This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/3a9dbf-01d2-4f10-813d-eab61ddb898a/1/HK3a_MSoCFsWxP7dXHlGkzJCrow.roa File: HK3a_MSoCFsWxP7dXHlGkzJCrow.roa (raw, json) Hash identifier: 9PqcF0/wOP05Xf/mJxyWiie3iSsWOLdkJsmMvxWY/NI= Subject key identifier: 1C:AD:DA:FC:C4:A8:08:5B:16:C4:FE:DD:5C:79:46:93:32:42:AE:8C Certificate issuer: /CN=3216efccd15e978a7040a5d4b79c417fb966bf28 Certificate serial: 019B77591C88953C878D28245238BDE39641 Authority key identifier: 32:16:EF:CC:D1:5E:97:8A:70:40:A5:D4:B7:9C:41:7F:B9:66:BF:28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MhbvzNFel4pwQKXUt5xBf7lmvyg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/3a9dbf-01d2-4f10-813d-eab61ddb898a/1/HK3a_MSoCFsWxP7dXHlGkzJCrow.roa Signing time: Thu 01 Jan 2026 02:18:07 +0000 ROA not before: Thu 01 Jan 2026 02:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61000 IP address blocks: 37.123.240.0/21 maxlen: 24 185.112.92.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/3a9dbf-01d2-4f10-813d-eab61ddb898a/1/MhbvzNFel4pwQKXUt5xBf7lmvyg.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/3a9dbf-01d2-4f10-813d-eab61ddb898a/1/MhbvzNFel4pwQKXUt5xBf7lmvyg.mft rsync://rpki.ripe.net/repository/DEFAULT/MhbvzNFel4pwQKXUt5xBf7lmvyg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:1c:88:95:3c:87:8d:28:24:52:38:bd:e3:96:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3216efccd15e978a7040a5d4b79c417fb966bf28 Validity Not Before: Jan 1 02:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1caddafcc4a8085b16c4fedd5c7946933242ae8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:5c:9c:43:1d:2c:e3:39:bf:91:61:c4:c4:ed: 28:f8:c0:29:e0:f9:73:e9:a6:1f:21:2f:6e:ab:4f: cf:fe:7a:ce:a6:36:96:9c:f6:62:ac:5b:e6:b2:95: 1f:46:03:2a:0c:70:da:ad:91:12:69:37:58:4c:37: 38:86:fa:ab:f4:6e:41:81:6b:73:2b:06:4e:2f:ac: b6:ae:35:ed:9c:00:44:0e:73:f9:f4:3d:3f:02:32: 84:83:4f:d8:71:16:12:0c:3f:36:bf:95:15:a7:d3: 4e:20:78:00:51:ce:aa:43:48:9b:2f:b3:d6:12:42: a1:a1:f2:62:26:54:3c:65:9a:a1:ad:bf:5f:a8:25: 86:18:f9:d6:46:d1:11:93:09:fd:8b:d1:3c:ea:76: 23:52:bc:1b:49:49:82:2b:0f:ba:23:d9:9f:52:fb: 6f:de:cd:5a:6c:0b:03:2f:e3:05:90:6e:d4:e8:89: 64:82:af:10:2b:1f:ef:ff:e7:ae:41:e2:70:f6:7f: 01:ff:fa:ec:96:09:ce:2f:bb:37:da:94:4e:50:9c: 6f:59:92:4e:d6:7c:12:c3:bd:09:43:dd:ea:05:00: 6e:5d:7e:9e:b5:84:48:bc:c5:23:76:62:2a:00:75: 2b:97:fd:46:9b:17:80:bf:3c:dd:4c:43:a2:27:3a: 5c:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:AD:DA:FC:C4:A8:08:5B:16:C4:FE:DD:5C:79:46:93:32:42:AE:8C X509v3 Authority Key Identifier: keyid:32:16:EF:CC:D1:5E:97:8A:70:40:A5:D4:B7:9C:41:7F:B9:66:BF:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MhbvzNFel4pwQKXUt5xBf7lmvyg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/3a9dbf-01d2-4f10-813d-eab61ddb898a/1/HK3a_MSoCFsWxP7dXHlGkzJCrow.