This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/rHkMUama1-jvql2n4JxJshiVSTQ.roa File: rHkMUama1-jvql2n4JxJshiVSTQ.roa (raw, json) Hash identifier: oQziuR59O6rlzZeCRUKRXeHVZd484zS9e7X/rdhd7pE= Subject key identifier: AC:79:0C:51:A9:9A:D7:E8:EF:AA:5D:A7:E0:9C:49:B2:18:95:49:34 Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a Certificate serial: 019B7BA3FBF8E6083C57407F9CF15F6ED52C Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/rHkMUama1-jvql2n4JxJshiVSTQ.roa Signing time: Thu 01 Jan 2026 22:18:23 +0000 ROA not before: Thu 01 Jan 2026 22:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 28753 IP address blocks: 45.138.72.0/24 maxlen: 24 185.94.166.0/24 maxlen: 24 185.125.51.0/24 maxlen: 24 185.172.130.0/24 maxlen: 24 185.172.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 13:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:fb:f8:e6:08:3c:57:40:7f:9c:f1:5f:6e:d5:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a Validity Not Before: Jan 1 22:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ac790c51a99ad7e8efaa5da7e09c49b218954934 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f8:14:1a:27:4d:78:67:b5:b1:15:62:81:52: ec:82:4e:44:ba:b1:ad:d9:fd:7e:52:28:8d:8f:28: 1f:0b:aa:f3:fb:e8:3b:5c:6b:18:d5:24:17:06:c9: 98:1d:d0:11:94:8b:b9:33:f9:f9:9d:31:cd:05:a0: 46:86:41:37:31:6b:e9:ae:6d:7c:43:e3:5d:e0:69: c0:ea:a7:4f:51:c7:f1:b8:f8:2c:57:cd:90:0c:4c: 11:ed:22:d0:fc:f6:77:35:82:8c:2f:aa:93:ae:79: 97:7b:9f:05:54:51:61:fa:c1:39:19:dc:bb:c3:2b: 9b:4c:20:69:27:32:33:11:f7:f2:d0:c3:c9:ed:79: 8d:ed:1f:a9:01:ec:c0:85:45:c3:96:37:1c:ae:6c: 23:61:d8:44:d8:87:88:a7:c5:e5:e2:a2:c0:4f:92: 06:de:5b:dd:1d:aa:42:21:3e:5f:5c:a5:cc:c0:11: 57:8f:64:ee:5f:9f:96:a6:c3:81:5b:7e:97:74:68: c2:28:38:2d:1c:e6:e0:25:b7:d6:dd:da:8d:f8:6a: 0b:c3:51:ad:ff:a6:d4:f9:07:f0:23:cd:b4:43:54: 54:57:e3:cf:a9:06:cb:ea:5f:21:0c:53:4e:e2:93: c7:d9:86:2d:2e:9e:7f:e6:23:5d:23:23:5a:eb:f5: 90:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:79:0C:51:A9:9A:D7:E8:EF:AA:5D:A7:E0:9C:49:B2:18:95:49:34 X509v3 Authority Key Identifier: keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/rHkMUama1-jvql2n4JxJshiVSTQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.138.72.0/24 185.94.166.0/24 185.125.51.0/24 185.172.130.0/23 Signature Algorithm: sha256WithRSAEncryption 53:37:af:12:46:0e:2d:c4:3c:ba:87:6f:95:9f:f2:77:7c:88: ec:88:54:1f:9f:32:ba:7b:1e:ab:11:af:84:79:11:97:c8:36: 42:bf:03:fd:b8:c0:29:9d:e3:7e:d5:06:bf:00:6f:9c:2a:d5: be:84:58:5e:dc:77:7f:b9:f5:d4:69:9a:2f:47:c2:2b:39:a3: 3b:f5:1e:59:bd:63:9c:de:f6:67:b9:18:2b:92:69:a8:e5:8d: e9:7f:77:5a:0a:d3:3b:b9:ae:8a:81:0d:49:0e:7c:79:fc:71: 48:22:c7:3f:13:73:49:8a:7b:90:da:1e:23:46:3d:82:f9:fd: ad:e5:38:3a:01:33:3b:56:1c:4e:aa:5e:7c:11:80:2e:ae:10: 37:be:48:b6:76:bb:88:af:3b:87:16:92:15:7c:34:80:bf:50: 04:3d:a2:5c:e5:a0:71:74:ce:f0:2d:1b:50:45:f3:eb:9b:12: 77:60:71:c4:ca:8b:3a:c1:13:2d:67:a3:63:99:bb:49:3a:32: 0a:2d:ae:55:d7:49:e3:3e:c7:c0:64:85:d6:21:8e:83:64:fb: 88:e9:dc:17:0b:ff:4b:d2:af:87:c6:d6:6f:8c:dc:13:53:6e: a1:55:91:45:d9:6c:f5:e4:b9:fe:84:9b:3b:72:4a:81:04:55: 65:43:64:3f -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt7o/v45gg8V0B/nPFfbtUsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3 Mjc4MmEwHhcNMjYwMTAxMjIxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYzc5MGM1MWE5OWFkN2U4ZWZhYTVkYTdlMDljNDliMjE4OTU0OTM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/gUGidNeGe1sRVigVLsgk5EurGt 2f1+UiiNjygfC6rz++g7XGsY1SQXBsmYHdARlIu5M/n5nTHNBaBGhkE3MWvprm18 Q+Nd4GnA6qdPUcfxuPgsV82QDEwR7SLQ/PZ3NYKML6qTrnmXe58FVFFh+sE5Gdy7 wyubTCBpJzIzEffy0MPJ7XmN7R+pAezAhUXDljccrmwjYdhE2IeIp8Xl4qLAT5IG 3lvdHapCIT5fXKXMwBFXj2TuX5+WpsOBW36XdGjCKDgtHObgJbfW3dqN+GoLw1Gt /6bU+QfwI820Q1RUV+PPqQbL6l8hDFNO4pPH2YYtLp5/5iNdIyNa6/WQrwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFKx5DFGpmtfo76pdp+CcSbIYlUk0MB8GA1UdIwQY MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt YjU3YTM2ZjJhZmNkLzEvckhrTVVhbWExLWp2cWwybjRKeEpzaGlWU1RRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYpIAwQA uV6mAwQAuX0zAwQBuayCMA0GCSqGSIb3DQEBCwUAA4IBAQBTN68SRg4txDy6h2+V n/J3fIjsiFQfnzK6ex6rEa+EeRGXyDZCvwP9uMApneN+1Qa/AG+cKtW+hFhe3Hd/ ufXUaZovR8IrOaM79R5ZvWOc3vZnuRgrkmmo5Y3pf3daCtM7ua6KgQ1JDnx5/HFI Isc/E3NJinuQ2h4jRj2C+f2t5Tg6ATM7VhxOql58EYAurhA3vki2druIrzuHFpIV fDSAv1AEPaJc5aBxdM7wLRtQRfPrmxJ3YHHEyos6wRMtZ6NjmbtJOjIKLa5V10nj PsfAZIXWIY6DZPuI6dwXC/9L0q+HxtZvjNwTU26hVZFF2Wz15Ln+hJs7ckqBBFVl Q2Q/ -----END CERTIFICATE-----Generated at Wed Jan 7 17:16:21 2026 by rpki-client