This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/hf-LXtiPSASNfLU-opAc0imYKDc.roa File: hf-LXtiPSASNfLU-opAc0imYKDc.roa (raw, json) Hash identifier: PJYOakcn0oxNr7y/9yoGBcKD4KrbPhwTqw8RW0ojmKE= Subject key identifier: 85:FF:8B:5E:D8:8F:48:04:8D:7C:B5:3E:A2:90:1C:D2:29:98:28:37 Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a Certificate serial: 019B7EA537C74FF8B3AC4A2701A9688B6A25 Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/hf-LXtiPSASNfLU-opAc0imYKDc.roa Signing time: Fri 02 Jan 2026 12:18:35 +0000 ROA not before: Fri 02 Jan 2026 12:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209854 IP address blocks: 109.160.32.0/24 maxlen: 24 109.160.33.0/24 maxlen: 24 109.160.34.0/24 maxlen: 24 109.160.40.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:37:c7:4f:f8:b3:ac:4a:27:01:a9:68:8b:6a:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a Validity Not Before: Jan 2 12:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85ff8b5ed88f48048d7cb53ea2901cd229982837 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:82:b0:64:1a:92:8a:d0:27:0a:a9:0e:0b:fe:45: e3:bd:35:90:e2:42:db:96:a2:bf:72:e1:77:a3:b8: e5:a8:ec:94:80:e9:7c:ca:e1:64:26:90:e9:ae:a5: e6:a8:f1:f4:53:68:b8:df:32:fc:17:41:5f:e5:3f: ed:9c:e8:31:bb:02:0c:d6:31:46:22:8c:08:dd:c8: 8c:0b:56:dc:29:df:4c:90:7a:f7:a3:15:91:5a:13: 82:52:bf:8c:16:ab:8b:7b:33:de:7e:e3:80:c3:0c: a0:fa:83:08:c6:ef:b0:5b:6c:e9:4e:fb:f8:46:79: 07:9b:ed:4c:38:81:cb:e1:9d:bc:34:e0:48:97:f9: e8:b3:2d:83:1e:34:fd:de:e3:86:8d:ef:c5:f8:bc: 7b:b6:07:b7:f8:44:cd:00:37:2c:19:54:64:71:0c: c3:16:d6:7a:15:59:53:8f:d3:89:d1:bb:26:43:57: c5:a8:f3:b4:65:9e:33:b4:69:9b:03:50:57:58:ef: b8:e2:03:4c:f7:7a:ff:4c:58:93:ff:f6:54:57:3a: b3:d1:c2:b3:b8:08:a2:d7:77:6a:f6:0b:cd:3a:78: 1a:55:b9:27:47:2e:4e:13:ab:cc:eb:e3:d3:bb:c3: 7a:a4:95:c3:97:fb:7d:13:68:b2:c6:cd:b3:46:d4: ed:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:FF:8B:5E:D8:8F:48:04:8D:7C:B5:3E:A2:90:1C:D2:29:98:28:37 X509v3 Authority Key Identifier: keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/hf-LXtiPSASNfLU-opAc0imYKDc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.160.32.0-109.160.34.255 109.160.40.0/24 Signature Algorithm: sha256WithRSAEncryption 06:3d:54:57:b2:52:f5:bd:73:49:eb:f5:24:d6:2d:e9:50:bf: 06:58:a1:0c:dd:59:c5:62:28:1e:cc:e7:9f:16:67:f6:99:1d: fa:8b:d2:bf:6d:80:5e:e4:7e:c7:b1:70:ce:e2:9b:1c:fa:4b: e5:e3:ad:d0:75:1c:24:32:d0:bc:6a:0d:e9:52:77:c2:3a:cd: 58:85:40:f7:30:21:6e:de:d8:b8:24:5a:03:c8:0e:fd:09:80: 5c:3e:bf:54:cf:23:79:c7:e9:39:55:fb:1c:1b:38:bf:45:97: 06:c9:60:a3:5d:02:b8:a7:4b:62:5d:0b:e8:ac:14:cd:52:cf: 21:60:5b:15:7f:df:97:0a:a6:55:c7:8d:38:55:6f:c9:03:48: aa:98:ef:74:73:a0:b2:7e:7b:ed:d6:f0:70:f7:1c:79:bd:6e: 64:c6:a0:33:6e:d3:60:de:4c:86:49:64:d0:1d:bd:9d:3a:59: 74:36:b5:fc:02:aa:77:c7:62:37:16:18:fc:50:3b:99:9d:c4: 70:85:d7:cb:e5:fc:3b:aa:95:26:80:36:b4:90:83:32:04:57: b7:f0:60:29:e4:ae:2d:24:1f:7f:90:29:8a:0d:a7:d9:72:e6: 6c:fd:86:c1:e6:4a:06:c8:eb:e9:2b:c4:43:03:99:12:e6:68: 2a:0d:c1:d5 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt+pTfHT/izrEonAaloi2olMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My ODc3M2EwHhcNMjYwMTAyMTIxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWZmOGI1ZWQ4OGY0ODA0OGQ3Y2I1M2VhMjkwMWNkMjI5OTgyODM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrBkGpKK0CcKqQ4L/kXjvTWQ4kLb lqK/cuF3o7jlqOyUgOl8yuFkJpDprqXmqPH0U2i43zL8F0Ff5T/tnOgxuwIM1jFG IowI3ciMC1bcKd9MkHr3oxWRWhOCUr+MFquLezPefuOAwwyg+oMIxu+wW2zpTvv4 RnkHm+1MOIHL4Z28NOBIl/nosy2DHjT93uOGje/F+Lx7tge3+ETNADcsGVRkcQzD FtZ6FVlTj9OJ0bsmQ1fFqPO0ZZ4ztGmbA1BXWO+44gNM93r/TFiT//ZUVzqz0cKz uAii13dq9gvNOngaVbknRy5OE6vM6+PTu8N6pJXDl/t9E2iyxs2zRtTtjwIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFIX/i17Yj0gEjXy1PqKQHNIpmCg3MB8GA1UdIwQY MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt YTU1OGVlNjU0MzFmLzEvaGYtTFh0aVBTQVNOZkxVLW9wQWMwaW1ZS0RjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVtoCAD BABtoCIDBABtoCgwDQYJKoZIhvcNAQELBQADggEBAAY9VFeyUvW9c0nr9STWLelQ vwZYoQzdWcViKB7M558WZ/aZHfqL0r9tgF7kfsexcM7imxz6S+XjrdB1HCQy0Lxq DelSd8I6zViFQPcwIW7e2LgkWgPIDv0JgFw+v1TPI3nH6TlV+xwbOL9FlwbJYKNd ArinS2JdC+isFM1SzyFgWxV/35cKplXHjThVb8kDSKqY73RzoLJ+e+3W8HD3HHm9 bmTGoDNu02DeTIZJZNAdvZ06WXQ2tfwCqnfHYjcWGPxQO5mdxHCF18vl/DuqlSaA NrSQgzIEV7fwYCnkri0kH3+QKYoNp9ly5mz9hsHmSgbI6+krxEMDmRLmaCoNwdU= -----END CERTIFICATE-----Generated at Mon Jan 19 17:29:59 2026 by rpki-client