This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/hkFUUvXkJB0QAxGYGwaJ2E3Lg-4.roa File: hkFUUvXkJB0QAxGYGwaJ2E3Lg-4.roa (raw, json) Hash identifier: V5lSuLwVqv7sVkEIcuO0QRT4zQFnDDCFROXnnfbR9tA= Subject key identifier: 86:41:54:52:F5:E4:24:1D:10:03:11:98:1B:06:89:D8:4D:CB:83:EE Certificate issuer: /CN=09a686e370d6d0608119eeb006c8aadaab078d22 Certificate serial: 019B7F8E675131F42DCA2E65861C40CAD4C2 Authority key identifier: 09:A6:86:E3:70:D6:D0:60:81:19:EE:B0:06:C8:AA:DA:AB:07:8D:22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CaaG43DW0GCBGe6wBsiq2qsHjSI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/hkFUUvXkJB0QAxGYGwaJ2E3Lg-4.roa Signing time: Fri 02 Jan 2026 16:33:17 +0000 ROA not before: Fri 02 Jan 2026 16:33:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9304 IP address blocks: 185.101.168.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/CaaG43DW0GCBGe6wBsiq2qsHjSI.crl rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/CaaG43DW0GCBGe6wBsiq2qsHjSI.mft rsync://rpki.ripe.net/repository/DEFAULT/CaaG43DW0GCBGe6wBsiq2qsHjSI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 01:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:8e:67:51:31:f4:2d:ca:2e:65:86:1c:40:ca:d4:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=09a686e370d6d0608119eeb006c8aadaab078d22 Validity Not Before: Jan 2 16:33:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=86415452f5e4241d100311981b0689d84dcb83ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:59:62:6a:88:4f:46:99:a6:04:64:1f:91:04: 94:f8:b2:76:8b:9f:b8:e7:64:ea:02:a4:dc:2b:d5: 31:20:11:74:d3:d4:a0:4e:6d:9d:63:ef:d9:7b:a9: 51:fa:dd:ff:25:95:c7:89:e9:63:c1:e7:7b:09:43: 4d:ca:3c:4a:e7:f5:c4:f4:26:f3:b2:6b:75:48:14: ee:be:21:ac:39:cd:5c:1d:e5:12:61:21:4f:a2:cd: f0:d7:ff:3c:33:40:18:0a:36:c5:d1:9a:88:08:21: b6:2b:c9:86:4a:67:b0:90:90:72:62:82:ee:dd:7b: 1e:53:f7:6f:c7:51:ab:de:0b:c2:1a:4e:22:cf:45: e8:91:41:3c:d0:73:a2:3a:8d:f5:5c:42:eb:a4:74: d5:62:44:0d:a6:ee:04:20:91:1c:6c:a8:77:13:f1: 51:7b:c6:e3:39:14:39:f1:54:5a:cf:fb:a3:37:9e: e5:4a:85:c2:cc:1b:00:a9:2b:92:1f:23:7b:32:96: cb:ba:12:93:5a:ba:0f:14:4c:35:20:91:ea:e1:6f: 90:dc:3d:7a:75:c6:d5:44:d2:a4:60:0c:90:c6:42: bd:1d:aa:d1:d6:0e:d1:6a:f8:07:37:ea:5f:3e:ef: 7e:f7:35:c1:95:cb:eb:1c:b4:69:bf:24:d1:a7:53: 45:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:41:54:52:F5:E4:24:1D:10:03:11:98:1B:06:89:D8:4D:CB:83:EE X509v3 Authority Key Identifier: keyid:09:A6:86:E3:70:D6:D0:60:81:19:EE:B0:06:C8:AA:DA:AB:07:8D:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CaaG43DW0GCBGe6wBsiq2qsHjSI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/hkFUUvXkJB0QAxGYGwaJ2E3Lg-4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/CaaG43DW0GCBGe6wBsiq2qsHjSI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.101.168.0/23 