This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hTUJMpUXyFdUszTEMF5ErgnLcJY.roa File: hTUJMpUXyFdUszTEMF5ErgnLcJY.roa (raw, json) Hash identifier: CX09+L4mdHt/9lXiGadc8jScT10LaRupkgP1rUn5kqY= Subject key identifier: 85:35:09:32:95:17:C8:57:54:B3:34:C4:30:5E:44:AE:09:CB:70:96 Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Certificate serial: 019B78343B94A34274510458C3FE34255565 Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hTUJMpUXyFdUszTEMF5ErgnLcJY.roa Signing time: Thu 01 Jan 2026 06:17:27 +0000 ROA not before: Thu 01 Jan 2026 06:17:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1257 IP address blocks: 192.71.180.0/24 maxlen: 24 192.71.220.0/24 maxlen: 24 193.180.207.0/24 maxlen: 24 193.180.240.0/24 maxlen: 24 193.180.247.0/24 maxlen: 24 193.181.2.0/24 maxlen: 24 193.234.16.0/24 maxlen: 24 193.234.87.0/24 maxlen: 24 193.234.177.0/24 maxlen: 24 194.68.238.0/24 maxlen: 24 194.71.178.0/24 maxlen: 24 194.71.179.0/24 maxlen: 24 194.71.248.0/21 maxlen: 24 194.103.24.0/22 maxlen: 24 194.132.60.0/24 maxlen: 24 194.132.128.0/22 maxlen: 22 2a01:280:310::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:3b:94:a3:42:74:51:04:58:c3:fe:34:25:55:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Validity Not Before: Jan 1 06:17:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=853509329517c85754b334c4305e44ae09cb7096 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e3:6f:4a:71:1f:d1:1c:76:46:94:55:0b:07: 4e:1c:0b:0f:66:d4:bd:5c:3c:b9:18:56:49:be:51: 5f:7d:0b:5b:5d:bc:d5:36:79:10:0e:1d:91:cd:1b: d8:b6:46:ef:2e:05:15:ed:a9:d8:50:f6:d6:e3:a8: 9b:b0:dd:7a:29:ad:62:ff:e2:f7:f9:e9:98:57:be: 7d:88:74:49:4d:bd:2d:54:87:70:1e:17:1d:aa:f3: 10:4a:89:9a:ec:00:62:f7:fc:27:ed:f4:e3:58:0a: ea:2e:92:de:bc:c3:4b:85:d5:13:02:6d:ab:77:f1: 76:de:46:37:8a:2d:6c:d4:e5:ee:ee:5c:30:f8:a1: 68:85:49:c3:65:f1:7a:81:30:1f:f5:40:a2:78:58: 1f:d4:90:9c:36:8f:8b:30:79:27:02:34:20:2b:5e: a1:1c:c4:9e:c8:8c:b7:95:b2:10:16:50:65:6f:53: 9b:38:f3:0c:94:0e:c3:98:85:d4:5f:24:40:a8:0b: 7e:e7:1a:ac:13:6f:82:ed:28:72:6e:c6:e4:be:2c: 42:5f:33:a7:6e:1f:cd:76:93:c6:7f:a5:89:a3:ca: f9:82:54:7a:90:66:c1:73:d3:a4:f7:ba:b6:0f:ec: 7d:5b:7f:46:45:09:70:a3:2a:90:d7:ca:b4:77:4e: e0:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:35:09:32:95:17:C8:57:54:B3:34:C4:30:5E:44:AE:09:CB:70:96 X509v3 Authority Key Identifier: keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hTUJMpUXyFdUszTEMF5ErgnLcJY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.71.180.0/24 192.71.220.0/24 193.180.207.0/24 193.180.240.0/24 193.180.247.0/24 193.181.2.0/24 