This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/6745fe-e475-4c58-a31e-f2c0da61ac13/1/H1aTR_3-hcIaSL6m2Xtkw0pDsL0.roa File: H1aTR_3-hcIaSL6m2Xtkw0pDsL0.roa (raw, json) Hash identifier: qNxstYo00+D1moz7OPyfI/Jls2a6koAXTIX0TooiMUg= Subject key identifier: 1F:56:93:47:FD:FE:85:C2:1A:48:BE:A6:D9:7B:64:C3:4A:43:B0:BD Certificate issuer: /CN=29590774e77a8994a4283128c35921d037b06f21 Certificate serial: 019B7AC8EF2CE6C654033CCEDFC59CD2C68D Authority key identifier: 29:59:07:74:E7:7A:89:94:A4:28:31:28:C3:59:21:D0:37:B0:6F:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVkHdOd6iZSkKDEow1kh0DewbyE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/6745fe-e475-4c58-a31e-f2c0da61ac13/1/H1aTR_3-hcIaSL6m2Xtkw0pDsL0.roa Signing time: Thu 01 Jan 2026 18:19:07 +0000 ROA not before: Thu 01 Jan 2026 18:19:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210198 IP address blocks: 185.137.128.0/22 maxlen: 24 2a0c:a980::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/6745fe-e475-4c58-a31e-f2c0da61ac13/1/KVkHdOd6iZSkKDEow1kh0DewbyE.crl rsync://rpki.ripe.net/repository/DEFAULT/56/6745fe-e475-4c58-a31e-f2c0da61ac13/1/KVkHdOd6iZSkKDEow1kh0DewbyE.mft rsync://rpki.ripe.net/repository/DEFAULT/KVkHdOd6iZSkKDEow1kh0DewbyE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:ef:2c:e6:c6:54:03:3c:ce:df:c5:9c:d2:c6:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29590774e77a8994a4283128c35921d037b06f21 Validity Not Before: Jan 1 18:19:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f569347fdfe85c21a48bea6d97b64c34a43b0bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:a0:87:f1:88:b2:0f:10:4e:54:33:8a:38:47: a2:f1:44:a4:66:96:81:f4:6a:24:10:30:1e:4d:6a: 9f:95:0f:8f:34:fc:8a:df:96:98:7b:9a:92:4f:35: c0:3c:9e:3b:db:38:d9:5e:d6:dc:9b:bd:7a:c6:47: a9:72:66:26:94:f0:22:24:5e:67:20:da:a0:d1:81: 3a:e7:16:de:a1:09:d4:f1:df:d3:6d:d7:33:4b:c4: a0:d9:8e:e5:00:94:30:c9:cb:36:62:a6:94:e6:10: 78:9d:b6:c1:71:b4:cc:78:5b:41:02:a8:d5:a8:58: 9b:5c:ec:02:83:b7:50:82:eb:0b:0a:db:61:a0:96: 4e:4c:61:03:d1:08:4b:fc:3d:69:7a:b6:ed:df:0b: d8:82:bf:fd:45:c4:86:83:27:3c:f0:05:86:d3:61: 61:61:7d:fd:3b:e4:94:83:bb:60:bf:6b:93:50:41: c7:65:c0:30:94:ac:7f:6b:b1:ac:51:96:fc:62:ab: 12:10:4f:a5:7f:ad:97:f2:3b:88:2a:0e:5f:2d:2a: e7:05:46:e5:08:e9:6f:c7:20:31:4a:1a:f9:4e:bc: 12:d6:f9:dc:81:68:d8:dc:17:96:7f:b3:38:ae:85: 1c:ca:b7:44:58:a5:ed:8b:e7:b1:20:47:df:63:eb: fa:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:56:93:47:FD:FE:85:C2:1A:48:BE:A6:D9:7B:64:C3:4A:43:B0:BD X509v3 Authority Key Identifier: keyid:29:59:07:74:E7:7A:89:94:A4:28:31:28:C3:59:21:D0:37:B0:6F:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVkHdOd6iZSkKDEow1kh0DewbyE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6745fe-e475-4c58-a31e-f2c0da61ac13/1/H1aTR_3-hcIaSL6m2Xtkw0pDsL0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6745fe-e475-4c58-a31e-f2c0da61ac13/1/KVkHdOd6iZSkKDEow1kh0DewbyE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.137.128.0/22 