This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/hDQul7piZLbpWbBlOifimJQ2VkY.roa File: hDQul7piZLbpWbBlOifimJQ2VkY.roa (raw, json) Hash identifier: o6sQbndgLUFB0FZlM1NF6tMiqg+wB0oHdManJlFqalo= Subject key identifier: 84:34:2E:97:BA:62:64:B6:E9:59:B0:65:3A:27:E2:98:94:36:56:46 Certificate issuer: /CN=046acac713123856d4ae6c16054602684dfd07cb Certificate serial: 019B7BA3BE48D74866AA51FBA533C695A709 Authority key identifier: 04:6A:CA:C7:13:12:38:56:D4:AE:6C:16:05:46:02:68:4D:FD:07:CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGrKxxMSOFbUrmwWBUYCaE39B8s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/hDQul7piZLbpWbBlOifimJQ2VkY.roa Signing time: Thu 01 Jan 2026 22:18:07 +0000 ROA not before: Thu 01 Jan 2026 22:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214718 IP address blocks: 217.171.208.0/20 maxlen: 20 2a14:6440::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/BGrKxxMSOFbUrmwWBUYCaE39B8s.crl rsync://rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/BGrKxxMSOFbUrmwWBUYCaE39B8s.mft rsync://rpki.ripe.net/repository/DEFAULT/BGrKxxMSOFbUrmwWBUYCaE39B8s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:be:48:d7:48:66:aa:51:fb:a5:33:c6:95:a7:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=046acac713123856d4ae6c16054602684dfd07cb Validity Not Before: Jan 1 22:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=84342e97ba6264b6e959b0653a27e29894365646 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:1e:7f:36:e3:3e:d5:e0:fc:12:34:e2:3d:86: 9d:e9:0b:05:61:7b:f2:55:29:20:57:ba:8b:39:ca: 08:f0:f4:c2:d0:2b:5c:28:93:c3:00:ae:37:cf:c8: e8:4a:bd:05:5c:62:7b:94:d5:54:fa:09:09:9c:44: cd:ff:fe:3c:f9:db:8f:9b:ea:8a:fe:78:05:4b:14: 8a:cb:50:ed:da:3b:26:fd:2e:e3:14:39:51:c2:72: 97:6e:25:3e:dd:52:a0:52:a7:ae:5c:60:81:8b:e2: 35:a0:46:a4:6f:68:83:5c:a7:fc:07:5c:e2:75:8c: 4c:95:9a:e5:e2:c1:0a:61:ed:f0:76:ba:ff:e7:35: 2e:5a:0b:95:5c:1e:b8:79:8f:27:bd:6f:d4:3a:79: a5:33:49:c7:a0:d9:63:52:f4:55:e8:75:17:81:ca: c5:75:6f:72:2e:9e:7e:5d:8b:66:dd:46:39:90:18: 05:81:1f:12:55:d2:79:2f:91:1d:18:71:a1:0b:83: 35:a5:80:e0:1b:bb:45:f5:0d:32:23:d2:13:bd:1c: 81:85:46:cf:a2:55:a9:c6:48:61:e1:72:7b:f8:a8: dc:9d:2e:44:cc:e3:6b:25:bb:5a:60:3b:5e:fb:38: d4:f3:ad:99:18:6a:be:16:fe:e2:9d:7b:af:f2:88: 1d:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:34:2E:97:BA:62:64:B6:E9:59:B0:65:3A:27:E2:98:94:36:56:46 X509v3 Authority Key Identifier: keyid:04:6A:CA:C7:13:12:38:56:D4:AE:6C:16:05:46:02:68:4D:FD:07:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGrKxxMSOFbUrmwWBUYCaE39B8s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/hDQul7piZLbpWbBlOifimJQ2VkY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/BGrKxxMSOFbUrmwWBUYCaE39B8s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.171.208.0/20 