTnLrWrcE3nMCaSD+gTCTP xwdS2BfPretP0DSXBxoJJMt5kGWOMkjVTR2doI10edhO3uqsdsFSYkPl8u0jod3T Qn44bTUtar4Oe2lfUdxlwN7RK/DD6yOO/eqx7MxVzRcjkJOkMhrEzSmeNwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFB2QmL911X/LLQNs9X+gONoJOy91MB8GA1UdIwQY MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt NTQ4NjFmMjMyNDlkLzEvSFpDWXYzWFZmOHN0QTJ6MWY2QTQyZ2s3TDNVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkT3EAwQC kT3IMA0GCSqGSIb3DQEBCwUAA4IBAQCV+Qaxgd3Til7BUV9s0+DtyRty+i//X9u8 U0Ahw3i1bb7F+XPZflplGiPrxOfoWtOoNwJ3k1e/nSHcGU/QOvd0gDJUc2+now4D 1lPV9IPdbAIdqBQIWtOS/mlhv47Wdxyxqyg2hvdBZuWJGUInSDqfcFIYXDMzJo1g 4QJo3vC8Zxd+nCoWDNcdRQ1hoWvrQDTwus+SqTx7762RHkrmBrcWFqIZboNqyYrF iH8qyy4s48hNq4qTxmbVs5e0CQ16y4cLNzZbqa2x34gDQcwiyt/NDiq1jwXggc/D 8XpOasI0/4nC7BJOZU/BdiVJkk6fKkBFQaTU3FbbV9NKuqV00rZ9 -----END CERTIFICATE-----Generated at Sun Jan 25 12:17:07 2026 by rpki-client