Signature Algorithm: sha256WithRSAEncryption 81:e6:e4:54:26:c5:21:c6:8f:39:58:8c:cf:88:f5:9c:39:08: 0b:38:c8:91:d0:01:20:87:ec:90:4a:1e:0e:2c:16:73:05:f8: 57:6f:ef:04:4a:7c:1a:15:5b:68:56:8a:71:11:8a:5b:f8:24: fd:a0:3b:2e:cd:24:88:e1:b3:e0:d6:ef:85:e1:b0:28:e2:8f: 8e:cf:cc:67:00:3a:cf:0c:41:56:03:af:5c:e9:c0:61:6e:5e: a9:13:c2:9f:38:d2:6d:45:67:03:7f:0a:52:a6:59:38:a2:2a: 54:b0:69:59:a5:15:27:d5:41:f6:bf:38:7f:d8:ff:2c:8b:ce: f5:f0:98:83:72:e4:1f:43:67:b3:63:5b:2c:e4:69:de:14:1b: 4d:dd:b0:a7:36:23:e1:94:75:79:ba:a5:3c:1f:44:8d:47:3b: 72:ed:41:bd:04:ca:36:3a:bc:ed:26:df:d2:1a:6d:0f:fc:c5: 58:e5:da:a3:dc:ad:a5:21:5f:b5:00:27:74:77:3a:7f:9c:a3: 83:1b:39:88:b3:d3:d3:93:3a:c7:a4:7f:33:9f:c0:a3:79:3b: 6f:36:05:2a:c0:15:66:d0:b8:4d:fe:fa:7c:40:b3:cf:95:2a: c0:05:95:55:f5:17:09:9d:5b:b4:f9:03:c4:5b:db:10:3f:7c: 70:2a:3a:fe -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/jmdRMfQtyi5lhhxAytTCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5YTY4NmUzNzBkNmQwNjA4MTE5ZWViMDA2YzhhYWRhYWIw NzhkMjIwHhcNMjYwMTAyMTYzMzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjQxNTQ1MmY1ZTQyNDFkMTAwMzExOTgxYjA2ODlkODRkY2I4M2VlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVliaohPRpmmBGQfkQSU+LJ2i5+4 52TqAqTcK9UxIBF009SgTm2dY+/Ze6lR+t3/JZXHieljwed7CUNNyjxK5/XE9Cbz smt1SBTuviGsOc1cHeUSYSFPos3w1/88M0AYCjbF0ZqICCG2K8mGSmewkJByYoLu 3XseU/dvx1Gr3gvCGk4iz0XokUE80HOiOo31XELrpHTVYkQNpu4EIJEcbKh3E/FR e8bjORQ58VRaz/ujN57lSoXCzBsAqSuSHyN7MpbLuhKTWroPFEw1IJHq4W+Q3D16 dcbVRNKkYAyQxkK9HarR1g7RavgHN+pfPu9+9zXBlcvrHLRpvyTRp1NFfQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIZBVFL15CQdEAMRmBsGidhNy4PuMB8GA1UdIwQY MBaAFAmmhuNw1tBggRnusAbIqtqrB40iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2FhRzQzRFcwR0NCR2U2d0JzaXEycXNIalNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9kNDI5YjktMzg1ZS00MzBmLWIyYzQt ODE3NjhjNjBlZTA4LzEvaGtGVVV2WGtKQjBRQXhHWUd3YUoyRTNMZy00LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My9kNDI5YjktMzg1ZS00MzBmLWIyYzQtODE3NjhjNjBlZTA4 LzEvQ2FhRzQzRFcwR0NCR2U2d0JzaXEycXNIalNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWWoMA0G CSqGSIb3DQEBCwUAA4IBAQCB5uRUJsUhxo85WIzPiPWcOQgLOMiR0AEgh+yQSh4O LBZzBfhXb+8ESnwaFVtoVopxEYpb+CT9oDsuzSSI4bPg1u+F4bAo4o+Oz8xnADrP DEFWA69c6cBhbl6pE8KfONJtRWcDfwpSplk4oipUsGlZpRUn1UH2vzh/2P8si871 8JiDcuQfQ2ezY1ss5GneFBtN3bCnNiPhlHV5uqU8H0SNRzty7UG9BMo2OrztJt/S Gm0P/MVY5dqj3K2lIV+1ACd0dzp/nKODGzmIs9PTkzrHpH8zn8CjeTtvNgUqwBVm 0LhN/vp8QLPPlSrABZVV9RcJnVu0+QPEW9sQP3xwKjr+ -----END CERTIFICATE-----Generated at Sun Jan 18 08:53:40 2026 by rpki-client