This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/53a721-1f91-488a-b5a3-59c9c3fb9947/1/Hwz33O3GEhUPQENUYSweMk7o9iA.roa File: Hwz33O3GEhUPQENUYSweMk7o9iA.roa (raw, json) Hash identifier: 1HTvbTcGZV1b8MpfW8YABdSoijcVRUnqTe0YqNWbdPc= Subject key identifier: 1F:0C:F7:DC:ED:C6:12:15:0F:40:43:54:61:2C:1E:32:4E:E8:F6:20 Certificate issuer: /CN=84056e22dd123c834c0a4aa74516d5fb3cc77dd1 Certificate serial: 019B79EC6D7BF52CD56D76BDE40208AADEE5 Authority key identifier: 84:05:6E:22:DD:12:3C:83:4C:0A:4A:A7:45:16:D5:FB:3C:C7:7D:D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hAVuIt0SPINMCkqnRRbV-zzHfdE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/53a721-1f91-488a-b5a3-59c9c3fb9947/1/Hwz33O3GEhUPQENUYSweMk7o9iA.roa Signing time: Thu 01 Jan 2026 14:18:16 +0000 ROA not before: Thu 01 Jan 2026 14:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39808 IP address blocks: 89.107.88.0/21 maxlen: 21 185.123.212.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/53a721-1f91-488a-b5a3-59c9c3fb9947/1/hAVuIt0SPINMCkqnRRbV-zzHfdE.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/53a721-1f91-488a-b5a3-59c9c3fb9947/1/hAVuIt0SPINMCkqnRRbV-zzHfdE.mft rsync://rpki.ripe.net/repository/DEFAULT/hAVuIt0SPINMCkqnRRbV-zzHfdE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:6d:7b:f5:2c:d5:6d:76:bd:e4:02:08:aa:de:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84056e22dd123c834c0a4aa74516d5fb3cc77dd1 Validity Not Before: Jan 1 14:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f0cf7dcedc612150f404354612c1e324ee8f620 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:d4:de:a9:38:79:15:b0:8a:19:e6:3d:a7:be: dc:48:b0:a3:7d:94:3b:7b:e8:38:41:96:92:c6:03: 3f:fe:cd:a6:e9:90:40:c9:3a:c1:14:99:83:3a:8b: fa:20:4c:4c:b1:84:f5:4a:b9:08:88:45:48:1a:c7: f8:a1:c9:a0:82:71:c6:78:4f:34:b2:fa:bc:81:c5: fb:9d:78:04:23:90:cc:1f:a1:dc:21:4f:5d:8b:f2: 5f:60:04:f7:8b:4a:ec:95:61:e9:b3:4c:f6:61:46: 63:46:36:71:b7:34:35:b7:ac:b9:90:b4:41:80:e6: bc:37:1a:a7:3d:1e:2e:6a:fb:f7:76:c9:06:79:28: 7e:52:99:f5:51:84:e2:f6:a3:36:34:89:20:23:70: 48:76:aa:e8:34:69:d1:51:b7:8a:55:9e:1f:1c:23: 6c:4f:5c:1c:c4:c8:19:8d:c2:24:13:2f:03:2d:a7: 41:28:58:4e:36:71:f7:4c:58:08:8f:e0:5b:0e:c7: 24:b7:c0:bf:94:fe:a9:6a:95:fd:ee:be:62:a0:3f: ac:b2:26:e4:a6:b1:c1:ee:fd:64:ec:9e:08:ce:50: a6:5d:17:9c:1c:8a:bb:f6:f4:91:2e:15:d5:8b:6b: e4:db:25:bf:8e:bf:a0:3e:6d:f8:2f:42:86:18:c9: 81:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:0C:F7:DC:ED:C6:12:15:0F:40:43:54:61:2C:1E:32:4E:E8:F6:20 X509v3 Authority Key Identifier: keyid:84:05:6E:22:DD:12:3C:83:4C:0A:4A:A7:45:16:D5:FB:3C:C7:7D:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hAVuIt0SPINMCkqnRRbV-zzHfdE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/53a721-1f91-488a-b5a3-59c9c3fb9947/1/Hwz33O3GEhUPQENUYSweMk7o9iA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/53a721-1f91-488a-b5a3-59c9c3fb9947/1/hAVuIt0SPINMCkqnRRbV-zzHfdE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.107.88.0/21 