This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/hfy8wKzZ1lOnw8rRIAp89k1HBQg.roa File: hfy8wKzZ1lOnw8rRIAp89k1HBQg.roa (raw, json) Hash identifier: w/O4MPtS75N0zJ8yWXd9FMAgNBIXsYLEr12sXp5bZHk= Subject key identifier: 85:FC:BC:C0:AC:D9:D6:53:A7:C3:CA:D1:20:0A:7C:F6:4D:47:05:08 Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Certificate serial: 019AC95083DB73C46311C7D9533AD01D868F Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/hfy8wKzZ1lOnw8rRIAp89k1HBQg.roa Signing time: Fri 28 Nov 2025 07:14:48 +0000 ROA not before: Fri 28 Nov 2025 07:14:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 64267 IP address blocks: 104.160.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:c9:50:83:db:73:c4:63:11:c7:d9:53:3a:d0:1d:86:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Validity Not Before: Nov 28 07:14:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=85fcbcc0acd9d653a7c3cad1200a7cf64d470508 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:0d:4c:fb:e0:13:06:3b:03:98:b8:0a:29:62: 16:56:64:aa:64:b7:83:74:c6:71:5e:1b:e3:18:8e: c6:f1:1f:52:18:6e:ad:e5:66:17:aa:d2:d4:33:12: 48:d2:65:22:b7:89:a3:d8:b5:83:9d:bb:a8:3b:bc: c6:83:cf:49:ed:5e:c6:65:ad:f8:aa:59:0f:86:e8: d8:47:3f:0c:a1:c1:a4:09:86:5a:ba:6d:55:53:d6: 83:98:82:27:5d:2b:7c:8f:f4:ca:f2:5d:5f:c1:10: 81:31:89:06:2a:db:46:7f:37:43:f4:b5:2b:58:65: 31:1a:0f:b2:63:5f:aa:0f:33:50:75:d7:f5:b0:f9: d8:4a:1e:f8:c3:70:d0:8c:44:31:e2:38:59:e0:e7: 03:77:6a:e9:f2:63:7a:87:2e:28:0d:3f:1b:33:ba: 3a:a4:70:86:80:08:c1:e1:5f:96:06:ca:ae:38:70: 26:c3:04:9c:bf:af:9f:4c:22:7a:73:75:d9:69:30: ef:c1:6e:4c:48:3a:30:70:30:8c:17:5b:c9:74:4f: 73:99:ac:1e:95:f4:7c:e8:4a:b8:11:f4:63:ad:de: 35:20:4b:2d:c9:99:51:eb:3d:43:a8:48:05:a8:0e: e8:9b:63:6d:fd:e8:5a:b8:51:43:c9:5d:14:78:29: 8e:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:FC:BC:C0:AC:D9:D6:53:A7:C3:CA:D1:20:0A:7C:F6:4D:47:05:08 X509v3 Authority Key Identifier: keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/hfy8wKzZ1lOnw8rRIAp89k1HBQg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.160.3.0/24 Signature Algorithm: sha256WithRSAEncryption 33:5e:4a:ed:08:9e:5b:8f:fe:b0:97:d8:ce:1e:0e:6b:5c:80: 1b:d1:b7:fe:11:ca:ec:63:4f:21:55:97:7c:99:e9:b3:c5:c5: 4d:4f:51:ef:d7:ca:f5:dc:d5:9a:a6:2d:34:ae:04:c0:c1:65: d2:a8:c6:8f:25:81:3a:a1:d9:fa:48:ad:70:98:44:94:47:db: a6:29:7c:5e:78:e6:80:6d:4b:2e:ee:05:92:cc:9f:88:5c:b9: 7d:a0:79:af:7c:d0:84:10:73:20:63:04:90:b9:8c:e1:a7:5a: 85:7a:06:74:61:c6:0e:1e:b1:56:ec:14:08:ca:e8:0d:a5:0c: a9:16:00:e4:9c:ed:d5:21:c1:c4:d9:3a:2a:d3:83:21:57:4b: 70:83:51:3b:82:d6:9e:74:d1:3d:79:3a:42:0e:0c:b0:92:1d: 22:b3:c7:c2:d6:ea:82:ca:39:99:ef:3d:99:d6:a8:57:76:31: 76:93:28:8a:f0:a5:30:20:f7:6f:48:aa:9c:63:b7:41:29:61: d3:39:c3:23:6b:c6:89:51:a3:32:d9:7d:4b:b7:ba:08:b5:2a: b9:33:6b:ee:7f:d0:e3:83:e8:e8:db:0d:14:08:6f:af:00:60: 39:1a:19:a0:39:4c:a0:ef:02:b0:a3:2a:27:9f:d6:6b:87:9f: 97:33:cf:40 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZrJUIPbc8RjEcfZUzrQHYaPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy MDdmZDIwHhcNMjUxMTI4MDcxNDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWZjYmNjMGFjZDlkNjUzYTdjM2NhZDEyMDBhN2NmNjRkNDcwNTA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg1M++ATBjsDmLgKKWIWVmSqZLeD dMZxXhvjGI7G8R9SGG6t5WYXqtLUMxJI0mUit4mj2LWDnbuoO7zGg89J7V7GZa34 qlkPhujYRz8MocGkCYZaum1VU9aDmIInXSt8j/TK8l1fwRCBMYkGKttGfzdD9LUr WGUxGg+yY1+qDzNQddf1sPnYSh74w3DQjEQx4jhZ4OcDd2rp8mN6hy4oDT8bM7o6 pHCGgAjB4V+WBsquOHAmwwScv6+fTCJ6c3XZaTDvwW5MSDowcDCMF1vJdE9zmawe lfR86Eq4EfRjrd41IEstyZlR6z1DqEgFqA7om2Nt/ehauFFDyV0UeCmOSwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIX8vMCs2dZTp8PK0SAKfPZNRwUIMB8GA1UdIwQY MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt MTVmMTNlM2Y3ZDg1LzEvaGZ5OHdLeloxbE9udzhyUklBcDg5azFIQlFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1 LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaKADMA0G CSqGSIb3DQEBCwUAA4IBAQAzXkrtCJ5bj/6wl9jOHg5rXIAb0bf+EcrsY08hVZd8 memzxcVNT1Hv18r13NWapi00rgTAwWXSqMaPJYE6odn6SK1wmESUR9umKXxeeOaA bUsu7gWSzJ+IXLl9oHmvfNCEEHMgYwSQuYzhp1qFegZ0YcYOHrFW7BQIyugNpQyp FgDknO3VIcHE2Toq04MhV0twg1E7gtaedNE9eTpCDgywkh0is8fC1uqCyjmZ7z2Z 1qhXdjF2kyiK8KUwIPdvSKqcY7dBKWHTOcMja8aJUaMy2X1Lt7oItSq5M2vuf9Dj g+jo2w0UCG+vAGA5GhmgOUyg7wKwoyonn9Zrh5+XM89A -----END CERTIFICATE-----Generated at Fri Dec 5 03:45:20 2025 by rpki-client