This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/hdmcNwLCjDXPBKKvWGbOncZxqck.roa File: hdmcNwLCjDXPBKKvWGbOncZxqck.roa (raw, json) Hash identifier: kfdHlxSK8jc9HQk0SWqjLa4vIJVnr/xdG0pMDu9+AHo= Subject key identifier: 85:D9:9C:37:02:C2:8C:35:CF:04:A2:AF:58:66:CE:9D:C6:71:A9:C9 Certificate issuer: /CN=e2b1e2e4c508c6c7a98b6598528745c813fad31d Certificate serial: 019B7D5C480C2EFB98D5526C9530F2A1012D Authority key identifier: E2:B1:E2:E4:C5:08:C6:C7:A9:8B:65:98:52:87:45:C8:13:FA:D3:1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4rHi5MUIxsepi2WYUodFyBP60x0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/hdmcNwLCjDXPBKKvWGbOncZxqck.roa Signing time: Fri 02 Jan 2026 06:19:18 +0000 ROA not before: Fri 02 Jan 2026 06:19:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31198 IP address blocks: 46.18.152.0/21 maxlen: 24 217.173.48.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/4rHi5MUIxsepi2WYUodFyBP60x0.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/4rHi5MUIxsepi2WYUodFyBP60x0.mft rsync://rpki.ripe.net/repository/DEFAULT/4rHi5MUIxsepi2WYUodFyBP60x0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:48:0c:2e:fb:98:d5:52:6c:95:30:f2:a1:01:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e2b1e2e4c508c6c7a98b6598528745c813fad31d Validity Not Before: Jan 2 06:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85d99c3702c28c35cf04a2af5866ce9dc671a9c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:2a:f9:eb:38:8d:d1:55:d0:4f:4a:16:c0:13: 31:34:a9:ca:af:69:f4:d7:b8:0b:9c:2d:a8:da:d5: 95:09:6c:94:9e:67:19:81:a0:a1:da:b9:c1:a7:1e: fb:a7:81:be:9b:c7:d9:96:2f:10:2d:b4:e6:1d:ec: 75:63:58:a6:89:fe:1f:6b:17:62:5a:a9:4f:d1:2b: 43:14:96:8d:78:d2:9e:59:f0:32:20:89:9c:48:f6: 65:30:6f:fa:77:75:f9:80:dc:45:cd:0e:2e:a9:79: 30:f9:72:ec:0d:e2:7d:3e:6e:f9:86:45:8e:a0:18: a1:cd:63:79:99:45:c2:f7:f9:ff:2f:13:a3:7c:55: 01:94:0b:cc:d7:59:84:97:1a:de:2c:4b:bf:73:e5: 8e:44:5c:58:c9:6d:9a:ec:5d:a7:46:f7:65:a2:a3: a5:36:23:4b:6c:f4:da:0d:0a:df:78:8a:86:93:13: 93:25:72:9c:45:8f:fe:fe:14:72:d1:d9:a5:79:84: 9f:4d:1b:99:3a:5b:2c:f0:e9:c7:85:fa:e6:83:0a: 77:6e:f1:96:ae:5a:c5:98:ac:0a:a3:b2:97:45:41: 7b:e1:c1:31:cb:30:13:16:e2:eb:66:c9:0d:70:d4: a4:80:ff:34:18:07:b1:94:e3:75:1d:6e:03:de:96: 62:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:D9:9C:37:02:C2:8C:35:CF:04:A2:AF:58:66:CE:9D:C6:71:A9:C9 X509v3 Authority Key Identifier: keyid:E2:B1:E2:E4:C5:08:C6:C7:A9:8B:65:98:52:87:45:C8:13:FA:D3:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4rHi5MUIxsepi2WYUodFyBP60x0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/hdmcNwLCjDXPBKKvWGbOncZxqck.