This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/hd0YhlJ9IDoyXw3U8pgJ3ceuKRI.roa File: hd0YhlJ9IDoyXw3U8pgJ3ceuKRI.roa (raw, json) Hash identifier: /lIMMHgK4zk88anoXyRyBTEvoIowJEiVJJvaW0LTkSw= Subject key identifier: 85:DD:18:86:52:7D:20:3A:32:5F:0D:D4:F2:98:09:DD:C7:AE:29:12 Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba Certificate serial: 019B7E38B271226FCE77FA0C111722CFAC49 Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/hd0YhlJ9IDoyXw3U8pgJ3ceuKRI.roa Signing time: Fri 02 Jan 2026 10:20:03 +0000 ROA not before: Fri 02 Jan 2026 10:20:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5650 IP address blocks: 2.56.32.0/22 maxlen: 22 45.81.160.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.mft rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 04:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:b2:71:22:6f:ce:77:fa:0c:11:17:22:cf:ac:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba Validity Not Before: Jan 2 10:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85dd1886527d203a325f0dd4f29809ddc7ae2912 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:9e:7e:cc:a4:ae:9d:a0:15:7d:6f:13:22:82: 7b:83:7c:84:1e:20:48:7a:f7:39:45:42:61:b2:f5: 08:d2:6f:10:fb:1f:97:79:a4:fd:6f:00:d7:21:b4: 66:63:3f:9f:1a:8b:46:70:86:6b:8e:2b:f0:d6:1b: a5:92:14:82:26:ee:ba:f5:db:10:37:02:ea:e9:97: bd:a5:47:da:df:a1:20:bc:6f:da:be:fb:6e:0a:43: 8a:2f:1d:21:f7:4f:14:98:35:29:aa:af:c8:f9:18: b2:9a:5e:92:70:40:23:2d:1b:e7:e3:62:47:0e:79: 06:3b:a8:9c:18:52:9e:04:23:72:cd:20:ef:51:83: 6e:e5:ea:b1:da:9c:69:bd:9e:5d:ba:a9:9b:79:b5: e0:62:48:c2:23:2c:1a:df:5d:73:f6:35:5e:6e:b4: 2f:e3:2b:07:27:fc:1b:d9:b1:6d:f6:c3:94:3c:b3: c2:6c:b0:ba:8f:fc:9a:7f:38:a1:c1:22:f5:e8:38: b6:ad:aa:5d:aa:0b:4d:3a:8d:3f:5e:63:a4:72:38: c0:cb:0a:36:28:81:e8:51:fa:80:56:8b:ce:20:69: ad:54:36:45:5a:ec:1f:4e:36:7e:e1:01:af:3e:c5: d3:36:28:70:b7:1d:21:59:d8:e1:97:ae:ba:89:7b: 24:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:DD:18:86:52:7D:20:3A:32:5F:0D:D4:F2:98:09:DD:C7:AE:29:12 X509v3 Authority Key Identifier: keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/hd0YhlJ9IDoyXw3U8pgJ3ceuKRI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.32.0/22 45.81.160.0/24 Signature Algorithm: sha256WithRSAEncryption 90:6e:24:0f:f4:24:2e:02:14:7b:58:f7:b5:52:4b:18:61:ed: f0:c1:e7:6e:04:80:48:73:60:bf:04:7f:0f:a5:eb:cf:0f:3a: d0:a2:39:a6:08:74:e5:50:ea:79:cd:9a:8c:ec:18:08:bc:74: 92:08:56:db:07:ff:58:6d:04:e7:b7:0e:a9:8d:27:db:f8:61: 96:e6:ff:54:fc:ec:c2:5f:4e:43:59:e0:6a:d3:8e:51:6b:c9: 92:b1:6e:6f:cb:b4:65:a5:49:80:62:93:3d:b7:6c:5f:9e:79: 39:2f:63:87:a1:e1:8c:10:ed:25:87:91:8c:76:b8:a5:bb:1d: 33:74:34:8e:f0:6a:22:fc:89:cd:b5:54:26:5f:cf:bf:8c:c1: 24:72:ee:28:a1:51:c0:51:c6:c0:74:13:0b:e1:83:fe:30:6b: d1:aa:0c:89:3c:12:e4:26:71:cc:33:53:e5:4c:ef:77:04:bd: dd:a7:e7:5d:ce:9e:20:f2:4d:1c:09:d1:25:56:70:07:1b:87: 0f:2a:66:62:12:54:76:13:17:e9:df:3c:b3:db:c5:7e:40:69: 7e:ff:da:01:c1:e8:c4:d9:bf:e7:76:1a:d9:23:bb:6f:9a:b2: 60:d6:54:5b:e5:26:01:34:22:24:8d:49:a3:4b:6c:68:ff:c3: bd:f7:a4:ac -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+OLJxIm/Od/oMERciz6xJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz MGJiYmEwHhcNMjYwMTAyMTAyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWRkMTg4NjUyN2QyMDNhMzI1ZjBkZDRmMjk4MDlkZGM3YWUyOTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp5+zKSunaAVfW8TIoJ7g3yEHiBI evc5RUJhsvUI0m8Q+x+XeaT9bwDXIbRmYz+fGotGcIZrjivw1hulkhSCJu669dsQ NwLq6Ze9pUfa36EgvG/avvtuCkOKLx0h908UmDUpqq/I+Riyml6ScEAjLRvn42JH DnkGO6icGFKeBCNyzSDvUYNu5eqx2pxpvZ5duqmbebXgYkjCIywa311z9jVebrQv 4ysHJ/wb2bFt9sOUPLPCbLC6j/yafzihwSL16Di2rapdqgtNOo0/XmOkcjjAywo2 KIHoUfqAVovOIGmtVDZFWuwfTjZ+4QGvPsXTNihwtx0hWdjhl666iXsksQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIXdGIZSfSA6Ml8N1PKYCd3HrikSMB8GA1UdIwQY MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt YmU0NWYwZDJhYmJiLzEvaGQwWWhsSjlJRG95WHczVThwZ0ozY2V1S1JJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjggAwQA LVGgMA0GCSqGSIb3DQEBCwUAA4IBAQCQbiQP9CQuAhR7WPe1UksYYe3wweduBIBI c2C/BH8PpevPDzrQojmmCHTlUOp5zZqM7BgIvHSSCFbbB/9YbQTntw6pjSfb+GGW 5v9U/OzCX05DWeBq045Ra8mSsW5vy7RlpUmAYpM9t2xfnnk5L2OHoeGMEO0lh5GM drilux0zdDSO8Goi/InNtVQmX8+/jMEkcu4ooVHAUcbAdBML4YP+MGvRqgyJPBLk JnHMM1PlTO93BL3dp+ddzp4g8k0cCdElVnAHG4cPKmZiElR2Exfp3zyz28V+QGl+ /9oBwejE2b/ndhrZI7tvmrJg1lRb5SYBNCIkjUmjS2xo/8O996Ss -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:03 2026 by rpki-client