This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hZHSty1UC6sP3QVOVPd1JYXOjLs.roa File: hZHSty1UC6sP3QVOVPd1JYXOjLs.roa (raw, json) Hash identifier: hTOIZrSLjTNujAUlItUXSsFlWkG+vjwwk7Sfa5l7P3w= Subject key identifier: 85:91:D2:B7:2D:54:0B:AB:0F:DD:05:4E:54:F7:75:25:85:CE:8C:BB Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec Certificate serial: 019B7AC7DFBAB8C142BC7807DF31019E7F8C Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hZHSty1UC6sP3QVOVPd1JYXOjLs.roa Signing time: Thu 01 Jan 2026 18:17:57 +0000 ROA not before: Thu 01 Jan 2026 18:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210906 IP address blocks: 85.254.2.0/24 maxlen: 24 85.254.4.0/24 maxlen: 24 85.254.7.0/24 maxlen: 24 85.254.30.0/24 maxlen: 24 85.254.40.0/24 maxlen: 24 85.254.42.0/23 maxlen: 23 85.254.51.0/24 maxlen: 24 85.254.59.0/24 maxlen: 24 85.254.64.0/23 maxlen: 23 85.254.76.0/22 maxlen: 22 85.254.84.0/23 maxlen: 23 85.254.103.0/24 maxlen: 24 85.254.112.0/22 maxlen: 22 85.254.124.0/23 maxlen: 23 85.254.126.0/24 maxlen: 24 85.254.128.0/22 maxlen: 22 85.254.134.0/24 maxlen: 24 85.254.137.0/24 maxlen: 24 85.254.138.0/23 maxlen: 23 85.254.140.0/24 maxlen: 24 85.254.174.0/23 maxlen: 23 85.254.180.0/23 maxlen: 23 159.148.26.0/24 maxlen: 24 159.148.54.0/24 maxlen: 24 159.148.62.0/24 maxlen: 24 159.148.66.0/24 maxlen: 24 159.148.126.0/24 maxlen: 24 159.148.128.0/24 maxlen: 24 159.148.130.0/24 maxlen: 24 159.148.158.0/24 maxlen: 24 159.148.163.0/24 maxlen: 24 159.148.166.0/23 maxlen: 23 159.148.179.0/24 maxlen: 24 159.148.180.0/24 maxlen: 24 159.148.204.0/24 maxlen: 24 159.148.216.0/24 maxlen: 24 159.148.218.0/24 maxlen: 24 159.148.234.0/24 maxlen: 24 159.148.241.0/24 maxlen: 24 159.148.246.0/23 maxlen: 23 159.148.248.0/24 maxlen: 24 185.7.236.0/24 maxlen: 24 185.27.94.0/24 maxlen: 24 185.47.92.0/22 maxlen: 22 185.211.96.0/22 maxlen: 22 188.64.180.0/22 maxlen: 24 217.69.121.0/24 maxlen: 24 217.69.125.0/24 maxlen: 24 217.69.126.0/24 maxlen: 24 217.69.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:df:ba:b8:c1:42:bc:78:07:df:31:01:9e:7f:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec Validity Not Before: Jan 1 18:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8591d2b72d540bab0fdd054e54f7752585ce8cbb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:14:54:cf:a5:80:1c:8c:58:9f:0a:9d:c3:18: 81:c3:c0:31:ed:9b:5a:3d:d6:62:b5:28:98:6b:63: 52:8e:30:6c:9b:5e:22:53:3e:dd:3a:c4:3d:f5:e6: 7e:70:63:f2:c4:a1:4c:3a:bd:1d:e9:27:2e:f0:0c: 07:ac:1e:42:c6:1c:0f:d5:8b:14:ee:e2:eb:58:3e: bd:ed:88:f5:13:dd:75:ca:d3:22:98:f2:09:b5:79: ff:7f:a3:e0:8a:0a:d9:2c:c1:fc:a3:8c:bf:1d:27: 3f:48:1d:71:0d:af:bf:96:55:71:bd:4b:f8:f6:1b: 5c:74:3c:6b:8e:8e:28:73:5f:1c:6f:39:17:c8:c8: cb:62:e0:ab:1f:b0:a2:c5:7d:12:28:64:ef:78:5a: c8:b8:5d:db:be:72:89:0a:81:2a:6b:94:57:0b:f0: c9:f3:d1:6f:b7:a7:a3:75:4c:31:9f:2c:2e:20:60: b4:fa:7f:de:c5:10:fa:4e:3c:77:eb:9d:86:14:46: 47:e0:5f:50:a6:4c:df:df:0f:26:2f:ec:4e:56:10: c3:5c:21:fb:44:1b:f8:11:e9:7a:19:85:b3:b3:6c: 5b:93:db:e7:74:43:33:22:23:60:91:64:7c:e4:71: 1c:9d:48:4d:d0:f3:56:e7:f0:90:b5:78:34:7f:1b: 66:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:91:D2:B7:2D:54:0B:AB:0F:DD:05:4E:54:F7:75:25:85:CE:8C:BB X509v3 Authority Key Identifier: keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hZHSty1UC6sP3QVOVPd1JYXOjLs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.254.2.0/24 