This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/41eaf9-656d-40d9-9f7a-334de3d76fe5/1/HiZN67Xy7B4VaWN1D2-QW-5lZMM.roa File: HiZN67Xy7B4VaWN1D2-QW-5lZMM.roa (raw, json) Hash identifier: 8QSJj0VNdliqUGzz62yE+WiUcnkzhswyxYG6b8R64/Q= Subject key identifier: 1E:26:4D:EB:B5:F2:EC:1E:15:69:63:75:0F:6F:90:5B:EE:65:64:C3 Certificate issuer: /CN=a6bb3045aea78e8fa7648129714fb736068dc37b Certificate serial: 019B2BBF35EEDA5B04B020CF28400E166D8A Authority key identifier: A6:BB:30:45:AE:A7:8E:8F:A7:64:81:29:71:4F:B7:36:06:8D:C3:7B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/prswRa6njo-nZIEpcU-3NgaNw3s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/41eaf9-656d-40d9-9f7a-334de3d76fe5/1/HiZN67Xy7B4VaWN1D2-QW-5lZMM.roa Signing time: Wed 17 Dec 2025 09:58:29 +0000 ROA not before: Wed 17 Dec 2025 09:58:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 6730 IP address blocks: 77.111.232.0/22 maxlen: 22 185.184.176.0/22 maxlen: 22 188.227.200.0/22 maxlen: 22 2a0b:3980::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/41eaf9-656d-40d9-9f7a-334de3d76fe5/1/prswRa6njo-nZIEpcU-3NgaNw3s.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/41eaf9-656d-40d9-9f7a-334de3d76fe5/1/prswRa6njo-nZIEpcU-3NgaNw3s.mft rsync://rpki.ripe.net/repository/DEFAULT/prswRa6njo-nZIEpcU-3NgaNw3s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 09:58:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:bf:35:ee:da:5b:04:b0:20:cf:28:40:0e:16:6d:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6bb3045aea78e8fa7648129714fb736068dc37b Validity Not Before: Dec 17 09:58:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=1e264debb5f2ec1e156963750f6f905bee6564c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:dd:35:12:ce:2c:15:b5:7a:a0:55:12:c1:e2: ca:af:d9:90:e1:88:15:60:8d:2a:02:af:7b:80:06: b3:27:fe:f0:01:13:d1:6d:c9:ae:e0:c1:61:4f:ec: 32:b3:6f:6b:fb:d5:d4:17:36:5f:3a:75:12:05:87: 21:d3:7e:53:ac:01:c7:6c:a6:3e:61:2f:5a:25:1f: 42:7b:c8:e6:6f:8c:2b:7f:bb:84:a1:cf:be:d5:5a: ad:9a:7b:4e:87:af:ee:8b:3a:fc:ab:4d:a2:ec:10: d8:da:c9:5d:69:76:3a:e9:f4:ae:1e:0a:a7:0b:ba: da:ff:9c:e7:78:e9:54:ca:57:fa:8d:aa:a2:3f:b4: f5:11:18:8f:45:d7:15:1f:15:c4:15:63:45:ed:41: 10:93:f7:e0:18:15:ec:3b:f0:e6:1e:89:4e:b5:e4: 83:e6:bf:49:2e:44:f1:99:32:4d:4e:b5:6d:46:68: 34:9f:48:11:c9:96:fb:36:b8:e9:4c:74:ae:af:d7: 9d:b6:9d:eb:28:4e:79:c8:be:3b:db:e4:0f:0f:8a: c4:52:ed:ec:1e:31:00:56:ea:8d:c0:84:ba:1f:ed: e2:79:f1:8f:23:3a:ee:c7:c9:fd:17:b0:49:f8:dc: a0:90:fd:f9:f6:d9:0b:77:9d:f8:90:14:be:ce:a9: 76:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:26:4D:EB:B5:F2:EC:1E:15:69:63:75:0F:6F:90:5B:EE:65:64:C3 X509v3 Authority Key Identifier: