This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/hkJYoKxZ5NaqYkSY0GG7dfC0J6M.roa File: hkJYoKxZ5NaqYkSY0GG7dfC0J6M.roa (raw, json) Hash identifier: M6l2Qx3MyNr2ADezdHbYqYOeyWWrHzzKzTBcWubDLyY= Subject key identifier: 86:42:58:A0:AC:59:E4:D6:AA:62:44:98:D0:61:BB:75:F0:B4:27:A3 Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be Certificate serial: 019B7EA579CFE681638837EE332D0BFF788C Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/hkJYoKxZ5NaqYkSY0GG7dfC0J6M.roa Signing time: Fri 02 Jan 2026 12:18:52 +0000 ROA not before: Fri 02 Jan 2026 12:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31400 IP address blocks: 194.126.196.0/24 maxlen: 24 2a03:2902::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.mft rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:79:cf:e6:81:63:88:37:ee:33:2d:0b:ff:78:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be Validity Not Before: Jan 2 12:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=864258a0ac59e4d6aa624498d061bb75f0b427a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a3:25:e2:17:48:0a:2b:d3:43:5e:c8:5e:00: 64:63:a8:d2:74:b7:cb:32:df:95:f5:8d:05:18:8e: c0:6f:83:e5:8b:69:e6:0e:c0:28:f6:03:d1:5f:85: 6e:c1:05:4c:cd:a2:da:f4:60:f7:ed:68:43:63:e5: b8:7f:53:ee:ca:e6:89:38:d1:f3:85:ac:a0:e9:7d: 3f:c7:4d:63:ab:3d:d0:0f:aa:0d:39:14:e2:66:0a: 9e:f9:50:d7:64:f0:ed:6f:95:29:c9:05:e1:14:94: 1e:97:1b:25:10:3e:32:e1:91:b3:e2:dc:39:a1:59: 5e:38:aa:71:f9:65:fe:da:a0:8e:0d:1d:ff:fb:24: 12:cf:da:6d:b1:5a:3c:d4:2d:f9:a3:56:6a:54:42: 52:a2:f4:a0:ba:9a:cf:86:f7:aa:0b:ad:87:d1:54: c3:ab:5b:32:0d:bd:25:2f:3f:23:bc:06:2e:cc:c8: 16:2f:8a:ab:66:22:e0:de:34:9d:4d:77:5b:2d:17: 15:5b:1f:b1:36:ad:d3:f1:22:0a:ac:1a:17:df:86: 3f:e2:a5:7e:15:41:04:4a:9c:7d:5d:c3:9c:9a:d1: f4:c3:b2:08:8d:7c:e8:ef:8a:c3:9c:e0:fa:f3:41: b7:6b:e0:4c:54:e6:ba:1b:9b:bc:9e:2b:b4:1c:f3: 80:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:42:58:A0:AC:59:E4:D6:AA:62:44:98:D0:61:BB:75:F0:B4:27:A3 X509v3 Authority Key Identifier: keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/hkJYoKxZ5NaqYkSY0GG7dfC0J6M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.126.196.0/24 IPv6: 2a03:2902::/32 Signature Algorithm: sha256WithRSAEncryption b6:90:f3:03:9f:9f:c2:c2:c5:7d:25:71:8a:c5:6a:ba:c8:d0: 65:20:d7:5f:d0:05:b9:14:39:9e:2a:57:15:bd:9e:d7:09:d4: d4:77:10:c4:c3:42:b7:1c:2a:49:4e:9d:b3:f8:68:47:9f:f2: dd:8d:eb:c6:46:9e:45:0a:d0:14:73:05:75:c6:b4:2e:1e:82: 05:e9:65:cc:d1:27:20:44:29:ee:60:31:c4:af:d1:48:54:80: 36:bf:a2:a4:3c:30:3e:e4:38:78:bb:72:09:91:43:54:4b:ad: 16:86:49:ba:a6:4d:9d:37:2f:ea:04:c3:cd:b4:5e:62:cf:b5: 06:56:07:0c:d4:ce:16:1e:01:d5:63:9d:b0:96:8d:e9:7d:4e: 3a:94:92:0d:aa:2e:af:05:5a:dc:d5:30:d6:84:b5:92:6f:2b: 29:05:b5:e7:b4:15:66:82:5e:88:cb:93:a9:a3:b7:3a:c0:8d: 99:b5:c3:8b:24:c2:04:c7:6f:d5:5f:11:ca:7d:a0:b2:6d:4d: 23:e8:7e:82:d7:b1:2f:84:b1:c9:c8:3f:ec:2b:e3:60:1c:96: d2:58:db:34:1a:2c:0c:18:96:df:7c:56:5e:33:52:47:24:ff: 06:a3:60:75:56:8d:12:d8:51:c8:84:64:da:8c:e3:c9:84:60: 3c:b9:60:e8 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+pXnP5oFjiDfuMy0L/3iMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4 NTE4YmUwHhcNMjYwMTAyMTIxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjQyNThhMGFjNTllNGQ2YWE2MjQ0OThkMDYxYmI3NWYwYjQyN2EzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaMl4hdICivTQ17IXgBkY6jSdLfL Mt+V9Y0FGI7Ab4Pli2nmDsAo9gPRX4VuwQVMzaLa9GD37WhDY+W4f1PuyuaJONHz hayg6X0/x01jqz3QD6oNORTiZgqe+VDXZPDtb5UpyQXhFJQelxslED4y4ZGz4tw5 oVleOKpx+WX+2qCODR3/+yQSz9ptsVo81C35o1ZqVEJSovSguprPhveqC62H0VTD q1syDb0lLz8jvAYuzMgWL4qrZiLg3jSdTXdbLRcVWx+xNq3T8SIKrBoX34Y/4qV+ FUEESpx9XcOcmtH0w7IIjXzo74rDnOD680G3a+BMVOa6G5u8niu0HPOAQwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIZCWKCsWeTWqmJEmNBhu3XwtCejMB8GA1UdIwQY MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt MGUyZDY5N2IyN2UzLzEvaGtKWW9LeFo1TmFxWWtTWTBHRzdkZkMwSjZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwn7EMA0E AgACMAcDBQAqAykCMA0GCSqGSIb3DQEBCwUAA4IBAQC2kPMDn5/CwsV9JXGKxWq6 yNBlINdf0AW5FDmeKlcVvZ7XCdTUdxDEw0K3HCpJTp2z+GhHn/LdjevGRp5FCtAU cwV1xrQuHoIF6WXM0ScgRCnuYDHEr9FIVIA2v6KkPDA+5Dh4u3IJkUNUS60Whkm6 pk2dNy/qBMPNtF5iz7UGVgcM1M4WHgHVY52wlo3pfU46lJINqi6vBVrc1TDWhLWS byspBbXntBVmgl6Iy5Opo7c6wI2ZtcOLJMIEx2/VXxHKfaCybU0j6H6C17EvhLHJ yD/sK+NgHJbSWNs0GiwMGJbffFZeM1JHJP8Go2B1Vo0S2FHIhGTajOPJhGA8uWDo -----END CERTIFICATE-----Generated at Sun Jan 25 15:13:30 2026 by rpki-client