This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/hzpr_u9unsG0Rewb6bfBUcdWDgs.roa File: hzpr_u9unsG0Rewb6bfBUcdWDgs.roa (raw, json) Hash identifier: WPtNLpfSEpgZKPMkhjXJCGT0MeFGLs8w0HKZG2+CsUA= Subject key identifier: 87:3A:6B:FE:EF:6E:9E:C1:B4:45:EC:1B:E9:B7:C1:51:C7:56:0E:0B Certificate issuer: /CN=5f96676cf398d3994c4dd4a296594614dff586c7 Certificate serial: 019BD620F31844F404159C5370A83794EFCD Authority key identifier: 5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/hzpr_u9unsG0Rewb6bfBUcdWDgs.roa Signing time: Mon 19 Jan 2026 12:00:42 +0000 ROA not before: Mon 19 Jan 2026 12:00:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198417 IP address blocks: 31.14.64.0/24 maxlen: 24 31.14.218.0/24 maxlen: 24 31.14.232.0/24 maxlen: 24 31.14.253.0/24 maxlen: 24 37.153.137.0/24 maxlen: 24 86.105.194.0/24 maxlen: 24 86.105.197.0/24 maxlen: 24 86.106.21.0/24 maxlen: 24 86.106.82.0/24 maxlen: 24 86.106.178.0/24 maxlen: 24 86.107.188.0/24 maxlen: 24 89.32.124.0/24 maxlen: 24 89.32.128.0/24 maxlen: 24 89.32.201.0/24 maxlen: 24 89.32.205.0/24 maxlen: 24 89.38.71.0/24 maxlen: 24 89.39.151.0/24 maxlen: 24 89.40.131.0/24 maxlen: 24 89.41.30.0/24 maxlen: 24 89.42.34.0/24 maxlen: 24 89.43.39.0/24 maxlen: 24 89.46.128.0/24 maxlen: 24 89.46.129.0/24 maxlen: 24 89.46.130.0/24 maxlen: 24 89.47.35.0/24 maxlen: 24 92.114.34.0/24 maxlen: 24 92.114.99.0/24 maxlen: 24 93.113.88.0/24 maxlen: 24 93.113.108.0/24 maxlen: 24 93.114.141.0/24 maxlen: 24 93.114.250.0/24 maxlen: 24 94.177.64.0/24 maxlen: 24 94.177.119.0/24 maxlen: 24 159.20.112.0/24 maxlen: 24 159.20.113.0/24 maxlen: 24 159.20.114.0/24 maxlen: 24 159.20.115.0/24 maxlen: 24 159.20.116.0/24 maxlen: 24 176.223.162.0/24 maxlen: 24 176.223.180.0/24 maxlen: 24 188.208.18.0/24 maxlen: 24 188.215.40.0/24 maxlen: 24 188.215.41.0/24 maxlen: 24 188.215.42.0/24 maxlen: 24 188.215.43.0/24 maxlen: 24 188.240.16.0/24 maxlen: 24 188.240.46.0/24 maxlen: 24 2a10:3ec0::/29 maxlen: 29 2a10:3ec0:32::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.crl rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.mft rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d6:20:f3:18:44:f4:04:15:9c:53:70:a8:37:94:ef:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5f96676cf398d3994c4dd4a296594614dff586c7 Validity Not