This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/HUZvsXoFqmpwitLw4aku7m5jYa8.roa File: HUZvsXoFqmpwitLw4aku7m5jYa8.roa (raw, json) Hash identifier: rhpAJ7/RvlTCzRrbypi+sM57yT9OZ8RJ46KD4H90XuY= Subject key identifier: 1D:46:6F:B1:7A:05:AA:6A:70:8A:D2:F0:E1:A9:2E:EE:6E:63:61:AF Certificate issuer: /CN=d99a47cdc89f46342f90b0da3c30d9ec5fd63238 Certificate serial: 019B7EA45E9BBA1AF01CFF50B847EEE1CE5B Authority key identifier: D9:9A:47:CD:C8:9F:46:34:2F:90:B0:DA:3C:30:D9:EC:5F:D6:32:38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/HUZvsXoFqmpwitLw4aku7m5jYa8.roa Signing time: Fri 02 Jan 2026 12:17:39 +0000 ROA not before: Fri 02 Jan 2026 12:17:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202870 IP address blocks: 195.32.2.0/23 maxlen: 24 195.32.4.0/22 maxlen: 24 195.32.8.0/22 maxlen: 24 195.32.24.0/22 maxlen: 24 195.32.64.0/22 maxlen: 24 195.32.70.0/23 maxlen: 24 195.32.104.0/23 maxlen: 24 195.32.106.0/24 maxlen: 24 195.32.108.0/22 maxlen: 24 195.32.112.0/21 maxlen: 24 195.32.120.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.mft rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 03:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:5e:9b:ba:1a:f0:1c:ff:50:b8:47:ee:e1:ce:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d99a47cdc89f46342f90b0da3c30d9ec5fd63238 Validity Not Before: Jan 2 12:17:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1d466fb17a05aa6a708ad2f0e1a92eee6e6361af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:8c:b4:10:35:90:0c:f8:3c:f0:3c:f9:b3:d9: 1d:3e:d9:9a:08:ba:cd:fa:c8:10:79:9e:21:b0:fb: 95:0b:76:c8:01:1d:cf:e9:f5:fd:3c:d3:14:a4:e1: 25:c2:a8:29:ad:55:2a:39:9e:ba:1f:6f:34:9b:48: b1:c6:f3:4c:5b:7e:38:20:4c:d9:38:d2:de:71:60: db:b1:bf:4d:85:f3:59:93:24:f0:0f:c7:f2:3e:5e: d6:c1:9a:8a:24:b3:ff:5c:89:88:87:3a:79:90:b7: 29:ca:1c:58:5b:82:21:79:3d:39:04:8d:23:df:53: 1c:a9:a4:87:68:61:62:07:38:0d:81:60:e5:dc:ad: de:73:0e:73:e0:e4:9c:55:32:8b:18:05:dd:96:dd: 32:b7:f0:3c:f8:4f:7f:9e:14:4e:eb:53:8d:41:77: 5e:e3:ed:f6:f0:92:51:e6:d2:84:71:40:9e:8b:6c: 14:a0:34:d6:84:2d:77:b0:68:47:6b:4b:51:ab:0f: 61:d5:0a:a8:8c:24:4c:d6:1e:22:e8:13:70:d2:3a: 5f:91:f4:6a:ee:0f:33:45:5f:89:3c:96:65:14:6d: a0:d7:46:21:1a:d7:c9:c9:8e:4c:7d:f5:99:c3:af: d5:b0:9e:43:0e:97:35:be:11:31:2c:2f:ab:67:ec: 47:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:46:6F:B1:7A:05:AA:6A:70:8A:D2:F0:E1:A9:2E:EE:6E:63:61:AF X509v3 Authority Key Identifier: keyid:D9:9A:47:CD:C8:9F:46:34:2F:90:B0:DA:3C:30:D9:EC:5F:D6:32:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/HUZvsXoFqmpwitLw4aku7m5jYa8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.32.2.0-195.32.11.255 195.32.24.0/22 