This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/HzQHYcGWjDxOlibllve70j6m1AA.roa File: HzQHYcGWjDxOlibllve70j6m1AA.roa (raw, json) Hash identifier: AWc0lslL6fgHBBQI/LtfFNNcKth/VDPg2WoOoDl9sjM= Subject key identifier: 1F:34:07:61:C1:96:8C:3C:4E:96:26:E5:96:F7:BB:D2:3E:A6:D4:00 Certificate issuer: /CN=5c1dd6ec4a2e1f376c855c58312195a005cdb850 Certificate serial: 019B79ECACE4494E3ABA72315B847E4B71E6 Authority key identifier: 5C:1D:D6:EC:4A:2E:1F:37:6C:85:5C:58:31:21:95:A0:05:CD:B8:50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XB3W7EouHzdshVxYMSGVoAXNuFA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/HzQHYcGWjDxOlibllve70j6m1AA.roa Signing time: Thu 01 Jan 2026 14:18:32 +0000 ROA not before: Thu 01 Jan 2026 14:18:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43709 IP address blocks: 78.157.160.0/19 maxlen: 21 2a02:d8a0::/32 maxlen: 34 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/XB3W7EouHzdshVxYMSGVoAXNuFA.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/XB3W7EouHzdshVxYMSGVoAXNuFA.mft rsync://rpki.ripe.net/repository/DEFAULT/XB3W7EouHzdshVxYMSGVoAXNuFA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:ac:e4:49:4e:3a:ba:72:31:5b:84:7e:4b:71:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c1dd6ec4a2e1f376c855c58312195a005cdb850 Validity Not Before: Jan 1 14:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f340761c1968c3c4e9626e596f7bbd23ea6d400 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:88:54:e4:56:c3:28:7d:18:4e:1c:a8:be:b4: 93:1a:13:cc:95:82:77:c6:d6:51:09:51:29:8f:3a: a2:39:73:ec:bf:38:73:58:4f:0f:c8:e3:3e:37:83: c1:64:57:bb:5f:77:2e:12:80:b8:3e:77:10:23:17: e9:90:59:01:cf:46:7a:2f:57:98:04:0a:7d:4f:36: 03:e1:c0:90:13:75:4e:4b:1e:0f:b7:1e:db:4b:6c: 57:e8:4e:aa:67:46:1b:b5:18:81:a5:05:15:a2:69: ad:30:b1:a1:c8:7b:1e:b1:a1:9c:7e:a4:ed:f7:94: b9:6b:52:8c:1c:29:4e:50:b9:5c:fd:a2:8a:ea:a4: 0a:50:f3:3f:7a:92:7b:49:ee:05:c6:7d:41:97:b5: 3e:2d:d9:3c:be:58:8d:af:00:2b:25:68:3f:6a:6e: cd:20:5d:02:02:ae:02:47:f6:bd:50:1a:67:e1:cb: 6a:57:5c:7b:23:b4:ba:bd:b4:5b:25:63:1e:d3:4c: 4c:7a:7b:7d:76:45:d3:f7:b3:e7:2d:b9:9f:29:66: fe:18:41:ac:f0:ef:b3:b4:4c:28:f9:3e:23:54:2d: 61:d9:f9:ad:38:e2:09:fb:2e:d7:b8:3c:30:fd:f8: d6:e2:98:b7:d0:5f:0a:8e:b6:2e:c7:45:5b:ed:fa: a6:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:34:07:61:C1:96:8C:3C:4E:96:26:E5:96:F7:BB:D2:3E:A6:D4:00 X509v3 Authority Key Identifier: keyid:5C:1D:D6:EC:4A:2E:1F:37:6C:85:5C:58:31:21:95:A0:05:CD:B8:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XB3W7EouHzdshVxYMSGVoAXNuFA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/HzQHYcGWjDxOlibllve70j6m1AA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5e4c22-cfde-4ded-a526-39671e0b6266/1/XB3W7EouHzdshVxYMSGVoAXNuFA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.157.160.0/19 