This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/HknmMTuhAYntuaPmJU-hL30K1OU.roa File: HknmMTuhAYntuaPmJU-hL30K1OU.roa (raw, json) Hash identifier: xo2ci6AUqJlHuEbTAtg/Zs/u5qObc3gQe3SW3qvrxvg= Subject key identifier: 1E:49:E6:31:3B:A1:01:89:ED:B9:A3:E6:25:4F:A1:2F:7D:0A:D4:E5 Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe Certificate serial: 019B7F15CB749F62D43AE010D3F00CB4412E Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/HknmMTuhAYntuaPmJU-hL30K1OU.roa Signing time: Fri 02 Jan 2026 14:21:33 +0000 ROA not before: Fri 02 Jan 2026 14:21:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212609 IP address blocks: 2.58.235.0/24 maxlen: 24 45.9.152.0/22 maxlen: 24 147.78.197.0/24 maxlen: 24 185.238.142.0/24 maxlen: 24 193.189.137.0/24 maxlen: 24 213.109.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:cb:74:9f:62:d4:3a:e0:10:d3:f0:0c:b4:41:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe Validity Not Before: Jan 2 14:21:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1e49e6313ba10189edb9a3e6254fa12f7d0ad4e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:c3:2e:8a:01:c5:a7:b8:6c:54:98:7f:ea:93: d6:3a:ff:a9:c3:5f:db:d6:61:c8:b3:73:14:4c:08: a0:1c:a3:ae:22:6f:99:59:23:98:17:8c:3f:d2:43: d2:af:9a:be:c0:c6:90:fe:fe:e8:e3:0e:76:f9:0d: 01:d5:67:97:a8:f0:a5:45:c6:93:00:20:fb:10:7f: 1e:76:7b:db:09:75:7d:a5:0b:8c:bf:5b:37:cb:95: de:40:a1:c5:c6:bb:ef:61:9c:86:b6:2e:48:1d:74: c5:17:f5:f5:87:e2:15:46:46:2e:78:00:eb:76:ec: 19:2b:26:18:36:5c:76:e8:b6:0a:63:29:f8:f8:52: d0:70:a0:1d:c3:42:d0:eb:6e:c7:06:14:04:05:54: 14:e8:48:55:b6:17:2c:4a:55:c3:4b:69:5b:a8:f7: 80:98:93:0b:85:bb:c6:fb:56:d4:21:80:3d:62:4d: 76:54:7c:07:39:25:d7:98:8c:1a:ba:8e:60:9d:64: 86:a1:9f:74:c0:ac:b0:e4:2f:59:3f:2d:03:fb:59: 58:83:45:65:b0:db:9a:e3:da:cd:a6:17:64:54:68: 02:55:1d:cf:4c:8b:1d:21:79:79:30:a2:e1:d7:09: e3:1a:dd:c2:46:59:0b:5a:c5:f1:b2:30:bb:aa:88: 9c:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:49:E6:31:3B:A1:01:89:ED:B9:A3:E6:25:4F:A1:2F:7D:0A:D4:E5 X509v3 Authority Key Identifier: keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/HknmMTuhAYntuaPmJU-hL30K1OU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.235.0/24 45.9.152.0/22 147.78.197.0/24 185.238.142.0/24 193.189.137.0/24 213.109.155.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:3b:34:a7:64:05:62:37:c0:a4:5b:b9:43:1c:80:fe:ad:2f: a2:00:69:66:34:7c:e7:a2:15:47:c2:7e:f3:c4:12:1f:35:31: 96:0c:8e:56:98:0b:b3:16:22:3d:c2:06:1d:71:2c:22:ad:31: de:ff:c2:6a:38:a8:76:d0:f2:93:df:76:48:f4:1f:c6:ef:99: ef:9b:31:91:eb:8d:48:37:bd:de:36:4b:e6:8f:70:60:19:4c: eb:d2:07:6c:8c:5a:2c:03:1a:ef:ce:38:49:be:cc:16:94:7f: 56:49:a7:28:eb:ec:2b:bf:d5:37:a9:5b:fb:91:d4:37:fb:4c: 13:8d:c8:6a:98:29:ae:60:e8:51:5a:3c:87:8f:7d:5b:d3:08: ed:90:d7:cf:16:b7:5f:a0:84:5e:a7:fa:30:9c:17:fb:fb:77: 4e:6f:0c:65:28:98:67:03:e3:61:19:67:8a:40:e4:8a:1b:39: 7b:ac:13:44:e3:f9:bd:b1:62:1b:23:32:c0:2c:80:4d:bc:6c: 99:80:63:d1:c5:2e:92:71:3e:6f:5c:e5:8a:83:13:67:20:9b: 36:7f:0b:19:fe:ea:4b:3e:78:69:de:33:a0:31:77:60:ee:49: 46:8c:23:4d:25:71:f9:be:a1:ff:70:a9:65:f2:51:d2:f9:d8: 48:ed:c7:66 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt/Fct0n2LUOuAQ0/AMtEEuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw MjNlYmUwHhcNMjYwMTAyMTQyMTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZTQ5ZTYzMTNiYTEwMTg5ZWRiOWEzZTYyNTRmYTEyZjdkMGFkNGU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8MuigHFp7hsVJh/6pPWOv+pw1/b 1mHIs3MUTAigHKOuIm+ZWSOYF4w/0kPSr5q+wMaQ/v7o4w52+Q0B1WeXqPClRcaT ACD7EH8ednvbCXV9pQuMv1s3y5XeQKHFxrvvYZyGti5IHXTFF/X1h+IVRkYueADr duwZKyYYNlx26LYKYyn4+FLQcKAdw0LQ627HBhQEBVQU6EhVthcsSlXDS2lbqPeA mJMLhbvG+1bUIYA9Yk12VHwHOSXXmIwauo5gnWSGoZ90wKyw5C9ZPy0D+1lYg0Vl sNua49rNphdkVGgCVR3PTIsdIXl5MKLh1wnjGt3CRlkLWsXxsjC7qoic9wIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFB5J5jE7oQGJ7bmj5iVPoS99CtTlMB8GA1UdIwQY MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt OTlhY2I5OWNlNzU0LzEvSGtubU1UdWhBWW50dWFQbUpVLWhMMzBLMU9VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0 LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjrrAwQC LQmYAwQAk07FAwQAue6OAwQAwb2JAwQA1W2bMA0GCSqGSIb3DQEBCwUAA4IBAQAr OzSnZAViN8CkW7lDHID+rS+iAGlmNHznohVHwn7zxBIfNTGWDI5WmAuzFiI9wgYd cSwirTHe/8JqOKh20PKT33ZI9B/G75nvmzGR641IN73eNkvmj3BgGUzr0gdsjFos AxrvzjhJvswWlH9WSaco6+wrv9U3qVv7kdQ3+0wTjchqmCmuYOhRWjyHj31b0wjt kNfPFrdfoIRep/ownBf7+3dObwxlKJhnA+NhGWeKQOSKGzl7rBNE4/m9sWIbIzLA LIBNvGyZgGPRxS6ScT5vXOWKgxNnIJs2fwsZ/upLPnhp3jOgMXdg7klGjCNNJXH5 vqH/cKll8lHS+dhI7cdm -----END CERTIFICATE-----Generated at Mon Jan 19 18:40:00 2026 by rpki-client