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/4rHi5MUIxsepi2WYUodFyBP60x0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.18.152.0/21 217.173.48.0/24 Signature Algorithm: sha256WithRSAEncryption 24:df:20:9e:ed:b2:65:14:b1:40:14:a1:b9:96:7e:b6:4b:aa: 5d:bb:f6:1f:ef:97:9f:8b:9f:5c:d7:61:d5:01:c6:fc:12:b2: 4a:64:64:ff:dc:c7:01:42:ab:71:eb:4f:7a:0f:69:6d:be:0e: cc:b0:62:1d:21:f6:ac:e8:e5:3f:fd:e8:24:e3:1d:61:4a:6c: ac:57:21:b5:b1:64:ae:43:43:32:cc:7e:e1:7f:1e:2f:1a:9a: d5:f0:0e:f7:40:76:f6:3c:c8:0a:3d:8d:09:3c:8d:a3:6b:45: ec:3a:47:25:df:37:96:5e:a7:e7:93:19:57:e3:d0:41:54:9c: 01:7b:b0:26:c2:1a:d8:24:3a:49:06:ae:cf:5d:25:89:9b:0c: 0c:03:e5:6f:4e:19:ae:86:34:73:3a:c9:a5:45:c0:33:53:21: 44:d7:e6:48:af:4d:0d:1d:67:5c:81:22:00:14:96:8d:10:14: 12:cc:45:ea:a6:f2:cf:89:c8:ee:a8:58:e3:62:08:ab:74:6a: 75:7e:a4:17:62:e6:d0:ca:9c:8d:12:90:98:22:94:cc:da:be: 29:a0:1b:a3:e4:9c:90:9f:18:e4:7f:5b:c0:87:e9:45:ef:97: 6f:77:50:c6:ec:8f:04:fa:68:85:6e:b6:03:5e:6c:2e:77:2c: 48:09:c4:04 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XEgMLvuY1VJslTDyoQEtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyYjFlMmU0YzUwOGM2YzdhOThiNjU5ODUyODc0NWM4MTNm YWQzMWQwHhcNMjYwMTAyMDYxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWQ5OWMzNzAyYzI4YzM1Y2YwNGEyYWY1ODY2Y2U5ZGM2NzFhOWM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmir56ziN0VXQT0oWwBMxNKnKr2n0 17gLnC2o2tWVCWyUnmcZgaCh2rnBpx77p4G+m8fZli8QLbTmHex1Y1imif4faxdi WqlP0StDFJaNeNKeWfAyIImcSPZlMG/6d3X5gNxFzQ4uqXkw+XLsDeJ9Pm75hkWO oBihzWN5mUXC9/n/LxOjfFUBlAvM11mElxreLEu/c+WORFxYyW2a7F2nRvdloqOl NiNLbPTaDQrfeIqGkxOTJXKcRY/+/hRy0dmleYSfTRuZOlss8OnHhfrmgwp3bvGW rlrFmKwKo7KXRUF74cExyzATFuLrZskNcNSkgP80GAexlON1HW4D3pZiPwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIXZnDcCwow1zwSir1hmzp3GcanJMB8GA1UdIwQY MBaAFOKx4uTFCMbHqYtlmFKHRcgT+tMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNHJIaTVNVUl4c2VwaTJXWVVvZEZ5QlA2MHgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kMzFlNWYtMGY1Mi00NjIzLTg2N2Et NTQzZDYxODJlMjk0LzEvaGRtY053TENqRFhQQktLdldHYk9uY1p4cWNrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC9kMzFlNWYtMGY1Mi00NjIzLTg2N2EtNTQzZDYxODJlMjk0 LzEvNHJIaTVNVUl4c2VwaTJXWVVvZEZ5QlA2MHgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLhKYAwQA 2a0wMA0GCSqGSIb3DQEBCwUAA4IBAQAk3yCe7bJlFLFAFKG5ln62S6pdu/Yf75ef i59c12HVAcb8ErJKZGT/3McBQqtx6096D2ltvg7MsGIdIfas6OU//egk4x1hSmys VyG1sWSuQ0MyzH7hfx4vGprV8A73QHb2PMgKPY0JPI2ja0XsOkcl3zeWXqfnkxlX 49BBVJwBe7AmwhrYJDpJBq7PXSWJmwwMA+VvThmuhjRzOsmlRcAzUyFE1+ZIr00N HWdcgSIAFJaNEBQSzEXqpvLPicjuqFjjYgirdGp1fqQXYubQypyNEpCYIpTM2r4p oBuj5JyQnxjkf1vAh+lF75dvd1DG7I8E+miFbrYDXmwudyxICcQE -----END CERTIFICATE-----Generated at Sun Jan 25 22:29:13 2026 by rpki-client