This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/HBxIhJQTEPlpkLB0ZPYkHZSJiik.roa File: HBxIhJQTEPlpkLB0ZPYkHZSJiik.roa (raw, json) Hash identifier: eG6f7ib9tGK1jAHCC+qT2jC4Ebjo/wZvqFlp98jpIUQ= Subject key identifier: 1C:1C:48:84:94:13:10:F9:69:90:B0:74:64:F6:24:1D:94:89:8A:29 Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Certificate serial: 019B7E379CB3ADF96A7DEFD86F4A23A775E8 Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/HBxIhJQTEPlpkLB0ZPYkHZSJiik.roa Signing time: Fri 02 Jan 2026 10:18:52 +0000 ROA not before: Fri 02 Jan 2026 10:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50835 IP address blocks: 37.97.121.0/24 maxlen: 24 46.173.248.0/22 maxlen: 24 46.173.254.0/23 maxlen: 23 77.36.58.0/24 maxlen: 24 77.36.66.0/23 maxlen: 23 81.161.48.0/22 maxlen: 22 91.193.30.0/23 maxlen: 23 91.233.200.0/24 maxlen: 24 91.236.76.0/24 maxlen: 24 91.239.226.0/24 maxlen: 24 91.246.203.0/24 maxlen: 24 93.120.34.0/23 maxlen: 23 93.120.40.0/23 maxlen: 23 109.207.128.0/24 maxlen: 24 109.207.130.0/24 maxlen: 24 109.207.132.0/24 maxlen: 24 176.96.94.0/24 maxlen: 24 176.115.236.0/22 maxlen: 24 176.116.236.0/24 maxlen: 24 176.121.108.0/23 maxlen: 24 194.33.66.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:02:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:9c:b3:ad:f9:6a:7d:ef:d8:6f:4a:23:a7:75:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Validity Not Before: Jan 2 10:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1c1c4884941310f96990b07464f6241d94898a29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:eb:fa:ee:77:66:e2:f4:d1:60:24:fc:2e:94: 8b:08:32:41:ab:cd:32:c6:18:57:63:94:ef:22:59: 57:fe:08:97:90:09:bc:e1:42:32:ae:35:4e:c2:bf: f6:82:6b:37:8b:c9:77:d0:89:44:a4:c6:74:c1:df: 60:ba:c8:0a:0a:ea:20:3b:eb:7e:a5:86:f7:35:27: af:41:c6:be:15:0a:a9:05:5e:5f:93:c3:c0:87:fb: 3c:b9:22:5b:0b:cc:1d:80:96:fd:b3:e1:15:83:6a: 1c:4a:2a:bc:91:d7:8c:1c:78:23:bd:5a:cb:93:56: d6:fc:a4:35:ac:e2:87:f5:8e:fc:fc:84:9c:b4:de: 97:59:0a:79:95:db:f0:18:6e:8b:75:c2:4f:90:1c: e4:5e:d6:9f:7b:8b:3f:79:78:79:1b:61:fc:70:a0: 7e:c4:9b:28:22:c5:54:4c:57:e4:73:e5:68:b0:fc: 0b:f5:42:31:cc:0d:1b:fc:53:9d:c7:fb:54:00:38: ad:41:87:30:d1:71:ab:e2:7b:d3:bb:dd:aa:0a:ff: aa:39:0b:6a:86:cc:37:b8:30:9b:d4:f8:d6:95:d6: 06:5d:6e:3d:a2:f9:04:60:85:85:53:72:d4:83:63: 5f:6b:cf:a2:0f:21:48:8d:fe:18:b1:13:0f:98:e6: 6d:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:1C:48:84:94:13:10:F9:69:90:B0:74:64:F6:24:1D:94:89:8A:29 X509v3 Authority Key Identifier: keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/HBxIhJQTEPlpkLB0ZPYkHZSJiik.