This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/hdFvkjtKs9CqOAP8HlCjhA-rfX8.roa File: hdFvkjtKs9CqOAP8HlCjhA-rfX8.roa (raw, json) Hash identifier: /9qat8m93Fb2TGLTVIMfphjY74FEi4sF9t0aEqwTOUY= Subject key identifier: 85:D1:6F:92:3B:4A:B3:D0:AA:38:03:FC:1E:50:A3:84:0F:AB:7D:7F Certificate issuer: /CN=2c61264467b1a7fef1c51867779e5ad616b619cf Certificate serial: 019B7A5AC93E6C576258204AF7A13D4E36B4 Authority key identifier: 2C:61:26:44:67:B1:A7:FE:F1:C5:18:67:77:9E:5A:D6:16:B6:19:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LGEmRGexp_7xxRhnd55a1ha2Gc8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/hdFvkjtKs9CqOAP8HlCjhA-rfX8.roa Signing time: Thu 01 Jan 2026 16:18:48 +0000 ROA not before: Thu 01 Jan 2026 16:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201006 IP address blocks: 2.58.220.0/22 maxlen: 22 185.89.52.0/22 maxlen: 22 2a05:ce40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/LGEmRGexp_7xxRhnd55a1ha2Gc8.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/LGEmRGexp_7xxRhnd55a1ha2Gc8.mft rsync://rpki.ripe.net/repository/DEFAULT/LGEmRGexp_7xxRhnd55a1ha2Gc8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:c9:3e:6c:57:62:58:20:4a:f7:a1:3d:4e:36:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2c61264467b1a7fef1c51867779e5ad616b619cf Validity Not Before: Jan 1 16:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85d16f923b4ab3d0aa3803fc1e50a3840fab7d7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:2c:76:be:e3:e3:7f:1d:01:d3:48:8a:0d:e0: 1b:03:21:c7:2d:ca:68:ee:bb:dc:f1:5a:d4:46:53: ee:70:0e:1c:92:99:38:2c:1e:e1:bd:31:92:1d:45: 92:48:1a:4a:68:05:05:ee:28:39:57:32:06:0f:85: b8:db:3b:a2:1f:84:7d:79:28:2c:da:a1:97:d0:b5: 8b:2f:47:36:bc:86:34:e1:50:a1:49:b5:25:11:b8: 3a:f4:fa:73:c8:36:20:1e:1d:66:3f:58:ee:36:87: d8:44:be:8f:f3:53:4a:e4:af:f3:98:30:e3:ee:6a: 03:db:75:b5:7e:4e:8b:8b:64:65:82:91:bf:d2:da: 85:e7:40:6a:46:26:4c:85:d4:34:53:85:8d:98:be: f2:26:d5:1f:c0:4e:73:d7:06:31:42:60:a7:62:98: 07:a1:ef:3d:df:61:9d:fa:9d:90:a2:23:3c:ac:4b: 7d:8d:d7:df:28:8c:87:67:4f:7c:3f:76:2e:40:33: fc:87:1f:38:13:94:f6:85:2f:a0:83:61:72:48:39: 2b:a8:d7:1d:4f:1a:3e:c8:b6:d2:14:e5:3b:09:41: c3:b0:61:fa:41:1b:ff:b0:86:a9:d7:9e:1b:3a:60: 5f:7b:77:a2:dd:3e:d4:8d:9c:1c:c1:83:ae:73:79: d6:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:D1:6F:92:3B:4A:B3:D0:AA:38:03:FC:1E:50:A3:84:0F:AB:7D:7F X509v3 Authority Key Identifier: keyid:2C:61:26:44:67:B1:A7:FE:F1:C5:18:67:77:9E:5A:D6:16:B6:19:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LGEmRGexp_7xxRhnd55a1ha2Gc8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/hdFvkjtKs9CqOAP8HlCjhA-rfX8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/LGEmRGexp_7xxRhnd55a1ha2Gc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.220.0/22 