This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/hih4fzkJ3O9yEk3BE5UpAZ6h-8Q.roa File: hih4fzkJ3O9yEk3BE5UpAZ6h-8Q.roa (raw, json) Hash identifier: R7mk0homAMVaYBl/kyf6p+7Cu/DPi0srKaEKzzxe+Sc= Subject key identifier: 86:28:78:7F:39:09:DC:EF:72:12:4D:C1:13:95:29:01:9E:A1:FB:C4 Certificate issuer: /CN=d99a47cdc89f46342f90b0da3c30d9ec5fd63238 Certificate serial: 019B7EA45E378828E551C2CC03E694396714 Authority key identifier: D9:9A:47:CD:C8:9F:46:34:2F:90:B0:DA:3C:30:D9:EC:5F:D6:32:38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/hih4fzkJ3O9yEk3BE5UpAZ6h-8Q.roa Signing time: Fri 02 Jan 2026 12:17:39 +0000 ROA not before: Fri 02 Jan 2026 12:17:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21034 IP address blocks: 195.32.69.0/24 maxlen: 24 195.32.80.0/22 maxlen: 22 195.32.84.0/24 maxlen: 24 195.32.85.0/24 maxlen: 24 195.32.86.0/23 maxlen: 23 195.32.88.0/21 maxlen: 22 195.32.92.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.mft rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 03:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:5e:37:88:28:e5:51:c2:cc:03:e6:94:39:67:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d99a47cdc89f46342f90b0da3c30d9ec5fd63238 Validity Not Before: Jan 2 12:17:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8628787f3909dcef72124dc1139529019ea1fbc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:de:0c:d0:33:c3:68:50:8f:36:26:ab:26:e4: 9c:95:71:53:97:66:c7:af:5e:f8:9f:b8:ba:a6:1d: ab:fe:62:8d:86:e2:b6:35:5a:15:ac:7a:9d:a0:e9: 64:aa:1e:cf:df:d2:34:14:d1:5c:20:6e:29:c1:64: cc:c9:96:fa:1f:27:f0:67:07:86:6c:ab:58:c4:cd: 46:c5:6f:cb:59:cc:dc:b5:36:b5:4e:42:51:d6:7b: 82:6a:6f:f7:9d:25:58:40:a7:f4:35:f7:82:b4:23: dc:fd:6d:2c:d2:f2:1f:8a:cf:66:fd:45:d7:1a:05: 2b:d3:ea:a4:27:14:81:61:bd:1f:e1:96:3d:5c:9a: b8:d4:cb:a0:86:6c:7c:da:43:ff:71:09:7d:46:c7: 83:4d:7a:f0:8a:59:fa:87:fe:15:e8:7d:3e:76:4e: 82:71:28:9e:90:8f:45:07:93:0a:37:e0:10:35:3c: 5c:38:06:51:93:87:f0:6d:ae:92:fe:b1:ac:66:b7: 8a:88:40:ff:35:19:f0:f9:3b:b7:dc:e3:68:3c:ce: e3:f7:5d:56:35:48:ff:e5:00:4e:3a:88:8d:c0:d8: 61:d8:33:5d:e5:e0:d2:59:05:0d:85:71:8e:6a:d3: 10:3e:99:9b:e6:fa:53:24:93:d9:03:6b:8f:c0:d4: 21:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:28:78:7F:39:09:DC:EF:72:12:4D:C1:13:95:29:01:9E:A1:FB:C4 X509v3 Authority Key Identifier: keyid:D9:9A:47:CD:C8:9F:46:34:2F:90:B0:DA:3C:30:D9:EC:5F:D6:32:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/hih4fzkJ3O9yEk3BE5UpAZ6h-8Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.32.69.0/24 195.32.80.0/20 