This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/7hkN41FQK4rNVtwj2BraoZnJuqg.roa File: 7hkN41FQK4rNVtwj2BraoZnJuqg.roa (raw, json) Hash identifier: 5m1MRTp35SIueLauNwTAW0LsW5mYAj38kHx8oT3d5Os= Subject key identifier: EE:19:0D:E3:51:50:2B:8A:CD:56:DC:23:D8:1A:DA:A1:99:C9:BA:A8 Certificate issuer: /CN=4451e83dae12a371c1dd49db34d9bd52a9688b4a Certificate serial: 019B7E381486CD838922ED9EAF325C2C7F88 Authority key identifier: 44:51:E8:3D:AE:12:A3:71:C1:DD:49:DB:34:D9:BD:52:A9:68:8B:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFHoPa4So3HB3UnbNNm9Uqloi0o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/7hkN41FQK4rNVtwj2BraoZnJuqg.roa Signing time: Fri 02 Jan 2026 10:19:22 +0000 ROA not before: Fri 02 Jan 2026 10:19:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206022 IP address blocks: 185.198.156.0/24 maxlen: 24 185.198.157.0/24 maxlen: 24 185.198.158.0/24 maxlen: 24 185.198.159.0/24 maxlen: 24 2a0a:8b40::/29 maxlen: 29 2a0a:8b40:fede::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/RFHoPa4So3HB3UnbNNm9Uqloi0o.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/RFHoPa4So3HB3UnbNNm9Uqloi0o.mft rsync://rpki.ripe.net/repository/DEFAULT/RFHoPa4So3HB3UnbNNm9Uqloi0o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:14:86:cd:83:89:22:ed:9e:af:32:5c:2c:7f:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4451e83dae12a371c1dd49db34d9bd52a9688b4a Validity Not Before: Jan 2 10:19:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ee190de351502b8acd56dc23d81adaa199c9baa8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a2:d9:ef:7c:3a:37:fa:8e:2f:e2:d9:23:22: 0f:e7:64:fe:2b:71:e5:ac:0a:90:c6:3c:f2:fc:78: a6:fb:04:ee:db:54:61:43:07:5b:48:6c:97:8d:31: 22:53:85:65:9d:e7:6b:67:17:c7:9b:03:a4:0c:8c: 67:8b:fd:e5:15:08:68:7b:34:20:42:24:22:8e:52: c2:80:bd:5f:dc:8e:cf:2c:54:b7:0d:06:3e:6a:55: 91:71:91:dc:e3:43:a2:4e:54:17:fe:f7:e1:6c:b8: 74:d6:18:e5:62:db:38:39:ee:f4:50:52:dd:6a:9c: 85:37:20:f2:a2:5a:f8:d1:da:8f:82:42:30:7a:dc: 22:d7:51:1f:27:28:f9:fd:6c:ab:2f:55:0b:96:c4: 37:60:36:ff:5b:2e:c4:a4:10:40:28:41:76:e3:19: 7c:da:d1:49:94:f1:7f:0b:e9:7f:c5:3f:64:9b:f0: b5:0c:b9:a1:a9:9a:28:75:69:4f:86:02:db:ae:89: 6d:3e:e6:f2:61:83:d7:67:71:3e:29:87:47:b4:f9: 7c:7a:c3:80:f3:53:96:31:8b:c1:70:cf:82:1b:19: 37:da:da:c2:51:e3:d1:ef:32:86:a8:0d:98:f6:78: d6:68:35:56:c2:05:ec:b5:ea:ce:fd:1f:2a:35:ad: b8:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:19:0D:E3:51:50:2B:8A:CD:56:DC:23:D8:1A:DA:A1:99:C9:BA:A8 X509v3 Authority Key Identifier: keyid:44:51:E8:3D:AE:12:A3:71:C1:DD:49:DB:34:D9:BD:52:A9:68:8B:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFHoPa4So3HB3UnbNNm9Uqloi0o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/7hkN41FQK4rNVtwj2BraoZnJuqg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/RFHoPa4So3HB3UnbNNm9Uqloi0o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.198.156.0/22 