This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/Hi_yIbXB_AqEZvECw_6A2niKbbY.roa File: Hi_yIbXB_AqEZvECw_6A2niKbbY.roa (raw, json) Hash identifier: V9KwW6TEefSi+Nbg4IOw24z7gPz8KPWyVOeCLVyS3EY= Subject key identifier: 1E:2F:F2:21:B5:C1:FC:0A:84:66:F1:02:C3:FE:80:DA:78:8A:6D:B6 Certificate issuer: /CN=c559d4693555b9f2ad6807bacedc4b5a2e701a48 Certificate serial: 019B78345B2768D34C2FF631428D9DDD801D Authority key identifier: C5:59:D4:69:35:55:B9:F2:AD:68:07:BA:CE:DC:4B:5A:2E:70:1A:48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xVnUaTVVufKtaAe6ztxLWi5wGkg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/Hi_yIbXB_AqEZvECw_6A2niKbbY.roa Signing time: Thu 01 Jan 2026 06:17:35 +0000 ROA not before: Thu 01 Jan 2026 06:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56911 IP address blocks: 89.35.118.0/24 maxlen: 24 149.62.34.0/24 maxlen: 24 185.70.28.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/xVnUaTVVufKtaAe6ztxLWi5wGkg.crl rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/xVnUaTVVufKtaAe6ztxLWi5wGkg.mft rsync://rpki.ripe.net/repository/DEFAULT/xVnUaTVVufKtaAe6ztxLWi5wGkg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:5b:27:68:d3:4c:2f:f6:31:42:8d:9d:dd:80:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c559d4693555b9f2ad6807bacedc4b5a2e701a48 Validity Not Before: Jan 1 06:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1e2ff221b5c1fc0a8466f102c3fe80da788a6db6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:84:72:08:9d:d7:b8:f0:cf:31:75:f6:3d:89: c6:4c:bd:24:24:53:2c:14:d5:50:ae:c8:11:cb:5e: 4a:c4:53:27:88:c7:96:e1:e0:9d:59:16:d2:c8:ad: 0e:91:a5:6d:97:af:da:a0:6a:f0:18:e7:32:fd:55: 1f:e8:64:31:5c:3e:06:7e:b0:2f:bb:2c:7a:33:d0: 62:51:b1:47:16:48:d6:c4:cf:03:7f:68:14:a3:11: f5:f4:35:d7:10:a6:24:93:c4:0c:99:c7:da:00:29: 72:9a:8f:ba:f9:7b:40:eb:1f:65:6d:5a:de:e0:cd: 17:da:05:12:30:21:78:5a:27:c7:96:b5:02:39:60: 31:15:ce:df:d9:80:3c:6d:b0:11:ee:df:57:9f:14: 4d:a0:4f:35:26:8e:76:c4:e2:0d:04:0d:ea:f0:27: 81:f9:41:e6:e5:2a:ca:aa:2b:55:0e:41:04:d3:a7: 51:1b:f7:d8:1c:04:65:50:a4:2e:ae:61:d6:44:eb: a4:21:a1:ab:eb:87:c6:d0:f6:c3:92:91:53:e8:bd: 93:eb:38:58:73:44:c4:94:43:26:30:f6:34:78:07: 80:28:89:fd:6a:79:52:23:39:5b:ea:7b:70:6b:04: 7d:40:cd:c8:96:93:8d:7d:e1:ff:1f:86:43:74:b5: 89:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:2F:F2:21:B5:C1:FC:0A:84:66:F1:02:C3:FE:80:DA:78:8A:6D:B6 X509v3 Authority Key Identifier: keyid:C5:59:D4:69:35:55:B9:F2:AD:68:07:BA:CE:DC:4B:5A:2E:70:1A:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVnUaTVVufKtaAe6ztxLWi5wGkg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/Hi_yIbXB_AqEZvECw_6A2niKbbY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/xVnUaTVVufKtaAe6ztxLWi5wGkg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.35.118.0/24 