This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/hneKOL6xKV3cr3gP56n-PmBtpXI.roa File: hneKOL6xKV3cr3gP56n-PmBtpXI.roa (raw, json) Hash identifier: GxqGClH9UHGqcmyTREy95vx88t5aKLbmXG/YE4t9Tqg= Subject key identifier: 86:77:8A:38:BE:B1:29:5D:DC:AF:78:0F:E7:A9:FE:3E:60:6D:A5:72 Certificate issuer: /CN=de0d9d6b697ca1c86570c256862e6858b4799c85 Certificate serial: 019B7DCA6DC7603E3BC745D8A4A63B38DFE5 Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/hneKOL6xKV3cr3gP56n-PmBtpXI.roa Signing time: Fri 02 Jan 2026 08:19:36 +0000 ROA not before: Fri 02 Jan 2026 08:19:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60068 IP address blocks: 159.242.228.0/24 maxlen: 24 159.242.232.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:6d:c7:60:3e:3b:c7:45:d8:a4:a6:3b:38:df:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85 Validity Not Before: Jan 2 08:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=86778a38beb1295ddcaf780fe7a9fe3e606da572 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:80:2b:c1:f9:74:0c:25:c9:ce:5c:91:bb:8d: b4:3c:c7:d2:5d:b2:bb:71:e4:cf:c2:53:7a:be:24: 0c:9f:3f:96:34:c0:e9:dd:64:ac:d0:47:1b:b5:db: d9:3a:70:61:2a:72:e3:3a:d2:b6:2a:b9:91:c8:a0: 3b:b6:b5:7a:de:c5:4d:d4:f0:d9:c7:cb:f9:8f:a4: 42:f5:3b:d7:eb:ca:20:5a:23:dd:7c:76:1b:32:92: 66:30:f5:b8:0d:30:77:53:97:bc:14:ef:63:97:1b: 38:9a:b7:67:9a:e3:94:95:d5:1e:8b:5b:bb:95:db: 48:e5:65:ce:3d:ca:2c:83:e3:97:cc:1c:77:29:a4: 40:fb:17:79:4c:90:c8:ed:f3:7e:44:df:f6:2e:94: 6d:bf:3f:f9:24:30:7e:6a:d2:ce:18:9a:12:db:bf: c4:08:ae:36:3c:96:e7:6a:cb:71:b5:91:52:d3:d3: ae:0f:03:de:2d:df:71:b8:d4:01:f3:9c:65:e9:93: 75:ff:c3:f6:45:4e:c2:c7:1a:d4:13:06:f9:ee:4e: 2c:75:6e:24:ab:98:3d:48:16:6b:5e:4b:94:0e:79: e4:8c:64:c9:08:09:ad:ab:99:dd:e3:67:6d:36:b9: 1e:8f:b2:ae:f3:ef:b6:67:cf:a9:2a:64:b6:fc:92: ef:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:77:8A:38:BE:B1:29:5D:DC:AF:78:0F:E7:A9:FE:3E:60:6D:A5:72 X509v3 Authority Key Identifier: keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/hneKOL6xKV3cr3gP56n-PmBtpXI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.242.228.0/24 159.242.232.0/23 Signature Algorithm: sha256WithRSAEncryption 24:d8:75:68:ad:f1:0b:23:07:47:6b:eb:3d:73:d0:9c:b2:30: 26:2c:71:24:1a:6b:bf:50:43:de:01:7f:e2:d3:c0:c8:3b:53: 9c:9b:c1:57:f7:59:8a:95:72:1a:ec:ae:ce:1c:7e:ee:83:b9: 00:7f:c5:65:33:13:fc:60:89:59:b3:f6:33:8c:92:e9:63:27: d9:5e:f3:76:93:d9:b4:d6:01:0d:c8:62:19:9d:be:ff:76:af: 5b:de:8b:c5:8c:c9:89:bc:6b:be:ad:3e:02:b4:f9:89:d9:4f: 15:68:a0:80:63:fb:35:4f:b7:d3:b5:d6:14:94:55:d9:0a:01: 3f:61:7d:4f:0d:78:86:2d:58:e3:1e:f6:9f:59:df:5f:42:2e: 3f:5f:8f:c0:41:c1:b8:14:db:e7:17:ac:77:f1:3b:c4:c7:45: bb:55:2c:c1:fa:31:6f:67:97:34:50:7d:5c:84:92:5a:de:fd: f4:f6:29:7a:08:1f:e7:2c:48:3e:cb:58:34:7d:00:cd:c2:73: f9:60:96:28:ab:ab:d8:0e:af:01:7e:4a:0d:59:d8:a8:4f:8b: 0b:34:6b:8e:d4:ed:e8:e2:3e:0b:2d:76:c8:22:b3:6e:cf:68: aa:eb:20:35:75:fa:35:46:c2:47:01:9b:d6:81:89:ec:c4:82: 47:df:bc:57 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9ym3HYD47x0XYpKY7ON/lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3 OTljODUwHhcNMjYwMTAyMDgxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4Njc3OGEzOGJlYjEyOTVkZGNhZjc4MGZlN2E5ZmUzZTYwNmRhNTcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIArwfl0DCXJzlyRu420PMfSXbK7 ceTPwlN6viQMnz+WNMDp3WSs0EcbtdvZOnBhKnLjOtK2KrmRyKA7trV63sVN1PDZ x8v5j6RC9TvX68ogWiPdfHYbMpJmMPW4DTB3U5e8FO9jlxs4mrdnmuOUldUei1u7 ldtI5WXOPcosg+OXzBx3KaRA+xd5TJDI7fN+RN/2LpRtvz/5JDB+atLOGJoS27/E CK42PJbnastxtZFS09OuDwPeLd9xuNQB85xl6ZN1/8P2RU7CxxrUEwb57k4sdW4k q5g9SBZrXkuUDnnkjGTJCAmtq5nd42dtNrkej7Ku8++2Z8+pKmS2/JLvMQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIZ3iji+sSld3K94D+ep/j5gbaVyMB8GA1UdIwQY MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt MDFjYmZjMGU5NGU3LzEvaG5lS09MNnhLVjNjcjNnUDU2bi1QbUJ0cFhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3 LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAn/LkAwQB n/LoMA0GCSqGSIb3DQEBCwUAA4IBAQAk2HVorfELIwdHa+s9c9CcsjAmLHEkGmu/ UEPeAX/i08DIO1Ocm8FX91mKlXIa7K7OHH7ug7kAf8VlMxP8YIlZs/YzjJLpYyfZ XvN2k9m01gENyGIZnb7/dq9b3ovFjMmJvGu+rT4CtPmJ2U8VaKCAY/s1T7fTtdYU lFXZCgE/YX1PDXiGLVjjHvafWd9fQi4/X4/AQcG4FNvnF6x38TvEx0W7VSzB+jFv Z5c0UH1chJJa3v309il6CB/nLEg+y1g0fQDNwnP5YJYoq6vYDq8BfkoNWdioT4sL NGuO1O3o4j4LLXbIIrNuz2iq6yA1dfo1RsJHAZvWgYnsxIJH37xX -----END CERTIFICATE-----Generated at Wed Jan 21 07:22:14 2026 by rpki-client