This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/hGU8AnAcq1GBNAJ5dFdGvKRepr0.roa File: hGU8AnAcq1GBNAJ5dFdGvKRepr0.roa (raw, json) Hash identifier: Pt6kSKStgvMb/8RrqSyXdadJJUfza1U1okJqIxMHxpA= Subject key identifier: 84:65:3C:02:70:1C:AB:51:81:34:02:79:74:57:46:BC:A4:5E:A6:BD Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Certificate serial: 019B7EA76F454831463752F0B86202FCC5B7 Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/hGU8AnAcq1GBNAJ5dFdGvKRepr0.roa Signing time: Fri 02 Jan 2026 12:21:00 +0000 ROA not before: Fri 02 Jan 2026 12:21:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35154 IP address blocks: 31.192.160.0/19 maxlen: 19 87.224.128.0/17 maxlen: 17 90.157.0.0/17 maxlen: 17 92.54.64.0/18 maxlen: 18 94.31.128.0/17 maxlen: 17 188.73.128.0/18 maxlen: 18 213.142.32.0/19 maxlen: 19 2a00:8b00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:6f:45:48:31:46:37:52:f0:b8:62:02:fc:c5:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Validity Not Before: Jan 2 12:21:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=84653c02701cab5181340279745746bca45ea6bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b8:fe:b4:cf:92:e9:bc:a1:a6:28:40:d5:25: c7:b0:f4:f8:09:33:ac:7f:f6:c6:26:a7:b8:a9:b9: ea:1a:32:3e:6d:04:dc:dd:c4:b4:3b:9b:7d:59:0a: e0:65:b6:1f:c8:aa:be:71:e9:c5:97:bc:92:5a:e6: 7a:f0:7e:8d:b9:4a:28:9f:44:07:3e:03:68:d4:05: 20:4d:9c:c4:8e:12:d0:96:5f:84:02:6c:be:39:91: e5:89:c2:23:61:67:f4:94:e3:3f:95:fe:49:36:1a: 85:05:f2:92:ee:c7:2d:2c:0d:28:43:c9:6d:e2:7c: 51:da:42:11:67:a2:82:5d:ef:af:24:77:ef:35:d9: b1:de:63:9c:ce:4c:02:e6:05:fb:9f:72:e9:36:23: 75:8e:d5:66:fe:10:be:2f:42:26:4b:15:24:7b:bf: 1b:20:73:bd:b6:f7:7f:e8:90:d7:ae:10:f8:b5:b2: f3:b7:bf:e5:79:d2:3f:63:21:b2:a8:c5:92:51:72: c7:e5:27:82:63:f5:2f:7d:f7:f3:a8:e4:2e:81:6f: 5f:ad:8f:12:b1:65:60:96:c3:80:9e:c3:c1:b4:44: 52:6f:cf:61:79:1b:ad:c5:5b:21:1b:8c:fc:0f:1b: 87:96:cc:78:17:25:82:46:c4:26:d1:ba:7e:60:3b: 38:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:65:3C:02:70:1C:AB:51:81:34:02:79:74:57:46:BC:A4:5E:A6:BD X509v3 Authority Key Identifier: keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/hGU8AnAcq1GBNAJ5dFdGvKRepr0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.192.160.0/19 87.224.128.0/17 90.157.0.0/17 92.54.64.0/18 94.31.128.0/17 188.73.128.0/18 213.142.32.0/19 IPv6: 2a00:8b00::/32 Signature Algorithm: sha256WithRSAEncryption 29:99:0d:ee:66:04:2c:a7:97:02:92:59:fe:48:6b:94:3b:74: 68:a9:39:b3:c5:55:10:db:52:4a:d2:37:40:fa:e3:e0:74:47: ef:ab:df:0e:bc:16:31:0e:d4:3f:7f:1e:79:4f:df:ff:a8:22: c5:c4:be:d6:90:47:46:59:63:fe:bb:39:44:c6:60:4a:e7:06: 7c:70:43:53:97:05:a1:4d:2b:0d:f4:ec:be:99:d9:70:85:ad: 10:48:21:72:c7:4d:cb:ae:fd:cf:89:a2:f5:fe:54:dc:80:82: 95:c9:52:c6:41:56:52:23:22:e7:0e:48:b7:94:97:7f:4b:0f: e2:9b:37:e3:cf:24:7b:4b:55:ab:a8:af:a7:c6:cb:f4:9d:16: 49:df:3a:9d:2d:45:95:13:9b:5c:32:71:12:82:98:86:2a:4d: b6:6d:49:99:e5:57:ac:8b:49:b3:2f:74:db:f4:07:91:a7:17: b0:80:7c:25:9c:c9:75:e7:fb:d3:97:8e:28:51:25:5d:e4:27: 20:9a:bd:1d:32:12:44:49:eb:21:3b:ab:22:43:f4:f4:bc:7c: b3:a5:2a:b8:12:ec:4f:5d:37:fd:46:c1:98:36:a8:7e:44:73: f3:90:bb:05:57:11:f9:30:e6:1a:0a:3b:86:c5:79:73:24:fe: 15:a7:d2:52 -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZt+p29FSDFGN1LwuGIC/MW3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx ZTZjMDkwHhcNMjYwMTAyMTIyMTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDY1M2MwMjcwMWNhYjUxODEzNDAyNzk3NDU3NDZiY2E0NWVhNmJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLj+tM+S6byhpihA1SXHsPT4CTOs f/bGJqe4qbnqGjI+bQTc3cS0O5t9WQrgZbYfyKq+cenFl7ySWuZ68H6NuUoon0QH PgNo1AUgTZzEjhLQll+EAmy+OZHlicIjYWf0lOM/lf5JNhqFBfKS7sctLA0oQ8lt 4nxR2kIRZ6KCXe+vJHfvNdmx3mOczkwC5gX7n3LpNiN1jtVm/hC+L0ImSxUke78b IHO9tvd/6JDXrhD4tbLzt7/ledI/YyGyqMWSUXLH5SeCY/UvfffzqOQugW9frY8S sWVglsOAnsPBtERSb89heRutxVshG4z8DxuHlsx4FyWCRsQm0bp+YDs4uwIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFIRlPAJwHKtRgTQCeXRXRrykXqa9MB8GA1UdIwQY MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt NWE4NmMyNzU3YzFlLzEvaEdVOEFuQWNxMUdCTkFKNWRGZEd2S1JlcHIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFH8CgAwQH V+CAAwQHWp0AAwQGXDZAAwQHXh+AAwQGvEmAAwQF1Y4gMA0EAgACMAcDBQAqAIsA MA0GCSqGSIb3DQEBCwUAA4IBAQApmQ3uZgQsp5cCkln+SGuUO3RoqTmzxVUQ21JK 0jdA+uPgdEfvq98OvBYxDtQ/fx55T9//qCLFxL7WkEdGWWP+uzlExmBK5wZ8cENT lwWhTSsN9Oy+mdlwha0QSCFyx03Lrv3PiaL1/lTcgIKVyVLGQVZSIyLnDki3lJd/ Sw/imzfjzyR7S1WrqK+nxsv0nRZJ3zqdLUWVE5tcMnESgpiGKk22bUmZ5Vesi0mz L3Tb9AeRpxewgHwlnMl15/vTl44oUSVd5Ccgmr0dMhJESeshO6siQ/T0vHyzpSq4 EuxPXTf9RsGYNqh+RHPzkLsFVxH5MOYaCjuGxXlzJP4Vp9JS -----END CERTIFICATE-----Generated at Mon Jan 26 10:13:42 2026 by rpki-client