85.254.4.0/24 85.254.7.0/24 85.254.30.0/24 85.254.40.0/24 85.254.42.0/23 85.254.51.0/24 85.254.59.0/24 85.254.64.0/23 85.254.76.0/22 85.254.84.0/23 85.254.103.0/24 85.254.112.0/22 85.254.124.0-85.254.126.255 85.254.128.0/22 85.254.134.0/24 85.254.137.0-85.254.140.255 85.254.174.0/23 85.254.180.0/23 159.148.26.0/24 159.148.54.0/24 159.148.62.0/24 159.148.66.0/24 159.148.126.0/24 159.148.128.0/24 159.148.130.0/24 159.148.158.0/24 159.148.163.0/24 159.148.166.0/23 159.148.179.0-159.148.180.255 159.148.204.0/24 159.148.216.0/24 159.148.218.0/24 159.148.234.0/24 159.148.241.0/24 159.148.246.0-159.148.248.255 185.7.236.0/24 185.27.94.0/24 185.47.92.0/22 185.211.96.0/22 188.64.180.0/22 217.69.121.0/24 217.69.125.0-217.69.127.255 Signature Algorithm: sha256WithRSAEncryption b1:26:df:84:ed:c2:cf:ed:57:34:b7:c6:ca:c8:57:4f:11:bb: 97:12:0b:bf:42:2e:48:ed:db:47:d4:81:02:6f:3d:a8:cc:f6: 00:00:84:20:b2:05:43:d0:6d:31:d3:3f:90:f4:95:5e:ac:0f: 5d:f4:06:88:f2:bd:76:37:24:33:d7:f6:98:0d:b3:23:62:9f: 29:88:d8:40:f1:3b:e2:1b:93:7a:2d:54:ee:59:a8:b3:ff:89: ee:b0:33:c4:88:df:bc:2e:0f:74:a1:31:42:0e:6c:28:ee:cf: 70:4b:4d:a8:f1:11:73:e5:7e:b0:10:cb:50:66:d1:80:bb:ad: 37:03:aa:cc:9b:e7:d1:dc:b9:89:8f:0c:00:9f:92:d4:19:29: da:66:95:be:2a:0c:9c:c7:15:87:6a:89:b0:2b:79:0e:6c:96: 37:ed:80:e2:67:4c:20:cf:33:c6:ba:1e:dc:16:73:95:a6:d9: 8d:cc:e1:dd:cf:6b:1b:b8:75:a9:8a:bf:96:30:ec:49:98:bb: 18:49:a9:8b:b2:16:f5:bf:8e:5e:c4:ea:20:6e:5a:81:9a:ac: f6:a0:ee:c2:6a:dd:17:07:81:63:24:47:0c:1c:68:34:89:b9: 41:32:e2:22:cd:75:a5:af:67:5e:55:02:b4:dc:fd:01:19:6c: 18:98:19:10 -----BEGIN CERTIFICATE----- MIIGKzCCBROgAwIBAgISAZt6x9+6uMFCvHgH3zEBnn+MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm YzQxZWMwHhcNMjYwMTAxMTgxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTkxZDJiNzJkNTQwYmFiMGZkZDA1NGU1NGY3NzUyNTg1Y2U4Y2JiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxRUz6WAHIxYnwqdwxiBw8Ax7Zta PdZitSiYa2NSjjBsm14iUz7dOsQ99eZ+cGPyxKFMOr0d6Scu8AwHrB5CxhwP1YsU 7uLrWD697Yj1E911ytMimPIJtXn/f6PgigrZLMH8o4y/HSc/SB1xDa+/llVxvUv4 9htcdDxrjo4oc18cbzkXyMjLYuCrH7CixX0SKGTveFrIuF3bvnKJCoEqa5RXC/DJ 89Fvt6ejdUwxnywuIGC0+n/exRD6Tjx3652GFEZH4F9Qpkzf3w8mL+xOVhDDXCH7 RBv4Eel6GYWzs2xbk9vndEMzIiNgkWR85HEcnUhN0PNW5/CQtXg0fxtmdQIDAQAB o4IDNzCCAzMwHQYDVR0OBBYEFIWR0rctVAurD90FTlT3dSWFzoy7MB8GA1UdIwQY MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt NTU1NGQ2ZTE2ODZmLzEvaFpIU3R5MVVDNnNQM1FWT1ZQZDFKWVhPakxzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBSwYIKwYBBQUHAQcBAf8EggE6MIIBNjCCATIEAgABMIIB KgMEAFX+AgMEAFX+BAMEAFX+BwMEAFX+HgMEAFX+KAMEAVX+KgMEAFX+MwMEAFX+ OwMEAVX+QAMEAlX+TAMEAVX+VAMEAFX+ZwMEAlX+cDAMAwQCVf58AwQAVf5+AwQC Vf6AAwQAVf6GMAwDBABV/okDBABV/owDBAFV/q4DBAFV/rQDBACflBoDBACflDYD BACflD4DBACflEIDBACflH4DBACflIADBACflIIDBACflJ4DBACflKMDBAGflKYw DAMEAJ+UswMEAJ+UtAMEAJ+UzAMEAJ+U2AMEAJ+U2gMEAJ+U6gMEAJ+U8TAMAwQB n5T2AwQAn5T4AwQAuQfsAwQAuRteAwQCuS9cAwQCudNgAwQCvEC0AwQA2UV5MAwD BADZRX0DBAfZRQAwDQYJKoZIhvcNAQELBQADggEBALEm34Ttws/tVzS3xsrIV08R u5cSC79CLkjt20fUgQJvPajM9gAAhCCyBUPQbTHTP5D0lV6sD130BojyvXY3JDPX 9pgNsyNinymI2EDxO+Ibk3otVO5ZqLP/ie6wM8SI37wuD3ShMUIObCjuz3BLTajx EXPlfrAQy1Bm0YC7rTcDqsyb59HcuYmPDACfktQZKdpmlb4qDJzHFYdqibAreQ5s ljftgOJnTCDPM8a6HtwWc5Wm2Y3M4d3Paxu4damKv5Yw7EmYuxhJqYuyFvW/jl7E 6iBuWoGarPag7sJq3RcHgWMkRwwcaDSJuUEy4iLNdaWvZ15VArTc/QEZbBiYGRA= -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:57 2026 by rpki-client