This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/hFTnWGImSrItjvTZMgv5Y6qcHWI.roa File: hFTnWGImSrItjvTZMgv5Y6qcHWI.roa (raw, json) Hash identifier: pZbkXKYC4cfW4J3LrFAYotHKXZiiOIa/hV0bOys/6DA= Subject key identifier: 84:54:E7:58:62:26:4A:B2:2D:8E:F4:D9:32:0B:F9:63:AA:9C:1D:62 Certificate issuer: /CN=0f78ea46cc21d45ed61268d4a9f56732c85e2150 Certificate serial: 019B7F8556FDD77592FCC001C116AB4607A6 Authority key identifier: 0F:78:EA:46:CC:21:D4:5E:D6:12:68:D4:A9:F5:67:32:C8:5E:21:50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/hFTnWGImSrItjvTZMgv5Y6qcHWI.roa Signing time: Fri 02 Jan 2026 16:23:23 +0000 ROA not before: Fri 02 Jan 2026 16:23:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201278 IP address blocks: 188.66.28.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:56:fd:d7:75:92:fc:c0:01:c1:16:ab:46:07:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f78ea46cc21d45ed61268d4a9f56732c85e2150 Validity Not Before: Jan 2 16:23:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8454e75862264ab22d8ef4d9320bf963aa9c1d62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:ad:ee:e7:88:08:6b:df:14:46:ed:22:89:4e: 0f:ea:58:09:b4:1d:7e:d8:57:93:29:9d:99:21:13: 0b:60:39:15:2d:ab:0b:8e:64:58:1d:7a:04:7f:da: b3:5c:5a:a2:0e:c3:38:bf:ac:51:da:ff:32:1d:a3: d3:1c:84:08:ed:d0:e8:93:47:a6:ec:19:ee:e0:b6: 8d:ec:4b:13:8e:7f:05:e0:e6:18:b8:fe:71:27:05: ea:8c:26:c2:45:55:77:cb:35:bd:06:86:03:27:5d: 1a:cf:40:39:d8:77:59:24:3a:e8:8f:d3:f6:b7:35: 3a:8c:10:8d:d6:74:0d:19:a4:47:78:3d:89:f3:3d: ef:3f:dd:ce:fa:d6:0c:08:97:66:86:9d:36:e7:13: 93:bb:03:7d:34:89:09:7f:a1:89:35:15:32:3c:63: 38:02:2b:d3:7c:40:8a:7b:6c:77:cb:f8:9e:a2:94: 40:03:13:8f:45:0a:88:6d:ef:e3:22:ec:32:94:bd: 45:8d:37:7b:b8:e2:cb:b3:29:d4:5d:ad:4c:cf:9f: 16:d1:17:b5:6c:80:c0:84:87:2a:bf:6c:3c:ab:94: e5:98:55:fd:a8:ee:b2:be:0d:d8:bc:6c:0f:0d:3f: b2:77:c6:83:22:71:d2:d0:63:82:2c:e7:1d:74:77: 48:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:54:E7:58:62:26:4A:B2:2D:8E:F4:D9:32:0B:F9:63:AA:9C:1D:62 X509v3 Authority Key Identifier: keyid:0F:78:EA:46:CC:21:D4:5E:D6:12:68:D4:A9:F5:67:32:C8:5E:21:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/hFTnWGImSrItjvTZMgv5Y6qcHWI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.66.28.0/22 Signature Algorithm: sha256WithRSAEncryption 9d:4d:40:60:73:6d:e6:e5:2e:5e:49:4e:a8:69:23:a9:8b:1a: 98:25:c3:f3:53:9e:7a:eb:c4:b7:8f:0e:63:28:75:fd:9e:c2: 