IPv6: 2a0a:8b40::/29 Signature Algorithm: sha256WithRSAEncryption 37:77:18:63:0a:c5:35:54:41:8d:fe:e6:35:ef:d3:7a:f8:61: 66:c1:d9:c8:ef:dc:63:55:0f:22:9a:ed:33:ae:58:08:ca:c0: e5:10:13:e3:a9:63:bf:aa:3d:ec:b7:0e:fc:d7:3b:4d:0b:02: 59:9a:33:61:5b:e1:24:de:c9:aa:50:6a:bb:3a:e6:2b:48:6c: a4:91:08:f5:cf:eb:e5:e8:e7:2e:cb:8f:72:d9:80:1d:c9:94: 1f:35:b5:72:c2:c0:ad:a9:a0:35:45:35:d9:fd:16:7d:d2:02: ff:fb:97:b5:77:4d:f5:bf:76:10:54:2f:69:81:08:7b:6e:f6: 2f:6c:a5:da:1b:3f:e8:89:6a:23:a5:81:5c:8c:61:81:c5:b8: 0e:24:ea:f4:b0:cb:07:63:df:63:b6:2d:68:bc:cd:90:6c:30: 93:db:4d:f5:a4:a4:24:e0:3c:bd:ee:b1:6b:d1:52:0a:d9:fb: 80:2a:f8:13:40:d5:08:3c:7e:ed:36:42:c2:a6:15:d3:64:2a: ea:16:92:33:ef:ad:fc:0c:9c:3e:00:48:9e:72:e3:7f:8a:fb: 57:6b:df:ba:f3:62:76:39:05:ff:99:98:e3:b8:0a:8b:cc:3e: 28:b6:13:ae:e8:be:2d:92:f1:e5:5e:8f:10:fa:e4:3d:15:49: e9:5c:cf:5c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OBSGzYOJIu2erzJcLH+IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0NTFlODNkYWUxMmEzNzFjMWRkNDlkYjM0ZDliZDUyYTk2 ODhiNGEwHhcNMjYwMTAyMTAxOTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlZTE5MGRlMzUxNTAyYjhhY2Q1NmRjMjNkODFhZGFhMTk5YzliYWE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqLZ73w6N/qOL+LZIyIP52T+K3Hl rAqQxjzy/Him+wTu21RhQwdbSGyXjTEiU4VlnedrZxfHmwOkDIxni/3lFQhoezQg QiQijlLCgL1f3I7PLFS3DQY+alWRcZHc40OiTlQX/vfhbLh01hjlYts4Oe70UFLd apyFNyDyolr40dqPgkIwetwi11EfJyj5/WyrL1ULlsQ3YDb/Wy7EpBBAKEF24xl8 2tFJlPF/C+l/xT9km/C1DLmhqZoodWlPhgLbroltPubyYYPXZ3E+KYdHtPl8esOA 81OWMYvBcM+CGxk32trCUePR7zKGqA2Y9njWaDVWwgXsterO/R8qNa24EwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFO4ZDeNRUCuKzVbcI9ga2qGZybqoMB8GA1UdIwQY MBaAFERR6D2uEqNxwd1J2zTZvVKpaItKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUkZIb1BhNFNvM0hCM1VuYk5ObTlVcWxvaTBvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9kZDhmNzEtMmIzNi00ZmI3LWIyZDUt Zjk5N2RiZGMzZTU3LzEvN2hrTjQxRlFLNHJOVnR3ajJCcmFvWm5KdXFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy9kZDhmNzEtMmIzNi00ZmI3LWIyZDUtZjk5N2RiZGMzZTU3 LzEvUkZIb1BhNFNvM0hCM1VuYk5ObTlVcWxvaTBvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucacMA0E AgACMAcDBQMqCotAMA0GCSqGSIb3DQEBCwUAA4IBAQA3dxhjCsU1VEGN/uY179N6 +GFmwdnI79xjVQ8imu0zrlgIysDlEBPjqWO/qj3stw781ztNCwJZmjNhW+Ek3smq UGq7OuYrSGykkQj1z+vl6Ocuy49y2YAdyZQfNbVywsCtqaA1RTXZ/RZ90gL/+5e1 d031v3YQVC9pgQh7bvYvbKXaGz/oiWojpYFcjGGBxbgOJOr0sMsHY99jti1ovM2Q bDCT2031pKQk4Dy97rFr0VIK2fuAKvgTQNUIPH7tNkLCphXTZCrqFpIz7638DJw+ AEiecuN/ivtXa9+682J2OQX/mZjjuAqLzD4othOu6L4tkvHlXo8Q+uQ9FUnpXM9c -----END CERTIFICATE-----Generated at Tue Feb 10 04:27:38 2026 by rpki-client