185.89.52.0/22 IPv6: 2a05:ce40::/29 Signature Algorithm: sha256WithRSAEncryption 83:a0:4b:2e:dc:55:94:d1:4f:e6:49:3c:ad:a8:88:31:b4:c0: bf:a4:c8:4f:bc:d8:a4:98:79:97:aa:38:fa:a5:d3:96:0b:89: ad:66:9f:b8:6e:a5:ca:24:1a:ba:63:5d:09:05:81:35:f7:32: 62:a6:33:ac:fb:17:f6:1f:82:39:c9:db:30:b6:22:e6:6c:e4: 82:8c:e9:19:9b:5a:8c:bc:d8:22:60:bb:c0:29:70:ad:e2:65: 13:c3:31:a9:8d:37:f5:de:c4:67:57:7a:8d:ba:0c:24:d4:4f: e4:90:0a:d6:99:3d:0c:35:6a:53:61:30:80:3e:ee:a6:e2:ad: 24:87:98:8e:7e:32:7d:d5:81:39:dd:93:6d:49:7a:0a:03:02: 0e:1c:05:f9:09:05:12:07:1c:75:35:19:f8:02:5d:a6:cc:54: da:7f:83:fc:6a:75:18:f1:dd:2b:2f:f4:a6:d1:a8:ec:b1:cb: f2:33:8c:b2:4e:36:89:73:7c:9a:0b:de:c8:90:48:96:a0:28: 00:74:c4:26:b7:c1:21:24:d9:5f:a5:4f:70:4c:96:df:79:e2: 5f:32:5d:35:70:59:95:8d:e8:54:b1:8a:60:43:97:2e:cb:bf: 58:23:83:77:48:93:dd:46:48:01:1e:3d:c4:65:cd:4e:0a:ac: a8:1e:cc:94 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6Wsk+bFdiWCBK96E9Tja0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjNjEyNjQ0NjdiMWE3ZmVmMWM1MTg2Nzc3OWU1YWQ2MTZi NjE5Y2YwHhcNMjYwMTAxMTYxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWQxNmY5MjNiNGFiM2QwYWEzODAzZmMxZTUwYTM4NDBmYWI3ZDdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCx2vuPjfx0B00iKDeAbAyHHLcpo 7rvc8VrURlPucA4ckpk4LB7hvTGSHUWSSBpKaAUF7ig5VzIGD4W42zuiH4R9eSgs 2qGX0LWLL0c2vIY04VChSbUlEbg69PpzyDYgHh1mP1juNofYRL6P81NK5K/zmDDj 7moD23W1fk6Li2RlgpG/0tqF50BqRiZMhdQ0U4WNmL7yJtUfwE5z1wYxQmCnYpgH oe8932Gd+p2QoiM8rEt9jdffKIyHZ098P3YuQDP8hx84E5T2hS+gg2FySDkrqNcd Txo+yLbSFOU7CUHDsGH6QRv/sIap154bOmBfe3ei3T7UjZwcwYOuc3nWqwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFIXRb5I7SrPQqjgD/B5Qo4QPq31/MB8GA1UdIwQY MBaAFCxhJkRnsaf+8cUYZ3eeWtYWthnPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEdFbVJHZXhwXzd4eFJobmQ1NWExaGEyR2M4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9iMzYzY2QtNWExNC00MTdlLTgwZjUt OTIxNTg2NWQzN2I5LzEvaGRGdmtqdEtzOUNxT0FQOEhsQ2poQS1yZlg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy9iMzYzY2QtNWExNC00MTdlLTgwZjUtOTIxNTg2NWQzN2I5 LzEvTEdFbVJHZXhwXzd4eFJobmQ1NWExaGEyR2M4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCAjrcAwQC uVk0MA0EAgACMAcDBQMqBc5AMA0GCSqGSIb3DQEBCwUAA4IBAQCDoEsu3FWU0U/m STytqIgxtMC/pMhPvNikmHmXqjj6pdOWC4mtZp+4bqXKJBq6Y10JBYE19zJipjOs +xf2H4I5ydswtiLmbOSCjOkZm1qMvNgiYLvAKXCt4mUTwzGpjTf13sRnV3qNugwk 1E/kkArWmT0MNWpTYTCAPu6m4q0kh5iOfjJ91YE53ZNtSXoKAwIOHAX5CQUSBxx1 NRn4Al2mzFTaf4P8anUY8d0rL/Sm0ajsscvyM4yyTjaJc3yaC97IkEiWoCgAdMQm t8EhJNlfpU9wTJbfeeJfMl01cFmVjehUsYpgQ5cuy79YI4N3SJPdRkgBHj3EZc1O CqyoHsyU -----END CERTIFICATE-----Generated at Tue Feb 10 01:03:16 2026 by rpki-client