This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/hGGdrn8Q-dhLWfi_gTkJoK3l29E.roa File: hGGdrn8Q-dhLWfi_gTkJoK3l29E.roa (raw, json) Hash identifier: 9MCdA6GuzpZs6FZt15tnmy+ZE9OMe0TMy0YGpKngBio= Subject key identifier: 84:61:9D:AE:7F:10:F9:D8:4B:59:F8:BF:81:39:09:A0:AD:E5:DB:D1 Certificate issuer: /CN=411c4322082191c79e2d86db4e1bf9d0718e27e9 Certificate serial: 019B7CECFE6FF1760D88A5E7C133A362DC01 Authority key identifier: 41:1C:43:22:08:21:91:C7:9E:2D:86:DB:4E:1B:F9:D0:71:8E:27:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QRxDIgghkceeLYbbThv50HGOJ-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/hGGdrn8Q-dhLWfi_gTkJoK3l29E.roa Signing time: Fri 02 Jan 2026 04:17:45 +0000 ROA not before: Fri 02 Jan 2026 04:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202695 IP address blocks: 64.38.104.0/22 maxlen: 22 185.156.244.0/22 maxlen: 22 2a03:5b00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/QRxDIgghkceeLYbbThv50HGOJ-k.crl rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/QRxDIgghkceeLYbbThv50HGOJ-k.mft rsync://rpki.ripe.net/repository/DEFAULT/QRxDIgghkceeLYbbThv50HGOJ-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 19:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ec:fe:6f:f1:76:0d:88:a5:e7:c1:33:a3:62:dc:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411c4322082191c79e2d86db4e1bf9d0718e27e9 Validity Not Before: Jan 2 04:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=84619dae7f10f9d84b59f8bf813909a0ade5dbd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:21:c7:17:eb:25:8b:4f:80:03:ca:66:bb:52: ec:d5:10:68:bd:fb:4a:60:92:64:14:e6:ee:ca:37: 26:ff:5c:57:c3:73:41:ba:d5:52:ee:44:b3:31:ad: d2:5d:0a:d3:d4:e7:3b:3a:83:c2:ff:d4:d9:97:ea: bc:42:bb:56:21:50:d8:18:eb:b6:54:e2:49:04:79: c8:f4:06:3c:d4:58:de:8a:aa:46:99:37:12:e3:3b: a6:50:d1:68:4a:b7:44:8b:14:94:af:5c:e9:77:87: 28:37:7c:15:0c:6d:e1:54:c1:20:d9:26:b6:19:14: 6c:db:e2:14:a0:3d:cd:9c:0e:5e:4b:14:b5:d3:80: 9c:1d:1b:3b:e4:6c:d3:72:13:3d:22:c9:40:68:96: 99:57:02:bd:a0:54:83:e6:a4:6f:b5:96:3c:69:ce: d9:6d:78:89:0a:fd:f8:77:f9:2a:0c:15:18:cf:4e: 26:90:8a:02:bb:1e:22:a5:7a:03:0c:de:2e:1a:9f: 40:f0:5d:40:21:72:75:7f:f4:ff:67:ae:7f:91:ce: d1:ba:76:6b:e3:e1:9d:03:c6:ba:1b:64:0e:72:85: d2:96:f0:a5:8b:64:e9:38:df:63:ca:42:e1:a7:41: 19:2b:25:af:0b:89:aa:ad:92:f8:fa:95:79:de:3f: a0:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:61:9D:AE:7F:10:F9:D8:4B:59:F8:BF:81:39:09:A0:AD:E5:DB:D1 X509v3 Authority Key Identifier: keyid:41:1C:43:22:08:21:91:C7:9E:2D:86:DB:4E:1B:F9:D0:71:8E:27:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRxDIgghkceeLYbbThv50HGOJ-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/hGGdrn8Q-dhLWfi_gTkJoK3l29E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/QRxDIgghkceeLYbbThv50HGOJ-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.38.104.0/22 