This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/04e4c6-3349-4aed-88bc-5ee534fdb39b/1/H3pYhN3aP-4mmqKhhpci3ig1tCA.roa File: H3pYhN3aP-4mmqKhhpci3ig1tCA.roa (raw, json) Hash identifier: 4vAvKOvcUAX6c1K5Wxm9Dj65zDW/pqpYSeloWgjaCn4= Subject key identifier: 1F:7A:58:84:DD:DA:3F:EE:26:9A:A2:A1:86:97:22:DE:28:35:B4:20 Certificate issuer: /CN=1d05dc740f6f4bb5bc4b03387e9b47530850743c Certificate serial: 019B9CC7BE5F48D4DC9CBDDEBC631620ECB4 Authority key identifier: 1D:05:DC:74:0F:6F:4B:B5:BC:4B:03:38:7E:9B:47:53:08:50:74:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQXcdA9vS7W8SwM4fptHUwhQdDw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/04e4c6-3349-4aed-88bc-5ee534fdb39b/1/H3pYhN3aP-4mmqKhhpci3ig1tCA.roa Signing time: Thu 08 Jan 2026 08:44:54 +0000 ROA not before: Thu 08 Jan 2026 08:44:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198678 IP address blocks: 123.2.0.0/15 maxlen: 15 142.221.0.0/16 maxlen: 16 161.37.0.0/16 maxlen: 16 168.86.0.0/17 maxlen: 17 2a07:3040::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/04e4c6-3349-4aed-88bc-5ee534fdb39b/1/HQXcdA9vS7W8SwM4fptHUwhQdDw.crl rsync://rpki.ripe.net/repository/DEFAULT/63/04e4c6-3349-4aed-88bc-5ee534fdb39b/1/HQXcdA9vS7W8SwM4fptHUwhQdDw.mft rsync://rpki.ripe.net/repository/DEFAULT/HQXcdA9vS7W8SwM4fptHUwhQdDw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9c:c7:be:5f:48:d4:dc:9c:bd:de:bc:63:16:20:ec:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d05dc740f6f4bb5bc4b03387e9b47530850743c Validity Not Before: Jan 8 08:44:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f7a5884ddda3fee269aa2a1869722de2835b420 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:e3:e4:84:e9:34:10:73:9e:f7:69:c1:f5:18: ed:9d:9b:39:98:cd:c0:c7:f9:31:36:57:33:47:b4: 1f:6c:04:6b:83:91:0b:b6:44:bb:59:ed:74:5d:9d: 68:c3:db:62:30:2e:39:d3:d0:8d:44:fa:ba:ce:f2: d9:57:7a:33:92:d4:ea:59:03:05:31:4a:77:7d:d7: 43:24:2a:d6:16:c2:4e:0b:a6:cb:3c:1c:74:03:7e: 59:5f:9e:68:51:5b:00:c5:e4:d1:79:fb:e8:36:ce: 7e:a2:e6:a3:97:98:2e:78:dd:da:59:fc:af:d3:36: be:08:c0:7c:5c:8b:ce:74:37:70:a9:df:12:fe:f1: ea:91:57:b3:77:a4:43:18:6e:9f:5a:6e:b3:85:a2: cf:b7:d1:6a:15:02:34:09:ef:90:05:98:df:77:b6: 4c:d1:64:7b:8b:23:88:ef:86:52:06:b6:f7:56:44: 25:e7:de:be:5e:52:4d:9d:0e:78:ba:8a:5f:3e:77: fb:79:f5:2f:d4:77:48:00:4a:8c:61:4c:e8:38:10: de:1b:bc:3c:d8:4c:1c:96:18:e2:ee:27:f4:f1:56: c6:4b:1f:00:0a:d6:16:4c:ff:eb:fe:f6:65:3f:66: a5:dc:77:69:a1:a5:65:1b:fd:ab:49:a0:bb:8d:51: 07:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:7A:58:84:DD:DA:3F:EE:26:9A:A2:A1:86:97:22:DE:28:35:B4:20 X509v3 Authority Key Identifier: keyid:1D:05:DC:74:0F:6F:4B:B5:BC:4B:03:38:7E:9B:47:53:08:50:74:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQXcdA9vS7W8SwM4fptHUwhQdDw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/04e4c6-3349-4aed-88bc-5ee534fdb39b/1/H3pYhN3aP-4mmqKhhpci3ig1tCA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/04e4c6-3349-4aed-88bc-5ee534fdb39b/1/HQXcdA9vS7W8SwM4fptHUwhQdDw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 