This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/hL4nAbMjDcB0I8HfTfp0aJOETu4.roa File: hL4nAbMjDcB0I8HfTfp0aJOETu4.roa (raw, json) Hash identifier: HMgiqPXACPgRgXB4fWWx/eVqV6zK3UzAgCuz5lAzZEM= Subject key identifier: 84:BE:27:01:B3:23:0D:C0:74:23:C1:DF:4D:FA:74:68:93:84:4E:EE Certificate issuer: /CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec Certificate serial: 019B7A59DBB251A28B1869BE89BFE7A2617E Authority key identifier: 46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/hL4nAbMjDcB0I8HfTfp0aJOETu4.roa Signing time: Thu 01 Jan 2026 16:17:47 +0000 ROA not before: Thu 01 Jan 2026 16:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49349 IP address blocks: 185.61.136.0/24 maxlen: 24 185.61.137.0/24 maxlen: 24 185.61.138.0/24 maxlen: 24 185.61.139.0/24 maxlen: 24 2a02:7a60::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.mft rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 10:59:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:59:db:b2:51:a2:8b:18:69:be:89:bf:e7:a2:61:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec Validity Not Before: Jan 1 16:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=84be2701b3230dc07423c1df4dfa746893844eee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:35:51:03:66:01:29:76:76:11:c7:1a:08:1e: 91:7c:00:a1:e8:f3:c4:d0:3c:4a:7d:d4:cf:a9:2f: 1f:2f:00:1a:34:39:ba:09:3a:95:be:03:17:01:6c: 65:46:47:c5:82:8b:1f:6a:90:ba:5a:f2:7a:64:25: a0:f9:98:33:f1:1c:9e:e8:7e:b4:5c:ef:9f:17:cb: 51:e9:5d:ca:04:ea:30:81:c7:ba:af:2c:34:3b:b5: 3c:53:91:5c:70:03:53:f7:a3:19:5f:0f:50:3d:a8: db:1a:9f:86:19:cb:15:14:07:fc:40:4a:c8:47:39: 53:74:40:75:85:bf:bc:10:f9:ad:26:80:98:96:d0: 65:e6:37:e8:fb:d6:1c:e1:68:55:00:45:98:3a:06: 89:31:00:82:df:23:8f:51:9d:7c:88:40:ff:8a:4d: 96:5e:50:0f:f9:39:16:f2:96:2c:b0:57:da:33:29: 5a:d4:bf:cd:02:20:ba:08:0c:7b:16:07:58:78:89: 33:16:31:52:6d:1e:a2:40:15:8c:ae:19:e5:34:25: 8a:91:5d:f0:ec:57:3b:b6:43:9b:6c:d2:b5:a8:42: 1a:75:b9:8b:6b:17:fc:e2:68:45:58:4c:0d:c3:35: cb:24:1c:51:bc:6d:cf:4c:28:93:75:a9:15:63:cb: b2:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:BE:27:01:B3:23:0D:C0:74:23:C1:DF:4D:FA:74:68:93:84:4E:EE X509v3 Authority Key Identifier: keyid:46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/hL4nAbMjDcB0I8HfTfp0aJOETu4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.61.136.0/22 IPv6: 2a02:7a60::/32 Signature Algorithm: sha256WithRSAEncryption 21:dd:d0:91:b3:a6:78:81:8a:03:73:55:76:10:27:fc:e0:ae: 19:36:49:f7:b8:58:2c:c0:3a:91:30:59:30:65:ba:5a:3e:66: 05:1f:9f:a6:7c:1d:2f:b0:da:40:67:79:d8:f3:aa:2c:d5:d4: f7:63:c8:41:d6:ed:d4:bf:9c:94:60:32:6f:9c:10:33:bf:81: ed:b8:88:95:44:b6:55:79:11:dc:95:28:e3:82:85:21:9c:f8: 81:2e:57:44:ae:51:95:68:ee:e3:62:3f:57:a1:78:7b:7f:aa: 00:96:72:7c:b4:76:a2:44:97:ae:b3:a1:3f:8a:0f:b0:0b:0b: d1:9e:c9:22:71:b3:e1:59:e5:2b:af:53:d0:85:cc:cf:cd:3d: f7:22:8c:98:81:f2:f3:4e:42:74:a0:9a:07:e9:bb:0a:aa:c0: 04:63:2e:91:b2:62:c5:f3:e7:b1:21:36:64:7a:05:80:37:36: 2b:ac:c0:12:d7:70:01:80:78:70:f2:8f:25:fd:1c:79:bc:d0: e7:4b:97:9b:a4:ed:1a:53:7a:19:d2:5b:5d:f1:b6:50:51:c3: 8b:78:15:5c:89:94:60:a7:dc:98:b1:ac:6e:69:db:b8:a1:b7: 09:f4:57:cd:05:a0:c6:90:e8:15:92:2f:04:71:21:52:28:34: e0:f3:eb:6c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6WduyUaKLGGm+ib/nomF+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2Yzk4YjJlNGEzZTA2MGRlZjQ1YWJjNjJjMGUzNDVmYWE4 MGI1ZWMwHhcNMjYwMTAxMTYxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NGJlMjcwMWIzMjMwZGMwNzQyM2MxZGY0ZGZhNzQ2ODkzODQ0ZWVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTVRA2YBKXZ2EccaCB6RfACh6PPE 0DxKfdTPqS8fLwAaNDm6CTqVvgMXAWxlRkfFgosfapC6WvJ6ZCWg+Zgz8Rye6H60 XO+fF8tR6V3KBOowgce6ryw0O7U8U5FccANT96MZXw9QPajbGp+GGcsVFAf8QErI RzlTdEB1hb+8EPmtJoCYltBl5jfo+9Yc4WhVAEWYOgaJMQCC3yOPUZ18iED/ik2W XlAP+TkW8pYssFfaMyla1L/NAiC6CAx7FgdYeIkzFjFSbR6iQBWMrhnlNCWKkV3w 7Fc7tkObbNK1qEIadbmLaxf84mhFWEwNwzXLJBxRvG3PTCiTdakVY8uy3QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIS+JwGzIw3AdCPB3036dGiThE7uMB8GA1UdIwQY MBaAFEbJiy5KPgYN70WrxiwONF+qgLXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEt MzQ0OTUyMjcxMGU3LzEvaEw0bkFiTWpEY0IwSThIZlRmcDBhSk9FVHU0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEtMzQ0OTUyMjcxMGU3 LzEvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT2IMA0E AgACMAcDBQAqAnpgMA0GCSqGSIb3DQEBCwUAA4IBAQAh3dCRs6Z4gYoDc1V2ECf8 4K4ZNkn3uFgswDqRMFkwZbpaPmYFH5+mfB0vsNpAZ3nY86os1dT3Y8hB1u3Uv5yU YDJvnBAzv4HtuIiVRLZVeRHclSjjgoUhnPiBLldErlGVaO7jYj9XoXh7f6oAlnJ8 tHaiRJeus6E/ig+wCwvRnskicbPhWeUrr1PQhczPzT33IoyYgfLzTkJ0oJoH6bsK qsAEYy6RsmLF8+exITZkegWANzYrrMAS13ABgHhw8o8l/Rx5vNDnS5ebpO0aU3oZ 0ltd8bZQUcOLeBVciZRgp9yYsaxuadu4obcJ9FfNBaDGkOgVki8EcSFSKDTg8+ts -----END CERTIFICATE-----Generated at Fri Jan 9 13:31:30 2026 by rpki-client