This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/1-HBmqkPxk1U8YETc-YiME1k2DPw.roa File: 1-HBmqkPxk1U8YETc-YiME1k2DPw.roa (raw, json) Hash identifier: wKAhKIDuBABecclgk8tglnMAWX1uPr/fNzMldx9ZyBc= Subject key identifier: F8:70:66:AA:43:F1:93:55:3C:60:44:DC:F9:88:8C:13:59:36:0C:FC Certificate issuer: /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc Certificate serial: 019B79ECDA2EB2279CD30F766622DB1D5902 Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/1-HBmqkPxk1U8YETc-YiME1k2DPw.roa Signing time: Thu 01 Jan 2026 14:18:44 +0000 ROA not before: Thu 01 Jan 2026 14:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60800 IP address blocks: 91.197.228.0/22 maxlen: 24 185.181.116.0/22 maxlen: 24 2a0a:cb80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.mft rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:da:2e:b2:27:9c:d3:0f:76:66:22:db:1d:59:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc Validity Not Before: Jan 1 14:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f87066aa43f193553c6044dcf9888c1359360cfc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:12:5f:30:23:19:53:74:a8:16:f8:dc:d1:8c: a1:28:2a:05:6f:b1:74:7a:c2:34:8b:f4:4c:cd:a3: c3:21:05:73:4d:75:a2:39:fc:b0:84:f3:d7:f6:51: 04:22:72:a9:cd:27:ee:b5:6f:c6:d5:11:72:3d:1b: 2e:8c:9b:9e:30:0e:47:12:87:e0:d5:dc:d2:ed:c1: 69:89:c6:e7:d3:bb:53:d3:6f:d6:97:de:ca:af:ec: 53:0e:6a:71:7c:5b:9b:54:db:72:5b:e1:f0:fc:29: d8:84:84:f4:26:f4:f8:41:ae:fe:96:fb:1c:67:19: 0a:c1:13:89:9a:25:0f:32:a3:88:f6:29:72:56:0e: a1:53:b4:43:f1:6c:24:30:87:d9:24:72:10:38:f2: 5c:fd:a1:19:fa:4d:99:b1:2c:25:24:cc:3a:dd:4b: 3f:09:2c:8f:89:cd:d6:d8:3b:0e:13:62:f6:b7:23: 92:6a:23:50:94:ed:73:72:bc:14:9c:a1:b2:b2:69: 54:6b:0e:ff:f8:88:6d:9c:de:17:d8:9a:75:16:bf: 52:cb:69:71:96:ba:cb:8b:88:b9:d2:5d:bd:c2:c2: 1d:ef:35:4e:d8:f0:0b:a4:1c:90:d7:fd:79:1a:1c: 49:8c:e6:6f:b8:3a:3e:c5:ac:7c:88:64:2b:cd:e6: 25:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:70:66:AA:43:F1:93:55:3C:60:44:DC:F9:88:8C:13:59:36:0C:FC X509v3 Authority Key Identifier: keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/1-HBmqkPxk1U8YETc-YiME1k2DPw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.228.0/22 185.181.116.0/22 IPv6: 2a0a:cb80::/32 Signature Algorithm: sha256WithRSAEncryption 55:d5:82:6d:aa:d0:09:f8:ec:31:78:c5:b7:73:82:f8:69:0c: 52:9c:28:66:6a:43:3d:63:b5:a8:4a:85:16:7d:4f:8b:84:1b: 8e:aa:1b:4a:4a:b1:cd:f7:5c:e1:10:a3:25:4d:d8:62:85:ff: 84:ee:97:21:be:6a:05:f0:7f:a4:32:9a:51:c2:df:4c:63:da: f8:de:54:9d:9e:c5:fc:46:47:18:6d:a9:47:9d:09:7d:13:f8: 2c:64:62:60:65:a4:44:84:8b:67:7c:a8:18:0f:12:de:af:a1: 65:5d:9a:44:f2:4e:aa:f2:e6:87:d4:d1:b1:57:2d:37:40:6b: 4f:fe:52:e5:02:3d:08:3f:ee:61:99:b1:29:f0:99:f2:fb:1d: ff:d2:ab:6c:67:39:05:d3:d5:8a:95:1e:27:12:63:8c:70:db: e0:88:4f:47:d3:78:82:f9:c8:d2:8a:03:fa:05:e6:b9:96:eb: b8:05:14:13:d6:bb:58:50:70:7d:65:d7:26:32:51:40:14:a6: a7:6b:c3:fb:f4:f0:18:1d:54:8f:71:96:9e:a1:46:64:a5:b2: 32:68:da:e0:10:fe:ee:ee:d6:8b:d1:35:a3:5e:29:9e:30:c3: 66:94:f6:90:f7:44:01:bc:c8:18:23:26:30:ed:38:2c:a0:53: 83:f6:31:8a -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt57Nousiec0w92ZiLbHVkCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm MTFkZmMwHhcNMjYwMTAxMTQxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmODcwNjZhYTQzZjE5MzU1M2M2MDQ0ZGNmOTg4OGMxMzU5MzYwY2ZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshJfMCMZU3SoFvjc0YyhKCoFb7F0 esI0i/RMzaPDIQVzTXWiOfywhPPX9lEEInKpzSfutW/G1RFyPRsujJueMA5HEofg 1dzS7cFpicbn07tT02/Wl97Kr+xTDmpxfFubVNtyW+Hw/CnYhIT0JvT4Qa7+lvsc ZxkKwROJmiUPMqOI9ilyVg6hU7RD8WwkMIfZJHIQOPJc/aEZ+k2ZsSwlJMw63Us/ CSyPic3W2DsOE2L2tyOSaiNQlO1zcrwUnKGysmlUaw7/+IhtnN4X2Jp1Fr9Sy2lx lrrLi4i50l29wsId7zVO2PALpByQ1/15GhxJjOZvuDo+xax8iGQrzeYl7wIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFPhwZqpD8ZNVPGBE3PmIjBNZNgz8MB8GA1UdIwQY MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt ZDE2M2I1NDk5ZTY4LzEvMS1IQm1xa1B4azFVOFlFVGMtWWlNRTFrMkRQdy5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNzAvZGUxZTdjLTdkNzQtNGNjYy05YzZjLWQxNjNiNTQ5OWU2 OC8xL2U2S0o2LWt6VVNOcVZZRHJXM0FRTFBQeEhmdy5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAlvF5AME Arm1dDANBAIAAjAHAwUAKgrLgDANBgkqhkiG9w0BAQsFAAOCAQEAVdWCbarQCfjs MXjFt3OC+GkMUpwoZmpDPWO1qEqFFn1Pi4QbjqobSkqxzfdc4RCjJU3YYoX/hO6X Ib5qBfB/pDKaUcLfTGPa+N5UnZ7F/EZHGG2pR50JfRP4LGRiYGWkRISLZ3yoGA8S 3q+hZV2aRPJOqvLmh9TRsVctN0BrT/5S5QI9CD/uYZmxKfCZ8vsd/9KrbGc5BdPV ipUeJxJjjHDb4IhPR9N4gvnI0ooD+gXmuZbruAUUE9a7WFBwfWXXJjJRQBSmp2vD +/TwGB1Uj3GWnqFGZKWyMmja4BD+7u7Wi9E1o14pnjDDZpT2kPdEAbzIGCMmMO04 LKBTg/Yxig== -----END CERTIFICATE-----Generated at Mon Jan 26 23:43:27 2026 by rpki-client