This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/HqnDGUn3BL16PUf8ca5DbZ0B3Vg.roa File: HqnDGUn3BL16PUf8ca5DbZ0B3Vg.roa (raw, json) Hash identifier: 0BwqyeOgzX64xBTZALzSXIf7BU8YNrCJp/w+Fobbc6k= Subject key identifier: 1E:A9:C3:19:49:F7:04:BD:7A:3D:47:FC:71:AE:43:6D:9D:01:DD:58 Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Certificate serial: 019AD155225094C2E8BE91D470C832445369 Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/HqnDGUn3BL16PUf8ca5DbZ0B3Vg.roa Signing time: Sat 29 Nov 2025 20:36:48 +0000 ROA not before: Sat 29 Nov 2025 20:36:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 207941 IP address blocks: 2a0c:9a40:8990::/44 maxlen: 48 2a0c:9a40:89a0::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 17:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:d1:55:22:50:94:c2:e8:be:91:d4:70:c8:32:44:53:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Validity Not Before: Nov 29 20:36:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=1ea9c31949f704bd7a3d47fc71ae436d9d01dd58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:0c:00:1e:64:b9:fc:d2:df:93:aa:2f:76:75: 03:00:c1:82:42:c3:b3:ee:c4:85:32:89:db:b4:a5: 3d:ae:54:5f:04:16:25:13:35:18:8d:1c:50:dd:60: 81:84:86:c6:fd:03:cb:db:bb:52:79:2c:5c:a0:33: 1c:61:3b:b5:50:9c:82:47:70:fb:06:c1:8c:af:61: 20:94:96:34:30:2b:23:56:72:83:7f:01:34:8a:38: 32:c5:ac:0a:17:de:59:30:29:5c:1c:9a:b8:5d:e7: f0:51:55:86:a9:27:4b:11:db:d6:05:09:c1:af:b2: 00:67:ee:aa:5f:e0:92:e7:40:fc:9b:ad:90:60:e4: da:e8:cd:2f:9a:cf:1f:3a:bb:52:d4:7f:73:89:2e: db:9e:6c:42:7c:f6:24:5f:e0:6f:fb:78:f5:ce:cb: 57:c9:2e:8f:44:de:9c:33:e5:68:72:5a:a2:53:8b: d3:d2:92:bf:f8:70:29:1c:b1:08:e4:d6:ec:ef:99: 28:6d:fa:c5:10:50:b2:78:b6:27:54:c6:93:4e:40: 5f:36:08:66:3f:cb:07:c5:11:06:c1:83:0e:1d:6d: 6c:3b:4d:9c:dc:d1:6d:a7:aa:d1:f0:3a:dd:d7:ad: c7:47:53:51:08:5d:04:ae:63:cd:f3:59:90:e8:d8: 3e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:A9:C3:19:49:F7:04:BD:7A:3D:47:FC:71:AE:43:6D:9D:01:DD:58 X509v3 Authority Key Identifier: keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/HqnDGUn3BL16PUf8ca5DbZ0B3Vg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:9a40:8990::-2a0c:9a40:89af:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 83:97:52:5f:40:75:b1:be:b7:0e:ff:66:05:d0:b4:79:eb:f8: 02:da:c7:bd:dd:5c:88:5c:e3:f2:b0:c9:64:01:a5:88:26:94: 85:98:9e:06:eb:a3:7a:c9:fa:43:bd:5f:c4:4a:fe:24:a9:10: 97:f3:b8:db:fc:a3:f3:d4:0c:72:ff:70:e9:79:8c:0d:a2:49: 9a:58:3c:40:53:ab:55:4a:47:ff:95:7d:6d:de:02:f8:85:27: af:67:32:94:96:d8:70:f5:29:8c:13:d7:99:c2:c4:73:77:6b: f6:b5:3e:b7:61:ef:59:64:bd:57:a4:95:37:aa:1f:7c:fd:85: c7:72:2b:65:3d:09:4b:84:da:6e:15:87:2c:dd:80:7b:ff:0f: 54:43:8f:f1:bb:48:43:f4:61:c4:75:ec:83:d2:23:2f:ca:dc: f1:aa:e8:b5:39:82:2a:7b:f2:fb:e7:e9:b0:c3:7a:8d:24:58: 07:9d:6b:06:c2:53:0e:c1:eb:dc:c6:84:94:8c:d0:89:d5:40: 52:cb:17:57:5a:cd:e5:1f:e0:9c:ac:7d:45:48:e8:96:7f:49: fb:6f:bf:fc:6c:57:73:1d:81:57:49:e0:e3:1f:3e:2d:96:93: 7c:7b:9e:67:d5:eb:e2:43:a5:51:d4:60:de:6d:fd:51:15:e1: b9:ba:aa:64 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZrRVSJQlMLovpHUcMgyRFNpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl NDgwMDgwHhcNMjUxMTI5MjAzNjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZWE5YzMxOTQ5ZjcwNGJkN2EzZDQ3ZmM3MWFlNDM2ZDlkMDFkZDU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wwAHmS5/NLfk6ovdnUDAMGCQsOz 7sSFMonbtKU9rlRfBBYlEzUYjRxQ3WCBhIbG/QPL27tSeSxcoDMcYTu1UJyCR3D7 BsGMr2EglJY0MCsjVnKDfwE0ijgyxawKF95ZMClcHJq4XefwUVWGqSdLEdvWBQnB r7IAZ+6qX+CS50D8m62QYOTa6M0vms8fOrtS1H9ziS7bnmxCfPYkX+Bv+3j1zstX yS6PRN6cM+VoclqiU4vT0pK/+HApHLEI5Nbs75kobfrFEFCyeLYnVMaTTkBfNghm P8sHxREGwYMOHW1sO02c3NFtp6rR8Drd163HR1NRCF0ErmPN81mQ6Ng+PQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFB6pwxlJ9wS9ej1H/HGuQ22dAd1YMB8GA1UdIwQY MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt YmY0ZTUyN2I5ZmE4LzEvSHFuREdVbjNCTDE2UFVmOGNhNURiWjBCM1ZnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4 LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqDJpA iZADBwQqDJpAiaAwDQYJKoZIhvcNAQELBQADggEBAIOXUl9AdbG+tw7/ZgXQtHnr +ALax73dXIhc4/KwyWQBpYgmlIWYngbro3rJ+kO9X8RK/iSpEJfzuNv8o/PUDHL/ cOl5jA2iSZpYPEBTq1VKR/+VfW3eAviFJ69nMpSW2HD1KYwT15nCxHN3a/a1Prdh 71lkvVeklTeqH3z9hcdyK2U9CUuE2m4VhyzdgHv/D1RDj/G7SEP0YcR17IPSIy/K 3PGq6LU5gip78vvn6bDDeo0kWAedawbCUw7B69zGhJSM0InVQFLLF1dazeUf4Jys fUVI6JZ/Sftvv/xsV3MdgVdJ4OMfPi2Wk3x7nmfV6+JDpVHUYN5t/VEV4bm6qmQ= -----END CERTIFICATE-----Generated at Sat Dec 6 03:13:02 2025 by rpki-client