Signature Algorithm: sha256WithRSAEncryption 45:49:57:a5:f2:0d:80:22:0b:33:9c:de:46:ae:2b:c0:c8:e9: e1:11:95:a7:c3:d1:fe:db:9e:5c:7f:32:03:06:be:a7:15:c5: 3a:ad:97:ef:b6:a0:7d:f7:b4:8e:7b:80:24:29:ed:8c:db:df: 26:f5:2f:ec:f0:b4:d8:3f:be:17:e8:08:db:14:43:88:57:13: fc:f7:5e:0f:34:17:ed:a8:bb:19:89:38:37:d1:fb:17:b9:66: 4b:81:b3:38:e3:36:5f:a0:58:a0:89:5a:61:9d:88:db:b0:14: b2:71:5c:69:d0:5e:89:99:06:e4:6d:35:67:e6:57:b8:43:05: e9:21:76:7c:aa:b1:7d:e6:d4:75:bb:99:b3:0f:4e:e8:22:5f: ae:a7:cb:3e:3a:ae:8e:8f:f7:81:2d:53:f7:c4:4b:3c:10:ff: 7d:b8:ef:aa:54:6a:c3:6b:a2:f5:3d:69:17:e2:07:57:2d:d6: 8f:25:33:7b:97:b2:a2:c7:5a:71:41:ec:c2:e4:e0:2e:24:ff: 8a:1e:86:b8:0a:2a:a5:3b:4d:25:56:14:7e:3e:2f:a1:7f:ad: fd:8a:bc:d4:b0:0e:7d:56:ea:54:d6:ee:f2:2a:6b:c0:dc:75: 7a:94:02:b4:b0:aa:2d:bd:99:28:36:3b:ab:07:9e:c3:b1:60: bf:6e:2b:e1 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+pF43iCjlUcLMA+aUOWcUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OWE0N2NkYzg5ZjQ2MzQyZjkwYjBkYTNjMzBkOWVjNWZk NjMyMzgwHhcNMjYwMTAyMTIxNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjI4Nzg3ZjM5MDlkY2VmNzIxMjRkYzExMzk1MjkwMTllYTFmYmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm94M0DPDaFCPNiarJuSclXFTl2bH r174n7i6ph2r/mKNhuK2NVoVrHqdoOlkqh7P39I0FNFcIG4pwWTMyZb6HyfwZweG bKtYxM1GxW/LWczctTa1TkJR1nuCam/3nSVYQKf0NfeCtCPc/W0s0vIfis9m/UXX GgUr0+qkJxSBYb0f4ZY9XJq41Mughmx82kP/cQl9RseDTXrwiln6h/4V6H0+dk6C cSiekI9FB5MKN+AQNTxcOAZRk4fwba6S/rGsZreKiED/NRnw+Tu33ONoPM7j911W NUj/5QBOOoiNwNhh2DNd5eDSWQUNhXGOatMQPpmb5vpTJJPZA2uPwNQh0wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIYoeH85CdzvchJNwROVKQGeofvEMB8GA1UdIwQY MBaAFNmaR83In0Y0L5Cw2jww2exf1jI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlpwSHpjaWZSalF2a0xEYVBERFo3Rl9XTWpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kMzBlZWYtNDk1ZS00M2JkLTkxOWMt YTJhMGUyZGI0OWQwLzEvaGloNGZ6a0ozTzl5RWszQkU1VXBBWjZoLThRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC9kMzBlZWYtNDk1ZS00M2JkLTkxOWMtYTJhMGUyZGI0OWQw LzEvMlpwSHpjaWZSalF2a0xEYVBERFo3Rl9XTWpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwyBFAwQE wyBQMA0GCSqGSIb3DQEBCwUAA4IBAQBFSVel8g2AIgsznN5GrivAyOnhEZWnw9H+ 255cfzIDBr6nFcU6rZfvtqB997SOe4AkKe2M298m9S/s8LTYP74X6AjbFEOIVxP8 914PNBftqLsZiTg30fsXuWZLgbM44zZfoFigiVphnYjbsBSycVxp0F6JmQbkbTVn 5le4QwXpIXZ8qrF95tR1u5mzD07oIl+up8s+Oq6Oj/eBLVP3xEs8EP99uO+qVGrD a6L1PWkX4gdXLdaPJTN7l7Kix1pxQezC5OAuJP+KHoa4CiqlO00lVhR+Pi+hf639 irzUsA59VupU1u7yKmvA3HV6lAK0sKotvZkoNjurB57DsWC/bivh -----END CERTIFICATE-----Generated at Mon Jan 26 11:44:20 2026 by rpki-client