This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/219592-4a44-4298-bd8e-4b2e680c7491/1/hKMbuHr2aXc8zzCBYrN1Pl3PnrE.roa File: hKMbuHr2aXc8zzCBYrN1Pl3PnrE.roa (raw, json) Hash identifier: GT98HeqOpegXQJEdGgjawpeJJ5F69fX5SkGY05H68og= Subject key identifier: 84:A3:1B:B8:7A:F6:69:77:3C:CF:30:81:62:B3:75:3E:5D:CF:9E:B1 Certificate issuer: /CN=24992f32d7486dfb4a32c2e7810854ac6a668e34 Certificate serial: 019B7AC8923F560B069FB3A9800275EE9073 Authority key identifier: 24:99:2F:32:D7:48:6D:FB:4A:32:C2:E7:81:08:54:AC:6A:66:8E:34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JJkvMtdIbftKMsLngQhUrGpmjjQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/219592-4a44-4298-bd8e-4b2e680c7491/1/hKMbuHr2aXc8zzCBYrN1Pl3PnrE.roa Signing time: Thu 01 Jan 2026 18:18:43 +0000 ROA not before: Thu 01 Jan 2026 18:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206028 IP address blocks: 185.108.76.0/22 maxlen: 22 2a0d:2940::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/219592-4a44-4298-bd8e-4b2e680c7491/1/JJkvMtdIbftKMsLngQhUrGpmjjQ.crl rsync://rpki.ripe.net/repository/DEFAULT/66/219592-4a44-4298-bd8e-4b2e680c7491/1/JJkvMtdIbftKMsLngQhUrGpmjjQ.mft rsync://rpki.ripe.net/repository/DEFAULT/JJkvMtdIbftKMsLngQhUrGpmjjQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:92:3f:56:0b:06:9f:b3:a9:80:02:75:ee:90:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24992f32d7486dfb4a32c2e7810854ac6a668e34 Validity Not Before: Jan 1 18:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=84a31bb87af669773ccf308162b3753e5dcf9eb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:69:f0:2d:6d:ad:1a:64:d9:c3:d9:20:2f:5a: f6:ae:bf:a9:db:2a:4c:ea:98:f3:e8:ea:d6:32:c4: 1a:ba:de:54:15:fc:07:ad:61:70:35:b2:1c:83:58: 85:23:a6:cb:c7:5d:56:51:d6:9d:f7:f4:14:53:72: d4:38:4c:38:1d:44:b7:4e:98:48:d4:52:f3:b9:24: cf:b1:d1:30:ff:fb:2b:5c:b1:a1:91:52:bb:f5:9b: cb:7a:3d:9e:eb:67:0a:2d:ee:90:cf:57:77:19:33: ee:cf:42:a5:c3:16:fe:c5:7d:20:5c:fd:22:4d:b5: e3:d1:65:b2:df:8a:05:76:ff:a1:78:14:db:98:e3: ad:6d:3e:24:38:41:80:d7:77:6a:fc:1e:14:55:a1: 5b:ec:5b:ea:9e:18:52:12:bf:66:ff:63:db:ef:56: f1:a5:65:c9:17:f4:00:7b:61:1e:c6:b4:12:58:72: 79:07:a0:64:3b:56:fe:de:15:78:3f:c3:fe:90:21: 40:fd:31:85:2d:9e:95:23:cd:e9:f3:a7:19:03:90: 7d:4a:03:81:da:d5:1b:88:08:5c:0d:32:bf:b2:2d: ff:1b:bc:dd:92:39:60:cb:62:c9:9f:ce:8c:56:45: 8e:06:3c:2c:ff:92:dd:00:e5:c7:ec:77:40:c0:6d: 2b:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:A3:1B:B8:7A:F6:69:77:3C:CF:30:81:62:B3:75:3E:5D:CF:9E:B1 X509v3 Authority Key Identifier: keyid:24:99:2F:32:D7:48:6D:FB:4A:32:C2:E7:81:08:54:AC:6A:66:8E:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JJkvMtdIbftKMsLngQhUrGpmjjQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/219592-4a44-4298-bd8e-4b2e680c7491/1/hKMbuHr2aXc8zzCBYrN1Pl3PnrE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/219592-4a44-4298-bd8e-4b2e680c7491/1/JJkvMtdIbftKMsLngQhUrGpmjjQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.108.76.0/22 