This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/HzUTCI6rnR_-Bj8kKATXDhcrj40.roa File: HzUTCI6rnR_-Bj8kKATXDhcrj40.roa (raw, json) Hash identifier: GgWzcPFkABNTGnVrCM8IRcPBvuN2ZS1sm43MZ5/Hi28= Subject key identifier: 1F:35:13:08:8E:AB:9D:1F:FE:06:3F:24:28:04:D7:0E:17:2B:8F:8D Certificate issuer: /CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e Certificate serial: 019B78A2F2B3FE3E0B2C1CCF6838EEA0F382 Authority key identifier: 7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/HzUTCI6rnR_-Bj8kKATXDhcrj40.roa Signing time: Thu 01 Jan 2026 08:18:23 +0000 ROA not before: Thu 01 Jan 2026 08:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2116 IP address blocks: 31.185.24.0/21 maxlen: 21 37.191.128.0/17 maxlen: 17 62.63.0.0/18 maxlen: 18 62.101.192.0/18 maxlen: 18 64.28.0.0/19 maxlen: 19 77.40.128.0/17 maxlen: 17 77.88.64.0/18 maxlen: 18 77.234.48.0/21 maxlen: 21 78.24.144.0/21 maxlen: 21 79.135.0.0/19 maxlen: 19 80.64.192.0/20 maxlen: 20 80.241.80.0/20 maxlen: 20 81.0.128.0/18 maxlen: 18 81.175.0.0/20 maxlen: 20 81.175.20.0/22 maxlen: 22 81.175.24.0/21 maxlen: 21 81.175.32.0/19 maxlen: 19 81.191.0.0/16 maxlen: 16 82.196.192.0/19 maxlen: 19 84.20.96.0/19 maxlen: 19 85.112.128.0/19 maxlen: 19 85.196.64.0/18 maxlen: 18 85.221.0.0/17 maxlen: 17 85.252.0.0/16 maxlen: 16 86.62.128.0/18 maxlen: 18 87.118.0.0/18 maxlen: 18 88.84.160.0/19 maxlen: 19 89.191.0.0/19 maxlen: 19 91.135.32.0/20 maxlen: 20 91.202.80.0/22 maxlen: 22 109.199.192.0/19 maxlen: 19 178.74.0.0/18 maxlen: 18 185.8.16.0/22 maxlen: 22 185.35.80.0/22 maxlen: 22 185.67.116.0/22 maxlen: 22 185.67.116.0/24 maxlen: 24 185.129.156.0/22 maxlen: 22 193.69.0.0/16 maxlen: 16 193.71.0.0/16 maxlen: 16 193.75.0.0/17 maxlen: 17 193.90.0.0/16 maxlen: 16 193.91.128.0/17 maxlen: 17 194.19.0.0/17 maxlen: 17 194.29.200.0/22 maxlen: 22 194.54.96.0/19 maxlen: 19 195.0.128.0/17 maxlen: 17 195.1.0.0/16 maxlen: 16 195.18.128.0/17 maxlen: 17 195.139.0.0/16 maxlen: 16 195.159.0.0/16 maxlen: 16 195.204.0.0/16 maxlen: 16 212.62.224.0/19 maxlen: 19 212.71.64.0/19 maxlen: 19 213.52.0.0/17 maxlen: 17 213.151.128.0/19 maxlen: 19 213.158.224.0/19 maxlen: 19 213.160.224.0/20 maxlen: 20 213.160.240.0/21 maxlen: 21 213.172.192.0/19 maxlen: 19 213.239.64.0/18 maxlen: 18 217.8.128.0/19 maxlen: 19 217.14.0.0/20 maxlen: 20 217.77.32.0/20 maxlen: 20 217.118.32.0/19 maxlen: 19 217.144.224.0/19 maxlen: 19 2001:840::/29 maxlen: 29 2001:8c0::/29 maxlen: 29 2001:8c0:a906::/48 maxlen: 48 2001:4dd8::/29 maxlen: 29 2a00:c440::/29 maxlen: 29 2a01:520::/29 maxlen: 29 2a02:270::/29 maxlen: 29 2a03:c000::/29 maxlen: 29 2a04:6340::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.mft rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 11:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:f2:b3:fe:3e:0b:2c:1c:cf:68:38:ee:a0:f3:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e Validity Not Before: Jan 1 08:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f3513088eab9d1ffe063f242804d70e172b8f8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:08:65:32:f7:3e:47:4f:28:a2:ba:53:58:de: 83:56:40:29:47:9e:13:39:02:70:70:0b:37:6b:4a: 66:e2:9c:0a:0b:ea:14:ba:43:ad:bc:8f:fd:49:8c: 4f:4d:22:84:26:01:dc:b5:39:b2:0a:bb:d0:50:fb: 4c:c8:0e:aa:91:75:a5:50:39:be:95:15:47:1e:07: 9e:ec:5f:ea:0c:cb:fd:bb:4e:fb:db:71:c2:69:18: 6b:ee:e6:c5:e7:5c:45:46:70:99:1a:40:88:78:f0: 81:09:7c:03:0a:6e:58:fb:b3:1c:56:82:49:66:71: 9e:c1:e3:88:cf:92:a8:5a:79:5a:60:3c:1f:1f:87: 3b:00:fb:3b:e5:9e:13:13:2d:4f:51:3e:bb:79:db: c1:06:93:42:83:ae:d8:c4:7d:09:b8:c3:b1:d2:fd: 4a:a8:fa:ef:21:85:14:bb:09:9b:bb:99:ae:68:7b: 2e:31:cc:e1:8b:d3:29:1b:d0:80:ca:d4:cf:c3:be: bd:ba:20:cf:69:eb:c3:0f:3f:cf:2a:61:af:3e:22: d6:6b:98:90:7e:cd:3f:55:72:84:4a:a0:1b:20:90: b9:43:0e:49:34:66:02:b2:7a:ab:10:60:fc:b2:02: 5b:6d:92:5d:70:2d:64:2f:0b:e7:bf:7c:46:21:77: 70:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:35:13:08:8E:AB:9D:1F:FE:06:3F:24:28:04:D7:0E:17:2B:8F:8D X509v3 Authority Key Identifier: keyid:7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/HzUTCI6rnR_-Bj8kKATXDhcrj40.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.185.24.0/21 37.191.128.0/17 62.63.0.0/18 62.101.192.0/18 64.28.0.0/19 77.40.128.0/17 77.88.64.0/18 77.234.48.0/21 78.24.144.0/21 79.135.0.0/19 80.64.192.0/20 80.241.80.0/20 81.0.128.0/18 81.175.0.0/20 81.175.20.0-81.175.63.255 81.191.0.0/16 82.196.192.0/19 84.20.96.0/19 85.112.128.0/19 85.196.64.0/18 85.221.0.0/17 85.252.0.0/16 86.62.128.0/18 87.118.0.0/18 88.84.160.0/19 89.191.0.0/19 91.135.32.0/20 91.202.80.0/22 109.199.192.0/19 178.74.0.0/18 185.8.16.0/22 185.35.80.0/22 185.67.116.0/22 185.129.156.0/22 193.69.0.0/16 193.71.0.0/16 193.75.0.0/17 193.90.0.0/16 193.91.128.0/17 194.19.0.0/17 194.29.200.0/22 194.54.96.0/19 195.0.128.0-195.1.255.255 195.18.128.0/17 195.139.0.0/16 195.159.0.0/16 195.204.0.0/16 212.62.224.0/19 212.71.64.0/19 213.52.0.0/17 213.151.128.0/19 213.158.224.0/19 213.160.224.0-213.160.247.255 213.172.192.0/19 213.239.64.0/18 217.8.128.0/19 217.14.0.0/20 217.77.32.0/20 217.118.32.0/19 217.144.224.0/19 IPv6: 2001:840::/29 2001:8c0::/29 2001:4dd8::/29 2a00:c440::/29 2a01:520::/29 2a02:270::/29 2a03:c000::/29 2a04:6340::/29 Signature Algorithm: sha256WithRSAEncryption 6f:a9:e6:ef:15:a7:54:51:ab:3e:d1:18:19:57:b6:bc:9d:65: 47:05:ae:98:cf:34:d6:1d:e9:da:48:d5:76:33:87:10:5f:22: 1c:10:9e:59:49:b6:9b:ef:b1:bc:0b:d8:07:fc:16:4f:f3:99: 82:51:73:7d:53:5f:8d:36:25:de:dc:4a:9f:0b:e3:3d:20:73: 