149.62.34.0/24 185.70.28.0/22 Signature Algorithm: sha256WithRSAEncryption 7b:e9:a6:7c:84:0c:be:a3:da:7a:00:d2:d5:77:67:e1:eb:da: 6d:28:5d:23:eb:1b:ca:b5:28:0a:f9:94:3e:8b:9b:43:6b:7e: b9:bd:cf:6b:8f:50:20:23:52:ae:b7:f2:d3:08:b2:f9:5c:7c: c2:08:35:e6:05:1c:ea:98:80:d3:dc:b6:a3:74:0c:f6:a9:da: 8d:19:35:a9:0a:0a:62:75:6d:1b:b8:b9:32:16:56:bd:07:5e: d8:31:41:c6:a4:f7:cd:ae:87:6f:06:3f:11:73:52:5e:ac:e3: e5:64:ca:ac:21:cb:7c:c3:6c:ec:ba:6d:e5:03:62:48:fd:aa: 13:81:f7:66:30:ba:3b:a2:27:57:9d:ac:22:a3:3a:eb:25:ea: ca:2b:d4:64:4d:24:3b:43:05:67:5d:39:85:00:e1:d1:58:ef: bd:ba:63:51:69:9e:c2:0c:71:29:e0:0a:e4:e2:7e:97:74:fc: bf:df:e6:93:3a:05:4f:f7:fd:5a:1a:0b:69:3c:3b:97:36:a1: ec:f1:a4:6f:16:4d:2a:bf:4b:2b:46:ef:82:e6:b4:d5:09:f1: ea:37:be:ce:8f:4e:cf:82:e0:fc:35:f3:f5:dc:60:15:7e:1d: 3a:6d:66:82:2f:b4:eb:f2:b9:7e:6f:83:04:e1:80:08:89:0f: b0:99:f4:18 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt4NFsnaNNML/YxQo2d3YAdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1NTlkNDY5MzU1NWI5ZjJhZDY4MDdiYWNlZGM0YjVhMmU3 MDFhNDgwHhcNMjYwMTAxMDYxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZTJmZjIyMWI1YzFmYzBhODQ2NmYxMDJjM2ZlODBkYTc4OGE2ZGI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oRyCJ3XuPDPMXX2PYnGTL0kJFMs FNVQrsgRy15KxFMniMeW4eCdWRbSyK0OkaVtl6/aoGrwGOcy/VUf6GQxXD4GfrAv uyx6M9BiUbFHFkjWxM8Df2gUoxH19DXXEKYkk8QMmcfaAClymo+6+XtA6x9lbVre 4M0X2gUSMCF4WifHlrUCOWAxFc7f2YA8bbAR7t9XnxRNoE81Jo52xOINBA3q8CeB +UHm5SrKqitVDkEE06dRG/fYHARlUKQurmHWROukIaGr64fG0PbDkpFT6L2T6zhY c0TElEMmMPY0eAeAKIn9anlSIzlb6ntwawR9QM3IlpONfeH/H4ZDdLWJFQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFB4v8iG1wfwKhGbxAsP+gNp4im22MB8GA1UdIwQY MBaAFMVZ1Gk1VbnyrWgHus7cS1oucBpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveFZuVWFUVlZ1Zkt0YUFlNnp0eExXaTV3R2tnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zZjBmOGItYWY5My00MjNiLWJlYTUt ZDJlMzUxNjA5NzU5LzEvSGlfeUliWEJfQXFFWnZFQ3dfNkEybmlLYmJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8zZjBmOGItYWY5My00MjNiLWJlYTUtZDJlMzUxNjA5NzU5 LzEveFZuVWFUVlZ1Zkt0YUFlNnp0eExXaTV3R2tnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSN2AwQA lT4iAwQCuUYcMA0GCSqGSIb3DQEBCwUAA4IBAQB76aZ8hAy+o9p6ANLVd2fh69pt KF0j6xvKtSgK+ZQ+i5tDa365vc9rj1AgI1Kut/LTCLL5XHzCCDXmBRzqmIDT3Laj dAz2qdqNGTWpCgpidW0buLkyFla9B17YMUHGpPfNrodvBj8Rc1JerOPlZMqsIct8 w2zsum3lA2JI/aoTgfdmMLo7oidXnawiozrrJerKK9RkTSQ7QwVnXTmFAOHRWO+9 umNRaZ7CDHEp4Ark4n6XdPy/3+aTOgVP9/1aGgtpPDuXNqHs8aRvFk0qv0srRu+C 5rTVCfHqN77Oj07PguD8NfP13GAVfh06bWaCL7Tr8rl+b4ME4YAIiQ+wmfQY -----END CERTIFICATE-----Generated at Mon Jan 26 09:23:01 2026 by rpki-client