This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/h4LJjNrzp4fAWVmt9xZ04UKNInQ.roa File: h4LJjNrzp4fAWVmt9xZ04UKNInQ.roa (raw, json) Hash identifier: hPnSIuqaeCZAtukV9F+5jwRGZESxgM1eDjQaNz+/KSs= Subject key identifier: 87:82:C9:8C:DA:F3:A7:87:C0:59:59:AD:F7:16:74:E1:42:8D:22:74 Certificate issuer: /CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6 Certificate serial: 019B7EA69245E123752F4433BCBB135AE506 Authority key identifier: 9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/h4LJjNrzp4fAWVmt9xZ04UKNInQ.roa Signing time: Fri 02 Jan 2026 12:20:04 +0000 ROA not before: Fri 02 Jan 2026 12:20:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61317 IP address blocks: 45.158.39.0/24 maxlen: 24 217.79.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.mft rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 03:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:92:45:e1:23:75:2f:44:33:bc:bb:13:5a:e5:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6 Validity Not Before: Jan 2 12:20:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8782c98cdaf3a787c05959adf71674e1428d2274 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f2:bd:fe:18:49:81:53:f1:99:9f:08:35:85: 65:02:48:42:05:ef:82:02:6d:16:4c:01:10:b3:ef: a2:9e:f1:15:96:56:21:51:42:22:29:9f:2b:93:64: 0d:19:8e:b2:3d:fe:bb:f2:15:6d:db:9c:62:08:d8: 0a:44:37:d2:52:0e:f9:64:56:af:ec:2f:c0:19:b7: 48:d7:63:74:9d:28:14:20:55:56:74:b0:3b:41:fc: 73:44:4d:97:24:44:e5:b9:b4:fe:05:0f:56:aa:07: 3e:27:b0:0d:ff:97:b1:50:be:0e:28:ca:3c:68:56: db:1a:a5:09:bb:22:81:7b:be:18:6f:50:37:15:41: fa:f0:b4:ae:69:4b:fa:3a:27:fe:33:23:07:72:51: 38:6d:2c:3a:63:62:85:06:9b:01:ae:4d:69:d0:d5: f8:9a:51:a2:60:fb:1d:57:1c:62:b3:2d:6d:bc:67: a5:09:0e:b0:9d:e9:93:ff:40:c9:68:43:5a:3b:15: 6f:a1:77:b3:47:91:2b:32:13:fe:dc:fb:fd:f8:c8: 38:7c:44:26:ed:5b:2b:2c:1f:a9:6a:28:72:b8:7d: 7b:c4:4b:8c:41:eb:36:d1:a7:7f:8d:25:f2:04:23: 09:75:19:ef:52:35:f3:c7:2a:b6:bf:ab:b4:ea:ff: 94:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:82:C9:8C:DA:F3:A7:87:C0:59:59:AD:F7:16:74:E1:42:8D:22:74 X509v3 Authority Key Identifier: keyid:9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/h4LJjNrzp4fAWVmt9xZ04UKNInQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.158.39.0/24 217.79.255.0/24 Signature Algorithm: sha256WithRSAEncryption c6:96:5a:75:e3:d0:e4:02:89:ea:9c:f4:8b:c5:bc:8f:46:6b: 66:ec:8d:8b:0f:68:f2:6d:02:c7:6b:73:07:c6:04:0c:1e:f5: da:3a:2e:d5:b7:02:64:7b:a5:20:09:5a:eb:1c:9d:94:76:e3: ef:28:c8:c8:55:46:fb:d0:4d:6a:63:df:9d:4a:32:92:0b:f7: da:a8:80:00:f7:62:46:d7:0c:a1:43:5d:08:26:34:c5:0b:b8: 69:76:6b:96:39:94:a6:74:19:81:2b:ef:bd:dd:82:50:99:1e: c8:4e:a6:bf:c9:cd:fc:2a:e5:13:20:9c:02:80:8f:3d:34:a7: 72:1f:11:72:e2:b2:d1:ab:22:51:c4:83:da:c1:88:1d:94:02: 8e:d1:c4:a5:04:ea:a8:a6:e7:a1:26:d0:d9:61:b5:6d:f6:6f: 54:3a:c7:4f:6c:82:b7:33:28:91:4e:76:8e:ed:4e:53:66:bd: 3f:2e:c2:c2:9d:a3:0d:e1:b2:f8:f2:8b:66:79:ef:be:56:62: 2f:59:1f:37:0f:f7:b9:e3:d6:97:25:62:75:cf:c0:8b:45:a9: e8:d7:b0:3d:e2:79:a2:a9:d2:1f:fd:90:9d:01:5c:7b:25:56: 19:82:da:32:f2:e0:15:23:1b:46:e9:33:fd:b2:e3:23:28:c5: f2:a7:5d:5e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+ppJF4SN1L0QzvLsTWuUGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMjNmNGNiNGJhYjVjMTA4MDFhNzcwNjU4ZGY4OTFjZmI4 YzY4YzYwHhcNMjYwMTAyMTIyMDA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NzgyYzk4Y2RhZjNhNzg3YzA1OTU5YWRmNzE2NzRlMTQyOGQyMjc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/K9/hhJgVPxmZ8INYVlAkhCBe+C Am0WTAEQs++invEVllYhUUIiKZ8rk2QNGY6yPf678hVt25xiCNgKRDfSUg75ZFav 7C/AGbdI12N0nSgUIFVWdLA7QfxzRE2XJETlubT+BQ9Wqgc+J7AN/5exUL4OKMo8 aFbbGqUJuyKBe74Yb1A3FUH68LSuaUv6Oif+MyMHclE4bSw6Y2KFBpsBrk1p0NX4 mlGiYPsdVxxisy1tvGelCQ6wnemT/0DJaENaOxVvoXezR5ErMhP+3Pv9+Mg4fEQm 7VsrLB+paihyuH17xEuMQes20ad/jSXyBCMJdRnvUjXzxyq2v6u06v+U+wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIeCyYza86eHwFlZrfcWdOFCjSJ0MB8GA1UdIwQY MBaAFJ0j9MtLq1wQgBp3BljfiRz7jGjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODkt MDE1NzdhOTI3ZmE5LzEvaDRMSmpOcnpwNGZBV1ZtdDl4WjA0VUtOSW5RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODktMDE1NzdhOTI3ZmE5 LzEvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ4nAwQA 2U//MA0GCSqGSIb3DQEBCwUAA4IBAQDGllp149DkAonqnPSLxbyPRmtm7I2LD2jy bQLHa3MHxgQMHvXaOi7VtwJke6UgCVrrHJ2UduPvKMjIVUb70E1qY9+dSjKSC/fa qIAA92JG1wyhQ10IJjTFC7hpdmuWOZSmdBmBK++93YJQmR7ITqa/yc38KuUTIJwC gI89NKdyHxFy4rLRqyJRxIPawYgdlAKO0cSlBOqopuehJtDZYbVt9m9UOsdPbIK3 MyiRTnaO7U5TZr0/LsLCnaMN4bL48otmee++VmIvWR83D/e549aXJWJ1z8CLRano 17A94nmiqdIf/ZCdAVx7JVYZgtoy8uAVIxtG6TP9suMjKMXyp11e -----END CERTIFICATE-----Generated at Thu Jan 8 12:58:21 2026 by rpki-client