This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/2h_8VJcabHSDMCKwNPF09jw_Hf8.roa File: 2h_8VJcabHSDMCKwNPF09jw_Hf8.roa (raw, json) Hash identifier: c7tBoia56lSI7zrOJCToiDaTHfoOdjooQhw4RuRBw4Y= Subject key identifier: DA:1F:FC:54:97:1A:6C:74:83:30:22:B0:34:F1:74:F6:3C:3F:1D:FF Certificate issuer: /CN=a1d71853324eb060fbafc988233860499c96c53a Certificate serial: 019B77C6DD1C270FF394F544CC7CD619E529 Authority key identifier: A1:D7:18:53:32:4E:B0:60:FB:AF:C9:88:23:38:60:49:9C:96:C5:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/2h_8VJcabHSDMCKwNPF09jw_Hf8.roa Signing time: Thu 01 Jan 2026 04:18:00 +0000 ROA not before: Thu 01 Jan 2026 04:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 22516 IP address blocks: 45.148.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.crl rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.mft rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 15:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:dd:1c:27:0f:f3:94:f5:44:cc:7c:d6:19:e5:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1d71853324eb060fbafc988233860499c96c53a Validity Not Before: Jan 1 04:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da1ffc54971a6c74833022b034f174f63c3f1dff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:36:fa:e9:86:02:9f:f4:61:05:80:76:8c:6d: 86:5a:94:76:a3:c8:9d:12:fc:92:ad:a7:c1:22:f4: 3a:f2:55:ba:9e:58:19:6c:95:46:21:75:cb:7a:7d: a3:4b:c6:9a:91:6e:14:46:fb:d5:18:45:1c:18:06: 70:51:03:12:ec:16:b7:c6:82:10:93:29:2c:f1:f1: 65:ad:21:43:9d:5c:25:25:52:62:b0:9e:96:64:fe: 2f:f8:59:65:fc:02:a4:12:5c:f8:ad:c9:43:d8:a0: 2e:03:2a:ca:89:ea:dd:a7:19:ad:a1:2a:5d:c0:df: 96:82:05:e6:d2:43:15:13:11:b2:cc:8f:e5:5b:09: 88:f1:9f:40:cb:d7:21:03:0c:43:8a:86:28:a7:c0: 99:3c:99:f0:33:ea:52:d9:da:72:74:fd:c4:b3:3b: b5:69:59:8c:57:27:ba:3f:27:1d:40:1a:0a:3e:1b: 68:3e:05:0c:34:70:29:e3:30:fa:e2:9f:d7:fa:f9: 1f:72:5d:ac:28:03:20:ca:cb:63:40:71:88:77:4a: da:8c:11:75:5a:40:a5:3a:c6:2c:ac:e1:22:7f:0e: e0:d8:f3:5b:b7:cd:23:1d:6b:09:97:cc:55:ec:f6: 40:3a:b9:7f:87:a7:75:28:d0:5a:e3:ba:d9:1c:15: 05:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:1F:FC:54:97:1A:6C:74:83:30:22:B0:34:F1:74:F6:3C:3F:1D:FF X509v3 Authority Key Identifier: keyid:A1:D7:18:53:32:4E:B0:60:FB:AF:C9:88:23:38:60:49:9C:96:C5:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/2h_8VJcabHSDMCKwNPF09jw_Hf8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.148.135.0/24 Signature Algorithm: sha256WithRSAEncryption 