25:2b:43:89:f1:7f:54:d6:4e:a4:2b:84:08:bb:1b:88:88:35: 63:d4:29:62:37:79:30:e6:c8:2b:a1:2e:5f:77:03:15:16:95: 3a:47:35:df:c2:99:47:10:e5:a2:07:60:9d:11:f5:71:52:94: 0b:3d:c6:36:da:f7:3b:90:97:e6:b8:65:84:45:7f:36:9e:5b: c0:4a:50:ee:bd:ef:c2:b5:88:1c:e6:d1:dc:31:21:dd:04:0f: 8a:8b:4a:d1:f5:3f:b7:f1:08:f1:92:64:65:84:a3:77:01:af: fc:94:fe:41:23:9a:de:7f:77:bc:fb:17:db:77:34:85:32:b9: e4:c0:51:1d:f0:5e:bd:fa:fd:f4:67:6c:97:70:35:cb:e0:45: 36:66:25:d0:02:eb:97:c4:d6:de:ca:3e:c8:d0:3e:cb:9c:a9: f4:c0:83:ea:99:be:2f:09:d7:f0:2d:0a:9d:d2:55:e4:1e:dc: ac:12:a0:6e:c6:25:1e:29:b7:42:fb:1a:77:e3:f3:59:b2:dc: 95:22:57:93:70:bc:6d:27:8b:e7:55:86:2c:c4:5d:c9:1d:72: e4:67:a5:22 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hVb913WS/MABwRarRgemMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmNzhlYTQ2Y2MyMWQ0NWVkNjEyNjhkNGE5ZjU2NzMyYzg1 ZTIxNTAwHhcNMjYwMTAyMTYyMzIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDU0ZTc1ODYyMjY0YWIyMmQ4ZWY0ZDkzMjBiZjk2M2FhOWMxZDYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK3u54gIa98URu0iiU4P6lgJtB1+ 2FeTKZ2ZIRMLYDkVLasLjmRYHXoEf9qzXFqiDsM4v6xR2v8yHaPTHIQI7dDok0em 7Bnu4LaN7EsTjn8F4OYYuP5xJwXqjCbCRVV3yzW9BoYDJ10az0A52HdZJDroj9P2 tzU6jBCN1nQNGaRHeD2J8z3vP93O+tYMCJdmhp025xOTuwN9NIkJf6GJNRUyPGM4 AivTfECKe2x3y/ieopRAAxOPRQqIbe/jIuwylL1FjTd7uOLLsynUXa1Mz58W0Re1 bIDAhIcqv2w8q5TlmFX9qO6yvg3YvGwPDT+yd8aDInHS0GOCLOcddHdI+QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIRU51hiJkqyLY702TIL+WOqnB1iMB8GA1UdIwQY MBaAFA946kbMIdRe1hJo1Kn1ZzLIXiFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDNqcVJzd2gxRjdXRW1qVXFmVm5Nc2hlSVZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wMjE5YzEtYTU1MS00YjkxLTljYTMt MDMyYjNiNjE0ZGQ4LzEvaEZUbldHSW1Tckl0anZUWk1ndjVZNnFjSFdJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8wMjE5YzEtYTU1MS00YjkxLTljYTMtMDMyYjNiNjE0ZGQ4 LzEvRDNqcVJzd2gxRjdXRW1qVXFmVm5Nc2hlSVZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEIcMA0G CSqGSIb3DQEBCwUAA4IBAQCdTUBgc23m5S5eSU6oaSOpixqYJcPzU55668S3jw5j KHX9nsIlK0OJ8X9U1k6kK4QIuxuIiDVj1CliN3kw5sgroS5fdwMVFpU6RzXfwplH EOWiB2CdEfVxUpQLPcY22vc7kJfmuGWERX82nlvASlDuve/CtYgc5tHcMSHdBA+K i0rR9T+38QjxkmRlhKN3Aa/8lP5BI5ref3e8+xfbdzSFMrnkwFEd8F69+v30Z2yX cDXL4EU2ZiXQAuuXxNbeyj7I0D7LnKn0wIPqmb4vCdfwLQqd0lXkHtysEqBuxiUe KbdC+xp34/NZstyVIleTcLxtJ4vnVYYsxF3JHXLkZ6Ui -----END CERTIFICATE-----Generated at Tue Feb 10 01:29:04 2026 by rpki-client