This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/HqzX4EklzjztmxQHcTQSLToHBQo.roa File: HqzX4EklzjztmxQHcTQSLToHBQo.roa (raw, json) Hash identifier: 0C/Lc4jGp8PVv3g8+j/yiQ53pvc2GRhFcYHGJMXCY4s= Subject key identifier: 1E:AC:D7:E0:49:25:CE:3C:ED:9B:14:07:71:34:12:2D:3A:07:05:0A Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec Certificate serial: 019B7A5AB7B09B74937D34746270781C463C Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/HqzX4EklzjztmxQHcTQSLToHBQo.roa Signing time: Thu 01 Jan 2026 16:18:44 +0000 ROA not before: Thu 01 Jan 2026 16:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213250 IP address blocks: 37.114.37.0/24 maxlen: 24 37.114.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 19:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:b7:b0:9b:74:93:7d:34:74:62:70:78:1c:46:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec Validity Not Before: Jan 1 16:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1eacd7e04925ce3ced9b14077134122d3a07050a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:e7:f8:22:30:d9:8e:48:83:10:b6:d4:3d:7f: 0d:b0:23:18:21:f6:4e:2a:6a:54:a1:1e:c9:e4:f6: ce:db:5f:32:f0:6d:53:7f:d3:cf:f0:af:50:62:11: 7a:c1:d5:ef:fe:30:f5:f9:69:e7:72:4c:e1:b9:e8: 17:97:0b:58:46:9a:a5:ad:20:61:14:64:f3:3e:ce: a1:7c:70:00:09:2d:40:23:b5:46:6e:0e:28:8b:b4: 0f:d4:7a:17:9b:e5:9f:bc:9d:c6:7f:26:54:cb:37: e1:38:88:d6:7a:a1:59:d2:40:e7:69:39:7d:82:cd: 43:9e:b7:8a:bd:68:e8:3a:21:58:70:89:cb:e9:76: 9c:cf:39:58:65:4c:9e:5b:4e:33:dc:1c:a1:bd:f0: 31:b5:73:65:30:84:13:60:16:aa:55:69:45:42:a2: 73:3d:99:de:06:21:96:32:50:38:16:55:cf:56:f2: 03:87:91:c0:f6:5f:57:2d:82:ee:b2:97:ae:92:8c: f8:cc:5a:c1:6e:9c:77:96:ac:d4:ed:41:f8:d5:09: 0d:a7:b7:18:a9:c8:e7:90:90:7f:6b:a0:2c:69:8a: 8f:4b:96:31:a3:34:8b:79:af:26:33:ef:00:7d:e7: 7e:ac:93:6a:0b:3c:1f:68:84:2b:2f:9a:91:99:18: 40:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:AC:D7:E0:49:25:CE:3C:ED:9B:14:07:71:34:12:2D:3A:07:05:0A X509v3 Authority Key Identifier: keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/HqzX4EklzjztmxQHcTQSLToHBQo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.114.37.0/24 37.114.63.0/24 Signature Algorithm: sha256WithRSAEncryption a3:10:71:9b:46:a5:e4:27:20:e8:46:11:bd:ce:51:b3:05:4f: 77:46:fc:13:93:84:2e:ac:04:5f:8f:0b:44:49:f7:3f:35:8b: d9:5f:a8:6e:76:d9:cd:a1:db:ea:74:8d:f0:e1:03:26:6b:3d: b7:b2:6c:79:c2:99:a9:9d:f9:25:8a:f4:16:1f:66:52:d5:52: f7:6d:03:4a:cd:f1:78:47:fd:32:9b:2b:e5:1d:49:66:cd:8d: bc:0a:4f:77:63:e1:1c:29:97:47:01:fa:86:51:34:b5:e5:da: 2d:d6:1b:6d:de:83:8d:37:76:b1:8b:c5:36:68:84:72:49:a5: f9:3e:29:dc:f7:bf:a4:f5:31:ec:82:74:0c:dc:2d:39:b9:a9: 33:0d:05:a4:d8:3a:ee:1f:a3:23:9b:db:a3:6f:e2:aa:43:d1: a1:42:9e:bf:4e:4b:c0:31:61:3e:8b:3b:5b:3c:cd:6d:6a:17: 2b:da:47:c3:b9:f6:76:9b:10:a6:20:9c:8c:fa:b8:af:ab:2a: 92:a6:32:9c:f4:02:e9:ab:ef:de:7b:a7:27:71:f3:e6:90:d9: 05:1c:9d:8b:e7:a8:ec:58:2f:92:8c:b3:d8:f1:b1:86:1f:b6: 3b:db:be:59:c5:9b:c5:23:a8:fa:76:1d:e8:c4:da:87:56:82: b3:e4:03:90 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6Wrewm3STfTR0YnB4HEY8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj YmU3ZWMwHhcNMjYwMTAxMTYxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZWFjZDdlMDQ5MjVjZTNjZWQ5YjE0MDc3MTM0MTIyZDNhMDcwNTBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOf4IjDZjkiDELbUPX8NsCMYIfZO KmpUoR7J5PbO218y8G1Tf9PP8K9QYhF6wdXv/jD1+WnnckzhuegXlwtYRpqlrSBh FGTzPs6hfHAACS1AI7VGbg4oi7QP1HoXm+WfvJ3GfyZUyzfhOIjWeqFZ0kDnaTl9 gs1DnreKvWjoOiFYcInL6XaczzlYZUyeW04z3ByhvfAxtXNlMIQTYBaqVWlFQqJz PZneBiGWMlA4FlXPVvIDh5HA9l9XLYLuspeukoz4zFrBbpx3lqzU7UH41QkNp7cY qcjnkJB/a6AsaYqPS5YxozSLea8mM+8Afed+rJNqCzwfaIQrL5qRmRhA0wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFB6s1+BJJc487ZsUB3E0Ei06BwUKMB8GA1UdIwQY MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt MWI3Y2JiMDhkNzNmLzEvSHF6WDRFa2x6anp0bXhRSGNUUVNMVG9IQlFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJXIlAwQA JXI/MA0GCSqGSIb3DQEBCwUAA4IBAQCjEHGbRqXkJyDoRhG9zlGzBU93RvwTk4Qu rARfjwtESfc/NYvZX6hudtnNodvqdI3w4QMmaz23smx5wpmpnfklivQWH2ZS1VL3 bQNKzfF4R/0ymyvlHUlmzY28Ck93Y+EcKZdHAfqGUTS15dot1htt3oONN3axi8U2 aIRySaX5Pinc97+k9THsgnQM3C05uakzDQWk2DruH6Mjm9ujb+KqQ9GhQp6/TkvA MWE+iztbPM1tahcr2kfDufZ2mxCmIJyM+rivqyqSpjKc9ALpq+/ee6cncfPmkNkF HJ2L56jsWC+SjLPY8bGGH7Y7275ZxZvFI6j6dh3oxNqHVoKz5AOQ -----END CERTIFICATE-----Generated at Wed Jan 21 02:47:22 2026 by rpki-client