This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/hSdA_HA2L9QZ3mhbG33x1NGT-Fc.roa File: hSdA_HA2L9QZ3mhbG33x1NGT-Fc.roa (raw, json) Hash identifier: yKhHYOWcBt3kXA+3mkGuMkSBiVkB5ynIWsFkRKhh36c= Subject key identifier: 85:27:40:FC:70:36:2F:D4:19:DE:68:5B:1B:7D:F1:D4:D1:93:F8:57 Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa Certificate serial: 019B7D5B03EFC1C2B06A89C25BD12D3C342A Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/hSdA_HA2L9QZ3mhbG33x1NGT-Fc.roa Signing time: Fri 02 Jan 2026 06:17:55 +0000 ROA not before: Fri 02 Jan 2026 06:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13335 IP address blocks: 78.128.122.0/24 maxlen: 24 82.118.242.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 01:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:03:ef:c1:c2:b0:6a:89:c2:5b:d1:2d:3c:34:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa Validity Not Before: Jan 2 06:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=852740fc70362fd419de685b1b7df1d4d193f857 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:bb:e2:43:59:8b:db:e7:7f:fe:30:20:82:8f: ae:88:0a:6d:c9:37:59:37:c2:5e:7e:37:5c:37:91: 56:99:8c:07:f8:42:f8:7c:c4:7c:c4:fe:a2:92:0a: ea:03:40:ca:c3:49:83:89:88:22:37:11:f0:fa:e2: 6a:3b:62:4f:23:2f:64:ba:90:2e:34:85:eb:c7:53: 9d:75:3d:88:d0:37:57:24:0e:49:13:14:8a:2c:17: 9c:ad:95:db:66:dc:2e:4c:30:f3:e3:ae:04:7a:83: 51:aa:cb:d4:be:04:10:12:93:7d:65:f5:aa:9b:ce: 7c:50:bc:dd:cd:7a:ba:c1:85:0c:5b:73:f1:99:ec: 65:49:b2:1e:22:55:38:87:03:5c:15:58:16:e9:b9: df:15:a0:b9:02:f8:bd:2d:b1:a3:58:26:62:8a:f1: aa:3f:41:30:65:cc:67:2d:6d:b3:d9:00:98:24:2b: ea:40:61:ba:78:90:ec:83:95:70:02:79:0d:ec:3b: cd:9d:ab:cb:da:de:cc:bc:44:3d:b3:8e:fd:1c:52: 40:3d:9b:3a:e4:bd:97:34:3f:f0:90:11:26:61:3c: 24:5d:5a:ff:cf:0f:60:dd:05:c0:79:44:7e:cc:43: ca:72:97:29:06:40:43:51:21:9a:75:d1:8a:d4:db: 65:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:27:40:FC:70:36:2F:D4:19:DE:68:5B:1B:7D:F1:D4:D1:93:F8:57 X509v3 Authority Key Identifier: keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/hSdA_HA2L9QZ3mhbG33x1NGT-Fc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.128.122.0/24 82.118.242.0/24 Signature Algorithm: sha256WithRSAEncryption 25:f4:ea:3e:e3:d6:c1:ca:46:89:bb:8e:b0:21:45:59:03:19: 20:9d:e5:89:93:f8:f1:10:e6:4b:3d:52:1c:5b:c9:2a:55:4d: ef:df:6d:56:a0:c6:07:6a:f2:3f:08:3b:94:71:a4:f4:a9:bd: 86:b7:04:d2:82:42:7c:51:32:eb:3b:23:14:05:a7:19:1e:b5: 33:98:7c:3f:87:8e:2b:1d:67:c9:0f:da:92:48:54:c2:f9:76: db:b5:ab:c2:0f:5a:f0:25:d5:97:6a:95:f3:ee:e3:7a:a1:b6: 53:18:eb:ab:4b:1d:20:35:51:19:d2:89:77:c7:9a:35:21:2a: 78:14:a1:92:43:5b:a5:2d:c9:c3:19:11:e7:e5:5e:c8:f5:fd: 34:c0:53:71:a9:4c:6a:bc:4b:8f:c6:66:f6:cc:ec:03:04:4b: 53:30:36:7b:6a:d7:a7:eb:6b:4d:cb:a3:7e:bc:d3:b2:81:15: 2b:28:52:d7:14:06:36:76:d1:d8:fc:b6:e0:03:f0:0d:cd:4a: 0a:04:a4:a8:64:c3:19:44:0c:63:c0:93:dc:4f:0c:5a:28:d4: cf:67:b5:62:88:2e:b8:b1:c5:5f:d3:cc:50:a7:46:46:04:f9: d8:e3:5b:fa:97:43:f5:a7:0d:c7:6a:2d:ec:91:62:b4:37:fb: ba:47:91:a7 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9WwPvwcKwaonCW9EtPDQqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1 Y2IyYWEwHhcNMjYwMTAyMDYxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTI3NDBmYzcwMzYyZmQ0MTlkZTY4NWIxYjdkZjFkNGQxOTNmODU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7viQ1mL2+d//jAggo+uiAptyTdZ N8JefjdcN5FWmYwH+EL4fMR8xP6ikgrqA0DKw0mDiYgiNxHw+uJqO2JPIy9kupAu NIXrx1OddT2I0DdXJA5JExSKLBecrZXbZtwuTDDz464EeoNRqsvUvgQQEpN9ZfWq m858ULzdzXq6wYUMW3PxmexlSbIeIlU4hwNcFVgW6bnfFaC5Avi9LbGjWCZiivGq P0EwZcxnLW2z2QCYJCvqQGG6eJDsg5VwAnkN7DvNnavL2t7MvEQ9s479HFJAPZs6 5L2XND/wkBEmYTwkXVr/zw9g3QXAeUR+zEPKcpcpBkBDUSGaddGK1NtloQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIUnQPxwNi/UGd5oWxt98dTRk/hXMB8GA1UdIwQY MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt ZGFjYjVmMzU2ZWEzLzEvaFNkQV9IQTJMOVFaM21oYkczM3gxTkdULUZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAToB6AwQA UnbyMA0GCSqGSIb3DQEBCwUAA4IBAQAl9Oo+49bBykaJu46wIUVZAxkgneWJk/jx EOZLPVIcW8kqVU3v321WoMYHavI/CDuUcaT0qb2GtwTSgkJ8UTLrOyMUBacZHrUz mHw/h44rHWfJD9qSSFTC+XbbtavCD1rwJdWXapXz7uN6obZTGOurSx0gNVEZ0ol3 x5o1ISp4FKGSQ1ulLcnDGRHn5V7I9f00wFNxqUxqvEuPxmb2zOwDBEtTMDZ7aten 62tNy6N+vNOygRUrKFLXFAY2dtHY/LbgA/ANzUoKBKSoZMMZRAxjwJPcTwxaKNTP Z7ViiC64scVf08xQp0ZGBPnY41v6l0P1pw3Hai3skWK0N/u6R5Gn -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:13 2026 by rpki-client