This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/HcGRhGei3x2rtwE5oPSrO2D_h_s.roa File: HcGRhGei3x2rtwE5oPSrO2D_h_s.roa (raw, json) Hash identifier: ECgDYzAeFwYe5dFl5nmcsBDHGCaMCFt02lsO39cgBdI= Subject key identifier: 1D:C1:91:84:67:A2:DF:1D:AB:B7:01:39:A0:F4:AB:3B:60:FF:87:FB Certificate issuer: /CN=416532420a21e42b8ad30da24ebf4347de95ef35 Certificate serial: 019B76EB204FDB07EBBF7A57D14CD3414049 Authority key identifier: 41:65:32:42:0A:21:E4:2B:8A:D3:0D:A2:4E:BF:43:47:DE:95:EF:35 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QWUyQgoh5CuK0w2iTr9DR96V7zU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/HcGRhGei3x2rtwE5oPSrO2D_h_s.roa Signing time: Thu 01 Jan 2026 00:17:59 +0000 ROA not before: Thu 01 Jan 2026 00:17:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207645 IP address blocks: 45.137.18.0/24 maxlen: 24 194.120.133.0/24 maxlen: 24 2a0d:b100::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/QWUyQgoh5CuK0w2iTr9DR96V7zU.crl rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/QWUyQgoh5CuK0w2iTr9DR96V7zU.mft rsync://rpki.ripe.net/repository/DEFAULT/QWUyQgoh5CuK0w2iTr9DR96V7zU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 05 Feb 2026 18:00:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:20:4f:db:07:eb:bf:7a:57:d1:4c:d3:41:40:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=416532420a21e42b8ad30da24ebf4347de95ef35 Validity Not Before: Jan 1 00:17:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1dc1918467a2df1dabb70139a0f4ab3b60ff87fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:c6:1e:fa:18:dc:b8:0f:5c:12:35:22:cc:51: 3f:70:85:bc:db:f1:b3:78:72:c3:a8:9d:2b:fb:cc: 79:ce:4d:63:0c:41:57:f8:e7:f9:fb:0f:0a:de:25: 76:86:2f:2b:21:39:c8:61:39:26:fc:e0:5e:51:d7: 60:9b:e1:15:ad:04:a2:69:4c:bc:40:a3:32:19:31: 4a:2b:73:e7:65:f0:69:e6:34:09:a1:e3:c1:df:0f: 77:24:5e:0b:d4:c1:55:34:0b:25:5b:22:3f:1f:66: c6:25:ec:c2:17:fe:7d:c3:8f:80:7b:e2:d5:e9:19: b7:d7:9e:dc:ac:b7:68:20:4b:42:33:be:43:73:10: 6a:3c:1c:cf:80:be:ba:75:33:92:5f:06:88:23:ad: f7:75:f2:fe:df:06:83:9f:5d:5e:f2:e8:8a:2d:e7: 38:11:69:f9:2e:e2:5b:9e:12:14:a3:6c:97:af:10: 9c:8c:d1:ff:4d:65:79:61:d7:96:22:b6:8d:59:c4: bb:58:d0:3d:91:ae:4b:31:ab:e7:c2:9d:b9:8e:1f: 2c:86:d2:c1:7d:58:28:d9:10:ea:f0:12:56:39:99: 92:bd:23:51:60:dd:76:8a:00:46:ce:ee:a8:bc:c7: 9c:bf:86:ba:52:77:e9:04:ee:2b:58:0f:c0:2f:8a: 61:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:C1:91:84:67:A2:DF:1D:AB:B7:01:39:A0:F4:AB:3B:60:FF:87:FB X509v3 Authority Key Identifier: keyid:41:65:32:42:0A:21:E4:2B:8A:D3:0D:A2:4E:BF:43:47:DE:95:EF:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QWUyQgoh5CuK0w2iTr9DR96V7zU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/HcGRhGei3x2rtwE5oPSrO2D_h_s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/QWUyQgoh5CuK0w2iTr9DR96V7zU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.137.18.0/24 