This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/hSaax3PNMqT-lY0FA2NBN-L2Y6k.roa File: hSaax3PNMqT-lY0FA2NBN-L2Y6k.roa (raw, json) Hash identifier: TL8+SkkJk80gm8fQRrJdTYhaB9ZhdsTEkaDJpoXwUDg= Subject key identifier: 85:26:9A:C7:73:CD:32:A4:FE:95:8D:05:03:63:41:37:E2:F6:63:A9 Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Certificate serial: 019B7D5CCD3779D633D629E6BE641F2A7D02 Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/hSaax3PNMqT-lY0FA2NBN-L2Y6k.roa Signing time: Fri 02 Jan 2026 06:19:52 +0000 ROA not before: Fri 02 Jan 2026 06:19:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51628 IP address blocks: 192.145.99.0/24 maxlen: 24 2a09:6280:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:cd:37:79:d6:33:d6:29:e6:be:64:1f:2a:7d:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Validity Not Before: Jan 2 06:19:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85269ac773cd32a4fe958d0503634137e2f663a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:d1:69:e1:e0:9c:ef:01:d9:4f:73:f5:69:bf: 5e:e6:a9:4a:62:19:9b:e8:20:7d:ac:1c:c7:c2:04: ac:93:39:5f:be:52:1e:68:b9:91:09:3c:43:2b:24: 28:7d:cc:f1:57:0d:73:99:5f:e1:44:a2:16:c2:49: 6c:9c:73:08:dd:1a:94:a2:66:2b:d5:90:a9:4f:c7: 39:ea:af:37:7d:52:c4:6a:48:4d:f7:32:93:c2:50: 61:9d:72:b6:44:80:81:ff:8f:26:fe:93:9f:bf:95: 23:6d:fa:17:9c:aa:50:be:de:9d:4a:0f:be:31:81: 68:cc:a7:46:17:cf:2d:09:9f:10:e7:cb:81:89:3e: 08:18:59:bd:8f:ec:ed:9c:b7:d7:9e:1f:e7:92:a9: 24:14:62:a6:dc:59:16:23:b6:ad:80:d1:40:d2:3a: 98:56:33:f5:8a:b8:46:a8:25:23:11:5b:70:5f:83: f4:aa:c7:57:8f:70:5b:d1:0d:56:ef:50:77:f3:a3: f8:fe:1b:84:14:58:5d:75:1b:1f:0b:df:7e:8f:ca: bd:d4:cb:08:05:76:7c:46:15:c1:b8:69:d6:ac:06: 94:74:e2:df:b5:90:dc:17:70:69:14:f3:82:85:f6: 1d:b9:d5:5c:7e:30:fe:46:47:70:99:69:d7:f0:81: 51:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:26:9A:C7:73:CD:32:A4:FE:95:8D:05:03:63:41:37:E2:F6:63:A9 X509v3 Authority Key Identifier: keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/hSaax3PNMqT-lY0FA2NBN-L2Y6k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.145.99.0/24 IPv6: 2a09:6280:2::/48 Signature Algorithm: sha256WithRSAEncryption 8c:8b:39:fe:6a:56:82:97:0e:b8:52:64:17:fa:58:82:52:ef: 38:06:bd:34:8b:8b:80:f5:aa:f7:16:58:32:1d:49:ec:2b:8d: 60:e0:98:91:d0:b5:f6:4d:c1:6d:87:3b:12:8c:1f:42:e4:ca: 5a:bc:25:e1:d7:c9:00:1b:5d:81:7a:8e:e3:2b:26:92:c6:20: 12:3c:18:23:a0:31:95:bf:0b:b7:41:20:29:f8:e8:b0:ff:25: 08:4e:f9:f5:5a:1a:01:28:99:48:2e:8c:dd:aa:ce:53:ee:64: f7:9a:16:e9:68:c1:de:95:79:ca:a6:fd:0c:c3:48:ba:9f:91: 94:68:dc:87:b4:0b:0b:70:0c:21:5d:01:63:51:59:4f:0a:d2: 7f:32:73:ba:df:af:13:87:af:e9:2f:db:12:39:43:9b:27:e2: 90:3c:2b:b6:90:39:67:23:55:1c:49:88:61:a9:70:61:2e:91: 6d:ef:95:30:fa:2e:a2:cb:74:1b:ec:a4:15:0e:51:5e:c7:79: b7:51:7c:61:d5:3e:da:c5:fd:55:59:65:5f:0f:f2:88:1f:45: 29:3b:00:2e:fc:bd:4d:58:32:34:23:8a:89:50:aa:a4:c2:e6: 14:52:7d:b3:d0:d4:c7:0b:fa:45:ee:cd:7b:36:02:75:f7:41: ee:e6:fd:54 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt9XM03edYz1inmvmQfKn0CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl NWVjZjIwHhcNMjYwMTAyMDYxOTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTI2OWFjNzczY2QzMmE0ZmU5NThkMDUwMzYzNDEzN2UyZjY2M2E5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NFp4eCc7wHZT3P1ab9e5qlKYhmb 6CB9rBzHwgSskzlfvlIeaLmRCTxDKyQofczxVw1zmV/hRKIWwklsnHMI3RqUomYr 1ZCpT8c56q83fVLEakhN9zKTwlBhnXK2RICB/48m/pOfv5UjbfoXnKpQvt6dSg++ MYFozKdGF88tCZ8Q58uBiT4IGFm9j+ztnLfXnh/nkqkkFGKm3FkWI7atgNFA0jqY VjP1irhGqCUjEVtwX4P0qsdXj3Bb0Q1W71B386P4/huEFFhddRsfC99+j8q91MsI BXZ8RhXBuGnWrAaUdOLftZDcF3BpFPOChfYdudVcfjD+RkdwmWnX8IFRsQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFIUmmsdzzTKk/pWNBQNjQTfi9mOpMB8GA1UdIwQY MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt MTcxYzM2N2JlNzgyLzEvaFNhYXgzUE5NcVQtbFkwRkEyTkJOLUwyWTZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwJFjMA8E AgACMAkDBwAqCWKAAAIwDQYJKoZIhvcNAQELBQADggEBAIyLOf5qVoKXDrhSZBf6 WIJS7zgGvTSLi4D1qvcWWDIdSewrjWDgmJHQtfZNwW2HOxKMH0Lkylq8JeHXyQAb XYF6juMrJpLGIBI8GCOgMZW/C7dBICn46LD/JQhO+fVaGgEomUgujN2qzlPuZPea Fulowd6Vecqm/QzDSLqfkZRo3Ie0CwtwDCFdAWNRWU8K0n8yc7rfrxOHr+kv2xI5 Q5sn4pA8K7aQOWcjVRxJiGGpcGEukW3vlTD6LqLLdBvspBUOUV7HebdRfGHVPtrF /VVZZV8P8ogfRSk7AC78vU1YMjQjiolQqqTC5hRSfbPQ1McL+kXuzXs2AnX3Qe7m /VQ= -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:48 2026 by rpki-client