IPv6: 2a02:d8a0::/32 Signature Algorithm: sha256WithRSAEncryption a8:9d:0b:ff:28:c6:40:3f:86:4a:73:ca:54:c8:14:8e:42:4a: 79:06:d8:d1:61:7a:5c:9f:1f:d9:03:3b:92:be:f9:74:8f:2f: e6:2f:3d:93:fd:ed:4b:69:bd:b9:c3:b2:97:78:43:0c:66:ac: 68:28:10:c7:19:cf:d9:f2:8d:1d:b0:22:dc:88:dc:70:b4:51: 43:15:24:9c:c3:c3:7f:e5:d1:10:58:18:b6:b6:52:b1:79:ce: 43:31:df:b6:45:2e:1c:a5:f9:18:7b:fb:95:af:cd:35:db:df: 8f:c5:da:a1:8e:d0:af:1b:53:7f:04:77:75:58:a3:86:5d:b9: 13:71:eb:55:e2:06:54:44:0e:e6:a2:e6:92:7f:03:34:61:75: 33:50:cb:ff:36:6d:31:54:7d:8d:85:cd:76:ce:d3:99:7a:9e: 2a:b4:5d:84:ef:93:73:50:35:6f:1f:78:88:1c:1d:2d:58:96: ce:8f:6f:91:71:26:4f:ab:a3:3d:2b:a3:f5:59:24:bb:0d:c3: a6:0f:71:86:31:25:62:8d:66:51:d8:1a:87:25:7d:6e:53:2b: a4:21:08:78:e0:fb:37:26:cb:ed:98:cf:6a:e9:91:3d:f0:cf: 8d:b2:c4:10:9e:96:b8:f8:56:04:17:bc:d4:37:e0:a9:64:59: ee:ed:c0:e2 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt57KzkSU46unIxW4R+S3HmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjMWRkNmVjNGEyZTFmMzc2Yzg1NWM1ODMxMjE5NWEwMDVj ZGI4NTAwHhcNMjYwMTAxMTQxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjM0MDc2MWMxOTY4YzNjNGU5NjI2ZTU5NmY3YmJkMjNlYTZkNDAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIhU5FbDKH0YThyovrSTGhPMlYJ3 xtZRCVEpjzqiOXPsvzhzWE8PyOM+N4PBZFe7X3cuEoC4PncQIxfpkFkBz0Z6L1eY BAp9TzYD4cCQE3VOSx4Ptx7bS2xX6E6qZ0YbtRiBpQUVommtMLGhyHsesaGcfqTt 95S5a1KMHClOULlc/aKK6qQKUPM/epJ7Se4Fxn1Bl7U+Ldk8vliNrwArJWg/am7N IF0CAq4CR/a9UBpn4ctqV1x7I7S6vbRbJWMe00xMent9dkXT97PnLbmfKWb+GEGs 8O+ztEwo+T4jVC1h2fmtOOIJ+y7XuDww/fjW4pi30F8KjrYux0Vb7fqmrQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFB80B2HBlow8TpYm5Zb3u9I+ptQAMB8GA1UdIwQY MBaAFFwd1uxKLh83bIVcWDEhlaAFzbhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEIzVzdFb3VIemRzaFZ4WU1TR1ZvQVhOdUZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ZTRjMjItY2ZkZS00ZGVkLWE1MjYt Mzk2NzFlMGI2MjY2LzEvSHpRSFljR1dqRHhPbGlibGx2ZTcwajZtMUFBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC81ZTRjMjItY2ZkZS00ZGVkLWE1MjYtMzk2NzFlMGI2MjY2 LzEvWEIzVzdFb3VIemRzaFZ4WU1TR1ZvQVhOdUZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFTp2gMA0E AgACMAcDBQAqAtigMA0GCSqGSIb3DQEBCwUAA4IBAQConQv/KMZAP4ZKc8pUyBSO Qkp5BtjRYXpcnx/ZAzuSvvl0jy/mLz2T/e1Lab25w7KXeEMMZqxoKBDHGc/Z8o0d sCLciNxwtFFDFSScw8N/5dEQWBi2tlKxec5DMd+2RS4cpfkYe/uVr80129+Pxdqh jtCvG1N/BHd1WKOGXbkTcetV4gZURA7mouaSfwM0YXUzUMv/Nm0xVH2Nhc12ztOZ ep4qtF2E75NzUDVvH3iIHB0tWJbOj2+RcSZPq6M9K6P1WSS7DcOmD3GGMSVijWZR 2BqHJX1uUyukIQh44Ps3JsvtmM9q6ZE98M+NssQQnpa4+FYEF7zUN+CpZFnu7cDi -----END CERTIFICATE-----Generated at Mon Feb 9 22:35:22 2026 by rpki-client