This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HQwq1lFkEmGfZe0hokrkqmAI50Y.roa File: HQwq1lFkEmGfZe0hokrkqmAI50Y.roa (raw, json) Hash identifier: 0JR6tbUCuYNHudj/1vn1UEigf73E0cY9O+bGUOnukNY= Subject key identifier: 1D:0C:2A:D6:51:64:12:61:9F:65:ED:21:A2:4A:E4:AA:60:08:E7:46 Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5 Certificate serial: 019B7F8456122BBAD8A3BE6177385E94B78E Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HQwq1lFkEmGfZe0hokrkqmAI50Y.roa Signing time: Fri 02 Jan 2026 16:22:17 +0000 ROA not before: Fri 02 Jan 2026 16:22:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20326 IP address blocks: 31.57.196.0/24 maxlen: 24 31.57.238.0/24 maxlen: 24 31.58.56.0/24 maxlen: 24 31.59.172.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 06 Jan 2026 11:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:56:12:2b:ba:d8:a3:be:61:77:38:5e:94:b7:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5 Validity Not Before: Jan 2 16:22:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1d0c2ad6516412619f65ed21a24ae4aa6008e746 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:b9:1f:16:db:98:ef:d6:42:23:0f:dc:dc:82: e0:f7:ce:f8:12:28:c3:91:b6:e7:8d:87:6b:90:7b: 16:a5:20:84:22:3a:81:9d:68:d4:b8:72:6e:57:76: 15:fa:33:df:56:ca:06:46:8f:fb:c5:bb:a3:75:a5: 30:e9:43:38:90:1a:d5:b5:74:d1:1f:fb:2a:f7:7b: a6:37:c0:90:c5:19:a1:17:46:02:40:0b:f2:73:da: 5a:34:7b:31:fd:35:08:46:25:f5:b9:c3:b0:6e:2f: d2:eb:58:6e:be:5c:a5:8c:3e:3a:39:ce:e8:c0:6e: 25:e8:6b:74:2f:83:35:26:cc:e6:63:95:57:25:72: a8:89:6d:13:02:18:7d:80:26:8d:94:01:67:3b:76: 0c:7f:e4:ac:ac:f1:64:68:54:94:2f:6b:1c:bf:1d: 49:25:1e:9f:5b:96:97:58:5c:21:79:a1:fe:3b:f0: 6e:56:f4:61:1f:cb:89:bd:24:41:8b:b7:bc:bd:d3: d3:b4:fa:4a:dd:1c:23:2f:01:02:fa:23:17:f5:29: f5:d5:74:76:7a:c9:fb:7f:8d:76:c4:33:ad:1d:24: 56:e4:03:64:61:31:34:52:4c:59:9b:14:d1:5c:d3: 53:d7:39:64:06:3c:5f:9a:9c:c1:75:98:05:af:4a: ed:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:0C:2A:D6:51:64:12:61:9F:65:ED:21:A2:4A:E4:AA:60:08:E7:46 X509v3 Authority Key Identifier: keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HQwq1lFkEmGfZe0hokrkqmAI50Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.57.196.0/24 31.57.238.0/24 31.58.56.0/24 31.59.172.0/24 Signature Algorithm: sha256WithRSAEncryption 64:ae:66:61:fb:df:02:6a:15:cf:25:da:6f:bd:af:4f:49:b6: a3:3c:ec:55:ed:ed:1d:62:51:74:99:30:6b:20:ed:6a:77:12: 53:dd:04:c8:3e:88:8e:d8:ba:cc:02:d0:6e:51:1b:e9:e6:a7: 7a:a5:92:aa:2b:70:fc:12:1d:0c:4a:44:62:35:b2:f4:23:d1: b1:06:2c:fe:5c:e2:5a:46:db:1d:c1:73:70:e4:31:e9:a5:2e: b7:61:a6:a2:ac:a6:2c:5e:d1:ba:90:a9:e8:27:34:bf:ff:19: ae:34:1b:3b:70:c5:a6:ca:28:23:9b:48:8e:ff:12:90:6c:6e: f2:5a:c7:00:af:44:f0:06:5e:20:d3:a8:4f:8c:99:0e:d6:55: c1:21:2b:c0:d0:1f:1a:0c:c9:e1:7d:13:da:2f:08:99:24:0f: 3b:59:7a:a9:fb:92:81:9a:cc:a0:58:64:90:10:3b:43:dc:e4: c8:4c:85:ee:ba:51:5d:5e:d2:87:1c:04:3e:96:f0:eb:d5:cb: 96:1b:aa:6e:37:48:06:9f:5b:ed:2f:83:b2:a7:d5:2c:22:a8: c3:1d:8f:b9:0d:9d:0d:c0:20:85:90:8e:28:65:f2:9e:78:37: 86:87:a5:87:67:d6:50:bb:68:5f:a0:3b:40:dd:ca:84:88:0a: ea:ec:db:dc -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt/hFYSK7rYo75hdzhelLeOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2 YjI1YzUwHhcNMjYwMTAyMTYyMjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZDBjMmFkNjUxNjQxMjYxOWY2NWVkMjFhMjRhZTRhYTYwMDhlNzQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbkfFtuY79ZCIw/c3ILg9874EijD kbbnjYdrkHsWpSCEIjqBnWjUuHJuV3YV+jPfVsoGRo/7xbujdaUw6UM4kBrVtXTR H/sq93umN8CQxRmhF0YCQAvyc9paNHsx/TUIRiX1ucOwbi/S61huvlyljD46Oc7o wG4l6Gt0L4M1JszmY5VXJXKoiW0TAhh9gCaNlAFnO3YMf+SsrPFkaFSUL2scvx1J JR6fW5aXWFwheaH+O/BuVvRhH8uJvSRBi7e8vdPTtPpK3RwjLwEC+iMX9Sn11XR2 esn7f412xDOtHSRW5ANkYTE0UkxZmxTRXNNT1zlkBjxfmpzBdZgFr0rtkwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFB0MKtZRZBJhn2XtIaJK5KpgCOdGMB8GA1UdIwQY MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt YjgxMWNmY2I5ZmQ1LzEvSFF3cTFsRmtFbUdmWmUwaG9rcmtxbUFJNTBZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1 LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHznEAwQA HznuAwQAHzo4AwQAHzusMA0GCSqGSIb3DQEBCwUAA4IBAQBkrmZh+98CahXPJdpv va9PSbajPOxV7e0dYlF0mTBrIO1qdxJT3QTIPoiO2LrMAtBuURvp5qd6pZKqK3D8 Eh0MSkRiNbL0I9GxBiz+XOJaRtsdwXNw5DHppS63YaairKYsXtG6kKnoJzS//xmu NBs7cMWmyigjm0iO/xKQbG7yWscAr0TwBl4g06hPjJkO1lXBISvA0B8aDMnhfRPa LwiZJA87WXqp+5KBmsygWGSQEDtD3OTITIXuulFdXtKHHAQ+lvDr1cuWG6puN0gG n1vtL4Oyp9UsIqjDHY+5DZ0NwCCFkI4oZfKeeDeGh6WHZ9ZQu2hfoDtA3cqEiArq 7Nvc -----END CERTIFICATE-----Generated at Mon Jan 5 14:36:32 2026 by rpki-client