This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/hbzNsJKUFj9YPemgxueORzyaAR4.roa File: hbzNsJKUFj9YPemgxueORzyaAR4.roa (raw, json) Hash identifier: sHENi6SxTMQzE9Umyq+oAU2zV4mQDeA2gga98LgBks4= Subject key identifier: 85:BC:CD:B0:92:94:16:3F:58:3D:E9:A0:C6:E7:8E:47:3C:9A:01:1E Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593 Certificate serial: 019B7FF2821A4DE7A78C92A247E1AE8B8270 Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/hbzNsJKUFj9YPemgxueORzyaAR4.roa Signing time: Fri 02 Jan 2026 18:22:38 +0000 ROA not before: Fri 02 Jan 2026 18:22:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51789 IP address blocks: 5.129.244.0/24 maxlen: 24 5.129.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.mft rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:82:1a:4d:e7:a7:8c:92:a2:47:e1:ae:8b:82:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593 Validity Not Before: Jan 2 18:22:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85bccdb09294163f583de9a0c6e78e473c9a011e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:99:a4:e6:95:6a:7c:a2:ae:b6:eb:70:f6:31: aa:82:85:11:44:dd:03:ca:3a:c1:9b:77:a3:28:97: 19:27:d4:dc:e9:93:1e:bb:e5:f7:31:62:e3:2d:36: da:ab:95:7e:b0:e8:57:16:6b:c0:0d:f6:50:22:d7: 6c:76:dd:65:93:6a:12:f8:5a:75:5e:12:9a:29:92: fc:48:5a:7d:9e:da:42:9a:92:bc:7f:6d:52:9d:a2: 91:20:bf:ad:06:1e:52:86:42:f7:a0:70:d8:f3:1d: 91:e1:d0:61:ff:35:a3:44:c7:3a:af:83:84:d3:38: 6b:77:ca:51:43:59:4e:3d:08:f8:0d:a3:7a:ff:7e: 47:5f:5f:f9:55:b7:bd:6d:e3:29:ea:f9:ef:51:6d: 45:95:14:b3:57:ed:11:78:4b:2c:67:67:83:9d:67: bb:a9:51:34:7e:cc:26:69:00:0b:c8:83:2f:73:07: 6b:4a:62:a0:53:d0:0f:a6:00:f0:c9:f4:db:d9:97: c6:ce:a0:f9:7d:65:68:9c:e1:d6:d8:e3:10:09:62: 6a:fc:62:62:ab:52:0f:3e:b5:54:a2:e2:fa:d7:72: a8:f9:8a:f4:04:fa:d3:4f:79:cb:e6:33:22:02:c0: b8:36:01:73:88:36:36:a8:b8:6b:b0:4e:96:96:09: cd:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:BC:CD:B0:92:94:16:3F:58:3D:E9:A0:C6:E7:8E:47:3C:9A:01:1E X509v3 Authority Key Identifier: keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/hbzNsJKUFj9YPemgxueORzyaAR4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.129.244.0/24 5.129.254.0/24 Signature Algorithm: sha256WithRSAEncryption 41:b1:44:81:5c:c5:cb:ff:75:dd:38:d3:ab:3e:91:6b:58:26: 92:7f:72:65:40:f2:43:c8:36:4f:e4:95:28:33:0f:1e:8d:aa: 87:bf:38:23:24:a5:27:1c:d7:ec:75:8c:4b:60:f2:22:78:34: a7:ab:5b:4c:62:c9:58:f7:a7:55:f2:3b:47:c0:fa:99:52:9c: 82:ce:79:af:a4:1d:cc:04:d0:de:cc:38:ee:57:79:d6:42:c6: ae:1b:be:0f:6e:d0:3e:9b:49:ee:9d:bd:67:dd:33:39:2f:b6: d2:81:06:0a:8e:af:2c:4a:42:ce:60:b5:2e:eb:d1:27:da:10: 20:e6:09:e8:47:f4:09:25:e9:47:b1:b0:54:1a:f8:82:ce:95: 61:0b:00:69:68:66:49:00:7b:ba:2c:49:de:80:c4:1d:6c:1e: e4:8e:d7:db:b4:4b:32:c5:a6:39:1e:44:59:19:13:52:d4:be: 34:37:05:4e:73:f3:80:0c:a7:90:ed:c4:ad:e0:99:c4:d9:26: 9a:ff:45:9b:80:a0:0b:ed:fd:ae:10:ed:ef:22:ed:79:1d:53: bc:40:8e:35:fa:ba:66:08:94:6f:7e:c4:64:5d:30:c1:2e:f5: 36:a7:2a:14:0f:6c:0e:76:cd:99:e5:45:56:0c:05:28:ec:b1: cc:85:39:e3 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/8oIaTeenjJKiR+Gui4JwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2 ZmI1OTMwHhcNMjYwMTAyMTgyMjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWJjY2RiMDkyOTQxNjNmNTgzZGU5YTBjNmU3OGU0NzNjOWEwMTFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpmk5pVqfKKututw9jGqgoURRN0D yjrBm3ejKJcZJ9Tc6ZMeu+X3MWLjLTbaq5V+sOhXFmvADfZQItdsdt1lk2oS+Fp1 XhKaKZL8SFp9ntpCmpK8f21SnaKRIL+tBh5ShkL3oHDY8x2R4dBh/zWjRMc6r4OE 0zhrd8pRQ1lOPQj4DaN6/35HX1/5Vbe9beMp6vnvUW1FlRSzV+0ReEssZ2eDnWe7 qVE0fswmaQALyIMvcwdrSmKgU9APpgDwyfTb2ZfGzqD5fWVonOHW2OMQCWJq/GJi q1IPPrVUouL613Ko+Yr0BPrTT3nL5jMiAsC4NgFziDY2qLhrsE6WlgnNRwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIW8zbCSlBY/WD3poMbnjkc8mgEeMB8GA1UdIwQY MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt MjE3MGM1YzFkM2VkLzEvaGJ6TnNKS1VGajlZUGVtZ3h1ZU9SenlhQVI0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABYH0AwQA BYH+MA0GCSqGSIb3DQEBCwUAA4IBAQBBsUSBXMXL/3XdONOrPpFrWCaSf3JlQPJD yDZP5JUoMw8ejaqHvzgjJKUnHNfsdYxLYPIieDSnq1tMYslY96dV8jtHwPqZUpyC znmvpB3MBNDezDjuV3nWQsauG74PbtA+m0nunb1n3TM5L7bSgQYKjq8sSkLOYLUu 69En2hAg5gnoR/QJJelHsbBUGviCzpVhCwBpaGZJAHu6LEnegMQdbB7kjtfbtEsy xaY5HkRZGRNS1L40NwVOc/OADKeQ7cSt4JnE2Saa/0WbgKAL7f2uEO3vIu15HVO8 QI41+rpmCJRvfsRkXTDBLvU2pyoUD2wOds2Z5UVWDAUo7LHMhTnj -----END CERTIFICATE-----Generated at Sun Jan 25 14:40:29 2026 by rpki-client