This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/HdjsvuGngyQVaPI5fw1lo5MVCyY.roa File: HdjsvuGngyQVaPI5fw1lo5MVCyY.roa (raw, json) Hash identifier: 0CGNcQROu66TMRCGsRz+KuSUMZeH1aS1RfY+HTTw7Bg= Subject key identifier: 1D:D8:EC:BE:E1:A7:83:24:15:68:F2:39:7F:0D:65:A3:93:15:0B:26 Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a Certificate serial: 019B7A5B2E07B5AD1ACB3628B39ED837581C Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/HdjsvuGngyQVaPI5fw1lo5MVCyY.roa Signing time: Thu 01 Jan 2026 16:19:14 +0000 ROA not before: Thu 01 Jan 2026 16:19:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2914 IP address blocks: 148.253.239.0/24 maxlen: 24 148.253.240.0/24 maxlen: 24 148.253.242.0/24 maxlen: 24 148.253.243.0/24 maxlen: 24 148.253.249.0/24 maxlen: 24 148.253.250.0/24 maxlen: 24 151.249.90.0/24 maxlen: 24 151.249.91.0/24 maxlen: 24 163.171.90.0/24 maxlen: 24 163.171.91.0/24 maxlen: 24 163.171.246.0/24 maxlen: 24 163.171.247.0/24 maxlen: 24 163.171.251.0/24 maxlen: 24 163.171.253.0/24 maxlen: 24 163.171.254.0/24 maxlen: 24 185.27.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:2e:07:b5:ad:1a:cb:36:28:b3:9e:d8:37:58:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a Validity Not Before: Jan 1 16:19:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1dd8ecbee1a783241568f2397f0d65a393150b26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:76:59:ad:ad:cd:cb:cc:b4:67:5b:d8:c1:41: e1:b7:ca:19:83:8b:dd:68:98:53:15:9a:07:d3:fb: 9b:96:ee:84:00:99:00:29:38:02:e2:5b:bb:9d:a6: 1e:57:75:e8:39:eb:b3:6b:2a:3e:ec:15:d2:88:9f: 6c:0a:d4:27:db:d0:fe:78:b7:85:bd:38:19:d9:56: b7:33:36:d9:92:9d:4f:cc:24:2a:70:43:da:5c:fa: 65:b3:86:6c:00:25:fe:c2:60:ba:55:4a:05:8a:a2: 9c:c1:ca:a8:80:32:05:c6:1e:91:57:8b:4c:a7:2f: 19:a9:30:d5:43:83:c6:d6:f5:1b:bf:8c:ed:81:85: f4:1e:3c:8b:c3:ea:85:9d:30:04:2e:d6:a5:3f:e3: ff:00:80:30:ad:14:ed:2f:bc:80:81:73:c7:ac:cd: 44:4d:ec:40:f4:29:d5:c0:83:fa:c5:23:ad:f7:ec: 13:cb:e0:01:16:6d:a0:88:d0:1a:d7:7f:33:61:c9: 58:69:81:f7:57:95:88:d3:a4:8e:53:35:e5:03:e0: 70:b7:56:48:11:c8:47:2f:77:7b:88:fa:a4:5e:43: 25:d7:34:e9:ae:b3:d0:89:5f:6d:f2:a2:a9:db:95: ab:b0:9a:04:e3:ed:bc:b1:36:87:fc:92:05:7b:b2: f2:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:D8:EC:BE:E1:A7:83:24:15:68:F2:39:7F:0D:65:A3:93:15:0B:26 X509v3 Authority Key Identifier: keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/HdjsvuGngyQVaPI5fw1lo5MVCyY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 148.253.239.0-148.253.240.255 