This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/hKDjaD83iRNw9KqUmwJ4dn-wayQ.roa File: hKDjaD83iRNw9KqUmwJ4dn-wayQ.roa (raw, json) Hash identifier: 10/6EyjVD8LS9DDC/nxhOd/PoDCy15V9W7b4OpC/X6g= Subject key identifier: 84:A0:E3:68:3F:37:89:13:70:F4:AA:94:9B:02:78:76:7F:B0:6B:24 Certificate issuer: /CN=b1e8cf7386200dfda9b067db9c77d30660d74cda Certificate serial: 019B7C11C7309D5A209CD38E443B40DD589A Authority key identifier: B1:E8:CF:73:86:20:0D:FD:A9:B0:67:DB:9C:77:D3:06:60:D7:4C:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sejPc4YgDf2psGfbnHfTBmDXTNo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/hKDjaD83iRNw9KqUmwJ4dn-wayQ.roa Signing time: Fri 02 Jan 2026 00:18:18 +0000 ROA not before: Fri 02 Jan 2026 00:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12384 IP address blocks: 77.235.224.0/19 maxlen: 19 185.173.196.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/sejPc4YgDf2psGfbnHfTBmDXTNo.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/sejPc4YgDf2psGfbnHfTBmDXTNo.mft rsync://rpki.ripe.net/repository/DEFAULT/sejPc4YgDf2psGfbnHfTBmDXTNo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:c7:30:9d:5a:20:9c:d3:8e:44:3b:40:dd:58:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1e8cf7386200dfda9b067db9c77d30660d74cda Validity Not Before: Jan 2 00:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=84a0e3683f37891370f4aa949b0278767fb06b24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:dd:29:d0:cb:50:91:88:bd:a4:23:d5:73:e3: f9:b0:40:3d:06:6c:b9:f3:19:1f:cb:e1:3a:ac:4c: c6:f2:17:da:32:bf:40:47:16:40:d6:07:22:7b:2f: 9c:2f:25:c2:bf:07:8b:fe:74:e6:11:5d:19:c5:b2: 39:92:18:cb:98:04:77:e1:42:44:05:d0:0c:9d:ae: a2:3b:c0:2c:79:12:64:8f:df:09:fe:3f:45:27:bb: ce:e8:56:4b:94:c6:16:61:19:a1:19:f9:1d:ac:45: d0:22:f2:a6:06:74:91:21:88:5a:aa:6e:38:b3:a3: d9:50:14:6a:3a:7c:0b:76:40:5c:5d:95:47:7f:68: 7e:ff:c6:0e:09:dc:77:bc:76:06:6f:8e:44:44:a2: c6:48:6f:0c:c7:d9:8f:ae:b6:b2:7b:90:e1:66:cc: 43:8f:60:fc:e2:98:94:0c:bc:e7:d8:8f:49:c1:50: 92:4e:34:8c:be:1c:fb:00:6f:93:d8:20:c8:5e:3b: 89:07:9a:0b:43:9c:2d:a1:c1:c9:35:04:f5:e0:a2: 91:9e:1b:99:6b:fe:32:97:05:37:70:3c:3f:d0:6a: f3:67:af:c8:7c:b7:58:09:aa:f8:aa:f4:09:2c:0d: 20:2d:cd:c5:c7:1b:63:06:66:32:54:0d:3b:37:c5: 7a:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:A0:E3:68:3F:37:89:13:70:F4:AA:94:9B:02:78:76:7F:B0:6B:24 X509v3 Authority Key Identifier: keyid:B1:E8:CF:73:86:20:0D:FD:A9:B0:67:DB:9C:77:D3:06:60:D7:4C:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sejPc4YgDf2psGfbnHfTBmDXTNo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/hKDjaD83iRNw9KqUmwJ4dn-wayQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f499cd-fad6-4fb0-9be7-4a7904ffc8e1/1/sejPc4YgDf2psGfbnHfTBmDXTNo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.235.224.0/19 