This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/hdqbXqEEo0WcDbUPmcA4zHyMx9g.roa File: hdqbXqEEo0WcDbUPmcA4zHyMx9g.roa (raw, json) Hash identifier: wTfh43Z2dxSuhlyGF6sDvzrntnhstLzn2fKCtG4m1og= Subject key identifier: 85:DA:9B:5E:A1:04:A3:45:9C:0D:B5:0F:99:C0:38:CC:7C:8C:C7:D8 Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Certificate serial: 019B78A273682EDD96E6848F8E972D58E4D2 Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/hdqbXqEEo0WcDbUPmcA4zHyMx9g.roa Signing time: Thu 01 Jan 2026 08:17:50 +0000 ROA not before: Thu 01 Jan 2026 08:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7029 IP address blocks: 45.67.140.0/24 maxlen: 24 94.154.180.0/23 maxlen: 23 185.230.122.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:73:68:2e:dd:96:e6:84:8f:8e:97:2d:58:e4:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Validity Not Before: Jan 1 08:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85da9b5ea104a3459c0db50f99c038cc7c8cc7d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:83:63:b4:0d:f7:de:a1:72:a7:9c:eb:0e:eb: d6:2c:78:76:02:e8:d7:9b:88:09:11:e0:84:49:cb: 97:13:fb:fa:d0:f3:9c:a7:68:e6:bb:b4:1a:88:03: 45:29:11:44:7d:38:3d:9d:03:52:65:b2:0d:fe:d0: 66:d0:0c:4f:e0:d4:d1:02:27:44:d7:81:67:8a:ac: 15:cf:9d:b6:da:87:e6:71:d3:9e:7a:ad:25:e1:e3: 0e:7a:59:32:8e:6b:ef:18:ce:d4:99:9b:eb:ef:4b: 88:aa:c8:3e:b0:ff:0d:7e:75:2d:b7:f7:cd:78:18: 89:b8:4b:62:3d:f1:57:25:96:f3:06:81:da:c1:da: 1b:7f:3e:c5:a6:cd:21:df:3b:eb:17:87:46:11:94: bb:8d:4f:4c:ca:de:5f:65:40:42:80:a2:6f:67:be: 2d:9b:03:af:c9:56:c7:c0:a3:56:e1:3e:09:92:4d: 2b:0b:27:cc:ee:36:ba:78:8f:f4:e2:da:a9:64:2f: 05:85:da:2a:5a:01:ed:b0:41:37:e4:c4:0d:85:3d: 95:53:cc:b8:cd:33:59:aa:b5:52:4e:01:b2:5d:be: ae:87:43:47:7f:86:96:ca:88:90:85:ef:13:b1:a6: 20:0c:86:bb:a4:0a:8a:8e:2f:07:0c:ae:2a:1c:68: c2:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:DA:9B:5E:A1:04:A3:45:9C:0D:B5:0F:99:C0:38:CC:7C:8C:C7:D8 X509v3 Authority Key Identifier: keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/hdqbXqEEo0WcDbUPmcA4zHyMx9g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.140.0/24 94.154.180.0/23 185.230.122.0/24 Signature Algorithm: sha256WithRSAEncryption 06:17:22:40:32:bb:a7:06:8c:da:04:c9:00:bf:fe:f5:9e:92: cb:ad:5a:14:8c:3e:3e:26:a0:d0:f4:ee:01:d4:3d:54:4e:ad: 32:7c:a1:a5:f8:34:e9:f4:3b:e6:68:38:a4:68:20:07:99:7b: ce:02:13:9c:ff:32:41:70:c9:79:f8:04:cf:a6:22:87:b9:72: 37:b6:3b:63:18:60:34:63:36:1e:1f:aa:5a:b9:41:8d:d5:b8: 18:08:69:98:42:22:06:96:cb:11:7d:22:6d:e1:b8:2d:06:4f: 0f:7d:60:b0:6a:1a:77:9f:cb:fd:4b:33:c7:d4:b6:ed:45:67: 16:7f:13:30:c2:70:c0:61:77:50:dc:77:59:fd:f4:59:a4:33: 6c:86:77:aa:eb:03:d1:4a:15:4b:0b:e2:6a:b9:76:2d:5c:46: a7:04:d6:7d:5d:a4:3f:20:c4:2e:d6:0e:59:29:9e:47:0e:50: 82:08:ac:06:c9:20:7e:a4:d0:7e:5c:60:51:e3:3c:69:9c:3e: 30:1a:77:f5:53:0e:03:8a:83:91:a8:e9:f9:1e:a8:3d:92:e1: 70:df:6a:77:5d:71:19:a1:9b:c4:9d:a1:ea:41:a4:6f:49:75: f0:f9:f6:e0:3a:ad:c3:90:d3:9b:eb:57:96:6f:ea:da:ee:68: 94:bc:4a:45 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt4onNoLt2W5oSPjpctWOTSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy ZGJmMDcwHhcNMjYwMTAxMDgxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWRhOWI1ZWExMDRhMzQ1OWMwZGI1MGY5OWMwMzhjYzdjOGNjN2Q4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvINjtA333qFyp5zrDuvWLHh2AujX m4gJEeCEScuXE/v60POcp2jmu7QaiANFKRFEfTg9nQNSZbIN/tBm0AxP4NTRAidE 14FniqwVz5222ofmcdOeeq0l4eMOelkyjmvvGM7UmZvr70uIqsg+sP8NfnUtt/fN eBiJuEtiPfFXJZbzBoHawdobfz7Fps0h3zvrF4dGEZS7jU9Myt5fZUBCgKJvZ74t mwOvyVbHwKNW4T4Jkk0rCyfM7ja6eI/04tqpZC8FhdoqWgHtsEE35MQNhT2VU8y4 zTNZqrVSTgGyXb6uh0NHf4aWyoiQhe8TsaYgDIa7pAqKji8HDK4qHGjCZwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFIXam16hBKNFnA21D5nAOMx8jMfYMB8GA1UdIwQY MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt ZjNlNTA2YWVhYTAxLzEvaGRxYlhxRUVvMFdjRGJVUG1jQTR6SHlNeDlnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUOMAwQB Xpq0AwQAueZ6MA0GCSqGSIb3DQEBCwUAA4IBAQAGFyJAMrunBozaBMkAv/71npLL rVoUjD4+JqDQ9O4B1D1UTq0yfKGl+DTp9DvmaDikaCAHmXvOAhOc/zJBcMl5+ATP piKHuXI3tjtjGGA0YzYeH6pauUGN1bgYCGmYQiIGlssRfSJt4bgtBk8PfWCwahp3 n8v9SzPH1LbtRWcWfxMwwnDAYXdQ3HdZ/fRZpDNshneq6wPRShVLC+JquXYtXEan BNZ9XaQ/IMQu1g5ZKZ5HDlCCCKwGySB+pNB+XGBR4zxpnD4wGnf1Uw4DioORqOn5 Hqg9kuFw32p3XXEZoZvEnaHqQaRvSXXw+fbgOq3DkNOb61eWb+ra7miUvEpF -----END CERTIFICATE-----Generated at Sun Jan 18 08:53:28 2026 by rpki-client