IPv6: 2a0c:a980::/29 Signature Algorithm: sha256WithRSAEncryption 0c:51:a1:ef:60:9c:dc:07:59:ef:9c:b9:c8:3b:08:d5:7a:d6: b4:fc:16:b0:2e:d1:6b:0b:f9:4a:25:db:10:63:a8:d2:6d:06: 44:16:81:a6:01:5f:17:5d:cf:a8:3f:9a:e0:cf:27:2a:e3:d2: 9b:a8:ea:a6:6b:fa:5f:bb:85:79:65:be:0a:39:6f:93:26:a9: a2:d3:6d:24:d6:c5:7d:d8:3f:1d:c7:6a:6b:d6:d5:61:2d:fa: 27:a7:08:64:4c:86:78:ba:2b:8f:3b:9f:75:72:3a:e9:bf:03: 15:19:ca:7f:92:1a:bd:fd:00:3b:a8:94:58:9c:9c:56:d3:01: c6:12:7f:bb:0c:62:a6:e3:02:4e:c0:ce:d4:bc:95:82:b2:06: 94:68:9d:13:b3:93:00:39:21:59:fe:dd:a3:cc:5b:01:42:1b: 68:b7:c1:c2:e4:a4:fe:5c:9c:1c:51:8c:c2:24:8a:59:10:17: 12:55:ed:70:d1:91:18:a6:45:0d:68:84:2c:f5:1a:14:d6:01: 30:2e:d6:d7:e7:7d:cb:64:9b:3f:50:62:94:4b:7c:ee:52:48: c4:02:f9:72:9e:ac:c1:e4:59:67:d0:f2:f8:20:56:95:a9:e0: d1:e9:df:68:e2:d9:14:bb:e4:f0:b1:92:72:7b:07:40:c6:35: 58:27:3f:33 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6yO8s5sZUAzzO38Wc0saNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NTkwNzc0ZTc3YTg5OTRhNDI4MzEyOGMzNTkyMWQwMzdi MDZmMjEwHhcNMjYwMTAxMTgxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjU2OTM0N2ZkZmU4NWMyMWE0OGJlYTZkOTdiNjRjMzRhNDNiMGJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8aCH8YiyDxBOVDOKOEei8USkZpaB 9GokEDAeTWqflQ+PNPyK35aYe5qSTzXAPJ472zjZXtbcm716xkepcmYmlPAiJF5n INqg0YE65xbeoQnU8d/TbdczS8Sg2Y7lAJQwycs2YqaU5hB4nbbBcbTMeFtBAqjV qFibXOwCg7dQgusLCtthoJZOTGED0QhL/D1perbt3wvYgr/9RcSGgyc88AWG02Fh YX39O+SUg7tgv2uTUEHHZcAwlKx/a7GsUZb8YqsSEE+lf62X8juIKg5fLSrnBUbl COlvxyAxShr5TrwS1vncgWjY3BeWf7M4roUcyrdEWKXti+exIEffY+v63wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFB9Wk0f9/oXCGki+ptl7ZMNKQ7C9MB8GA1UdIwQY MBaAFClZB3TneomUpCgxKMNZIdA3sG8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1ZrSGRPZDZpWlNrS0RFb3cxa2gwRGV3YnlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NzQ1ZmUtZTQ3NS00YzU4LWEzMWUt ZjJjMGRhNjFhYzEzLzEvSDFhVFJfMy1oY0lhU0w2bTJYdGt3MHBEc0wwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni82NzQ1ZmUtZTQ3NS00YzU4LWEzMWUtZjJjMGRhNjFhYzEz LzEvS1ZrSGRPZDZpWlNrS0RFb3cxa2gwRGV3YnlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYmAMA0E AgACMAcDBQMqDKmAMA0GCSqGSIb3DQEBCwUAA4IBAQAMUaHvYJzcB1nvnLnIOwjV eta0/BawLtFrC/lKJdsQY6jSbQZEFoGmAV8XXc+oP5rgzycq49KbqOqma/pfu4V5 Zb4KOW+TJqmi020k1sV92D8dx2pr1tVhLfonpwhkTIZ4uiuPO591cjrpvwMVGcp/ khq9/QA7qJRYnJxW0wHGEn+7DGKm4wJOwM7UvJWCsgaUaJ0Ts5MAOSFZ/t2jzFsB Qhtot8HC5KT+XJwcUYzCJIpZEBcSVe1w0ZEYpkUNaIQs9RoU1gEwLtbX533LZJs/ UGKUS3zuUkjEAvlynqzB5Fln0PL4IFaVqeDR6d9o4tkUu+TwsZJyewdAxjVYJz8z -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:32 2026 by rpki-client