185.173.196.0/22 Signature Algorithm: sha256WithRSAEncryption 15:0f:4f:c6:97:db:88:0a:5f:49:95:7e:eb:e9:20:20:bf:91: d3:c3:0e:01:69:15:21:63:54:23:55:dc:1a:7d:eb:0e:9d:88: 92:fc:59:ea:ca:9c:ee:86:39:bf:90:bb:57:61:f1:82:a9:39: 6e:37:a5:70:43:52:26:23:f2:87:d3:4a:a9:b4:f2:5f:1c:a9: cc:59:21:69:47:dc:65:35:a4:45:c2:8b:77:65:c5:5e:b8:e5: f4:cb:0c:8a:56:cd:45:ac:96:85:4d:53:8f:28:37:44:df:3f: b9:f7:bd:05:03:c7:00:bc:a2:e0:f8:f2:10:64:c8:8e:25:77: 57:7d:bc:82:b8:70:39:1c:3f:0c:c1:c6:07:0d:91:12:f0:3f: 68:45:85:68:ce:f7:a6:44:13:6b:22:55:57:9b:86:00:8e:44: 50:37:eb:5f:db:bd:6a:d0:b3:8b:d3:c0:ca:dc:5a:18:36:07: 5a:6b:b1:60:66:88:4a:5d:75:54:9c:4f:29:56:49:9e:3f:f5: d1:88:2c:d7:c9:de:51:46:4a:01:1d:16:b9:62:c9:61:51:b6: bb:c7:d3:43:3d:c6:f1:d0:0a:e4:7c:f7:2a:5a:ec:d3:13:f3: 85:1a:8d:28:9f:f3:d5:49:1c:cc:bf:c5:fd:2b:94:c4:ad:cc: 97:fe:f6:b2 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8EccwnVognNOORDtA3ViaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxZThjZjczODYyMDBkZmRhOWIwNjdkYjljNzdkMzA2NjBk NzRjZGEwHhcNMjYwMTAyMDAxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NGEwZTM2ODNmMzc4OTEzNzBmNGFhOTQ5YjAyNzg3NjdmYjA2YjI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN0p0MtQkYi9pCPVc+P5sEA9Bmy5 8xkfy+E6rEzG8hfaMr9ARxZA1gciey+cLyXCvweL/nTmEV0ZxbI5khjLmAR34UJE BdAMna6iO8AseRJkj98J/j9FJ7vO6FZLlMYWYRmhGfkdrEXQIvKmBnSRIYhaqm44 s6PZUBRqOnwLdkBcXZVHf2h+/8YOCdx3vHYGb45ERKLGSG8Mx9mPrraye5DhZsxD j2D84piUDLzn2I9JwVCSTjSMvhz7AG+T2CDIXjuJB5oLQ5wtocHJNQT14KKRnhuZ a/4ylwU3cDw/0GrzZ6/IfLdYCar4qvQJLA0gLc3FxxtjBmYyVA07N8V6ZwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFISg42g/N4kTcPSqlJsCeHZ/sGskMB8GA1UdIwQY MBaAFLHoz3OGIA39qbBn25x30wZg10zaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2VqUGM0WWdEZjJwc0dmYm5IZlRCbURYVE5vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mNDk5Y2QtZmFkNi00ZmIwLTliZTct NGE3OTA0ZmZjOGUxLzEvaEtEamFEODNpUk53OUtxVW13SjRkbi13YXlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mNDk5Y2QtZmFkNi00ZmIwLTliZTctNGE3OTA0ZmZjOGUx LzEvc2VqUGM0WWdEZjJwc0dmYm5IZlRCbURYVE5vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFTevgAwQC ua3EMA0GCSqGSIb3DQEBCwUAA4IBAQAVD0/Gl9uICl9JlX7r6SAgv5HTww4BaRUh Y1QjVdwafesOnYiS/Fnqypzuhjm/kLtXYfGCqTluN6VwQ1ImI/KH00qptPJfHKnM WSFpR9xlNaRFwot3ZcVeuOX0ywyKVs1FrJaFTVOPKDdE3z+5970FA8cAvKLg+PIQ ZMiOJXdXfbyCuHA5HD8MwcYHDZES8D9oRYVozvemRBNrIlVXm4YAjkRQN+tf271q 0LOL08DK3FoYNgdaa7FgZohKXXVUnE8pVkmeP/XRiCzXyd5RRkoBHRa5YslhUba7 x9NDPcbx0ArkfPcqWuzTE/OFGo0on/PVSRzMv8X9K5TErcyX/vay -----END CERTIFICATE-----Generated at Mon Feb 9 22:37:05 2026 by rpki-client