74:49:b0:dd:f0:71:aa:e5:15:f9:14:02:15:86:88:17:c0:ad: df:cb:51:75:bc:1c:10:5d:8d:95:c7:55:84:d6:99:d3:36:09: 8d:f0:ac:3f:f6:72:e7:61:a8:f4:a9:6a:94:52:75:a7:c9:96: 74:21:8a:9c:01:0c:0e:9b:0a:42:b2:da:3e:5b:31:3f:c6:41: 5b:a9:6c:d2:e6:77:e8:ac:68:c9:04:c2:56:5e:f7:1c:8a:3e: a2:0b:ae:95:a8:ef:97:bc:37:ae:88:c7:0d:8c:fa:17:23:10: c8:df:69:be:3f:5b:a7:44:32:00:48:b4:09:15:ea:be:5f:ab: 38:f4:81:7f:78:1f:3f:1e:1a:f8:f8:e1:2a:1c:d9:d4:f9:26: c8:b5:c4:21:7f:79:d1:fc:0e:e6:e7:a4:6d:d6:a2:b8:dc:b1: e5:c6:b2:c7:93:3c:23:25:f5:5c:b7:57:bc:fc:43:95:76:92: 76:bd:04:f1 -----BEGIN CERTIFICATE----- MIIGuDCCBaCgAwIBAgISAZt4ovKz/j4LLBzPaDjuoPOCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkYzRhY2VkY2I4NmNkZGZlZDdmNmRlOGNhZGZjYTAwNDY5 YmJjOGUwHhcNMjYwMTAxMDgxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjM1MTMwODhlYWI5ZDFmZmUwNjNmMjQyODA0ZDcwZTE3MmI4ZjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ghlMvc+R08oorpTWN6DVkApR54T OQJwcAs3a0pm4pwKC+oUukOtvI/9SYxPTSKEJgHctTmyCrvQUPtMyA6qkXWlUDm+ lRVHHgee7F/qDMv9u07723HCaRhr7ubF51xFRnCZGkCIePCBCXwDCm5Y+7McVoJJ ZnGeweOIz5KoWnlaYDwfH4c7APs75Z4TEy1PUT67edvBBpNCg67YxH0JuMOx0v1K qPrvIYUUuwmbu5muaHsuMczhi9MpG9CAytTPw769uiDPaevDDz/PKmGvPiLWa5iQ fs0/VXKESqAbIJC5Qw5JNGYCsnqrEGD8sgJbbZJdcC1kLwvnv3xGIXdwhwIDAQAB o4IDxDCCA8AwHQYDVR0OBBYEFB81EwiOq50f/gY/JCgE1w4XK4+NMB8GA1UdIwQY MBaAFH3ErO3Lhs3f7X9t6MrfygBGm7yOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1Nzkt Mzk0ODAyODVhOTQ4LzEvSHpVVENJNnJuUl8tQmo4a0tBVFhEaGNyajQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1NzktMzk0ODAyODVhOTQ4 LzEvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIB2AYIKwYBBQUHAQcBAf8EggHHMIIBwzCCAX8EAgABMIIB dwMEAx+5GAMEByW/gAMEBj4/AAMEBj5lwAMEBUAcAAMEB00ogAMEBk1YQAMEA03q MAMEA04YkAMEBU+HAAMEBFBAwAMEBFDxUAMEBlEAgAMEBFGvADAMAwQCUa8UAwQG Ua8AAwMAUb8DBAVSxMADBAVUFGADBAVVcIADBAZVxEADBAdV3QADAwBV/AMEBlY+ gAMEBld2AAMEBVhUoAMEBVm/AAMEBFuHIAMEAlvKUAMEBW3HwAMEBrJKAAMEArkI EAMEArkjUAMEArlDdAMEArmBnAMDAMFFAwMAwUcDBAfBSwADAwDBWgMEB8FbgAME B8ITAAMEAsIdyAMEBcI2YDALAwQHwwCAAwMBwwADBAfDEoADAwDDiwMDAMOfAwMA w8wDBAXUPuADBAXUR0ADBAfVNAADBAXVl4ADBAXVnuAwDAMEBdWg4AMEA9Wg8AME BdWswAMEBtXvQAMEBdkIgAMEBNkOAAMEBNlNIAMEBdl2IAMEBdmQ4DA+BAIAAjA4 AwUDIAEIQAMFAyABCMADBQMgAU3YAwUDKgDEQAMFAyoBBSADBQMqAgJwAwUDKgPA AAMFAyoEY0AwDQYJKoZIhvcNAQELBQADggEBAG+p5u8Vp1RRqz7RGBlXtrydZUcF rpjPNNYd6dpI1XYzhxBfIhwQnllJtpvvsbwL2Af8Fk/zmYJRc31TX402Jd7cSp8L 4z0gc3RJsN3wcarlFfkUAhWGiBfArd/LUXW8HBBdjZXHVYTWmdM2CY3wrD/2cudh qPSpapRSdafJlnQhipwBDA6bCkKy2j5bMT/GQVupbNLmd+isaMkEwlZe9xyKPqIL rpWo75e8N66Ixw2M+hcjEMjfab4/W6dEMgBItAkV6r5fqzj0gX94Hz8eGvj44Soc 2dT5Jsi1xCF/edH8DubnpG3WorjcseXGsseTPCMl9Vy3V7z8Q5V2kna9BPE= -----END CERTIFICATE-----Generated at Mon Jan 26 16:58:32 2026 by rpki-client