This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/hOqtWUuA9bp9fvLhINJUR23V3qY.roa File: hOqtWUuA9bp9fvLhINJUR23V3qY.roa (raw, json) Hash identifier: xmvyQZ9zSBD2NRCum64PXB0x5/TkQR5GlTgMfguV8zQ= Subject key identifier: 84:EA:AD:59:4B:80:F5:BA:7D:7E:F2:E1:20:D2:54:47:6D:D5:DE:A6 Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1 Certificate serial: 019B797DF2B2C8A81484504009755C4B2027 Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/hOqtWUuA9bp9fvLhINJUR23V3qY.roa Signing time: Thu 01 Jan 2026 12:17:35 +0000 ROA not before: Thu 01 Jan 2026 12:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 63018 IP address blocks: 89.125.4.0/22 maxlen: 22 89.125.12.0/22 maxlen: 22 89.125.28.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 08:02:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7d:f2:b2:c8:a8:14:84:50:40:09:75:5c:4b:20:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1 Validity Not Before: Jan 1 12:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=84eaad594b80f5ba7d7ef2e120d254476dd5dea6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:da:0b:90:34:87:b1:88:1b:69:88:64:c0:8b: b5:11:f0:41:97:21:f1:89:3d:92:92:91:11:0d:42: 33:c2:04:a2:45:4a:0a:a4:3b:be:cd:f6:29:26:a1: 8f:be:ae:b1:1c:b3:d3:09:42:be:68:3d:8c:8d:9e: 34:3b:87:c3:07:8e:81:96:03:dd:39:25:e8:46:95: 9b:ca:60:74:6d:93:69:07:6b:d3:d0:a3:5e:88:1a: 6e:03:13:b4:97:89:2c:14:51:28:36:f1:75:95:07: de:c8:8d:3b:38:77:8a:cb:ed:46:7a:3b:f3:ac:af: 78:37:af:03:54:4b:f8:2a:da:3b:a3:da:84:40:7c: 1c:c2:6a:eb:73:4c:41:df:07:cc:64:79:77:7d:7b: 6c:e5:78:f3:d1:18:17:9c:69:40:bc:59:34:b3:d0: 89:e3:b7:5b:26:01:f9:c7:22:a4:7e:a4:de:36:20: 19:89:c1:98:7b:98:15:39:73:7d:24:32:40:71:1e: d8:61:30:5f:73:41:49:25:9c:24:b8:fa:90:cc:df: 1a:4a:48:e4:f8:b6:ce:73:07:38:8c:3c:ce:03:5f: 4f:20:f8:dc:70:6d:30:be:45:fe:4c:ee:10:fa:5d: f7:11:00:ed:56:7f:ca:0c:65:ec:c7:00:4b:f9:89: 96:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:EA:AD:59:4B:80:F5:BA:7D:7E:F2:E1:20:D2:54:47:6D:D5:DE:A6 X509v3 Authority Key Identifier: keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/hOqtWUuA9bp9fvLhINJUR23V3qY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.125.4.0/22 89.125.12.0/22 89.125.28.0/22 Signature Algorithm: sha256WithRSAEncryption 08:4d:08:9a:ae:0c:de:74:c6:b2:92:ee:43:e3:96:85:c4:2f: 5c:bb:a8:cb:a1:ed:dd:ce:31:04:6a:79:02:3a:14:ff:ec:e8: db:c3:b8:8b:3e:db:41:d9:55:20:2d:61:38:cc:50:7f:a8:05: 7f:d5:11:b8:ca:a9:9a:68:f3:fb:2d:a5:bd:52:af:2a:58:81: f2:22:74:94:c5:a7:53:a8:37:ec:41:08:96:12:e2:d8:eb:09: c9:32:c3:b4:2a:97:6d:9e:57:36:02:63:ea:10:6c:07:c4:89: 8d:d8:9c:d4:93:c5:b7:03:64:b7:6c:f3:4e:87:4e:84:a7:74: e6:f7:3b:c5:93:dc:4a:8e:32:9c:4e:0f:21:88:fc:c0:54:64: f9:8d:86:ee:2e:d7:a2:62:e5:38:30:4a:c7:2e:0c:be:6c:7b: 1f:6f:ac:46:e4:2a:3e:75:97:53:ea:6a:6d:b6:0c:28:1c:15: 1c:fa:e8:c6:1c:54:de:ce:3e:be:61:b2:56:7f:36:c4:15:75: d4:f3:35:23:43:2e:d5:e3:98:76:2d:54:5d:85:a0:d5:3e:54: ac:1b:90:8c:0d:fa:e1:e8:f5:25:dd:9f:b3:6b:7b:2b:7b:08: 3c:5c:11:fa:3d:34:bc:39:ab:7c:fa:67:d2:d8:51:27:24:de: d1:f4:fb:f6 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5ffKyyKgUhFBACXVcSyAnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm Y2ZlZDEwHhcNMjYwMTAxMTIxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NGVhYWQ1OTRiODBmNWJhN2Q3ZWYyZTEyMGQyNTQ0NzZkZDVkZWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89oLkDSHsYgbaYhkwIu1EfBBlyHx iT2SkpERDUIzwgSiRUoKpDu+zfYpJqGPvq6xHLPTCUK+aD2MjZ40O4fDB46BlgPd OSXoRpWbymB0bZNpB2vT0KNeiBpuAxO0l4ksFFEoNvF1lQfeyI07OHeKy+1Gejvz rK94N68DVEv4Kto7o9qEQHwcwmrrc0xB3wfMZHl3fXts5Xjz0RgXnGlAvFk0s9CJ 47dbJgH5xyKkfqTeNiAZicGYe5gVOXN9JDJAcR7YYTBfc0FJJZwkuPqQzN8aSkjk +LbOcwc4jDzOA19PIPjccG0wvkX+TO4Q+l33EQDtVn/KDGXsxwBL+YmW2wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFITqrVlLgPW6fX7y4SDSVEdt1d6mMB8GA1UdIwQY MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt ZTU4MzlmNDNlNTgzLzEvaE9xdFdVdUE5YnA5ZnZMaElOSlVSMjNWM3FZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWX0EAwQC WX0MAwQCWX0cMA0GCSqGSIb3DQEBCwUAA4IBAQAITQiargzedMayku5D45aFxC9c u6jLoe3dzjEEankCOhT/7Ojbw7iLPttB2VUgLWE4zFB/qAV/1RG4yqmaaPP7LaW9 Uq8qWIHyInSUxadTqDfsQQiWEuLY6wnJMsO0Kpdtnlc2AmPqEGwHxImN2JzUk8W3 A2S3bPNOh06Ep3Tm9zvFk9xKjjKcTg8hiPzAVGT5jYbuLteiYuU4MErHLgy+bHsf b6xG5Co+dZdT6mpttgwoHBUc+ujGHFTezj6+YbJWfzbEFXXU8zUjQy7V45h2LVRd haDVPlSsG5CMDfrh6PUl3Z+za3srewg8XBH6PTS8Oat8+mfS2FEnJN7R9Pv2 -----END CERTIFICATE-----Generated at Mon Jan 19 14:39:46 2026 by rpki-client