This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/HJsFBPXpRz5LLN-HWWaUWkvpuFg.roa File: HJsFBPXpRz5LLN-HWWaUWkvpuFg.roa (raw, json) Hash identifier: A71A79ld0mpXJShPBVAxO/RGVR9i2ChYv5yAgG0mvoI= Subject key identifier: 1C:9B:05:04:F5:E9:47:3E:4B:2C:DF:87:59:66:94:5A:4B:E9:B8:58 Certificate issuer: /CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9 Certificate serial: 019B7B36B5CBF8C4588DE174DDD3A48ECB30 Authority key identifier: 39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/HJsFBPXpRz5LLN-HWWaUWkvpuFg.roa Signing time: Thu 01 Jan 2026 20:19:01 +0000 ROA not before: Thu 01 Jan 2026 20:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213254 IP address blocks: 195.190.139.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.mft rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 08:01:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:b5:cb:f8:c4:58:8d:e1:74:dd:d3:a4:8e:cb:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9 Validity Not Before: Jan 1 20:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1c9b0504f5e9473e4b2cdf875966945a4be9b858 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:0c:c2:77:6b:24:e7:f6:d6:ea:d2:f6:f1:13: f9:6f:3f:e5:67:9b:4c:11:83:fb:cc:14:24:b1:9d: cc:87:2d:ee:8f:c3:60:b6:00:6f:1f:ed:51:30:d6: 4e:51:f2:e4:7b:60:8b:e4:c6:bf:90:5e:e4:99:94: 7b:01:5c:58:8b:70:44:6e:56:1b:2a:54:c5:5f:58: 07:d9:70:6a:6d:ed:f8:04:67:bf:0f:8b:73:f6:9c: e6:54:cd:28:d5:b3:a3:fe:bf:9d:15:3d:5e:2a:e0: 6f:2e:39:5b:7e:8b:00:7f:15:88:28:67:ed:c7:09: 4a:51:93:c0:4e:42:7f:8b:09:ed:7d:e6:96:5d:b2: c1:d1:e3:c4:d3:db:15:b0:b7:c0:55:5f:12:34:40: 4f:e7:2b:34:de:09:61:bb:71:1b:b4:bc:0d:8d:35: 02:06:c9:09:d3:09:76:95:43:0a:8d:29:5c:b2:22: 45:b9:4a:d3:09:a8:13:46:21:0b:01:fd:47:98:e3: d3:83:27:d7:1e:6c:29:1e:8c:9a:81:6d:6d:3f:57: bc:58:7a:b2:80:73:7a:60:18:d3:a5:51:98:09:af: 77:65:02:31:fa:69:47:4d:28:d2:28:2d:9d:7a:83: 2a:87:36:03:09:72:1a:1f:9b:2c:b4:2a:8c:5d:38: 94:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:9B:05:04:F5:E9:47:3E:4B:2C:DF:87:59:66:94:5A:4B:E9:B8:58 X509v3 Authority Key Identifier: keyid:39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/HJsFBPXpRz5LLN-HWWaUWkvpuFg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.190.139.0/24 Signature Algorithm: sha256WithRSAEncryption 38:10:4c:be:f0:43:af:ed:e4:5d:5a:be:2c:53:e3:41:f5:ed: 11:e5:df:2e:76:b8:7c:f5:b7:1c:ed:99:5d:8b:28:86:4b:52: 01:52:58:5b:ac:8a:9e:e9:7c:3a:5f:2b:f4:6b:9d:3a:05:41: 38:e1:f7:4e:3b:0b:cd:e5:6d:51:8a:e1:25:31:e9:23:c5:e2: 10:30:e8:3f:c3:40:9c:b7:b8:40:0a:d3:2c:82:ad:cd:b7:9b: ba:df:84:75:34:23:b9:15:f0:37:17:ca:38:5c:a5:61:12:3b: 1f:54:28:dc:13:a4:d0:db:23:b0:5c:ad:fc:ee:10:82:3a:31: e3:4b:c8:2d:de:40:91:17:cb:9a:51:ff:ba:27:95:6a:27:85: 75:1a:17:09:66:5a:94:ca:8f:c7:f1:9d:f5:4f:7c:cf:c4:db: a6:a1:db:b6:b1:ff:32:63:01:c1:09:3d:86:10:e9:68:20:af: 88:fa:83:52:27:0b:1f:d2:ff:23:8e:b7:bc:1e:c5:8d:a1:20: e2:86:44:ba:e5:6f:ec:cd:fd:4f:04:93:a6:a0:e1:33:4c:ea: 9a:25:6a:63:ce:14:5a:68:ff:d8:29:f5:84:67:0f:a2:f9:fc: e5:fa:43:ee:e5:4c:48:36:89:aa:f9:82:19:bb:e9:13:1b:0a: 18:6c:b8:f5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7NrXL+MRYjeF03dOkjsswMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MzZkYWYwMzc1NmJhZjgzYmE0ZjM4ZGJlNWQ2OGNiOWJh Y2VmZjkwHhcNMjYwMTAxMjAxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYzliMDUwNGY1ZTk0NzNlNGIyY2RmODc1OTY2OTQ1YTRiZTliODU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAzCd2sk5/bW6tL28RP5bz/lZ5tM EYP7zBQksZ3Mhy3uj8NgtgBvH+1RMNZOUfLke2CL5Ma/kF7kmZR7AVxYi3BEblYb KlTFX1gH2XBqbe34BGe/D4tz9pzmVM0o1bOj/r+dFT1eKuBvLjlbfosAfxWIKGft xwlKUZPATkJ/iwntfeaWXbLB0ePE09sVsLfAVV8SNEBP5ys03glhu3EbtLwNjTUC BskJ0wl2lUMKjSlcsiJFuUrTCagTRiELAf1HmOPTgyfXHmwpHoyagW1tP1e8WHqy gHN6YBjTpVGYCa93ZQIx+mlHTSjSKC2deoMqhzYDCXIaH5sstCqMXTiUXQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFBybBQT16Uc+Syzfh1lmlFpL6bhYMB8GA1UdIwQY MBaAFDk22vA3Vrr4O6Tzjb5daMubrO/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2Mt Zjk1ZjY2ZDYwNTVjLzEvSEpzRkJQWHBSejVMTE4tSFdXYVVXa3ZwdUZnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2MtZjk1ZjY2ZDYwNTVj LzEvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw76LMA0G CSqGSIb3DQEBCwUAA4IBAQA4EEy+8EOv7eRdWr4sU+NB9e0R5d8udrh89bcc7Zld iyiGS1IBUlhbrIqe6Xw6Xyv0a506BUE44fdOOwvN5W1RiuElMekjxeIQMOg/w0Cc t7hACtMsgq3Nt5u634R1NCO5FfA3F8o4XKVhEjsfVCjcE6TQ2yOwXK387hCCOjHj S8gt3kCRF8uaUf+6J5VqJ4V1GhcJZlqUyo/H8Z31T3zPxNumodu2sf8yYwHBCT2G EOloIK+I+oNSJwsf0v8jjre8HsWNoSDihkS65W/szf1PBJOmoOEzTOqaJWpjzhRa aP/YKfWEZw+i+fzl+kPu5UxINomq+YIZu+kTGwoYbLj1 -----END CERTIFICATE-----Generated at Wed Jan 21 14:10:56 2026 by rpki-client