193.234.16.0/24 193.234.87.0/24 193.234.177.0/24 194.68.238.0/24 194.71.178.0/23 194.71.248.0/21 194.103.24.0/22 194.132.60.0/24 194.132.128.0/22 IPv6: 2a01:280:310::/48 Signature Algorithm: sha256WithRSAEncryption 25:fd:e3:74:c7:6f:98:87:a0:d5:7a:d3:b6:3c:89:74:c7:0a: 54:d9:01:99:2c:c2:16:31:e2:57:99:7b:e7:97:a2:c3:06:87: ee:bf:59:b7:81:0d:58:2d:f4:8c:34:6f:af:ad:f2:ad:ab:de: 4f:f2:3e:7a:a9:5d:c0:41:77:dd:f3:fd:67:2b:8a:21:17:14: 39:39:50:86:70:aa:ca:aa:a5:cc:7e:c3:3b:81:56:af:04:58: 43:c6:9c:d8:a0:f4:8c:17:c5:4f:97:d3:41:ca:fa:c1:58:f8: 29:4d:15:4c:e8:2f:83:ba:d7:35:5d:58:39:92:b5:ee:ad:b9: 93:f9:f4:60:06:e1:1c:30:85:8f:32:27:b5:11:e5:43:2f:62: 2f:ab:7b:2f:b6:6e:2f:54:3e:8d:81:02:35:13:64:bc:8b:26: 46:2a:51:c9:e9:a3:68:b6:29:2b:d0:8d:3f:66:ae:77:ba:02: e0:e3:fc:14:4b:44:89:86:3f:9a:c1:5c:60:a3:4f:8e:63:82: e2:13:f7:8a:a0:cf:5c:f4:5a:db:7b:50:52:58:6a:1a:4e:ca: cb:ac:a5:8f:b0:ea:3e:50:7c:68:51:0e:fe:1a:c6:a3:5e:20: 72:cb:5e:22:3e:72:0b:46:a8:47:82:91:3e:47:92:f1:e6:fc: f2:f6:78:16 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgISAZt4NDuUo0J0UQRYw/40JVVlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh ZGFmMWIwHhcNMjYwMTAxMDYxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTM1MDkzMjk1MTdjODU3NTRiMzM0YzQzMDVlNDRhZTA5Y2I3MDk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteNvSnEf0Rx2RpRVCwdOHAsPZtS9 XDy5GFZJvlFffQtbXbzVNnkQDh2RzRvYtkbvLgUV7anYUPbW46ibsN16Ka1i/+L3 +emYV759iHRJTb0tVIdwHhcdqvMQSoma7ABi9/wn7fTjWArqLpLevMNLhdUTAm2r d/F23kY3ii1s1OXu7lww+KFohUnDZfF6gTAf9UCieFgf1JCcNo+LMHknAjQgK16h HMSeyIy3lbIQFlBlb1ObOPMMlA7DmIXUXyRAqAt+5xqsE2+C7ShybsbkvixCXzOn bh/NdpPGf6WJo8r5glR6kGbBc9Ok97q2D+x9W39GRQlwoyqQ18q0d07gCQIDAQAB o4ICbzCCAmswHQYDVR0OBBYEFIU1CTKVF8hXVLM0xDBeRK4Jy3CWMB8GA1UdIwQY MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt OTQzZDAzMzIxMzI2LzEvaFRVSk1wVVh5RmRVc3pURU1GNUVyZ25MY0pZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2 LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYAQCAAEwWgMEAMBHtAME AMBH3AMEAMG0zwMEAMG08AMEAMG09wMEAMG1AgMEAMHqEAMEAMHqVwMEAMHqsQME AMJE7gMEAcJHsgMEA8JH+AMEAsJnGAMEAMKEPAMEAsKEgDAPBAIAAjAJAwcAKgEC gAMQMA0GCSqGSIb3DQEBCwUAA4IBAQAl/eN0x2+Yh6DVetO2PIl0xwpU2QGZLMIW MeJXmXvnl6LDBofuv1m3gQ1YLfSMNG+vrfKtq95P8j56qV3AQXfd8/1nK4ohFxQ5 OVCGcKrKqqXMfsM7gVavBFhDxpzYoPSMF8VPl9NByvrBWPgpTRVM6C+Dutc1XVg5 krXurbmT+fRgBuEcMIWPMie1EeVDL2Ivq3svtm4vVD6NgQI1E2S8iyZGKlHJ6aNo tikr0I0/Zq53ugLg4/wUS0SJhj+awVxgo0+OY4LiE/eKoM9c9Frbe1BSWGoaTsrL rKWPsOo+UHxoUQ7+GsajXiByy14iPnILRqhHgpE+R5Lx5vzy9ngW -----END CERTIFICATE-----Generated at Sun Jan 25 09:04:27 2026 by rpki-client