This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hgre8Ze0mgYGqiW8XLokWYpeJmQ.roa File: hgre8Ze0mgYGqiW8XLokWYpeJmQ.roa (raw, json) Hash identifier: Q9Da8xl6Itagyf0Rzb8+WsCLWf3qD8VBbE1fCOV9Vqs= Subject key identifier: 86:0A:DE:F1:97:B4:9A:06:06:AA:25:BC:5C:BA:24:59:8A:5E:26:64 Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Certificate serial: 019B7BA550AAE64E6E1D85B52BCE31E23625 Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hgre8Ze0mgYGqiW8XLokWYpeJmQ.roa Signing time: Thu 01 Jan 2026 22:19:50 +0000 ROA not before: Thu 01 Jan 2026 22:19:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210229 IP address blocks: 62.73.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:50:aa:e6:4e:6e:1d:85:b5:2b:ce:31:e2:36:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Validity Not Before: Jan 1 22:19:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=860adef197b49a0606aa25bc5cba24598a5e2664 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:05:9c:9f:02:85:b8:e8:2a:11:89:0d:0f:3c: d9:b7:e9:d7:2b:eb:c6:7a:87:c7:33:4f:99:2c:f9: db:2f:2e:9f:d7:bd:75:1e:07:5b:9b:2e:7f:b6:f5: 3d:6a:f4:f9:d0:24:f3:b5:24:9f:12:9b:ca:7f:7f: 37:8b:7e:d4:8e:c5:a5:e7:2e:73:55:e7:18:9d:7f: 44:f2:06:d3:98:bd:b4:d2:ea:a7:fd:a8:41:aa:81: 79:f3:70:e5:41:45:1e:ce:6e:85:16:f6:ef:31:15: 8a:b9:af:08:0c:6c:e9:98:cf:43:42:d1:37:08:c6: 0e:26:06:d3:2d:0b:4f:1a:74:ef:68:33:71:34:0e: 74:ad:9a:fd:0c:bb:fd:fa:67:d1:e2:63:fa:9f:47: f9:55:4b:8b:0c:0c:43:bb:9c:75:f8:31:3f:8d:19: 25:db:e2:4e:0d:b1:b7:e5:88:49:e7:85:fe:1b:72: 61:6c:1c:d8:26:6a:08:72:b4:11:4e:eb:f3:d2:ca: 7e:a1:c3:ea:94:31:11:ef:a2:7e:80:ad:8a:35:ec: f2:32:32:73:12:9a:15:4e:c0:6b:1f:d3:2e:a8:34: bf:53:48:bd:11:c4:ec:37:b0:84:36:1b:f0:ae:19: 81:2b:ab:fb:7b:d0:6d:7b:3d:c7:e4:77:06:1e:57: 64:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:0A:DE:F1:97:B4:9A:06:06:AA:25:BC:5C:BA:24:59:8A:5E:26:64 X509v3 Authority Key Identifier: keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hgre8Ze0mgYGqiW8XLokWYpeJmQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.73.119.0/24 Signature Algorithm: sha256WithRSAEncryption 52:00:92:6a:8c:a7:ae:b6:61:b1:21:3f:3c:a8:9a:f4:0c:e8: 33:dd:27:9c:5d:40:69:7d:db:4e:27:c3:f0:db:63:43:32:97: a9:93:95:f5:90:49:a2:55:1e:ee:6f:70:b3:ea:90:04:ad:68: 67:4e:5e:41:ec:59:21:be:d1:43:59:2c:50:93:28:9f:0f:06: ae:d3:1d:1a:4e:06:bb:d7:fd:ef:46:b3:4a:fb:6a:30:a9:c6: 12:91:4f:72:7e:16:4a:85:5e:80:cb:08:bd:73:32:6e:99:5e: b0:09:e5:6f:70:2f:e8:eb:df:b7:26:64:38:5f:75:49:74:07: be:e8:48:b4:2c:a1:3a:c3:f7:94:e2:b0:66:7a:8c:ec:3a:ef: d2:fe:f7:df:aa:eb:0f:54:85:97:e9:e8:4e:d3:6c:af:c9:1d: 9d:0d:46:f0:84:f0:d4:5c:00:9f:98:b8:9b:8f:10:a4:6b:89: ad:48:6d:54:92:ca:8b:0b:2e:69:26:37:39:fd:6f:15:e5:7d: f0:fb:94:17:28:16:fc:ea:9b:59:e6:0d:71:32:33:54:63:3b: 2e:cb:b6:93:3d:a0:73:35:12:86:8b:89:88:5b:34:2b:47:bf: 41:70:c0:a6:a3:5e:c3:ee:aa:3c:1c:0f:7b:05:dd:cf:be:1b: fc:a4:91:91 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7pVCq5k5uHYW1K84x4jYlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4 ZmI0YzQwHhcNMjYwMTAxMjIxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjBhZGVmMTk3YjQ5YTA2MDZhYTI1YmM1Y2JhMjQ1OThhNWUyNjY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AWcnwKFuOgqEYkNDzzZt+nXK+vG eofHM0+ZLPnbLy6f1711Hgdbmy5/tvU9avT50CTztSSfEpvKf383i37UjsWl5y5z VecYnX9E8gbTmL200uqn/ahBqoF583DlQUUezm6FFvbvMRWKua8IDGzpmM9DQtE3 CMYOJgbTLQtPGnTvaDNxNA50rZr9DLv9+mfR4mP6n0f5VUuLDAxDu5x1+DE/jRkl 2+JODbG35YhJ54X+G3JhbBzYJmoIcrQRTuvz0sp+ocPqlDER76J+gK2KNezyMjJz EpoVTsBrH9MuqDS/U0i9EcTsN7CENhvwrhmBK6v7e9Btez3H5HcGHldkbQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIYK3vGXtJoGBqolvFy6JFmKXiZkMB8GA1UdIwQY MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct ODcyYmEyZDlmNDRjLzEvaGdyZThaZTBtZ1lHcWlXOFhMb2tXWXBlSm1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkl3MA0G CSqGSIb3DQEBCwUAA4IBAQBSAJJqjKeutmGxIT88qJr0DOgz3SecXUBpfdtOJ8Pw 22NDMpepk5X1kEmiVR7ub3Cz6pAErWhnTl5B7FkhvtFDWSxQkyifDwau0x0aTga7 1/3vRrNK+2owqcYSkU9yfhZKhV6Aywi9czJumV6wCeVvcC/o69+3JmQ4X3VJdAe+ 6Ei0LKE6w/eU4rBmeozsOu/S/vffqusPVIWX6ehO02yvyR2dDUbwhPDUXACfmLib jxCka4mtSG1UksqLCy5pJjc5/W8V5X3w+5QXKBb86ptZ5g1xMjNUYzsuy7aTPaBz NRKGi4mIWzQrR79BcMCmo17D7qo8HA97Bd3Pvhv8pJGR -----END CERTIFICATE-----Generated at Mon Jan 26 10:24:51 2026 by rpki-client