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/3a9dbf-01d2-4f10-813d-eab61ddb898a/1/MhbvzNFel4pwQKXUt5xBf7lmvyg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.123.240.0/21 185.112.92.0/22 Signature Algorithm: sha256WithRSAEncryption 8a:16:60:f2:30:eb:bb:11:6e:2b:fb:8e:d6:92:b9:6e:87:02: ca:34:25:5d:81:cf:fd:d5:2e:a1:16:50:b8:10:cc:f0:ec:58: 15:fd:40:22:71:b6:34:73:3b:29:dc:c4:5c:65:a7:db:5e:41: c1:b9:78:c4:da:76:61:1c:8f:95:95:a3:6b:0f:a5:81:12:04: 63:7e:d6:61:31:f2:a8:a3:75:6d:67:14:ed:82:90:a5:42:4d: 74:0a:36:42:c6:12:06:bf:23:33:19:26:b5:16:a5:1d:70:24: da:ec:a3:d5:59:62:a0:80:e0:13:1f:ed:ea:68:3b:b5:d2:40: 95:bb:f7:9f:a7:2b:31:f9:8a:e5:45:50:d7:95:f0:5b:a8:2b: 16:36:4c:e8:93:94:a5:8c:c0:83:61:90:47:4c:50:04:d5:b0: 80:6a:42:e6:f4:da:8c:99:53:cd:6f:44:80:38:4c:3e:f8:04: dd:68:82:2b:e8:c5:b8:79:f4:8f:ce:db:1a:3e:ae:e1:2f:a8: d5:50:27:84:17:53:7c:5b:fa:c9:1a:de:68:c4:1d:90:fd:23: 0b:28:f1:cb:2a:ec:fc:7e:7c:ea:27:06:91:10:68:fc:92:ea: 33:18:19:89:1d:9c:2c:76:61:06:be:58:bf:95:62:2e:75:10: 35:6b:9c:e9 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3WRyIlTyHjSgkUji945ZBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyMTZlZmNjZDE1ZTk3OGE3MDQwYTVkNGI3OWM0MTdmYjk2 NmJmMjgwHhcNMjYwMTAxMDIxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxY2FkZGFmY2M0YTgwODViMTZjNGZlZGQ1Yzc5NDY5MzMyNDJhZThjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilycQx0s4zm/kWHExO0o+MAp4Plz 6aYfIS9uq0/P/nrOpjaWnPZirFvmspUfRgMqDHDarZESaTdYTDc4hvqr9G5BgWtz KwZOL6y2rjXtnABEDnP59D0/AjKEg0/YcRYSDD82v5UVp9NOIHgAUc6qQ0ibL7PW EkKhofJiJlQ8ZZqhrb9fqCWGGPnWRtERkwn9i9E86nYjUrwbSUmCKw+6I9mfUvtv 3s1abAsDL+MFkG7U6Ilkgq8QKx/v/+euQeJw9n8B//rslgnOL7s32pROUJxvWZJO 1nwSw70JQ93qBQBuXX6etYRIvMUjdmIqAHUrl/1GmxeAvzzdTEOiJzpc/wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFByt2vzEqAhbFsT+3Vx5RpMyQq6MMB8GA1UdIwQY MBaAFDIW78zRXpeKcECl1LecQX+5Zr8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWhidnpORmVsNHB3UUtYVXQ1eEJmN2xtdnlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8zYTlkYmYtMDFkMi00ZjEwLTgxM2Qt ZWFiNjFkZGI4OThhLzEvSEszYV9NU29DRnNXeFA3ZFhIbEdrekpDcm93LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC8zYTlkYmYtMDFkMi00ZjEwLTgxM2QtZWFiNjFkZGI4OThh LzEvTWhidnpORmVsNHB3UUtYVXQ1eEJmN2xtdnlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJXvwAwQC uXBcMA0GCSqGSIb3DQEBCwUAA4IBAQCKFmDyMOu7EW4r+47WkrluhwLKNCVdgc/9 1S6hFlC4EMzw7FgV/UAicbY0czsp3MRcZafbXkHBuXjE2nZhHI+VlaNrD6WBEgRj ftZhMfKoo3VtZxTtgpClQk10CjZCxhIGvyMzGSa1FqUdcCTa7KPVWWKggOATH+3q aDu10kCVu/efpysx+YrlRVDXlfBbqCsWNkzok5SljMCDYZBHTFAE1bCAakLm9NqM mVPNb0SAOEw++ATdaIIr6MW4efSPztsaPq7hL6jVUCeEF1N8W/rJGt5oxB2Q/SML KPHLKuz8fnzqJwaREGj8kuozGBmJHZwsdmEGvli/lWIudRA1a5zp -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:29 2026 by rpki-client