This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/hlYQloXSM22cVWghrwX5d96rkQE.roa File: hlYQloXSM22cVWghrwX5d96rkQE.roa (raw, json) Hash identifier: Bc3p3vwGrAaJcuqUVXu5RM6t5+8vyMCFysKfHu1H8ZQ= Subject key identifier: 86:56:10:96:85:D2:33:6D:9C:55:68:21:AF:05:F9:77:DE:AB:91:01 Certificate issuer: /CN=407c7083460e1a4c72c4bc4276313d3a85944a87 Certificate serial: 019B7F80F639E937D25DD49CE19A7BC92759 Authority key identifier: 40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/hlYQloXSM22cVWghrwX5d96rkQE.roa Signing time: Fri 02 Jan 2026 16:18:36 +0000 ROA not before: Fri 02 Jan 2026 16:18:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204572 IP address blocks: 45.86.216.0/22 maxlen: 22 2a0e:e880::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:80:f6:39:e9:37:d2:5d:d4:9c:e1:9a:7b:c9:27:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=407c7083460e1a4c72c4bc4276313d3a85944a87 Validity Not Before: Jan 2 16:18:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8656109685d2336d9c556821af05f977deab9101 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ac:79:19:34:05:b5:b1:aa:4b:5a:08:0a:7e: cf:2d:cc:99:a6:be:f0:7a:7a:d9:b1:07:71:9d:b4: 70:e5:92:1b:b6:0d:29:48:98:ea:c1:e3:9b:ba:0e: 22:94:16:e4:4a:45:a6:38:c9:d6:9c:ef:06:e6:15: 56:39:53:a7:4b:ca:17:b7:aa:e2:77:9e:e4:8e:45: d0:84:aa:e4:00:82:a2:b1:38:5d:33:82:e5:62:dc: a0:00:83:5f:18:f3:7d:09:65:63:52:c0:a3:32:8f: 49:2a:12:a1:2e:df:ae:46:ae:12:d5:1d:f3:6d:07: 0b:a8:42:58:6e:d2:5e:7a:21:95:fb:89:a4:c0:fc: 09:58:e9:2d:57:f2:13:ee:92:9c:cc:6c:0d:12:d8: 1c:89:09:68:c4:a9:87:8f:9d:86:4e:45:a9:01:1f: 1b:07:4b:02:33:e1:dc:b9:02:31:e4:65:fd:12:a0: e6:f9:f6:7f:b2:f2:5a:b0:54:f9:39:79:da:d1:56: c0:5c:91:f7:f5:22:dc:09:48:21:05:b0:64:19:dd: c3:96:74:45:29:db:b3:de:50:14:cd:b2:1d:53:16: a1:12:75:9e:ab:13:c6:f4:8f:b8:8d:17:b6:bf:5f: 79:f1:a9:da:58:66:98:22:9d:75:46:47:37:89:06: 7e:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:56:10:96:85:D2:33:6D:9C:55:68:21:AF:05:F9:77:DE:AB:91:01 X509v3 Authority Key Identifier: keyid:40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/hlYQloXSM22cVWghrwX5d96rkQE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.86.216.0/22 IPv6: 2a0e:e880::/29 Signature Algorithm: sha256WithRSAEncryption 3f:64:53:eb:cb:b0:a5:68:cb:61:9e:de:0c:89:9c:e1:40:80: ba:22:cb:0f:39:88:6b:6d:69:1c:bf:e8:a5:ea:d0:88:6f:b8: 6a:05:32:94:6a:e6:9e:24:2a:2f:7d:81:f0:20:aa:f4:72:d6: d0:b4:36:b1:c1:62:b7:d8:f2:93:d6:17:2f:17:be:f9:bf:13: 5d:ae:8b:34:37:03:d4:96:de:b2:e7:c0:38:20:a0:5b:5c:5a: b2:5a:e9:ac:3c:7d:2a:f5:56:08:18:d5:f5:78:45:25:37:5f: 0c:b0:cd:9e:fa:d6:dc:01:57:05:62:eb:f8:fe:07:78:07:63: bb:82:74:38:b2:6c:22:03:b0:9c:3d:53:ba:95:fd:d9:fa:f7: 1f:79:13:b7:80:24:29:2e:d7:f0:35:86:67:17:5b:f5:6e:40: df:1c:db:5e:3a:f7:ac:f2:74:ab:6b:f7:43:ab:ac:c3:bb:bf: 2a:1b:96:42:31:f0:75:06:ad:8a:7a:ba:3b:6d:2a:e3:60:07: 02:06:cf:2c:70:f4:59:a6:57:20:cd:55:12:fb:e9:64:59:c8: 97:2f:eb:c4:e3:aa:a6:89:39:6b:c2:b8:a2:d0:4c:0b:93:f5: 23:22:a3:21:15:de:cd:e9:fb:1a:21:9d:27:fc:4a:16:94:cf: 8f:78:d6:c4 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/gPY56TfSXdSc4Zp7ySdZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwN2M3MDgzNDYwZTFhNGM3MmM0YmM0Mjc2MzEzZDNhODU5 NDRhODcwHhcNMjYwMTAyMTYxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjU2MTA5Njg1ZDIzMzZkOWM1NTY4MjFhZjA1Zjk3N2RlYWI5MTAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqx5GTQFtbGqS1oICn7PLcyZpr7w enrZsQdxnbRw5ZIbtg0pSJjqweObug4ilBbkSkWmOMnWnO8G5hVWOVOnS8oXt6ri d57kjkXQhKrkAIKisThdM4LlYtygAINfGPN9CWVjUsCjMo9JKhKhLt+uRq4S1R3z bQcLqEJYbtJeeiGV+4mkwPwJWOktV/IT7pKczGwNEtgciQloxKmHj52GTkWpAR8b B0sCM+HcuQIx5GX9EqDm+fZ/svJasFT5OXna0VbAXJH39SLcCUghBbBkGd3DlnRF Kduz3lAUzbIdUxahEnWeqxPG9I+4jRe2v1958anaWGaYIp11Rkc3iQZ+bwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIZWEJaF0jNtnFVoIa8F+Xfeq5EBMB8GA1UdIwQY MBaAFEB8cINGDhpMcsS8QnYxPTqFlEqHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2Mjct OTg1ZWQxNWM5YWViLzEvaGxZUWxvWFNNMjJjVldnaHJ3WDVkOTZya1FFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2MjctOTg1ZWQxNWM5YWVi LzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVbYMA0E AgACMAcDBQMqDuiAMA0GCSqGSIb3DQEBCwUAA4IBAQA/ZFPry7ClaMthnt4MiZzh QIC6IssPOYhrbWkcv+il6tCIb7hqBTKUauaeJCovfYHwIKr0ctbQtDaxwWK32PKT 1hcvF775vxNdros0NwPUlt6y58A4IKBbXFqyWumsPH0q9VYIGNX1eEUlN18MsM2e +tbcAVcFYuv4/gd4B2O7gnQ4smwiA7CcPVO6lf3Z+vcfeRO3gCQpLtfwNYZnF1v1 bkDfHNteOves8nSra/dDq6zDu78qG5ZCMfB1Bq2Kero7bSrjYAcCBs8scPRZplcg zVUS++lkWciXL+vE46qmiTlrwrii0EwLk/UjIqMhFd7N6fsaIZ0n/EoWlM+PeNbE -----END CERTIFICATE-----Generated at Mon Jan 26 20:42:37 2026 by rpki-client