This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/HujP5oxDHEZ2MVstDarPw90xFho.roa File: HujP5oxDHEZ2MVstDarPw90xFho.roa (raw, json) Hash identifier: Rtz75ia9hRYxUyKU/WYQCS4cTOjYI+UMK2+4B6YVksE= Subject key identifier: 1E:E8:CF:E6:8C:43:1C:46:76:31:5B:2D:0D:AA:CF:C3:DD:31:16:1A Certificate issuer: /CN=db186422279d9d8b4e68e69b1296e532d4da0c3f Certificate serial: 019B79110D4D7ADF834CC9E452A78F5A8326 Authority key identifier: DB:18:64:22:27:9D:9D:8B:4E:68:E6:9B:12:96:E5:32:D4:DA:0C:3F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xhkIiednYtOaOabEpblMtTaDD8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/HujP5oxDHEZ2MVstDarPw90xFho.roa Signing time: Thu 01 Jan 2026 10:18:39 +0000 ROA not before: Thu 01 Jan 2026 10:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203441 IP address blocks: 185.132.224.0/22 maxlen: 22 193.105.103.0/24 maxlen: 24 2a03:a660::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/2xhkIiednYtOaOabEpblMtTaDD8.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/2xhkIiednYtOaOabEpblMtTaDD8.mft rsync://rpki.ripe.net/repository/DEFAULT/2xhkIiednYtOaOabEpblMtTaDD8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:0d:4d:7a:df:83:4c:c9:e4:52:a7:8f:5a:83:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db186422279d9d8b4e68e69b1296e532d4da0c3f Validity Not Before: Jan 1 10:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1ee8cfe68c431c4676315b2d0daacfc3dd31161a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:a6:3e:59:c7:0a:61:2b:59:cc:91:71:7a:12: cb:ae:bc:cf:57:21:cd:03:df:f2:3d:8a:d3:12:cf: 4c:14:2a:31:f0:72:71:35:26:f6:4e:b6:e5:9c:de: d2:47:48:f0:55:e9:6d:77:98:42:c7:53:2a:e3:2e: 06:1c:1f:3d:f9:10:bb:2d:09:fc:62:d5:91:a7:6e: c6:ce:66:63:09:c3:46:dd:e7:63:a7:46:17:a8:eb: cd:b6:31:f7:eb:bb:6c:3b:82:bf:9a:60:6d:57:27: 8e:f6:d9:d3:5e:b2:a3:e9:13:e3:48:25:ee:15:99: 09:58:1a:e7:ca:f0:0c:e7:ce:bc:04:b2:c1:12:96: 85:bd:87:1f:0c:42:d4:be:11:4d:91:85:c1:9e:ff: 93:7b:29:6e:40:66:79:ff:74:2c:71:de:d1:a2:d4: 5f:66:a3:13:c4:05:c4:a2:c8:d7:ac:bb:6a:3b:13: 39:fb:e9:e0:ae:0a:59:ca:fe:53:73:ef:d1:8a:28: d0:15:79:b5:d2:f7:c6:28:9c:cc:02:71:e9:3f:5c: ef:3e:24:e5:58:cc:40:9d:56:ba:11:80:95:af:e3: a6:90:19:be:56:78:49:e6:b5:9e:d1:aa:e1:5a:83: 73:0c:c6:75:57:23:01:c8:b8:4c:cf:7c:cc:f5:42: 5c:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:E8:CF:E6:8C:43:1C:46:76:31:5B:2D:0D:AA:CF:C3:DD:31:16:1A X509v3 Authority Key Identifier: keyid:DB:18:64:22:27:9D:9D:8B:4E:68:E6:9B:12:96:E5:32:D4:DA:0C:3F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xhkIiednYtOaOabEpblMtTaDD8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/HujP5oxDHEZ2MVstDarPw90xFho.