185.156.244.0/22 IPv6: 2a03:5b00::/32 Signature Algorithm: sha256WithRSAEncryption 45:2e:3e:88:7c:39:29:4e:4c:16:70:03:00:f5:2b:19:d3:aa: 26:0f:70:91:ea:6e:6a:29:4f:b7:be:a0:79:87:c0:72:e1:33: 81:69:0e:44:64:0f:23:21:63:14:5c:17:ab:4a:2b:ba:c8:41: 4d:9f:ee:37:64:5a:f8:d5:d0:7c:2b:fc:8d:e3:86:e4:d1:6a: e2:3c:0c:61:58:41:a8:9c:21:8e:36:cf:a6:12:5d:48:6c:a4: db:e8:65:fa:7c:8e:b2:61:9a:92:0c:25:01:7e:7c:fe:3c:4e: 4d:e0:5d:10:51:9d:c3:79:49:1a:b4:60:15:67:58:b4:20:1d: 72:d0:6b:10:df:0f:d8:cc:b6:72:00:91:30:67:4e:a5:83:1b: 1b:4e:b2:b2:99:b6:25:56:6f:f4:e6:dd:cf:36:11:20:29:a1: 74:12:69:74:ca:70:e0:1c:ee:10:80:bb:1d:13:2b:45:b2:e0: 4a:14:5f:2c:ea:fe:32:f9:c6:dd:22:f8:d7:b7:d0:a1:f0:09: 55:e6:0b:a2:36:82:ee:e4:53:74:8c:8e:7f:fd:83:32:26:38: 3d:49:a4:f2:a8:03:ae:68:59:81:f7:b8:69:cb:6f:17:80:b9: bc:ba:14:36:c3:da:55:6f:8c:f5:08:03:c8:c2:ed:6e:bd:69: 38:15:53:3e -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt87P5v8XYNiKXnwTOjYtwBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMWM0MzIyMDgyMTkxYzc5ZTJkODZkYjRlMWJmOWQwNzE4 ZTI3ZTkwHhcNMjYwMTAyMDQxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDYxOWRhZTdmMTBmOWQ4NGI1OWY4YmY4MTM5MDlhMGFkZTVkYmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyHHF+sli0+AA8pmu1Ls1RBovftK YJJkFObuyjcm/1xXw3NButVS7kSzMa3SXQrT1Oc7OoPC/9TZl+q8QrtWIVDYGOu2 VOJJBHnI9AY81FjeiqpGmTcS4zumUNFoSrdEixSUr1zpd4coN3wVDG3hVMEg2Sa2 GRRs2+IUoD3NnA5eSxS104CcHRs75GzTchM9IslAaJaZVwK9oFSD5qRvtZY8ac7Z bXiJCv34d/kqDBUYz04mkIoCux4ipXoDDN4uGp9A8F1AIXJ1f/T/Z65/kc7RunZr 4+GdA8a6G2QOcoXSlvCli2TpON9jykLhp0EZKyWvC4mqrZL4+pV53j+gHQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFIRhna5/EPnYS1n4v4E5CaCt5dvRMB8GA1UdIwQY MBaAFEEcQyIIIZHHni2G204b+dBxjifpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVJ4RElnZ2hrY2VlTFliYlRodjUwSEdPSi1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hNzkzOGYtN2M5YS00M2M5LTk1ZjMt ZjM4MTBiZDcwMzc2LzEvaEdHZHJuOFEtZGhMV2ZpX2dUa0pvSzNsMjlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy9hNzkzOGYtN2M5YS00M2M5LTk1ZjMtZjM4MTBiZDcwMzc2 LzEvUVJ4RElnZ2hrY2VlTFliYlRodjUwSEdPSi1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCQCZoAwQC uZz0MA0EAgACMAcDBQAqA1sAMA0GCSqGSIb3DQEBCwUAA4IBAQBFLj6IfDkpTkwW cAMA9SsZ06omD3CR6m5qKU+3vqB5h8By4TOBaQ5EZA8jIWMUXBerSiu6yEFNn+43 ZFr41dB8K/yN44bk0WriPAxhWEGonCGONs+mEl1IbKTb6GX6fI6yYZqSDCUBfnz+ PE5N4F0QUZ3DeUkatGAVZ1i0IB1y0GsQ3w/YzLZyAJEwZ06lgxsbTrKymbYlVm/0 5t3PNhEgKaF0Eml0ynDgHO4QgLsdEytFsuBKFF8s6v4y+cbdIvjXt9Ch8AlV5gui NoLu5FN0jI5//YMyJjg9SaTyqAOuaFmB97hpy28XgLm8uhQ2w9pVb4z1CAPIwu1u vWk4FVM+ -----END CERTIFICATE-----Generated at Tue Feb 10 01:24:29 2026 by rpki-client