Before: Jan 19 12:00:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=873a6bfeef6e9ec1b445ec1be9b7c151c7560e0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:8c:ab:88:00:60:1b:c2:9d:83:44:2f:00:b1: 98:b0:39:44:20:d3:77:17:68:b1:94:ef:33:3d:23: eb:dc:19:ab:ed:e8:58:4d:18:3b:bc:f7:8c:de:5a: ec:a0:93:9e:39:f0:f8:bd:aa:d8:fa:4e:15:8d:96: fa:d9:d8:7f:30:8c:47:9b:06:b0:6f:04:9f:74:2f: 2e:23:9a:1f:d0:75:fe:c7:ae:e8:b7:de:20:96:39: 60:9c:5b:09:cb:7d:3c:7a:3c:77:12:57:bd:e4:ef: 8e:cb:36:69:fe:6f:9e:d0:fc:94:70:5e:a1:ba:83: 23:bd:a7:ed:0a:55:d6:a6:54:89:23:23:f4:94:7f: da:1c:e6:a1:ee:0a:93:c7:77:fb:0f:20:93:51:9b: 89:26:c9:24:d6:a5:02:4e:30:87:50:d9:b6:91:82: 46:43:5d:9e:73:ef:d2:82:b4:79:59:3e:e3:4d:9d: bf:52:08:d7:65:84:b6:d1:c8:6b:3c:4d:01:ce:c0: 1e:7e:7b:cc:31:47:db:dc:e4:7d:e8:06:c9:1d:16: 2f:38:77:cf:db:b4:31:79:0a:92:eb:c6:f4:3a:ba: ac:02:89:9c:66:17:24:e9:88:d4:bd:8c:42:ec:80: 04:ef:da:91:9d:8f:87:90:5d:28:b2:c5:1f:da:93: dc:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:3A:6B:FE:EF:6E:9E:C1:B4:45:EC:1B:E9:B7:C1:51:C7:56:0E:0B X509v3 Authority Key Identifier: keyid:5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/hzpr_u9unsG0Rewb6bfBUcdWDgs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.14.64.0/24 31.14.218.0/24 31.14.232.0/24 31.14.253.0/24 37.153.137.0/24 86.105.194.0/24 86.105.197.0/24 86.106.21.0/24 86.106.82.0/24 86.106.178.0/24 86.107.188.0/24 89.32.124.0/24 89.32.128.0/24 89.32.201.0/24 89.32.205.0/24 89.38.71.0/24 89.39.151.0/24 89.40.131.0/24 89.41.30.0/24 89.42.34.0/24 89.43.39.0/24 89.46.128.0-89.46.130.255 89.47.35.0/24 92.114.34.0/24 92.114.99.0/24 93.113.88.0/24 93.113.108.0/24 93.114.141.0/24 93.114.250.0/24 94.177.64.0/24 94.177.119.0/24 159.20.112.0-159.20.116.255 176.223.162.0/24 176.223.180.0/24 188.208.18.0/24 188.215.40.0/22 188.240.16.0/24 188.240.46.0/24 IPv6: 2a10:3ec0::/29 Signature Algorithm: sha256WithRSAEncryption d5:aa:c9:43:6e:b7:32:50:d8:81:d7:68:ee:d0:5f:8b:48:a3: f9:bb:3d:f4:bc:e5:74:65:33:ec:70:81:2e:60:aa:a0:db:8e: 44:93:af:d7:3e:65:9c:23:19:33:30:20:43:2e:4a:f6:76:cf: e3:de:cd:7e:70:e6:c1:b3:1b:f5:06:d2:0c:a4:31:ed:71:68: 72:6a:b0:dd:5a:05:1d:26:1b:57:74:5b:b3:b1:0c:30:c8:5d: 3e:cf:78:7b:3e:38:02:53:a1:c3:de:d7:88:95:7d:dd:80:2a: 3f:1f:63:cf:a7:2a:ae:58:57:c9:63:e0:1e:5f:5b:92:41:2e: d2:b4:49:07:10:2c:a2:d4:cf:08:28:a6:88:71:f8:14:52:29: c3:80:cc:80:25:67:34:ba:c3:8b:2f:e5:43:37:2e:9c:da:52: a7:07:a3:93:65:13:48:48:f2:42:75:eb:97:b3:07:16:5e:92: 3c:0d:13:80:98:0c:e7:d3:5a:ba:ca:a9:80:c0:4c:29:84:a6: ce:77:8d:8a:f4:85:46:08:16:1b:3c:f1:61:d0:76:5c:0c:33: 4b:a4:83:a4:bf:62:b6:26:17:5e:a6:3b:38:42:97:d4:b0:80: 72:46:19:a4:f1:ab:a5:a0:07:37:7d:61:ed:80:65:24:bb:e5: 1d:80:09:d0 -----BEGIN CERTIFICATE----- MIIGAjCCBOqgAwIBAgISAZvWIPMYRPQEFZxTcKg3lO/NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmOTY2NzZjZjM5OGQzOTk0YzRkZDRhMjk2NTk0NjE0ZGZm NTg2YzcwHhcNMjYwMTE5MTIwMDQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NzNhNmJmZWVmNmU5ZWMxYjQ0NWVjMWJlOWI3YzE1MWM3NTYwZTBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24yriABgG8Kdg0QvALGYsDlEINN3 F2ixlO8zPSPr3Bmr7ehYTRg7vPeM3lrsoJOeOfD4varY+k4VjZb62dh/MIxHmwaw bwSfdC8uI5of0HX+x67ot94gljlgnFsJy308ejx3Ele95O+OyzZp/m+e0PyUcF6h uoMjvaftClXWplSJIyP0lH/aHOah7gqTx3f7DyCTUZuJJskk1qUCTjCHUNm2kYJG Q12ec+/SgrR5WT7jTZ2/UgjXZYS20chrPE0BzsAefnvMMUfb3OR96AbJHRYvOHfP 27QxeQqS68b0OrqsAomcZhck6YjUvYxC7IAE79qRnY+HkF0ossUf2pPckQIDAQAB o4IDDjCCAwowHQYDVR0OBBYEFIc6a/7vbp7BtEXsG+m3wVHHVg4LMB8GA1UdIwQY MBaAFF+WZ2zzmNOZTE3UopZZRhTf9YbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMt ZjYyZjM1YWY0MzcxLzEvaHpwcl91OXVuc0cwUmV3YjZiZkJVY2RXRGdzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMtZjYyZjM1YWY0Mzcx LzEvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBIgYIKwYBBQUHAQcBAf8EggERMIIBDTCB+wQCAAEwgfQD BAAfDkADBAAfDtoDBAAfDugDBAAfDv0DBAAlmYkDBABWacIDBABWacUDBABWahUD BABWalIDBABWarIDBABWa7wDBABZIHwDBABZIIADBABZIMkDBABZIM0DBABZJkcD BABZJ5cDBABZKIMDBABZKR4DBABZKiIDBABZKycwDAMEB1kugAMEAFkuggMEAFkv IwMEAFxyIgMEAFxyYwMEAF1xWAMEAF1xbAMEAF1yjQMEAF1y+gMEAF6xQAMEAF6x dzAMAwQEnxRwAwQAnxR0AwQAsN+iAwQAsN+0AwQAvNASAwQCvNcoAwQAvPAQAwQA vPAuMA0EAgACMAcDBQMqED7AMA0GCSqGSIb3DQEBCwUAA4IBAQDVqslDbrcyUNiB 12ju0F+LSKP5uz30vOV0ZTPscIEuYKqg245Ek6/XPmWcIxkzMCBDLkr2ds/j3s1+ cObBsxv1BtIMpDHtcWhyarDdWgUdJhtXdFuzsQwwyF0+z3h7PjgCU6HD3teIlX3d gCo/H2PPpyquWFfJY+AeX1uSQS7StEkHECyi1M8IKKaIcfgUUinDgMyAJWc0usOL L+VDNy6c2lKnB6OTZRNISPJCdeuXswcWXpI8DROAmAzn01q6yqmAwEwphKbOd42K 9IVGCBYbPPFh0HZcDDNLpIOkv2K2Jhdepjs4QpfUsIByRhmk8auloAc3fWHtgGUk u+UdgAnQ -----END CERTIFICATE-----Generated at Wed Jan 21 16:04:45 2026 by rpki-client