This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/hlYcdx1ybU4O_N_wWLe8kEQOPAA.roa File: hlYcdx1ybU4O_N_wWLe8kEQOPAA.roa (raw, json) Hash identifier: g8sRkVv7AmG02gcDiKwncGvtRS2uuD1b8FmdkJIrmVQ= Subject key identifier: 86:56:1C:77:1D:72:6D:4E:0E:FC:DF:F0:58:B7:BC:90:44:0E:3C:00 Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b Certificate serial: 019B78A2A4571EEB27FEFE6DE4DE988A497C Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/hlYcdx1ybU4O_N_wWLe8kEQOPAA.roa Signing time: Thu 01 Jan 2026 08:18:03 +0000 ROA not before: Thu 01 Jan 2026 08:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6878 IP address blocks: 80.158.0.0/21 maxlen: 24 80.158.0.0/23 maxlen: 23 80.158.16.0/20 maxlen: 24 80.158.31.0/24 maxlen: 24 80.158.32.0/19 maxlen: 24 80.158.72.0/21 maxlen: 24 80.158.80.0/20 maxlen: 24 80.158.96.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.mft rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:a4:57:1e:eb:27:fe:fe:6d:e4:de:98:8a:49:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b Validity Not Before: Jan 1 08:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=86561c771d726d4e0efcdff058b7bc90440e3c00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:07:53:6e:8e:92:0f:b2:88:82:eb:7d:ee:15: 32:ea:15:a4:92:e7:21:3f:4e:3d:00:fa:83:d5:cd: 66:3b:49:db:7f:6d:4c:6c:22:d0:1d:1a:6f:84:2b: ca:30:2f:3b:8a:53:31:1f:41:ca:c5:4d:9e:ee:ff: 34:e7:f2:6a:50:dd:19:c1:6c:97:75:9b:ad:de:98: 07:81:9a:7d:43:eb:a2:9d:f3:e6:3a:25:d5:c4:54: 38:2c:7b:1a:38:48:9c:16:2d:b3:99:7e:95:5a:2f: 44:9a:57:e4:13:ed:90:36:cd:11:84:ca:ce:ed:8f: ba:05:21:e7:f5:83:cf:2d:a2:7b:ab:55:de:14:1e: a4:36:c5:6b:c3:76:cb:0f:36:d7:c8:07:48:4a:50: 5f:ef:47:d1:c4:7b:07:42:23:0a:d6:8c:68:8d:1c: 24:2f:c1:d9:ab:55:90:f4:4f:87:9f:70:22:40:c7: c3:53:db:7f:c0:3b:ef:64:3c:19:5a:78:cb:e1:7e: a9:0a:65:eb:92:a0:5e:7a:51:7a:27:cf:09:d4:c8: 78:d4:2f:24:8f:58:a3:5f:ff:ab:d9:df:b4:e0:5c: 98:72:48:d4:50:86:d2:ce:2b:f7:ef:26:14:ef:1a: 3f:7d:b0:4a:86:b9:34:e6:f5:a9:4b:3e:21:27:3c: 82:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:56:1C:77:1D:72:6D:4E:0E:FC:DF:F0:58:B7:BC:90:44:0E:3C:00 X509v3 Authority Key Identifier: keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/hlYcdx1ybU4O_N_wWLe8kEQOPAA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.158.0.0/21 80.158.16.0-80.158.63.255 80.158.72.0-80.158.127.255 Signature Algorithm: sha256WithRSAEncryption 5f:4b:46:09:27:a9:28:17:1c:5c:42:a0:b4:e7:0e:59:8d:cd: 46:b6:ec:3b:1c:03:72:2c:53:7e:de:1b:8e:63:3a:ad:2b:41: 27:5c:e1:2e:25:98:66:40:ed:0b:03:83:a8:0b:20:88:7f:03: d3:81:79:e6:49:3a:d8:3b:81:a2:72:41:37:c6:39:dd:d1:52: a5:b2:38:ee:44:3b:eb:47:b1:62:b0:50:48:76:2b:8c:ac:fb: 76:b1:f7:27:73:80:d2:0c:af:69:69:22:69:11:67:35:b0:93: 45:d9:34:80:7b:5f:45:e7:01:59:e7:c1:c5:6d:47:62:1e:4b: 9c:d2:e6:58:b8:bb:1b:a6:e9:cf:71:83:90:14:ea:9a:34:d3: 10:74:f1:d5:0e:fc:48:78:dc:80:cd:76:32:cf:3c:31:84:2b: f7:57:6c:f1:9b:e9:06:62:a7:de:d2:38:b3:b7:d5:00:db:ef: 2d:f7:b3:a9:20:0f:96:d9:05:ba:99:73:35:85:e5:bb:58:5c: 3b:03:de:83:5b:35:6b:d3:c0:8b:0a:d1:ff:1a:41:60:ee:78: 54:3a:76:b0:89:c2:c9:5a:94:17:e3:96:39:1d:cf:f3:5f:67: 60:16:30:da:70:b2:8b:14:24:50:d1:d0:fb:d4:b7:25:34:3c: 5c:be:e8:5d -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt4oqRXHusn/v5t5N6Yikl8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2 MDk4MmIwHhcNMjYwMTAxMDgxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjU2MWM3NzFkNzI2ZDRlMGVmY2RmZjA1OGI3YmM5MDQ0MGUzYzAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwdTbo6SD7KIgut97hUy6hWkkuch P049APqD1c1mO0nbf21MbCLQHRpvhCvKMC87ilMxH0HKxU2e7v805/JqUN0ZwWyX dZut3pgHgZp9Q+uinfPmOiXVxFQ4LHsaOEicFi2zmX6VWi9EmlfkE+2QNs0RhMrO 7Y+6BSHn9YPPLaJ7q1XeFB6kNsVrw3bLDzbXyAdISlBf70fRxHsHQiMK1oxojRwk L8HZq1WQ9E+Hn3AiQMfDU9t/wDvvZDwZWnjL4X6pCmXrkqBeelF6J88J1Mh41C8k j1ijX/+r2d+04FyYckjUUIbSziv37yYU7xo/fbBKhrk05vWpSz4hJzyCzQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFIZWHHcdcm1ODvzf8Fi3vJBEDjwAMB8GA1UdIwQY MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy LTc2YjBkZGEyYmYzZS8xL2hsWWNkeDF5YlU0T19OX3dXTGU4a0VRT1BBQS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwOwYIKwYBBQUHAQcBAf8ELDAqMCgEAgABMCIDBANQngAw DAMEBFCeEAMEBlCeADAMAwQDUJ5IAwQHUJ4AMA0GCSqGSIb3DQEBCwUAA4IBAQBf S0YJJ6koFxxcQqC05w5Zjc1Gtuw7HANyLFN+3huOYzqtK0EnXOEuJZhmQO0LA4Oo CyCIfwPTgXnmSTrYO4GickE3xjnd0VKlsjjuRDvrR7FisFBIdiuMrPt2sfcnc4DS DK9paSJpEWc1sJNF2TSAe19F5wFZ58HFbUdiHkuc0uZYuLsbpunPcYOQFOqaNNMQ dPHVDvxIeNyAzXYyzzwxhCv3V2zxm+kGYqfe0jizt9UA2+8t97OpIA+W2QW6mXM1 heW7WFw7A96DWzVr08CLCtH/GkFg7nhUOnawicLJWpQX45Y5Hc/zX2dgFjDacLKL FCRQ0dD71LclNDxcvuhd -----END CERTIFICATE-----Generated at Sat Jan 10 04:35:53 2026 by rpki-client