IPv6: 2a0d:2940::/29 Signature Algorithm: sha256WithRSAEncryption 4a:e5:1a:59:f2:a7:96:dd:a9:78:b1:32:c7:64:bd:67:70:e6: 9e:08:80:17:6f:b7:95:6a:5c:22:65:34:2b:28:13:8f:10:68: 87:02:a0:91:c1:80:07:26:17:7d:0b:e3:9a:f5:5b:b3:2a:a8: 98:71:e8:df:ac:b4:41:71:bc:cc:80:d4:bb:e5:7f:b8:8a:82: 9c:81:d4:23:bb:41:b1:15:91:56:ba:90:dc:a2:c6:af:8b:ea: 92:03:3a:76:48:39:02:d6:84:5d:cc:20:95:28:89:86:10:0e: 29:96:7f:c1:f3:ce:d5:68:ea:8e:e9:67:06:04:16:30:4f:79: e5:c0:ad:45:11:29:0f:8b:c3:0b:7b:ae:31:f1:e1:af:83:dc: 65:39:26:79:c0:b1:38:d1:56:a6:1b:a3:5d:63:eb:b4:35:75: b9:90:3e:24:be:5d:68:96:b0:35:58:77:3c:50:5c:fd:9a:dc: f1:3e:ee:a6:cc:3f:5c:5a:78:9c:aa:ac:34:23:8a:0c:15:bc: 19:3d:38:c1:10:b5:32:b6:d5:a7:af:4d:c5:03:d2:21:30:89: f4:6b:bb:a9:46:1b:6d:b4:d1:37:82:f0:59:c9:8c:28:20:2b: d0:45:d0:2a:cc:2b:27:bb:44:81:d2:bd:f4:64:f8:23:e3:69: c0:19:ea:99 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6yJI/VgsGn7OpgAJ17pBzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0OTkyZjMyZDc0ODZkZmI0YTMyYzJlNzgxMDg1NGFjNmE2 NjhlMzQwHhcNMjYwMTAxMTgxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NGEzMWJiODdhZjY2OTc3M2NjZjMwODE2MmIzNzUzZTVkY2Y5ZWIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGnwLW2tGmTZw9kgL1r2rr+p2ypM 6pjz6OrWMsQaut5UFfwHrWFwNbIcg1iFI6bLx11WUdad9/QUU3LUOEw4HUS3TphI 1FLzuSTPsdEw//srXLGhkVK79ZvLej2e62cKLe6Qz1d3GTPuz0Klwxb+xX0gXP0i TbXj0WWy34oFdv+heBTbmOOtbT4kOEGA13dq/B4UVaFb7FvqnhhSEr9m/2Pb71bx pWXJF/QAe2EexrQSWHJ5B6BkO1b+3hV4P8P+kCFA/TGFLZ6VI83p86cZA5B9SgOB 2tUbiAhcDTK/si3/G7zdkjlgy2LJn86MVkWOBjws/5LdAOXH7HdAwG0rkQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFISjG7h69ml3PM8wgWKzdT5dz56xMB8GA1UdIwQY MBaAFCSZLzLXSG37SjLC54EIVKxqZo40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSkprdk10ZEliZnRLTXNMbmdRaFVyR3BtampRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yMTk1OTItNGE0NC00Mjk4LWJkOGUt NGIyZTY4MGM3NDkxLzEvaEtNYnVIcjJhWGM4enpDQllyTjFQbDNQbnJFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yMTk1OTItNGE0NC00Mjk4LWJkOGUtNGIyZTY4MGM3NDkx LzEvSkprdk10ZEliZnRLTXNMbmdRaFVyR3BtampRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWxMMA0E AgACMAcDBQMqDSlAMA0GCSqGSIb3DQEBCwUAA4IBAQBK5RpZ8qeW3al4sTLHZL1n cOaeCIAXb7eValwiZTQrKBOPEGiHAqCRwYAHJhd9C+Oa9VuzKqiYcejfrLRBcbzM gNS75X+4ioKcgdQju0GxFZFWupDcosavi+qSAzp2SDkC1oRdzCCVKImGEA4pln/B 887VaOqO6WcGBBYwT3nlwK1FESkPi8MLe64x8eGvg9xlOSZ5wLE40VamG6NdY+u0 NXW5kD4kvl1olrA1WHc8UFz9mtzxPu6mzD9cWnicqqw0I4oMFbwZPTjBELUyttWn r03FA9IhMIn0a7upRhtttNE3gvBZyYwoICvQRdAqzCsnu0SB0r30ZPgj42nAGeqZ -----END CERTIFICATE-----Generated at Mon Feb 9 19:55:02 2026 by rpki-client