This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/hBPMfJjzisDLgAAy42OAPWTEtn4.roa File: hBPMfJjzisDLgAAy42OAPWTEtn4.roa (raw, json) Hash identifier: 7+lbylCTdmTyru0tkrcTEDn3h1rEwAZ3WSEJuuLSstI= Subject key identifier: 84:13:CC:7C:98:F3:8A:C0:CB:80:00:32:E3:63:80:3D:64:C4:B6:7E Certificate issuer: /CN=6afab09168e7cc66b663c6162d5c8d454965cce2 Certificate serial: 019B7CEE19DCC737BED1856649213337414B Authority key identifier: 6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/hBPMfJjzisDLgAAy42OAPWTEtn4.roa Signing time: Fri 02 Jan 2026 04:18:57 +0000 ROA not before: Fri 02 Jan 2026 04:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203268 IP address blocks: 185.137.244.0/22 maxlen: 22 185.137.244.0/24 maxlen: 24 185.137.245.0/24 maxlen: 24 185.137.246.0/24 maxlen: 24 185.137.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:19:dc:c7:37:be:d1:85:66:49:21:33:37:41:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6afab09168e7cc66b663c6162d5c8d454965cce2 Validity Not Before: Jan 2 04:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8413cc7c98f38ac0cb800032e363803d64c4b67e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:3a:24:6c:3d:ef:56:59:24:b2:05:05:66:4a: 9a:a0:e2:0b:2b:61:79:6d:d4:d4:67:b9:30:90:5e: 91:0a:1a:04:29:f0:e4:77:04:1f:61:4b:0e:f1:60: e4:f1:df:db:80:ba:61:09:8c:b7:73:6f:b1:bf:f0: a4:06:63:f9:e3:4d:fb:66:36:1b:b3:05:73:3c:67: fc:c1:74:d6:0e:af:8a:64:10:ae:dc:e4:cd:c1:df: 26:fe:db:89:35:d3:24:0e:f1:02:18:34:b3:8a:c8: 55:47:10:ca:ab:b6:4c:e2:9f:26:bb:b0:54:6d:8e: 39:b0:b8:dd:3c:d3:bd:58:4a:ee:71:1f:24:8e:1b: 22:14:ed:50:a3:45:c8:1d:1f:64:07:c8:c0:55:40: 0e:06:18:53:e3:e1:04:ed:85:d5:ad:1b:3f:d4:f5: e4:4a:34:42:57:96:da:15:11:ff:d0:70:f2:83:14: ef:32:68:43:aa:56:b3:6e:3c:da:0b:24:9e:d5:be: 71:38:03:d1:03:5e:70:bd:ae:0d:0f:76:c7:e7:49: 5f:b2:cf:78:82:8c:b8:22:7f:72:bd:43:83:ba:7d: de:84:44:cd:da:a4:b1:84:b9:c7:27:5a:24:26:15: 77:17:de:3a:4d:6d:e3:73:e4:78:f5:ac:15:67:3a: 3b:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:13:CC:7C:98:F3:8A:C0:CB:80:00:32:E3:63:80:3D:64:C4:B6:7E X509v3 Authority Key Identifier: keyid:6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/hBPMfJjzisDLgAAy42OAPWTEtn4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.137.244.0/22 Signature Algorithm: sha256WithRSAEncryption 4f:c8:bf:19:bf:bb:63:de:83:89:c6:71:42:98:52:b1:04:06: 6d:b7:d5:be:a9:9b:a2:8a:a3:16:ca:bd:16:fc:5e:73:2e:0c: 70:ce:61:b0:42:64:e1:6c:7c:fc:d0:14:3a:16:25:f1:21:19: 11:8c:52:ad:ea:94:89:cf:94:3a:70:cb:94:4a:a7:c3:34:05: 9d:83:d0:4d:0b:6f:31:69:9d:f8:7e:4d:84:56:63:e4:12:cc: 37:cf:8b:03:2a:b5:45:8e:b6:8d:a8:fc:3f:16:77:ef:4d:6e: 38:98:c0:e6:d5:16:27:2e:df:b6:4c:3c:b1:2f:88:9d:e2:af: b9:28:75:af:07:63:48:90:e0:49:96:74:80:cd:e3:8d:bc:2c: 75:f6:79:bb:fe:32:ee:4d:af:90:31:5c:9f:92:51:a0:0d:ae: e7:d1:b3:40:50:76:71:96:d9:1f:3e:b9:78:36:4f:81:dd:01: a6:97:2e:9e:bb:bf:52:00:37:9b:18:e1:be:a7:73:10:f4:e2: 7d:90:e8:c4:0c:1b:e6:5d:9a:97:3e:e5:87:ec:dd:1b:2c:47: 98:32:ae:f1:01:bd:fe:ab:5c:0b:2b:c7:81:5d:07:b4:61:4b: 22:9d:02:3b:24:d2:a6:09:d0:c4:05:08:24:6a:6c:c5:9f:0f: 4d:15:ed:8a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87hncxze+0YVmSSEzN0FLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhZmFiMDkxNjhlN2NjNjZiNjYzYzYxNjJkNWM4ZDQ1NDk2 NWNjZTIwHhcNMjYwMTAyMDQxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDEzY2M3Yzk4ZjM4YWMwY2I4MDAwMzJlMzYzODAzZDY0YzRiNjdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zokbD3vVlkksgUFZkqaoOILK2F5 bdTUZ7kwkF6RChoEKfDkdwQfYUsO8WDk8d/bgLphCYy3c2+xv/CkBmP54037ZjYb swVzPGf8wXTWDq+KZBCu3OTNwd8m/tuJNdMkDvECGDSzishVRxDKq7ZM4p8mu7BU bY45sLjdPNO9WErucR8kjhsiFO1Qo0XIHR9kB8jAVUAOBhhT4+EE7YXVrRs/1PXk SjRCV5baFRH/0HDygxTvMmhDqlazbjzaCySe1b5xOAPRA15wva4ND3bH50lfss94 goy4In9yvUODun3ehETN2qSxhLnHJ1okJhV3F946TW3jc+R49awVZzo7dwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIQTzHyY84rAy4AAMuNjgD1kxLZ+MB8GA1UdIwQY MBaAFGr6sJFo58xmtmPGFi1cjUVJZcziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgt NWYzMzgxYjA3MWRhLzEvaEJQTWZKanppc0RMZ0FBeTQyT0FQV1RFdG40LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgtNWYzMzgxYjA3MWRh LzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYn0MA0G CSqGSIb3DQEBCwUAA4IBAQBPyL8Zv7tj3oOJxnFCmFKxBAZtt9W+qZuiiqMWyr0W /F5zLgxwzmGwQmThbHz80BQ6FiXxIRkRjFKt6pSJz5Q6cMuUSqfDNAWdg9BNC28x aZ34fk2EVmPkEsw3z4sDKrVFjraNqPw/FnfvTW44mMDm1RYnLt+2TDyxL4id4q+5 KHWvB2NIkOBJlnSAzeONvCx19nm7/jLuTa+QMVyfklGgDa7n0bNAUHZxltkfPrl4 Nk+B3QGmly6eu79SADebGOG+p3MQ9OJ9kOjEDBvmXZqXPuWH7N0bLEeYMq7xAb3+ q1wLK8eBXQe0YUsinQI7JNKmCdDEBQgkamzFnw9NFe2K -----END CERTIFICATE-----Generated at Mon Jan 19 23:22:02 2026 by rpki-client