185.123.212.0/22 Signature Algorithm: sha256WithRSAEncryption 19:c9:ed:1f:9c:c6:54:f3:14:bb:58:15:86:02:d4:1f:04:88: 16:1d:f1:ef:8c:20:14:4f:d2:39:7c:50:3f:6b:31:0e:d6:cc: 6a:d8:c5:33:3a:54:53:fd:eb:e9:52:f5:f6:ff:5c:d7:99:c0: 2e:83:21:94:8b:08:e6:70:a7:58:ab:de:2e:5d:67:15:ca:4d: dd:94:bf:83:f3:dd:d3:70:9d:20:a5:31:3d:e2:94:54:66:c4: 1c:13:21:b6:00:17:35:2c:e0:33:0e:37:c7:08:24:e4:27:4e: 71:28:b6:eb:7b:8d:37:54:eb:49:83:b9:49:48:40:4c:ea:32: 53:ef:4f:27:c0:72:d5:b2:df:c2:fb:33:b0:a5:d8:ec:cd:fd: dc:db:b4:4e:06:8e:84:97:41:96:e6:59:70:9d:d7:5a:28:aa: 5a:ac:7e:d4:6a:cd:13:6f:ab:19:2f:dc:00:28:b6:57:41:13: 91:6f:28:fd:3f:76:01:8e:83:e6:2f:53:0f:e7:30:51:df:44: 3e:2a:f3:62:18:67:7b:98:50:c2:09:d1:50:e8:1c:81:fd:a4: 97:bc:03:e1:fd:30:3b:5c:e5:a1:b1:23:53:6d:0b:5b:bc:ee: 83:57:b2:26:76:23:5d:9a:e1:95:66:54:a1:d8:38:ee:91:ad: a1:a4:82:c3 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt57G179SzVbXa95AIIqt7lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0MDU2ZTIyZGQxMjNjODM0YzBhNGFhNzQ1MTZkNWZiM2Nj NzdkZDEwHhcNMjYwMTAxMTQxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjBjZjdkY2VkYzYxMjE1MGY0MDQzNTQ2MTJjMWUzMjRlZThmNjIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19TeqTh5FbCKGeY9p77cSLCjfZQ7 e+g4QZaSxgM//s2m6ZBAyTrBFJmDOov6IExMsYT1SrkIiEVIGsf4ocmggnHGeE80 svq8gcX7nXgEI5DMH6HcIU9di/JfYAT3i0rslWHps0z2YUZjRjZxtzQ1t6y5kLRB gOa8NxqnPR4uavv3dskGeSh+Upn1UYTi9qM2NIkgI3BIdqroNGnRUbeKVZ4fHCNs T1wcxMgZjcIkEy8DLadBKFhONnH3TFgIj+BbDsckt8C/lP6papX97r5ioD+ssibk prHB7v1k7J4IzlCmXRecHIq79vSRLhXVi2vk2yW/jr+gPm34L0KGGMmBfwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFB8M99ztxhIVD0BDVGEsHjJO6PYgMB8GA1UdIwQY MBaAFIQFbiLdEjyDTApKp0UW1fs8x33RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEFWdUl0MFNQSU5NQ2txblJSYlYtenpIZmRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81M2E3MjEtMWY5MS00ODhhLWI1YTMt NTljOWMzZmI5OTQ3LzEvSHd6MzNPM0dFaFVQUUVOVVlTd2VNazdvOWlBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81M2E3MjEtMWY5MS00ODhhLWI1YTMtNTljOWMzZmI5OTQ3 LzEvaEFWdUl0MFNQSU5NQ2txblJSYlYtenpIZmRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWWtYAwQC uXvUMA0GCSqGSIb3DQEBCwUAA4IBAQAZye0fnMZU8xS7WBWGAtQfBIgWHfHvjCAU T9I5fFA/azEO1sxq2MUzOlRT/evpUvX2/1zXmcAugyGUiwjmcKdYq94uXWcVyk3d lL+D893TcJ0gpTE94pRUZsQcEyG2ABc1LOAzDjfHCCTkJ05xKLbre403VOtJg7lJ SEBM6jJT708nwHLVst/C+zOwpdjszf3c27ROBo6El0GW5llwnddaKKparH7Uas0T b6sZL9wAKLZXQRORbyj9P3YBjoPmL1MP5zBR30Q+KvNiGGd7mFDCCdFQ6ByB/aSX vAPh/TA7XOWhsSNTbQtbvO6DV7ImdiNdmuGVZlSh2Djuka2hpILD -----END CERTIFICATE-----Generated at Mon Feb 9 19:55:46 2026 by rpki-client