This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/hOBQ2pkA-0KSRD9W7HYv7T_EUBs.roa File: hOBQ2pkA-0KSRD9W7HYv7T_EUBs.roa (raw, json) Hash identifier: WyYXRQPNi7imcTjkFnUupixWz7zRkOa+LoRgnw8jDP0= Subject key identifier: 84:E0:50:DA:99:00:FB:42:92:44:3F:56:EC:76:2F:ED:3F:C4:50:1B Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Certificate serial: 019B7D5CCDA88E80D2417BB4BB20C9D6DE6C Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/hOBQ2pkA-0KSRD9W7HYv7T_EUBs.roa Signing time: Fri 02 Jan 2026 06:19:52 +0000 ROA not before: Fri 02 Jan 2026 06:19:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56603 IP address blocks: 195.128.133.0/24 maxlen: 24 2a09:6280:1::/48 maxlen: 48 2a09:6280:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:cd:a8:8e:80:d2:41:7b:b4:bb:20:c9:d6:de:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Validity Not Before: Jan 2 06:19:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=84e050da9900fb4292443f56ec762fed3fc4501b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:01:33:6f:14:aa:76:6a:8f:55:2f:00:c8:33: 8b:27:e5:04:ee:de:f4:36:66:8e:d2:cf:4c:60:0b: 09:70:d9:8d:bd:10:58:5c:cb:92:d8:c8:f0:d6:7d: 66:a9:3f:d2:47:d6:a1:a0:52:8f:0e:43:3a:ea:27: 3c:f1:de:8b:06:60:ba:c0:04:bd:84:43:26:c6:c6: 80:19:f6:c5:85:9c:05:5b:0c:9d:f3:4d:ba:c3:99: 59:ba:76:bc:d0:cf:9a:ba:bb:72:ae:90:d2:49:ed: 9f:cf:91:3a:01:50:06:ea:e6:f0:7d:1a:28:d4:0e: 66:b5:85:ba:46:db:13:f8:36:72:58:0b:f4:30:49: 00:ef:31:c9:24:51:a0:97:77:01:06:7a:80:57:ed: 28:9d:3e:6d:df:e5:32:ce:b9:cc:79:75:d5:a8:a6: 57:9f:62:08:9b:63:0a:9e:1b:be:f7:87:47:1c:6b: ca:09:00:cf:96:83:f1:0a:ac:d8:10:02:89:20:49: d4:81:7b:2c:db:8a:8a:3d:31:bb:e0:7e:a4:26:bc: ba:db:ab:0d:e4:9b:dd:59:9b:6e:79:ce:6d:ab:17: dc:0b:c2:b2:02:2c:b7:ba:27:08:c6:16:1a:25:a8: a7:f7:fc:0f:77:48:b9:2e:fa:9d:81:72:b7:d7:b9: a3:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:E0:50:DA:99:00:FB:42:92:44:3F:56:EC:76:2F:ED:3F:C4:50:1B X509v3 Authority Key Identifier: keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/hOBQ2pkA-0KSRD9W7HYv7T_EUBs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.128.133.0/24 IPv6: 2a09:6280:1::/48 2a09:6280:4::/48 Signature Algorithm: sha256WithRSAEncryption 99:df:d7:8f:78:ad:da:6d:92:86:42:0a:60:fb:b7:e0:9c:1a: d7:66:f9:c5:ed:cf:fe:dc:8e:3c:3e:91:6a:87:75:1d:f6:bb: 78:03:d6:73:e4:ed:79:ac:33:bc:5d:c5:9a:2f:29:74:ce:b6: 4e:22:48:58:43:5c:97:7d:0c:bb:df:bf:5e:db:b4:c0:08:5a: 7d:b5:66:f6:2a:7e:9e:9c:49:4e:40:fa:68:0f:db:63:89:87: 4b:08:16:e2:1a:30:20:df:b8:0e:15:39:9a:d1:48:75:21:6b: e5:12:c4:37:20:c5:1a:fc:d8:ca:2c:71:06:e2:23:fa:77:3f: a8:ce:a6:cd:f6:d0:87:9b:b7:ce:0c:cf:1d:6c:e4:d1:ca:15: 3c:b0:4b:ab:09:89:ed:72:87:6a:62:b9:fe:c1:22:ce:e2:0d: d3:a1:26:cb:a8:a6:71:ba:7d:d7:cc:23:9e:7b:ac:a0:13:a1: 01:a9:3d:d0:85:88:19:01:bb:65:12:6e:cd:98:ee:4c:0c:5b: d6:b9:ba:a4:99:1f:cb:20:42:0b:81:55:df:9b:e9:ba:d1:b7: b4:d2:42:b6:26:31:85:c1:0b:d2:fb:1a:67:ca:71:c7:77:d5: 89:03:6b:f1:fe:c5:c9:0f:79:03:c5:ef:a0:87:6d:20:1b:30: af:71:26:99 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt9XM2ojoDSQXu0uyDJ1t5sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl NWVjZjIwHhcNMjYwMTAyMDYxOTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NGUwNTBkYTk5MDBmYjQyOTI0NDNmNTZlYzc2MmZlZDNmYzQ1MDFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wEzbxSqdmqPVS8AyDOLJ+UE7t70 NmaO0s9MYAsJcNmNvRBYXMuS2Mjw1n1mqT/SR9ahoFKPDkM66ic88d6LBmC6wAS9 hEMmxsaAGfbFhZwFWwyd8026w5lZuna80M+aurtyrpDSSe2fz5E6AVAG6ubwfRoo 1A5mtYW6RtsT+DZyWAv0MEkA7zHJJFGgl3cBBnqAV+0onT5t3+UyzrnMeXXVqKZX n2IIm2MKnhu+94dHHGvKCQDPloPxCqzYEAKJIEnUgXss24qKPTG74H6kJry626sN 5JvdWZtuec5tqxfcC8KyAiy3uicIxhYaJain9/wPd0i5LvqdgXK317mjWwIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFITgUNqZAPtCkkQ/Vux2L+0/xFAbMB8GA1UdIwQY MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt MTcxYzM2N2JlNzgyLzEvaE9CUTJwa0EtMEtTUkQ5VzdIWXY3VF9FVUJzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAw4CFMBgE AgACMBIDBwAqCWKAAAEDBwAqCWKAAAQwDQYJKoZIhvcNAQELBQADggEBAJnf1494 rdptkoZCCmD7t+CcGtdm+cXtz/7cjjw+kWqHdR32u3gD1nPk7XmsM7xdxZovKXTO tk4iSFhDXJd9DLvfv17btMAIWn21ZvYqfp6cSU5A+mgP22OJh0sIFuIaMCDfuA4V OZrRSHUha+USxDcgxRr82MoscQbiI/p3P6jOps320Iebt84Mzx1s5NHKFTywS6sJ ie1yh2piuf7BIs7iDdOhJsuopnG6fdfMI557rKAToQGpPdCFiBkBu2USbs2Y7kwM W9a5uqSZH8sgQguBVd+b6brRt7TSQrYmMYXBC9L7GmfKccd31YkDa/H+xckPeQPF 76CHbSAbMK9xJpk= -----END CERTIFICATE-----Generated at Mon Jan 19 19:59:32 2026 by rpki-client