195.32.64.0/22 195.32.70.0/23 195.32.104.0-195.32.106.255 195.32.108.0-195.32.127.255 Signature Algorithm: sha256WithRSAEncryption 96:d1:97:68:84:0d:55:70:dd:90:b6:7f:c2:c7:a4:21:b5:00: 53:8a:59:a7:fe:1b:c3:24:b5:9c:b1:4f:2a:e3:25:4a:f6:f7: 29:a0:5a:b8:3a:07:79:24:34:40:5c:cd:64:09:57:e2:07:8d: 9e:9b:e3:b1:73:5b:c2:84:0a:0a:0b:16:7f:8c:7f:5f:da:a7: f4:3a:4d:fe:a1:01:9f:9b:ca:59:dd:e7:cd:2f:98:ff:a7:8e: 8a:91:03:78:c9:e8:c2:a9:ae:0b:a2:aa:5f:43:7e:1b:eb:e0: 13:9d:53:b3:e8:d5:8a:12:fb:07:46:06:40:92:67:4a:08:a1: a6:17:25:ca:44:53:9f:08:fe:14:eb:21:13:43:d2:32:a2:4a: c6:5b:5f:ed:63:b7:5b:3b:4c:82:6e:34:53:ca:36:88:e2:15: 6b:c6:c5:4d:28:b3:59:be:37:30:c4:d6:15:60:6b:d3:84:40: ea:bc:1d:75:56:90:3b:8e:e8:e6:52:e7:9d:58:73:eb:5a:42: fc:39:2d:50:a8:ba:38:92:8d:97:9c:65:fb:53:3d:0c:c9:03: 38:30:b5:43:8b:a4:f9:94:cd:c6:f4:0e:7b:49:31:70:2a:23: 1a:99:9b:d8:a1:f0:d0:6f:b1:42:37:86:cf:b1:22:08:bf:e8: 3b:c9:1d:14 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgISAZt+pF6buhrwHP9QuEfu4c5bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OWE0N2NkYzg5ZjQ2MzQyZjkwYjBkYTNjMzBkOWVjNWZk NjMyMzgwHhcNMjYwMTAyMTIxNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZDQ2NmZiMTdhMDVhYTZhNzA4YWQyZjBlMWE5MmVlZTZlNjM2MWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4y0EDWQDPg88Dz5s9kdPtmaCLrN +sgQeZ4hsPuVC3bIAR3P6fX9PNMUpOElwqgprVUqOZ66H280m0ixxvNMW344IEzZ ONLecWDbsb9NhfNZkyTwD8fyPl7WwZqKJLP/XImIhzp5kLcpyhxYW4IheT05BI0j 31McqaSHaGFiBzgNgWDl3K3ecw5z4OScVTKLGAXdlt0yt/A8+E9/nhRO61ONQXde 4+328JJR5tKEcUCei2wUoDTWhC13sGhHa0tRqw9h1QqojCRM1h4i6BNw0jpfkfRq 7g8zRV+JPJZlFG2g10YhGtfJyY5MffWZw6/VsJ5DDpc1vhExLC+rZ+xH1QIDAQAB o4ICPzCCAjswHQYDVR0OBBYEFB1Gb7F6BapqcIrS8OGpLu5uY2GvMB8GA1UdIwQY MBaAFNmaR83In0Y0L5Cw2jww2exf1jI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlpwSHpjaWZSalF2a0xEYVBERFo3Rl9XTWpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kMzBlZWYtNDk1ZS00M2JkLTkxOWMt YTJhMGUyZGI0OWQwLzEvSFVadnNYb0ZxbXB3aXRMdzRha3U3bTVqWWE4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC9kMzBlZWYtNDk1ZS00M2JkLTkxOWMtYTJhMGUyZGI0OWQw LzEvMlpwSHpjaWZSalF2a0xEYVBERFo3Rl9XTWpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAHDIAID BALDIAgDBALDIBgDBALDIEADBAHDIEYwDAMEA8MgaAMEAMMgajAMAwQCwyBsAwQH wyAAMA0GCSqGSIb3DQEBCwUAA4IBAQCW0ZdohA1VcN2Qtn/Cx6QhtQBTilmn/hvD JLWcsU8q4yVK9vcpoFq4Ogd5JDRAXM1kCVfiB42em+Oxc1vChAoKCxZ/jH9f2qf0 Ok3+oQGfm8pZ3efNL5j/p46KkQN4yejCqa4LoqpfQ34b6+ATnVOz6NWKEvsHRgZA kmdKCKGmFyXKRFOfCP4U6yETQ9IyokrGW1/tY7dbO0yCbjRTyjaI4hVrxsVNKLNZ vjcwxNYVYGvThEDqvB11VpA7jujmUuedWHPrWkL8OS1QqLo4ko2XnGX7Uz0MyQM4 MLVDi6T5lM3G9A57STFwKiMamZvYofDQb7FCN4bPsSIIv+g7yR0U -----END CERTIFICATE-----Generated at Mon Jan 26 12:55:14 2026 by rpki-client