This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/Hh7KFktywM-1-107eqrB5yEmn-8.roa File: Hh7KFktywM-1-107eqrB5yEmn-8.roa (raw, json) Hash identifier: QGn4U4QC+cKt83SkTXHhg4z++P/aykfUDnj2eiXvebY= Subject key identifier: 1E:1E:CA:16:4B:72:C0:CF:B5:FB:5D:3B:7A:AA:C1:E7:21:26:9F:EF Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Certificate serial: 019B7F84EEB56FF3533D7D06B3E77C7552A4 Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/Hh7KFktywM-1-107eqrB5yEmn-8.roa Signing time: Fri 02 Jan 2026 16:22:56 +0000 ROA not before: Fri 02 Jan 2026 16:22:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42334 IP address blocks: 77.235.128.0/24 maxlen: 24 77.235.129.0/24 maxlen: 24 77.235.130.0/24 maxlen: 24 77.235.131.0/24 maxlen: 24 77.235.132.0/24 maxlen: 24 77.235.133.0/24 maxlen: 24 77.235.134.0/24 maxlen: 24 77.235.135.0/24 maxlen: 24 77.235.136.0/24 maxlen: 24 77.235.137.0/24 maxlen: 24 77.235.138.0/24 maxlen: 24 77.235.139.0/24 maxlen: 24 77.235.140.0/24 maxlen: 24 77.235.141.0/24 maxlen: 24 77.235.142.0/24 maxlen: 24 77.235.143.0/24 maxlen: 24 77.235.144.0/24 maxlen: 24 77.235.145.0/24 maxlen: 24 77.235.146.0/24 maxlen: 24 77.235.147.0/24 maxlen: 24 77.235.148.0/24 maxlen: 24 77.235.149.0/24 maxlen: 24 77.235.150.0/24 maxlen: 24 77.235.151.0/24 maxlen: 24 77.235.152.0/24 maxlen: 24 77.235.153.0/24 maxlen: 24 77.235.154.0/24 maxlen: 24 77.235.155.0/24 maxlen: 24 77.235.156.0/24 maxlen: 24 77.235.157.0/24 maxlen: 24 77.235.158.0/24 maxlen: 24 77.235.159.0/24 maxlen: 24 185.131.36.0/24 maxlen: 24 185.131.37.0/24 maxlen: 24 185.131.38.0/24 maxlen: 24 185.131.39.0/24 maxlen: 24 2a02:4180::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:ee:b5:6f:f3:53:3d:7d:06:b3:e7:7c:75:52:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Validity Not Before: Jan 2 16:22:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1e1eca164b72c0cfb5fb5d3b7aaac1e721269fef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:da:03:f3:d0:54:d8:d5:b9:53:7b:63:60:d2: d1:bd:bb:be:3c:b0:8b:f5:3d:57:21:30:7f:8b:ff: fd:25:29:94:fb:b8:dc:71:af:3b:94:c0:bb:c6:d6: d5:71:4b:9e:f1:d3:10:a4:76:dd:49:9f:3e:09:76: c4:26:d3:f7:53:1f:eb:67:2c:b4:aa:b2:8a:76:2a: c2:fb:d0:6e:c3:86:00:75:6b:1d:3e:d0:c8:74:72: 39:6f:30:1e:0f:0d:2d:4e:73:b9:9e:e3:8b:be:37: c1:29:5d:a4:aa:22:78:93:e9:93:9b:1b:17:4c:ea: cf:47:9a:20:c1:22:22:ea:30:6e:55:3b:18:c3:f7: 7d:4d:6e:34:a2:8c:59:10:4b:58:c3:98:91:a8:61: bc:80:4e:ff:3c:69:4d:ed:8d:39:45:38:f3:a1:fc: ac:82:9f:e6:81:38:34:87:45:bd:08:87:34:39:29: 38:98:59:76:6d:56:2c:d6:80:0a:39:f5:65:2c:36: 71:8f:d6:09:8c:a5:ba:da:5f:7c:85:d3:48:21:cf: ca:17:bc:1a:b7:27:fa:c8:d2:41:a5:d7:d4:ad:2b: c7:a8:71:9f:55:79:56:e3:b5:70:2c:cb:be:c0:3c: f5:af:95:71:34:63:39:d5:20:af:04:30:f9:d1:96: 2d:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:1E:CA:16:4B:72:C0:CF:B5:FB:5D:3B:7A:AA:C1:E7:21:26:9F:EF X509v3 Authority Key Identifier: keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/Hh7KFktywM-1-107eqrB5yEmn-8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.235.128.0/19 185.131.36.0/22 IPv6: 2a02:4180::/32 Signature Algorithm: sha256WithRSAEncryption 4c:e7:ba:a4:be:04:40:8a:36:a4:f4:3e:a4:2a:bb:b8:47:3f: 27:c4:75:51:ee:08:e2:d6:7d:16:c1:7e:ed:d5:0e:8d:19:75: 69:73:83:f1:a7:8f:4d:f6:a7:2c:47:dc:d1:da:18:7a:a2:05: 50:fc:78:88:1e:91:5b:ca:29:d4:2a:cb:27:80:63:08:af:49: 96:8f:09:bb:9d:d7:65:55:c5:82:56:48:fc:9c:09:bd:57:e1: 6f:fa:7b:22:3e:6b:c4:38:28:e4:5c:69:11:5b:9a:43:64:0d: 85:61:43:21:7b:de:d0:65:9b:bd:df:bf:89:3b:f4:73:23:a3: 89:0e:3a:ff:96:88:d8:5b:ef:fa:4c:63:95:f0:6d:88:23:8d: 62:4a:ef:7f:fa:30:7c:cf:3d:e0:d6:53:74:6b:e4:b7:af:4e: f9:9a:58:75:2a:3b:6f:da:6c:70:bf:35:55:e4:6e:81:22:6b: e0:19:e2:e2:23:4a:e3:ab:e5:e9:7f:b8:23:c9:14:19:88:1c: 70:6e:de:f0:a7:f2:12:c5:ad:86:34:67:f3:f9:4d:bb:5d:8f: fb:7d:88:71:89:83:d1:53:73:11:bd:5f:0d:6b:7a:d1:88:59: c5:8e:44:23:4f:8a:3b:47:bd:d1:0f:f4:e7:60:63:d2:53:da: 65:9d:ff:44 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/hO61b/NTPX0Gs+d8dVKkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl ZjBiZjQwHhcNMjYwMTAyMTYyMjU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZTFlY2ExNjRiNzJjMGNmYjVmYjVkM2I3YWFhYzFlNzIxMjY5ZmVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNoD89BU2NW5U3tjYNLRvbu+PLCL 9T1XITB/i//9JSmU+7jcca87lMC7xtbVcUue8dMQpHbdSZ8+CXbEJtP3Ux/rZyy0 qrKKdirC+9Buw4YAdWsdPtDIdHI5bzAeDw0tTnO5nuOLvjfBKV2kqiJ4k+mTmxsX TOrPR5ogwSIi6jBuVTsYw/d9TW40ooxZEEtYw5iRqGG8gE7/PGlN7Y05RTjzofys gp/mgTg0h0W9CIc0OSk4mFl2bVYs1oAKOfVlLDZxj9YJjKW62l98hdNIIc/KF7wa tyf6yNJBpdfUrSvHqHGfVXlW47VwLMu+wDz1r5VxNGM51SCvBDD50ZYtuwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFB4eyhZLcsDPtftdO3qqwechJp/vMB8GA1UdIwQY MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt NTNhOTk4ZGU2M2UzLzEvSGg3S0ZrdHl3TS0xLTEwN2VxckI1eUVtbi04LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFTeuAAwQC uYMkMA0EAgACMAcDBQAqAkGAMA0GCSqGSIb3DQEBCwUAA4IBAQBM57qkvgRAijak 9D6kKru4Rz8nxHVR7gji1n0WwX7t1Q6NGXVpc4Pxp49N9qcsR9zR2hh6ogVQ/HiI HpFbyinUKssngGMIr0mWjwm7nddlVcWCVkj8nAm9V+Fv+nsiPmvEOCjkXGkRW5pD ZA2FYUMhe97QZZu937+JO/RzI6OJDjr/lojYW+/6TGOV8G2II41iSu9/+jB8zz3g 1lN0a+S3r075mlh1Kjtv2mxwvzVV5G6BImvgGeLiI0rjq+Xpf7gjyRQZiBxwbt7w p/ISxa2GNGfz+U27XY/7fYhxiYPRU3MRvV8Na3rRiFnFjkQjT4o7R73RD/TnYGPS U9plnf9E -----END CERTIFICATE-----Generated at Tue Jan 27 17:24:54 2026 by rpki-client