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.97.121.0/24 46.173.248.0/22 46.173.254.0/23 77.36.58.0/24 77.36.66.0/23 81.161.48.0/22 91.193.30.0/23 91.233.200.0/24 91.236.76.0/24 91.239.226.0/24 91.246.203.0/24 93.120.34.0/23 93.120.40.0/23 109.207.128.0/24 109.207.130.0/24 109.207.132.0/24 176.96.94.0/24 176.115.236.0/22 176.116.236.0/24 176.121.108.0/23 194.33.66.0/23 Signature Algorithm: sha256WithRSAEncryption 20:33:b2:2e:f2:39:2b:68:3f:73:1b:ed:a0:ee:40:90:51:63: 75:df:23:0c:60:08:fb:17:24:ed:80:ac:eb:88:5f:8d:42:d3: 0a:21:df:a7:11:0c:a8:5b:d6:36:e1:2e:02:db:d5:3f:a3:08: f8:78:12:1d:6e:b2:4b:99:dc:de:b5:11:09:26:ba:8a:70:24: 5b:3e:5f:28:ea:ea:90:11:7f:66:80:3b:59:e2:c7:8c:ec:a0: 4d:b0:f5:83:71:ae:95:66:cb:8d:30:93:03:25:8a:b5:eb:23: 51:8b:20:6e:b3:22:c1:53:71:82:4a:b1:65:ef:92:85:51:92: 3a:6e:6b:0c:5d:12:3f:52:05:ae:98:f3:6c:9c:2f:66:da:28: 18:e7:11:6d:33:1f:15:79:8a:ef:bc:12:61:56:cd:74:1e:39: ff:38:36:14:39:30:50:4c:6b:c0:0b:07:27:cf:f9:03:4d:01: 24:ce:86:07:83:81:5e:02:29:37:9b:90:8d:32:e9:5d:bb:ab: a3:20:c8:7a:d6:2d:cf:85:3e:47:56:09:41:ff:4b:fe:93:56: b5:ab:9b:90:dc:e7:46:18:d7:50:a1:12:49:01:0f:e9:e9:82: 42:47:34:36:75:35:ba:21:b2:7e:94:7b:a5:d7:9e:57:60:6b: a6:b9:e9:b9 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgISAZt+N5yzrflqfe/Yb0ojp3XoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy MjRkYWEwHhcNMjYwMTAyMTAxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYzFjNDg4NDk0MTMxMGY5Njk5MGIwNzQ2NGY2MjQxZDk0ODk4YTI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOv67ndm4vTRYCT8LpSLCDJBq80y xhhXY5TvIllX/giXkAm84UIyrjVOwr/2gms3i8l30IlEpMZ0wd9gusgKCuogO+t+ pYb3NSevQca+FQqpBV5fk8PAh/s8uSJbC8wdgJb9s+EVg2ocSiq8kdeMHHgjvVrL k1bW/KQ1rOKH9Y78/ISctN6XWQp5ldvwGG6LdcJPkBzkXtafe4s/eXh5G2H8cKB+ xJsoIsVUTFfkc+VosPwL9UIxzA0b/FOdx/tUADitQYcw0XGr4nvTu92qCv+qOQtq hsw3uDCb1PjWldYGXW49ovkEYIWFU3LUg2Nfa8+iDyFIjf4YsRMPmOZtFQIDAQAB o4IChTCCAoEwHQYDVR0OBBYEFBwcSISUExD5aZCwdGT2JB2UiYopMB8GA1UdIwQY MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt ZGMwNmRkODA1OTYwLzEvSEJ4SWhKUVRFUGxwa0xCMFpQWWtIWlNKaWlrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEACVh eQMEAi6t+AMEAS6t/gMEAE0kOgMEAU0kQgMEAlGhMAMEAVvBHgMEAFvpyAMEAFvs TAMEAFvv4gMEAFv2ywMEAV14IgMEAV14KAMEAG3PgAMEAG3PggMEAG3PhAMEALBg XgMEArBz7AMEALB07AMEAbB5bAMEAcIhQjANBgkqhkiG9w0BAQsFAAOCAQEAIDOy LvI5K2g/cxvtoO5AkFFjdd8jDGAI+xck7YCs64hfjULTCiHfpxEMqFvWNuEuAtvV P6MI+HgSHW6yS5nc3rURCSa6inAkWz5fKOrqkBF/ZoA7WeLHjOygTbD1g3GulWbL jTCTAyWKtesjUYsgbrMiwVNxgkqxZe+ShVGSOm5rDF0SP1IFrpjzbJwvZtooGOcR bTMfFXmK77wSYVbNdB45/zg2FDkwUExrwAsHJ8/5A00BJM6GB4OBXgIpN5uQjTLp XburoyDIetYtz4U+R1YJQf9L/pNWtaubkNznRhjXUKESSQEP6emCQkc0NnU1uiGy fpR7pdeeV2BrprnpuQ== -----END CERTIFICATE-----Generated at Mon Jan 19 19:58:15 2026 by rpki-client