This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/H5WGDRV0Cja1HIG_Gz5Hy5IDN2I.roa File: H5WGDRV0Cja1HIG_Gz5Hy5IDN2I.roa (raw, json) Hash identifier: xT+WKT5cnc3Ep9zj5B/hCN7Fut8wkjVPD70bqm1rWyw= Subject key identifier: 1F:95:86:0D:15:74:0A:36:B5:1C:81:BF:1B:3E:47:CB:92:03:37:62 Certificate issuer: /CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8 Certificate serial: 019B7BA511DB6CC352258A2F94489ACDB175 Authority key identifier: 66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/H5WGDRV0Cja1HIG_Gz5Hy5IDN2I.roa Signing time: Thu 01 Jan 2026 22:19:34 +0000 ROA not before: Thu 01 Jan 2026 22:19:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41354 IP address blocks: 185.208.88.0/22 maxlen: 24 2a0b:32c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.mft rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:11:db:6c:c3:52:25:8a:2f:94:48:9a:cd:b1:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8 Validity Not Before: Jan 1 22:19:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f95860d15740a36b51c81bf1b3e47cb92033762 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:c1:56:a1:19:ef:cf:9a:3a:2f:4f:b9:4e:99: 09:ad:f0:39:7c:d5:96:cd:2b:f9:fd:fb:5f:36:b0: b3:b2:af:88:97:80:e0:3d:25:e2:fa:8b:86:ad:96: bf:06:48:98:6d:38:45:f7:41:66:9e:18:24:77:fd: 35:35:9b:96:f1:ec:39:15:b3:cb:d9:1c:f2:a7:a1: 82:28:e5:2d:e5:19:51:66:af:a5:5a:19:bd:ad:51: 1d:ca:d0:44:0d:e6:4c:fe:d3:70:ca:df:12:73:d2: 19:f1:c7:b2:56:0c:be:b2:86:a7:68:30:10:92:c6: d1:0d:f6:98:f6:36:42:15:2b:dc:26:bb:1d:e5:7b: 93:53:96:f0:bf:1a:30:ef:46:92:f4:76:47:ef:4d: d8:a0:98:53:fe:b7:78:9a:56:1a:4e:58:85:e6:49: 1c:bd:b9:65:85:f3:c9:e2:d4:4b:0c:6e:02:3c:21: 18:50:b0:38:9a:81:ae:b3:04:e5:38:59:f0:a2:46: 75:08:f8:02:13:15:9f:af:ff:00:75:75:df:a3:3b: 55:5a:53:c7:48:8e:a1:d5:b5:c7:ef:4c:7a:be:ba: 7f:24:75:bf:a0:b7:fc:28:75:ff:37:83:f1:cc:2f: 3a:b9:02:dd:48:37:fd:be:1e:a6:c2:db:fd:91:ab: 4a:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:95:86:0D:15:74:0A:36:B5:1C:81:BF:1B:3E:47:CB:92:03:37:62 X509v3 Authority Key Identifier: keyid:66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/H5WGDRV0Cja1HIG_Gz5Hy5IDN2I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.208.88.0/22 IPv6: 2a0b:32c0::/29 Signature Algorithm: sha256WithRSAEncryption 50:3d:e2:f1:4d:7f:25:fc:92:e2:83:00:bf:7a:b2:68:58:f5: 4f:e0:ff:fb:a4:81:36:c5:cc:74:bf:c4:24:63:66:38:e0:01: 71:ac:ad:cd:2e:86:e4:48:91:b8:46:bf:cc:ca:ff:20:e1:3c: 66:6f:58:75:fa:9f:34:5e:02:55:3d:ed:e9:e2:28:72:95:3b: 4f:17:aa:36:d4:01:6a:5d:86:5f:f8:68:b1:62:56:30:df:ad: 15:61:59:29:03:92:08:b4:8b:c8:c2:ea:8a:1b:a5:63:76:c5: b6:a8:fa:f0:07:32:23:31:2a:a4:a8:21:81:8d:42:47:b3:27: a5:85:d0:65:89:60:2c:18:7b:2a:64:f6:92:b8:b6:5b:2e:7e: 4a:48:60:11:3f:07:2a:7b:b1:73:96:ca:54:18:bf:5f:0b:dc: ad:43:9a:65:37:ba:46:9e:78:b9:9c:09:38:6f:5c:93:c0:64: c8:14:57:80:c7:17:98:d3:31:a5:4d:51:fc:e7:07:02:a2:12: 08:17:4b:01:a8:88:26:1b:a8:ab:1d:8f:89:26:ad:11:65:6a: 84:9c:c5:e9:b4:15:c2:1b:a6:d2:0f:84:b8:6a:81:02:7a:e8: 87:3b:f4:98:17:55:a9:b4:fa:24:6c:c4:b5:68:33:23:85:a0: cb:47:b6:7a -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7pRHbbMNSJYovlEiazbF1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2NjM0ZjE0NTg2ZTM5OWNkMzgwMmQ5Yzg4YjFlNjdkOGRk YjAzYTgwHhcNMjYwMTAxMjIxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjk1ODYwZDE1NzQwYTM2YjUxYzgxYmYxYjNlNDdjYjkyMDMzNzYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMFWoRnvz5o6L0+5TpkJrfA5fNWW zSv5/ftfNrCzsq+Il4DgPSXi+ouGrZa/BkiYbThF90Fmnhgkd/01NZuW8ew5FbPL 2Rzyp6GCKOUt5RlRZq+lWhm9rVEdytBEDeZM/tNwyt8Sc9IZ8ceyVgy+soanaDAQ ksbRDfaY9jZCFSvcJrsd5XuTU5bwvxow70aS9HZH703YoJhT/rd4mlYaTliF5kkc vbllhfPJ4tRLDG4CPCEYULA4moGuswTlOFnwokZ1CPgCExWfr/8AdXXfoztVWlPH SI6h1bXH70x6vrp/JHW/oLf8KHX/N4PxzC86uQLdSDf9vh6mwtv9katKQQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFB+Vhg0VdAo2tRyBvxs+R8uSAzdiMB8GA1UdIwQY MBaAFGZjTxRYbjmc04AtnIix5n2N2wOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDct MTcxZGI0NjkwYzBhLzEvSDVXR0RSVjBDamExSElHX0d6NUh5NUlETjJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDctMTcxZGI0NjkwYzBh LzEvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudBYMA0E AgACMAcDBQMqCzLAMA0GCSqGSIb3DQEBCwUAA4IBAQBQPeLxTX8l/JLigwC/erJo WPVP4P/7pIE2xcx0v8QkY2Y44AFxrK3NLobkSJG4Rr/Myv8g4Txmb1h1+p80XgJV Pe3p4ihylTtPF6o21AFqXYZf+GixYlYw360VYVkpA5IItIvIwuqKG6VjdsW2qPrw BzIjMSqkqCGBjUJHsyelhdBliWAsGHsqZPaSuLZbLn5KSGARPwcqe7FzlspUGL9f C9ytQ5plN7pGnni5nAk4b1yTwGTIFFeAxxeY0zGlTVH85wcCohIIF0sBqIgmG6ir HY+JJq0RZWqEnMXptBXCG6bSD4S4aoECeuiHO/SYF1WptPokbMS1aDMjhaDLR7Z6 -----END CERTIFICATE-----Generated at Mon Jan 26 06:03:05 2026 by rpki-client