123.2.0.0/15 142.221.0.0/16 161.37.0.0/16 168.86.0.0/17 IPv6: 2a07:3040::/32 Signature Algorithm: sha256WithRSAEncryption 6a:cf:84:c3:6b:91:0d:b1:67:80:52:5a:87:c3:b0:4b:79:e1: d7:b9:35:95:b5:ad:66:6b:92:c1:c2:28:ce:c0:a6:3b:0f:9a: 83:a9:19:98:ab:cb:91:8f:9e:17:4b:f4:6a:2d:0d:a6:e7:d5: 90:c2:23:2e:6b:e9:69:55:a0:69:0d:72:cb:2f:ab:59:ba:bc: 97:b4:20:f7:1d:42:52:8d:06:c0:24:29:0b:a9:e1:00:d7:b2: f6:8b:89:38:70:7c:53:2b:4b:a6:ad:36:d7:bb:15:6c:98:ad: 8a:12:b4:34:46:62:e5:17:25:8f:87:1e:5c:92:87:39:26:eb: 00:1f:99:ec:52:39:b2:ba:25:0f:60:c1:bd:e7:0a:da:96:5b: 98:20:60:23:87:96:0a:df:7a:dc:c6:85:a7:8f:1e:99:79:85: c5:f8:7e:29:46:15:a4:4d:28:a3:db:ce:89:95:05:84:a3:66: 7a:82:0a:04:ac:1e:b1:d4:ad:9f:28:e6:5b:12:1d:a9:47:6e: fa:19:d9:30:2d:d0:03:16:20:f7:8e:17:56:a0:de:96:6f:b4: 6f:82:5a:ab:f7:93:66:91:f4:f2:a8:6b:75:2d:5e:1a:ad:11: 3d:ba:1b:1f:b2:74:29:b3:eb:27:0c:e3:33:6c:dd:61:6b:52: d6:c7:33:ce -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZucx75fSNTcnL3evGMWIOy0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMDVkYzc0MGY2ZjRiYjViYzRiMDMzODdlOWI0NzUzMDg1 MDc0M2MwHhcNMjYwMTA4MDg0NDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjdhNTg4NGRkZGEzZmVlMjY5YWEyYTE4Njk3MjJkZTI4MzViNDIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+PkhOk0EHOe92nB9RjtnZs5mM3A x/kxNlczR7QfbARrg5ELtkS7We10XZ1ow9tiMC4509CNRPq6zvLZV3ozktTqWQMF MUp3fddDJCrWFsJOC6bLPBx0A35ZX55oUVsAxeTRefvoNs5+ouajl5gueN3aWfyv 0za+CMB8XIvOdDdwqd8S/vHqkVezd6RDGG6fWm6zhaLPt9FqFQI0Ce+QBZjfd7ZM 0WR7iyOI74ZSBrb3VkQl596+XlJNnQ54uopfPnf7efUv1HdIAEqMYUzoOBDeG7w8 2Ewclhji7if08VbGSx8ACtYWTP/r/vZlP2al3HdpoaVlG/2rSaC7jVEHGQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFB96WITd2j/uJpqioYaXIt4oNbQgMB8GA1UdIwQY MBaAFB0F3HQPb0u1vEsDOH6bR1MIUHQ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFFYY2RBOXZTN1c4U3dNNGZwdEhVd2hRZER3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8wNGU0YzYtMzM0OS00YWVkLTg4YmMt NWVlNTM0ZmRiMzliLzEvSDNwWWhOM2FQLTRtbXFLaGhwY2kzaWcxdENBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My8wNGU0YzYtMzM0OS00YWVkLTg4YmMtNWVlNTM0ZmRiMzli LzEvSFFYY2RBOXZTN1c4U3dNNGZwdEhVd2hRZER3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAbBAIAATAVAwMBewIDAwCO 3QMDAKElAwQHqFYAMA0EAgACMAcDBQAqBzBAMA0GCSqGSIb3DQEBCwUAA4IBAQBq z4TDa5ENsWeAUlqHw7BLeeHXuTWVta1ma5LBwijOwKY7D5qDqRmYq8uRj54XS/Rq LQ2m59WQwiMua+lpVaBpDXLLL6tZuryXtCD3HUJSjQbAJCkLqeEA17L2i4k4cHxT K0umrTbXuxVsmK2KErQ0RmLlFyWPhx5ckoc5JusAH5nsUjmyuiUPYMG95wralluY IGAjh5YK33rcxoWnjx6ZeYXF+H4pRhWkTSij286JlQWEo2Z6ggoErB6x1K2fKOZb Eh2pR276GdkwLdADFiD3jhdWoN6Wb7Rvglqr95NmkfTyqGt1LV4arRE9uhsfsnQp s+snDOMzbN1ha1LWxzPO -----END CERTIFICATE-----Generated at Mon Feb 9 23:54:36 2026 by rpki-client