148.253.242.0/23 148.253.249.0-148.253.250.255 151.249.90.0/23 163.171.90.0/23 163.171.246.0/23 163.171.251.0/24 163.171.253.0-163.171.254.255 185.27.228.0/24 Signature Algorithm: sha256WithRSAEncryption 6a:5c:6b:4a:9f:f1:03:ee:b1:52:29:6c:95:6a:cb:67:69:24: c2:8d:9f:a4:d5:03:08:cb:88:e0:aa:07:46:86:0a:a1:5f:21: 6c:44:11:d5:ec:42:f3:3e:85:fd:d0:c0:d9:21:21:2f:31:2d: d4:bf:ad:21:10:38:5e:80:ed:6f:2d:29:92:e1:0b:93:d7:eb: 54:8c:2c:30:a7:29:9f:6d:93:24:f5:73:2a:82:02:7f:6b:f1: 47:b6:2e:ae:1a:55:49:ec:c4:4c:e9:fb:1b:4b:44:d7:d9:fe: 19:a9:52:98:4e:75:88:e7:8c:12:3f:a8:8f:e7:65:54:f7:2a: 85:77:43:4f:ff:5f:7d:c5:78:35:bb:bd:b8:a6:7b:ae:2b:0a: 23:19:63:2d:1b:4f:39:3c:50:59:61:c5:cb:dc:7c:a4:5a:8c: 46:52:05:03:fb:3b:4a:45:c8:e4:cd:db:fb:da:d2:48:3f:f8: bc:78:aa:19:84:4f:1c:9a:9d:60:1e:02:2c:82:1f:d5:4e:96: 18:2c:77:1b:15:c2:5d:5c:57:dc:45:3c:95:df:f0:c6:54:01: ae:c0:e7:3e:dd:5e:58:0b:ea:df:5d:b6:6a:c3:1f:52:76:4d: 02:29:a2:f3:08:91:91:91:0a:8a:d9:73:b8:fe:5b:e7:02:fd: b3:4a:64:22 -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgISAZt6Wy4Hta0ayzYos57YN1gcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5 ZDcwNmEwHhcNMjYwMTAxMTYxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZGQ4ZWNiZWUxYTc4MzI0MTU2OGYyMzk3ZjBkNjVhMzkzMTUwYjI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXZZra3Ny8y0Z1vYwUHht8oZg4vd aJhTFZoH0/ublu6EAJkAKTgC4lu7naYeV3XoOeuzayo+7BXSiJ9sCtQn29D+eLeF vTgZ2Va3MzbZkp1PzCQqcEPaXPpls4ZsACX+wmC6VUoFiqKcwcqogDIFxh6RV4tM py8ZqTDVQ4PG1vUbv4ztgYX0HjyLw+qFnTAELtalP+P/AIAwrRTtL7yAgXPHrM1E TexA9CnVwIP6xSOt9+wTy+ABFm2giNAa138zYclYaYH3V5WI06SOUzXlA+Bwt1ZI EchHL3d7iPqkXkMl1zTprrPQiV9t8qKp25WrsJoE4+28sTaH/JIFe7LylwIDAQAB o4ICUTCCAk0wHQYDVR0OBBYEFB3Y7L7hp4MkFWjyOX8NZaOTFQsmMB8GA1UdIwQY MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt YjVkODg4YWRmZDM3LzEvSGRqc3Z1R25neVFWYVBJNWZ3MWxvNU1WQ3lZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3 LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOMAwDBACU/e8D BACU/fADBAGU/fIwDAMEAJT9+QMEAJT9+gMEAZf5WgMEAaOrWgMEAaOr9gMEAKOr +zAMAwQAo6v9AwQAo6v+AwQAuRvkMA0GCSqGSIb3DQEBCwUAA4IBAQBqXGtKn/ED 7rFSKWyVastnaSTCjZ+k1QMIy4jgqgdGhgqhXyFsRBHV7ELzPoX90MDZISEvMS3U v60hEDhegO1vLSmS4QuT1+tUjCwwpymfbZMk9XMqggJ/a/FHti6uGlVJ7MRM6fsb S0TX2f4ZqVKYTnWI54wSP6iP52VU9yqFd0NP/199xXg1u724pnuuKwojGWMtG085 PFBZYcXL3HykWoxGUgUD+ztKRcjkzdv72tJIP/i8eKoZhE8cmp1gHgIsgh/VTpYY LHcbFcJdXFfcRTyV3/DGVAGuwOc+3V5YC+rfXbZqwx9Sdk0CKaLzCJGRkQqK2XO4 /lvnAv2zSmQi -----END CERTIFICATE-----Generated at Thu Jan 8 00:16:41 2026 by rpki-client