This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/huQPg2OZzXCQnpz6NzraRlxBOyA.roa File: huQPg2OZzXCQnpz6NzraRlxBOyA.roa (raw, json) Hash identifier: LoNYVr9gQJmTPlQQI8b8l2dGo34oGdEvuj6ogoTfNcg= Subject key identifier: 86:E4:0F:83:63:99:CD:70:90:9E:9C:FA:37:3A:DA:46:5C:41:3B:20 Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019B7DCBB2573F7E3C42F92D2534B9BE8666 Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/huQPg2OZzXCQnpz6NzraRlxBOyA.roa Signing time: Fri 02 Jan 2026 08:20:59 +0000 ROA not before: Fri 02 Jan 2026 08:20:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 400342 IP address blocks: 151.242.152.0/23 maxlen: 24 151.243.49.0/24 maxlen: 24 151.243.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 21:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:b2:57:3f:7e:3c:42:f9:2d:25:34:b9:be:86:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Jan 2 08:20:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=86e40f836399cd70909e9cfa373ada465c413b20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:b7:bb:ba:8b:87:8a:72:c2:2a:cc:d6:ef:c5: e8:81:a3:09:08:ee:8f:ef:61:9e:03:1b:16:ba:55: 74:ee:d4:be:b0:04:08:ce:fc:b7:a0:f6:ae:51:30: c8:c4:87:93:61:18:93:e4:18:d0:34:0f:21:30:49: 19:ab:92:71:8b:4a:32:52:d2:1f:91:e2:9b:8e:ea: 9b:ba:ed:46:58:e3:d2:96:be:13:32:41:a3:6d:2c: 99:ba:16:88:74:6e:b2:c4:4c:c5:fc:a0:a1:32:88: 37:5c:df:8e:30:fe:b4:2a:93:ee:aa:1a:46:a0:80: a2:7a:66:56:46:5c:12:55:ba:41:34:9c:67:5d:78: 4b:48:ef:6d:1b:8a:a0:81:b0:9e:34:ba:ba:48:0c: 13:d2:83:5b:da:76:97:8e:92:00:d5:29:55:60:42: f1:79:47:f4:36:3b:c7:03:c7:b3:b4:79:66:22:ae: e6:9b:ae:b7:23:65:b3:be:aa:ad:c0:92:09:a8:dd: 29:e4:7e:7e:26:26:53:ae:43:bf:ef:ac:89:4a:b8: 61:4d:4f:b3:16:36:5b:ca:48:d4:80:78:3d:e7:67: 01:3c:eb:57:07:75:d5:f3:fe:ea:52:01:5f:bb:55: 74:30:01:b5:b2:55:20:e5:d8:9f:52:cc:6c:8b:2a: a1:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:E4:0F:83:63:99:CD:70:90:9E:9C:FA:37:3A:DA:46:5C:41:3B:20 X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/huQPg2OZzXCQnpz6NzraRlxBOyA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.242.152.0/23 151.243.49.0/24 151.243.95.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:8f:48:78:41:dc:4e:8b:c9:5d:91:e7:dc:bc:bd:5d:2c:5c: ec:17:31:32:30:d3:22:78:7a:c1:45:fa:73:ef:66:65:ff:04: 16:ef:c6:85:de:0b:49:48:87:50:ef:1f:12:0b:52:07:9f:53: 2f:60:f7:97:4d:6c:ab:03:5b:4d:5f:eb:58:f6:8d:b8:1c:62: e8:07:bf:c7:ee:03:9c:e0:b3:c7:2b:ab:2b:f0:c0:83:5d:09: 21:81:5d:3d:94:07:39:44:ac:b0:9e:27:45:96:51:58:cc:1b: ae:e3:a1:c5:9b:dc:52:0b:87:7e:09:cd:38:59:64:4c:7e:26: c2:19:8c:94:3f:56:df:47:6b:36:47:dc:97:f8:f4:79:ce:c9: 0d:a7:86:ef:d0:95:4d:96:58:29:ac:89:14:a2:b0:34:6d:8a: a3:a2:73:27:95:14:66:c9:4f:87:46:76:a2:6c:4f:14:1d:14: 31:4e:2a:df:9f:7e:8f:96:55:f4:22:9a:0d:df:50:8a:f8:15: 81:0e:7b:2a:bd:ce:4f:74:02:2e:ec:f2:ea:b7:0c:3f:4c:f5: 6c:3a:2d:97:b6:50:83:21:3d:d7:a6:e2:e5:49:56:35:c1:3e: 16:ec:4b:b8:a0:b4:11:57:ea:61:c7:f5:b1:e2:bf:ea:a3:7a: f8:30:d7:ca -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9y7JXP348QvktJTS5voZmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjYwMTAyMDgyMDU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NmU0MGY4MzYzOTljZDcwOTA5ZTljZmEzNzNhZGE0NjVjNDEzYjIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0re7uouHinLCKszW78XogaMJCO6P 72GeAxsWulV07tS+sAQIzvy3oPauUTDIxIeTYRiT5BjQNA8hMEkZq5Jxi0oyUtIf keKbjuqbuu1GWOPSlr4TMkGjbSyZuhaIdG6yxEzF/KChMog3XN+OMP60KpPuqhpG oICiemZWRlwSVbpBNJxnXXhLSO9tG4qggbCeNLq6SAwT0oNb2naXjpIA1SlVYELx eUf0NjvHA8eztHlmIq7mm663I2WzvqqtwJIJqN0p5H5+JiZTrkO/76yJSrhhTU+z FjZbykjUgHg952cBPOtXB3XV8/7qUgFfu1V0MAG1slUg5difUsxsiyqhrwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFIbkD4Njmc1wkJ6c+jc62kZcQTsgMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvaHVRUGcyT1p6WENRbnB6Nk56cmFSbHhCT3lBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBl/KYAwQA l/MxAwQAl/NfMA0GCSqGSIb3DQEBCwUAA4IBAQArj0h4QdxOi8ldkefcvL1dLFzs FzEyMNMieHrBRfpz72Zl/wQW78aF3gtJSIdQ7x8SC1IHn1MvYPeXTWyrA1tNX+tY 9o24HGLoB7/H7gOc4LPHK6sr8MCDXQkhgV09lAc5RKywnidFllFYzBuu46HFm9xS C4d+Cc04WWRMfibCGYyUP1bfR2s2R9yX+PR5zskNp4bv0JVNllgprIkUorA0bYqj onMnlRRmyU+HRnaibE8UHRQxTirfn36PllX0IpoN31CK+BWBDnsqvc5PdAIu7PLq tww/TPVsOi2XtlCDIT3XpuLlSVY1wT4W7Eu4oLQRV+phx/Wx4r/qo3r4MNfK -----END CERTIFICATE-----Generated at Sun Jan 18 06:31:25 2026 by rpki-client