This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/HkXjWGsEB_nzvxNHP8dGv7MAq7Q.roa File: HkXjWGsEB_nzvxNHP8dGv7MAq7Q.roa (raw, json) Hash identifier: 1xbJ8+wmJvUYu+3DXk9VVxz7EgtP35YeVUeb75i94aM= Subject key identifier: 1E:45:E3:58:6B:04:07:F9:F3:BF:13:47:3F:C7:46:BF:B3:00:AB:B4 Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3 Certificate serial: 019B78A24FC4EB2DCA5966EB03FFE7F204E5 Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/HkXjWGsEB_nzvxNHP8dGv7MAq7Q.roa Signing time: Thu 01 Jan 2026 08:17:41 +0000 ROA not before: Thu 01 Jan 2026 08:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39216 IP address blocks: 185.21.136.0/24 maxlen: 24 185.21.137.0/24 maxlen: 24 185.21.138.0/24 maxlen: 24 185.21.139.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.mft rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:4f:c4:eb:2d:ca:59:66:eb:03:ff:e7:f2:04:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3 Validity Not Before: Jan 1 08:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1e45e3586b0407f9f3bf13473fc746bfb300abb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:e3:f2:98:d2:07:26:87:97:a2:76:c4:00:7f: 09:da:b2:49:0c:87:84:29:c4:b9:63:9e:70:73:66: 54:3d:9b:c1:e3:a6:3e:e1:fc:20:e3:ce:a2:ca:97: b2:5d:97:76:39:38:2a:b6:64:2d:3b:65:5b:37:d6: 52:78:61:c2:34:ef:8a:80:43:f7:79:a9:52:48:70: af:4c:73:ad:86:84:d2:62:75:e9:01:02:c4:67:52: 3e:47:c5:bb:8b:71:ef:47:ad:e3:df:af:cf:1b:b1: 14:74:dc:80:c8:c5:e7:4d:cf:d4:de:94:70:44:f4: 72:16:fb:50:bb:46:bc:2c:26:29:82:32:71:b0:59: f9:14:45:fe:b4:1f:9d:1e:ce:a2:a8:a0:0b:7c:c5: d5:8b:e6:ca:31:2a:b9:c0:73:b5:9b:08:26:31:7f: 63:35:68:69:0c:35:8d:e8:ea:5d:1a:df:cb:b2:53: 36:f0:7d:9a:3d:60:16:c9:c8:ad:a7:0d:ba:d9:d7: 08:f1:30:8e:60:47:a6:0e:da:6f:03:a5:d0:52:f7: a2:ca:af:cf:28:8a:31:ac:10:08:e0:a7:93:e6:3a: 9a:cf:38:82:6a:4f:8b:99:5c:3c:1e:57:23:2d:99: 96:c3:f9:50:23:25:84:3a:85:bf:57:d6:04:55:19: bb:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:45:E3:58:6B:04:07:F9:F3:BF:13:47:3F:C7:46:BF:B3:00:AB:B4 X509v3 Authority Key Identifier: keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/HkXjWGsEB_nzvxNHP8dGv7MAq7Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.21.136.0/22 Signature Algorithm: sha256WithRSAEncryption 2a:65:78:0c:a2:52:9f:90:bc:69:7e:14:ce:37:e9:a0:fb:64: 53:f8:d3:20:11:9b:1a:44:77:c6:3c:a7:5f:c7:ae:74:be:85: f1:88:4f:62:c1:91:a1:3f:f2:3c:8d:57:ca:70:85:1b:90:fc: 3d:79:9e:9f:2c:1b:4c:d4:36:43:04:ba:b7:bb:86:f4:40:e9: 95:1d:7b:90:0a:85:06:6a:b5:7b:46:c9:63:db:2c:96:fc:0d: c0:c1:6a:6b:c8:11:b2:2f:71:c2:b8:77:f0:f4:08:7a:4c:69: 18:17:ce:55:fa:49:1c:17:5a:19:e1:59:5f:d7:80:d0:84:45: 4c:fb:b8:e7:0f:1f:7d:a4:a5:82:17:99:fe:fb:7c:c3:59:ea: c7:49:15:d7:f6:6d:a3:c1:1b:66:00:96:89:3b:2f:4a:9e:ed: bb:e6:0e:a2:6e:5f:33:1e:09:47:fb:bb:01:dd:0d:9d:1e:b9: 61:29:9c:79:3a:88:11:91:23:5a:20:b4:b1:22:cd:78:02:d6: 75:34:6e:7a:1b:1e:42:31:cb:2f:f5:a4:6e:e9:cd:49:d8:a0: f5:c6:9e:78:38:8d:01:f0:17:8a:6a:b3:19:ac:d3:80:0f:ff: 31:5e:ec:2c:99:bd:c7:b6:95:0f:ae:40:1a:ce:4a:31:16:6f: fa:ad:d7:6a -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt4ok/E6y3KWWbrA//n8gTlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx Zjg3YjMwHhcNMjYwMTAxMDgxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZTQ1ZTM1ODZiMDQwN2Y5ZjNiZjEzNDczZmM3NDZiZmIzMDBhYmI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+PymNIHJoeXonbEAH8J2rJJDIeE KcS5Y55wc2ZUPZvB46Y+4fwg486iypeyXZd2OTgqtmQtO2VbN9ZSeGHCNO+KgEP3 ealSSHCvTHOthoTSYnXpAQLEZ1I+R8W7i3HvR63j36/PG7EUdNyAyMXnTc/U3pRw RPRyFvtQu0a8LCYpgjJxsFn5FEX+tB+dHs6iqKALfMXVi+bKMSq5wHO1mwgmMX9j NWhpDDWN6OpdGt/LslM28H2aPWAWycitpw262dcI8TCOYEemDtpvA6XQUveiyq/P KIoxrBAI4KeT5jqazziCak+LmVw8HlcjLZmWw/lQIyWEOoW/V9YEVRm7HwIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFB5F41hrBAf5878TRz/HRr+zAKu0MB8GA1UdIwQY MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz LWFjZTNkNjc1ZDNjZC8xL0hrWGpXR3NFQl9uenZ4TkhQOGRHdjdNQXE3US5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5FYgw DQYJKoZIhvcNAQELBQADggEBACpleAyiUp+QvGl+FM436aD7ZFP40yARmxpEd8Y8 p1/HrnS+hfGIT2LBkaE/8jyNV8pwhRuQ/D15np8sG0zUNkMEure7hvRA6ZUde5AK hQZqtXtGyWPbLJb8DcDBamvIEbIvccK4d/D0CHpMaRgXzlX6SRwXWhnhWV/XgNCE RUz7uOcPH32kpYIXmf77fMNZ6sdJFdf2baPBG2YAlok7L0qe7bvmDqJuXzMeCUf7 uwHdDZ0euWEpnHk6iBGRI1ogtLEizXgC1nU0bnobHkIxyy/1pG7pzUnYoPXGnng4 jQHwF4pqsxms04AP/zFe7CyZvce2lQ+uQBrOSjEWb/qt12o= -----END CERTIFICATE-----Generated at Sun Jan 25 03:58:24 2026 by rpki-client