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/0c01c5-157d-40a7-8fcc-5c7723460223/1/2xhkIiednYtOaOabEpblMtTaDD8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.132.224.0/22 193.105.103.0/24 IPv6: 2a03:a660::/32 Signature Algorithm: sha256WithRSAEncryption 8b:97:69:25:0b:34:87:3e:90:e4:cf:6b:37:84:1e:a4:24:11: 73:01:cc:80:5d:57:1b:31:c9:b2:d0:bd:06:9e:0c:27:70:25: 80:85:3a:8a:49:8e:a4:58:42:11:38:48:84:a8:c1:9e:67:ca: 71:2c:16:dd:60:fe:55:8d:68:f5:68:db:3c:1a:70:86:49:f6: 94:bd:f3:4a:49:62:5e:da:f5:bb:ea:63:97:5d:cd:ac:1d:24: a4:9a:99:25:6a:34:e9:ba:7c:d0:22:bd:c3:8a:5e:55:d1:5e: bd:7f:f2:57:66:62:bf:21:d7:b8:2e:26:52:cb:12:2c:c3:51: 3c:67:d2:f1:ea:e5:c4:e8:6c:6a:f0:a7:e3:32:c0:03:9f:64: 79:d6:14:ff:6f:b7:ca:bd:e3:94:3e:be:fc:28:ec:fb:1c:d7: 36:35:a8:a2:ca:68:7b:0e:7b:ea:3b:c4:af:4e:1d:5f:b5:32: dc:94:a6:24:27:cb:a8:d8:7a:c2:61:f9:df:7a:80:17:2b:0e: 41:57:43:1c:89:3e:05:4b:c7:f2:1f:8f:2c:8a:f8:44:82:31: e3:03:5b:6a:b8:56:c0:83:e3:a1:98:dd:06:d3:3b:04:9e:87: 4c:19:a3:78:00:18:19:d7:44:ef:12:d2:a6:60:d3:3d:ab:5a: 60:16:a7:6b -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5EQ1Net+DTMnkUqePWoMmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMTg2NDIyMjc5ZDlkOGI0ZTY4ZTY5YjEyOTZlNTMyZDRk YTBjM2YwHhcNMjYwMTAxMTAxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZWU4Y2ZlNjhjNDMxYzQ2NzYzMTViMmQwZGFhY2ZjM2RkMzExNjFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKY+WccKYStZzJFxehLLrrzPVyHN A9/yPYrTEs9MFCox8HJxNSb2TrblnN7SR0jwVeltd5hCx1Mq4y4GHB89+RC7LQn8 YtWRp27GzmZjCcNG3edjp0YXqOvNtjH367tsO4K/mmBtVyeO9tnTXrKj6RPjSCXu FZkJWBrnyvAM5868BLLBEpaFvYcfDELUvhFNkYXBnv+TeyluQGZ5/3Qscd7RotRf ZqMTxAXEosjXrLtqOxM5++ngrgpZyv5Tc+/RiijQFXm10vfGKJzMAnHpP1zvPiTl WMxAnVa6EYCVr+OmkBm+VnhJ5rWe0arhWoNzDMZ1VyMByLhMz3zM9UJcdwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFB7oz+aMQxxGdjFbLQ2qz8PdMRYaMB8GA1UdIwQY MBaAFNsYZCInnZ2LTmjmmxKW5TLU2gw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnhoa0lpZWRuWXRPYU9hYkVwYmxNdFRhREQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8wYzAxYzUtMTU3ZC00MGE3LThmY2Mt NWM3NzIzNDYwMjIzLzEvSHVqUDVveERIRVoyTVZzdERhclB3OTB4RmhvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC8wYzAxYzUtMTU3ZC00MGE3LThmY2MtNWM3NzIzNDYwMjIz LzEvMnhoa0lpZWRuWXRPYU9hYkVwYmxNdFRhREQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYTgAwQA wWlnMA0EAgACMAcDBQAqA6ZgMA0GCSqGSIb3DQEBCwUAA4IBAQCLl2klCzSHPpDk z2s3hB6kJBFzAcyAXVcbMcmy0L0GngwncCWAhTqKSY6kWEIROEiEqMGeZ8pxLBbd YP5VjWj1aNs8GnCGSfaUvfNKSWJe2vW76mOXXc2sHSSkmpklajTpunzQIr3Dil5V 0V69f/JXZmK/Ide4LiZSyxIsw1E8Z9Lx6uXE6Gxq8KfjMsADn2R51hT/b7fKveOU Pr78KOz7HNc2Naiiymh7DnvqO8SvTh1ftTLclKYkJ8uo2HrCYfnfeoAXKw5BV0Mc iT4FS8fyH48sivhEgjHjA1tquFbAg+OhmN0G0zsEnodMGaN4ABgZ10TvEtKmYNM9 q1pgFqdr -----END CERTIFICATE-----Generated at Tue Feb 10 06:06:49 2026 by rpki-client