This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/HqmBNUdmEip8S3rZUAEXbYeiMDE.roa File: HqmBNUdmEip8S3rZUAEXbYeiMDE.roa (raw, json) Hash identifier: g5QXvRrB37nz+UezkbR2qYuv3hfWDz55OyBzCv5F3cs= Subject key identifier: 1E:A9:81:35:47:66:12:2A:7C:4B:7A:D9:50:01:17:6D:87:A2:30:31 Certificate issuer: /CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d Certificate serial: 019B7DC9F71457EAE42685E4C261EBE76C43 Authority key identifier: AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/HqmBNUdmEip8S3rZUAEXbYeiMDE.roa Signing time: Fri 02 Jan 2026 08:19:06 +0000 ROA not before: Fri 02 Jan 2026 08:19:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 23470 IP address blocks: 84.33.14.0/24 maxlen: 24 84.33.244.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.mft rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 23:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:f7:14:57:ea:e4:26:85:e4:c2:61:eb:e7:6c:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d Validity Not Before: Jan 2 08:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1ea981354766122a7c4b7ad95001176d87a23031 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f4:46:d0:da:25:f3:a2:3d:e9:da:f6:17:bc: 82:15:e3:0a:9d:68:23:30:34:25:55:03:98:ce:59: 36:54:c8:cf:17:25:86:ce:c7:7c:76:a0:3e:8b:fb: de:46:7b:9e:d3:41:eb:55:bb:f3:9d:93:12:bd:ec: fb:f1:60:6a:89:9e:bd:ce:eb:57:06:6c:b8:cc:f3: 44:06:e9:fa:cc:95:d2:5a:b8:f2:77:f7:99:d1:00: dc:4c:f4:1f:fa:69:7d:90:8b:6b:dd:d1:5c:0a:27: b6:2c:c9:70:a7:9e:8b:90:40:33:65:7a:60:3d:10: 34:29:e7:36:7a:10:24:8f:16:fe:74:bd:38:e9:f5: 1a:fe:f5:dd:86:90:04:47:2a:55:0d:bf:f6:1e:eb: 54:1f:d1:41:81:be:8a:69:39:46:9d:89:d2:36:3c: 4e:88:7a:2a:35:71:97:57:ec:b7:97:37:96:22:37: 2f:50:3f:9b:86:b5:b3:7c:96:6a:76:69:99:eb:f8: cb:04:e1:79:00:13:bd:bc:b4:b2:42:0b:d2:a2:2a: 62:0a:b3:d5:b7:5d:0a:87:b1:53:ed:f2:bd:f8:70: 91:e8:20:91:22:a2:53:4b:02:9e:a8:f4:b0:01:a9: 36:3f:a5:82:e2:1c:29:5d:3a:00:b8:18:27:8a:a6: 5c:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:A9:81:35:47:66:12:2A:7C:4B:7A:D9:50:01:17:6D:87:A2:30:31 X509v3 Authority Key Identifier: keyid:AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/HqmBNUdmEip8S3rZUAEXbYeiMDE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.33.14.0/24 84.33.244.0/23 Signature Algorithm: sha256WithRSAEncryption 19:6b:b6:03:62:4e:ac:8a:72:fd:e3:86:5c:72:f4:ce:1a:0a: 9a:9a:f3:78:c0:6d:24:8c:4e:5d:9b:2d:32:1a:3f:32:25:96: c0:80:4a:29:35:99:b6:b5:d9:ad:24:fb:4b:61:c7:07:54:5f: fe:5f:81:7c:97:5d:f4:dd:7b:23:cc:61:74:c2:9b:f0:12:0c: 39:bd:3a:f2:e8:25:56:5f:01:f0:9a:f3:50:12:5d:ea:8d:f6: 2f:ff:cb:a2:ca:a5:35:86:1c:f2:b4:9d:88:3e:47:a2:5c:49: e6:33:6f:70:aa:c1:0a:8e:31:31:b1:f1:89:00:e8:1e:fe:8e: cc:08:2c:5e:a6:a9:88:85:b4:9c:66:69:a0:7e:e0:c5:2c:e7: be:7c:e5:2c:6c:d8:a4:07:e6:c0:65:81:be:3c:bc:c1:5f:5d: 24:66:3a:75:16:b4:03:3c:2d:b4:62:e8:f9:b2:41:27:43:36: a6:9d:37:ca:54:b3:d3:e1:65:45:4c:38:99:a4:57:17:61:e3: c0:43:7c:1f:39:19:42:d2:03:4f:7c:8a:fc:7f:65:a4:7a:47: 8c:9f:b5:44:7f:9c:ee:91:93:40:30:22:8a:f9:b0:8f:25:e4: b9:b7:e4:df:91:79:74:c8:9d:f8:42:df:59:44:de:c6:3b:6d: e3:90:47:cb -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9yfcUV+rkJoXkwmHr52xDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhZWJjOWJmZWYyYjRkMjNmMTk1MTNiZmQ0ZDYwYmI3OThm NWE1OWQwHhcNMjYwMTAyMDgxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZWE5ODEzNTQ3NjYxMjJhN2M0YjdhZDk1MDAxMTc2ZDg3YTIzMDMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvRG0Nol86I96dr2F7yCFeMKnWgj MDQlVQOYzlk2VMjPFyWGzsd8dqA+i/veRnue00HrVbvznZMSvez78WBqiZ69zutX Bmy4zPNEBun6zJXSWrjyd/eZ0QDcTPQf+ml9kItr3dFcCie2LMlwp56LkEAzZXpg PRA0Kec2ehAkjxb+dL046fUa/vXdhpAERypVDb/2HutUH9FBgb6KaTlGnYnSNjxO iHoqNXGXV+y3lzeWIjcvUD+bhrWzfJZqdmmZ6/jLBOF5ABO9vLSyQgvSoipiCrPV t10Kh7FT7fK9+HCR6CCRIqJTSwKeqPSwAak2P6WC4hwpXToAuBgniqZcAwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFB6pgTVHZhIqfEt62VABF22HojAxMB8GA1UdIwQY MBaAFKrryb/vK00j8ZUTv9TWC7eY9aWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2Nzkt MTFhZmI0OTkyZWVmLzEvSHFtQk5VZG1FaXA4UzNyWlVBRVhiWWVpTURFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2NzktMTFhZmI0OTkyZWVm LzEvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCEOAwQB VCH0MA0GCSqGSIb3DQEBCwUAA4IBAQAZa7YDYk6sinL944ZccvTOGgqamvN4wG0k jE5dmy0yGj8yJZbAgEopNZm2tdmtJPtLYccHVF/+X4F8l1303XsjzGF0wpvwEgw5 vTry6CVWXwHwmvNQEl3qjfYv/8uiyqU1hhzytJ2IPkeiXEnmM29wqsEKjjExsfGJ AOge/o7MCCxepqmIhbScZmmgfuDFLOe+fOUsbNikB+bAZYG+PLzBX10kZjp1FrQD PC20Yuj5skEnQzamnTfKVLPT4WVFTDiZpFcXYePAQ3wfORlC0gNPfIr8f2WkekeM n7VEf5zukZNAMCKK+bCPJeS5t+TfkXl0yJ34Qt9ZRN7GO23jkEfL -----END CERTIFICATE-----Generated at Thu Jan 8 09:24:01 2026 by rpki-client