keyid:A6:BB:30:45:AE:A7:8E:8F:A7:64:81:29:71:4F:B7:36:06:8D:C3:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/prswRa6njo-nZIEpcU-3NgaNw3s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/41eaf9-656d-40d9-9f7a-334de3d76fe5/1/HiZN67Xy7B4VaWN1D2-QW-5lZMM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/41eaf9-656d-40d9-9f7a-334de3d76fe5/1/prswRa6njo-nZIEpcU-3NgaNw3s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.111.232.0/22 185.184.176.0/22 188.227.200.0/22 IPv6: 2a0b:3980::/32 Signature Algorithm: sha256WithRSAEncryption 4f:ef:bb:23:e5:97:42:7c:98:f6:37:15:b9:55:d1:2d:ed:61: 4e:69:e7:f8:b0:d9:01:68:a2:ae:4d:f8:6d:a3:f8:7d:a9:f1: 1c:e2:26:a5:af:75:3f:07:c9:78:1d:6f:d2:50:e7:4c:46:d0: a2:a6:12:97:85:22:c2:5e:75:12:2a:f6:f9:c9:32:33:68:26: 95:48:a2:40:00:5a:8f:fb:4b:f6:4f:ac:3b:e8:e1:4c:0a:11: ef:cf:28:5b:d3:9e:cf:da:47:42:2f:b7:d9:0b:da:21:31:27: 78:9f:d3:75:09:4d:c0:fd:8e:31:7e:7e:d6:2f:e5:fc:46:6e: f3:93:f8:2d:61:e4:b9:1c:78:fe:b5:bf:50:6d:ac:0c:8a:56: 6a:fb:ef:87:0b:ee:0a:52:54:a2:91:85:7c:18:13:04:20:df: f2:f9:77:9a:ca:a4:5f:1d:b4:29:c9:b9:dd:5c:c4:50:d0:5f: 15:d4:40:fa:25:fb:55:cb:eb:aa:17:14:9a:31:83:91:b1:89: d9:12:a2:42:9f:41:7a:03:a3:da:ee:8f:11:33:a2:8d:dc:9f: 13:dd:93:73:7e:f3:48:5c:b8:c0:ba:9e:ab:c9:e7:ac:d9:a3: b3:62:dd:f7:bc:e9:ae:a2:8e:68:6c:43:ba:e6:52:90:0d:4d: db:b9:7d:c1 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZsrvzXu2lsEsCDPKEAOFm2KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2YmIzMDQ1YWVhNzhlOGZhNzY0ODEyOTcxNGZiNzM2MDY4 ZGMzN2IwHhcNMjUxMjE3MDk1ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZTI2NGRlYmI1ZjJlYzFlMTU2OTYzNzUwZjZmOTA1YmVlNjU2NGMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwd01Es4sFbV6oFUSweLKr9mQ4YgV YI0qAq97gAazJ/7wARPRbcmu4MFhT+wys29r+9XUFzZfOnUSBYch035TrAHHbKY+ YS9aJR9Ce8jmb4wrf7uEoc++1VqtmntOh6/uizr8q02i7BDY2sldaXY66fSuHgqn C7ra/5zneOlUylf6jaqiP7T1ERiPRdcVHxXEFWNF7UEQk/fgGBXsO/DmHolOteSD 5r9JLkTxmTJNTrVtRmg0n0gRyZb7NrjpTHSur9edtp3rKE55yL472+QPD4rEUu3s HjEAVuqNwIS6H+3iefGPIzrux8n9F7BJ+NygkP359tkLd534kBS+zql2WQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFB4mTeu18uweFWljdQ9vkFvuZWTDMB8GA1UdIwQY MBaAFKa7MEWup46Pp2SBKXFPtzYGjcN7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHJzd1JhNm5qby1uWklFcGNVLTNOZ2FOdzNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80MWVhZjktNjU2ZC00MGQ5LTlmN2Et MzM0ZGUzZDc2ZmU1LzEvSGlaTjY3WHk3QjRWYVdOMUQyLVFXLTVsWk1NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi80MWVhZjktNjU2ZC00MGQ5LTlmN2EtMzM0ZGUzZDc2ZmU1 LzEvcHJzd1JhNm5qby1uWklFcGNVLTNOZ2FOdzNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCTW/oAwQC ubiwAwQCvOPIMA0EAgACMAcDBQAqCzmAMA0GCSqGSIb3DQEBCwUAA4IBAQBP77sj 5ZdCfJj2NxW5VdEt7WFOaef4sNkBaKKuTfhto/h9qfEc4ialr3U/B8l4HW/SUOdM RtCiphKXhSLCXnUSKvb5yTIzaCaVSKJAAFqP+0v2T6w76OFMChHvzyhb057P2kdC L7fZC9ohMSd4n9N1CU3A/Y4xfn7WL+X8Rm7zk/gtYeS5HHj+tb9QbawMilZq+++H C+4KUlSikYV8GBMEIN/y+XeayqRfHbQpybndXMRQ0F8V1ED6JftVy+uqFxSaMYOR sYnZEqJCn0F6A6Pa7o8RM6KN3J8T3ZNzfvNIXLjAup6ryees2aOzYt33vOmuoo5o bEO65lKQDU3buX3B -----END CERTIFICATE-----Generated at Wed Dec 17 15:10:32 2025 by rpki-client