35:85:b7:80:3c:a7:11:b1:5d:79:29:22:11:9c:7d:87:8d:38: a0:59:21:67:c7:6f:62:c8:55:85:45:ab:5d:6e:49:95:15:26: f6:3e:54:b9:f4:5d:76:9e:98:04:e5:cc:66:b1:6c:4b:6d:71: d7:41:37:1f:6a:46:e8:26:44:ed:f7:34:8b:8b:ce:60:4a:b7: 1a:2e:e3:f2:09:a2:04:d9:9d:ad:c2:83:4c:9a:45:7c:b3:17: ee:42:9b:bb:dd:58:a2:fd:0c:94:0f:f8:da:a2:6f:e7:4e:1f: 62:84:8f:ca:11:2c:ae:27:c0:af:06:20:20:7a:7c:bd:61:87: f4:5c:3b:b2:84:fc:dc:0f:29:c3:aa:ec:31:71:a6:8e:e8:d7: a8:6a:75:62:d6:e0:3e:62:da:3e:30:6b:1b:b4:3d:10:50:26: 6c:12:0d:c9:d2:a7:29:47:59:68:4d:5a:1d:b3:f4:a5:9b:79: 76:ee:85:f2:8b:94:1b:e3:3d:97:84:66:3f:da:0c:13:a6:5f: c0:88:06:22:da:c1:12:f0:72:98:7b:8d:d7:a6:fe:82:97:39: 99:1c:3e:ff:0b:da:64:1a:9e:a4:b8:2c:34:8a:7b:cf:8a:f3: 96:bf:ff:2e:26:f0:4f:6a:b8:4e:cf:2b:64:d4:45:f4:79:76: 02:cb:8b:be -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3xt0cJw/zlPVEzHzWGeUpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExZDcxODUzMzI0ZWIwNjBmYmFmYzk4ODIzMzg2MDQ5OWM5 NmM1M2EwHhcNMjYwMTAxMDQxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTFmZmM1NDk3MWE2Yzc0ODMzMDIyYjAzNGYxNzRmNjNjM2YxZGZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDb66YYCn/RhBYB2jG2GWpR2o8id EvySrafBIvQ68lW6nlgZbJVGIXXLen2jS8aakW4URvvVGEUcGAZwUQMS7Ba3xoIQ kyks8fFlrSFDnVwlJVJisJ6WZP4v+Fll/AKkElz4rclD2KAuAyrKierdpxmtoSpd wN+WggXm0kMVExGyzI/lWwmI8Z9Ay9chAwxDioYop8CZPJnwM+pS2dpydP3Eszu1 aVmMVye6PycdQBoKPhtoPgUMNHAp4zD64p/X+vkfcl2sKAMgystjQHGId0rajBF1 WkClOsYsrOEifw7g2PNbt80jHWsJl8xV7PZAOrl/h6d1KNBa47rZHBUFIQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNof/FSXGmx0gzAisDTxdPY8Px3/MB8GA1UdIwQY MBaAFKHXGFMyTrBg+6/JiCM4YEmclsU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2RjWVV6Sk9zR0Q3cjhtSUl6aGdTWnlXeFRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NjU2ZGItOTRhNS00NWJlLTk0MzUt NzA2MTM1NmJlZjFiLzEvMmhfOFZKY2FiSFNETUNLd05QRjA5andfSGY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy83NjU2ZGItOTRhNS00NWJlLTk0MzUtNzA2MTM1NmJlZjFi LzEvb2RjWVV6Sk9zR0Q3cjhtSUl6aGdTWnlXeFRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZSHMA0G CSqGSIb3DQEBCwUAA4IBAQA1hbeAPKcRsV15KSIRnH2HjTigWSFnx29iyFWFRatd bkmVFSb2PlS59F12npgE5cxmsWxLbXHXQTcfakboJkTt9zSLi85gSrcaLuPyCaIE 2Z2twoNMmkV8sxfuQpu73Vii/QyUD/jaom/nTh9ihI/KESyuJ8CvBiAgeny9YYf0 XDuyhPzcDynDquwxcaaO6NeoanVi1uA+Yto+MGsbtD0QUCZsEg3J0qcpR1loTVod s/Slm3l27oXyi5Qb4z2XhGY/2gwTpl/AiAYi2sES8HKYe43Xpv6ClzmZHD7/C9pk Gp6kuCw0invPivOWv/8uJvBParhOzytk1EX0eXYCy4u+ -----END CERTIFICATE-----Generated at Tue Jan 20 19:20:03 2026 by rpki-client