IPv6: 2a14:6440::/32 Signature Algorithm: sha256WithRSAEncryption 7a:d1:7a:db:64:54:7f:c1:d5:1b:34:cd:63:3f:56:59:23:0b: c9:de:f4:00:18:d8:46:50:00:eb:40:43:54:74:20:24:74:a5: 2c:6d:f4:d5:fd:8a:5f:67:67:a7:46:ec:1b:b9:81:43:1b:77: 0b:a7:cc:0e:25:22:43:1a:19:5c:e5:72:0c:6d:d8:23:f8:7f: 8a:ff:54:2a:a7:ad:93:32:8d:0d:36:ef:a7:d7:b6:25:2d:c5: 23:0f:2a:44:62:55:db:57:39:31:ce:23:fc:fe:3a:9a:78:60: 79:f1:60:1d:72:48:4d:4d:1b:e9:47:68:46:93:72:e7:3c:63: 10:9a:81:bf:ee:7f:4c:fc:d2:bf:91:cf:3f:3e:23:f3:2f:f3: 37:3d:3c:cc:42:e1:69:a8:b1:13:be:7e:d9:e6:87:c4:26:41: 4e:58:e1:05:60:e6:6e:58:01:d3:d6:09:46:13:37:24:2c:dc: 79:3f:1b:aa:48:40:9e:c6:01:9f:dc:97:e3:c4:16:c3:eb:70: 30:63:78:1c:f2:b6:ef:a9:26:a6:bb:ac:26:a5:cc:17:a0:a4: 00:2e:6a:f1:97:77:12:ca:80:03:f1:75:35:06:15:ab:5d:02: c8:92:7f:17:e1:58:45:75:d0:57:fb:d6:f4:e1:f8:d6:3e:4f: 1a:54:d5:b8 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7o75I10hmqlH7pTPGlacJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0NmFjYWM3MTMxMjM4NTZkNGFlNmMxNjA1NDYwMjY4NGRm ZDA3Y2IwHhcNMjYwMTAxMjIxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDM0MmU5N2JhNjI2NGI2ZTk1OWIwNjUzYTI3ZTI5ODk0MzY1NjQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx5/NuM+1eD8EjTiPYad6QsFYXvy VSkgV7qLOcoI8PTC0CtcKJPDAK43z8joSr0FXGJ7lNVU+gkJnETN//48+duPm+qK /ngFSxSKy1Dt2jsm/S7jFDlRwnKXbiU+3VKgUqeuXGCBi+I1oEakb2iDXKf8B1zi dYxMlZrl4sEKYe3wdrr/5zUuWguVXB64eY8nvW/UOnmlM0nHoNljUvRV6HUXgcrF dW9yLp5+XYtm3UY5kBgFgR8SVdJ5L5EdGHGhC4M1pYDgG7tF9Q0yI9ITvRyBhUbP olWpxkhh4XJ7+KjcnS5EzONrJbtaYDte+zjU862ZGGq+Fv7inXuv8ogdmwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIQ0Lpe6YmS26VmwZTon4piUNlZGMB8GA1UdIwQY MBaAFARqyscTEjhW1K5sFgVGAmhN/QfLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQkdyS3h4TVNPRmJVcm13V0JVWUNhRTM5QjhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80MTg2ZTQtYTJhMC00YmRhLWJjODgt ZTZlOTI4Y2U1MzRmLzEvaERRdWw3cGlaTGJwV2JCbE9pZmltSlEyVmtZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZS80MTg2ZTQtYTJhMC00YmRhLWJjODgtZTZlOTI4Y2U1MzRm LzEvQkdyS3h4TVNPRmJVcm13V0JVWUNhRTM5QjhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2avQMA0E AgACMAcDBQAqFGRAMA0GCSqGSIb3DQEBCwUAA4IBAQB60XrbZFR/wdUbNM1jP1ZZ IwvJ3vQAGNhGUADrQENUdCAkdKUsbfTV/YpfZ2enRuwbuYFDG3cLp8wOJSJDGhlc 5XIMbdgj+H+K/1Qqp62TMo0NNu+n17YlLcUjDypEYlXbVzkxziP8/jqaeGB58WAd ckhNTRvpR2hGk3LnPGMQmoG/7n9M/NK/kc8/PiPzL/M3PTzMQuFpqLETvn7Z5ofE JkFOWOEFYOZuWAHT1glGEzckLNx5PxuqSECexgGf3JfjxBbD63AwY3gc8rbvqSam u6wmpcwXoKQALmrxl3cSyoAD8XU1BhWrXQLIkn8X4VhFddBX+9b04fjWPk8aVNW4 -----END CERTIFICATE-----Generated at Tue Feb 10 06:23:35 2026 by rpki-client