194.120.133.0/24 IPv6: 2a0d:b100::/29 Signature Algorithm: sha256WithRSAEncryption 6a:a5:51:e8:d2:49:27:d2:89:e5:9d:f3:80:f8:48:bf:33:14: 61:fc:08:b7:55:9b:0d:a5:ae:d5:a0:c6:9e:cc:b7:a0:d0:6a: 0a:2d:7f:10:28:f4:d9:1d:fc:6d:f4:a5:27:f4:4c:98:26:40: 74:88:c8:45:76:c8:de:d8:31:e0:02:67:6d:02:12:14:77:53: e4:cc:30:60:34:89:78:e8:1f:87:71:49:12:7c:23:2f:78:2b: 9a:2d:c4:a6:cb:36:fd:a6:70:12:df:bb:60:fd:13:10:fc:65: 8c:47:76:fc:fd:53:78:5e:3a:e6:f1:2c:a5:65:89:52:86:f1: 9d:a2:c4:64:a6:6c:d4:b3:a1:88:24:a4:45:5a:0f:22:28:73: 32:ea:02:cd:5b:1c:29:76:a8:b4:e8:d7:04:80:00:a5:dc:a9: 3a:db:57:9a:a6:05:7a:d6:90:6d:da:2d:29:dc:cd:18:aa:4b: c2:9e:e5:16:eb:bb:f8:aa:22:93:6b:04:48:d0:2e:e9:b7:d4: 3f:7c:7e:10:e9:2b:21:14:6e:75:47:db:f9:80:61:25:22:31: 37:13:26:90:aa:79:18:2d:24:ba:dc:51:4f:b8:fe:55:70:48: 63:43:5f:b9:21:f7:f0:2a:22:4b:d1:85:69:fe:6a:cf:d9:19: a2:7f:8d:7b -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt26yBP2wfrv3pX0UzTQUBJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxNjUzMjQyMGEyMWU0MmI4YWQzMGRhMjRlYmY0MzQ3ZGU5 NWVmMzUwHhcNMjYwMTAxMDAxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZGMxOTE4NDY3YTJkZjFkYWJiNzAxMzlhMGY0YWIzYjYwZmY4N2ZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsYe+hjcuA9cEjUizFE/cIW82/Gz eHLDqJ0r+8x5zk1jDEFX+Of5+w8K3iV2hi8rITnIYTkm/OBeUddgm+EVrQSiaUy8 QKMyGTFKK3PnZfBp5jQJoePB3w93JF4L1MFVNAslWyI/H2bGJezCF/59w4+Ae+LV 6Rm3157crLdoIEtCM75DcxBqPBzPgL66dTOSXwaII633dfL+3waDn11e8uiKLec4 EWn5LuJbnhIUo2yXrxCcjNH/TWV5YdeWIraNWcS7WNA9ka5LMavnwp25jh8shtLB fVgo2RDq8BJWOZmSvSNRYN12igBGzu6ovMecv4a6UnfpBO4rWA/AL4phrQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFB3BkYRnot8dq7cBOaD0qztg/4f7MB8GA1UdIwQY MBaAFEFlMkIKIeQritMNok6/Q0fele81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVdVeVFnb2g1Q3VLMHcyaVRyOURSOTZWN3pVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80ZjRiMjAtNTEzNi00MjBiLWI1MTYt YjZkNjRhMDAzZDllLzEvSGNHUmhHZWkzeDJydHdFNW9QU3JPMkRfaF9zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni80ZjRiMjAtNTEzNi00MjBiLWI1MTYtYjZkNjRhMDAzZDll LzEvUVdVeVFnb2g1Q3VLMHcyaVRyOURSOTZWN3pVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALYkSAwQA wniFMA0EAgACMAcDBQMqDbEAMA0GCSqGSIb3DQEBCwUAA4IBAQBqpVHo0kkn0onl nfOA+Ei/MxRh/Ai3VZsNpa7VoMaezLeg0GoKLX8QKPTZHfxt9KUn9EyYJkB0iMhF dsje2DHgAmdtAhIUd1PkzDBgNIl46B+HcUkSfCMveCuaLcSmyzb9pnAS37tg/RMQ /GWMR3b8/VN4Xjrm8SylZYlShvGdosRkpmzUs6GIJKRFWg8iKHMy6gLNWxwpdqi0 6NcEgACl3Kk621eapgV61pBt2i0p3M0YqkvCnuUW67v4qiKTawRI0C7pt9Q/fH4Q 6SshFG51R9v5gGElIjE3EyaQqnkYLSS63FFPuP5VcEhjQ1+5IffwKiJL0YVp/mrP 2Rmif417 -----END CERTIFICATE-----Generated at Thu Feb 5 01:24:52 2026 by rpki-client