This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/2a1fef-221d-4055-8c58-5de32b66db0a/1/8ZMhpHWpSjesuQ3JK0HQjCVMxBg.roa File: 8ZMhpHWpSjesuQ3JK0HQjCVMxBg.roa (raw, json) Hash identifier: M4Nr0Wi/SzNVzQvcJX08oqzRs/vvxC+K5A74A/Zcd8o= Subject key identifier: F1:93:21:A4:75:A9:4A:37:AC:B9:0D:C9:2B:41:D0:8C:25:4C:C4:18 Certificate issuer: /CN=1323be6d548145867863b7b2fa464bdf8518a0c9 Certificate serial: 019B7F142D750D5FE9668776AA92BFC30E22 Authority key identifier: 13:23:BE:6D:54:81:45:86:78:63:B7:B2:FA:46:4B:DF:85:18:A0:C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EyO-bVSBRYZ4Y7ey-kZL34UYoMk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/2a1fef-221d-4055-8c58-5de32b66db0a/1/8ZMhpHWpSjesuQ3JK0HQjCVMxBg.roa Signing time: Fri 02 Jan 2026 14:19:47 +0000 ROA not before: Fri 02 Jan 2026 14:19:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3242 IP address blocks: 5.134.120.0/21 maxlen: 21 185.56.168.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/2a1fef-221d-4055-8c58-5de32b66db0a/1/EyO-bVSBRYZ4Y7ey-kZL34UYoMk.crl rsync://rpki.ripe.net/repository/DEFAULT/45/2a1fef-221d-4055-8c58-5de32b66db0a/1/EyO-bVSBRYZ4Y7ey-kZL34UYoMk.mft rsync://rpki.ripe.net/repository/DEFAULT/EyO-bVSBRYZ4Y7ey-kZL34UYoMk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:2d:75:0d:5f:e9:66:87:76:aa:92:bf:c3:0e:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1323be6d548145867863b7b2fa464bdf8518a0c9 Validity Not Before: Jan 2 14:19:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f19321a475a94a37acb90dc92b41d08c254cc418 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ca:39:4e:62:7f:f7:6b:a0:d4:62:4d:43:b3: 47:0a:63:9b:9b:47:11:b9:08:f7:ca:79:95:0a:21: 6a:05:11:09:50:cc:85:81:60:6c:12:aa:86:1b:67: 58:2a:9a:8c:05:6a:56:38:55:5f:94:54:2c:b4:4e: 9a:83:d3:2e:fd:77:90:ab:b6:ce:b0:a5:de:3f:b4: 51:42:1a:7a:01:54:32:ee:da:52:bc:ce:66:bc:1b: b6:cb:b7:3b:d0:f2:90:c5:fd:76:db:11:b1:15:d4: ce:02:4a:d0:d4:f8:db:c5:64:ea:37:49:25:05:e9: e6:a5:5f:f0:96:51:b2:b1:71:e5:3d:15:80:de:48: 9c:e8:82:e7:96:d3:a1:48:a7:12:de:90:63:74:9b: 51:f6:7e:c9:86:6e:5f:7c:5f:06:df:f7:2e:5f:35: 2f:af:34:ac:3f:fd:81:70:3c:b0:49:29:50:b7:99: d4:ad:08:bb:50:22:93:32:13:f1:83:9e:0d:da:92: 78:f9:f4:cf:05:7f:c4:88:5c:ce:1f:fa:0e:bc:a8: 1c:7a:84:0d:68:2b:4c:77:d0:93:63:86:bc:04:4c: 51:27:72:92:6c:68:c1:dc:85:63:d6:bd:27:d0:2a: b8:23:db:46:ec:e2:6e:55:4e:2d:e2:e5:b2:24:31: e9:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:93:21:A4:75:A9:4A:37:AC:B9:0D:C9:2B:41:D0:8C:25:4C:C4:18 X509v3 Authority Key Identifier: keyid:13:23:BE:6D:54:81:45:86:78:63:B7:B2:FA:46:4B:DF:85:18:A0:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EyO-bVSBRYZ4Y7ey-kZL34UYoMk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/2a1fef-221d-4055-8c58-5de32b66db0a/1/8ZMhpHWpSjesuQ3JK0HQjCVMxBg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/2a1fef-221d-4055-8c58-5de32b66db0a/1/EyO-bVSBRYZ4Y7ey-kZL34UYoMk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.134.120.0/21 185.56.168.0/22 Signature Algorithm: sha256WithRSAEncryption ac:ad:a5:af:c4:e5:8e:84:c8:e0:32:8f:dd:eb:40:11:60:d3: 34:0d:9e:98:f9:40:29:e3:35:ae:48:4c:2c:cd:71:bf:57:5c: 01:52:36:1a:74:89:2e:99:90:df:67:1b:4b:0f:a8:68:91:2a: dd:e8:54:92:a6:7a:02:fa:26:c7:35:94:38:98:dc:da:c9:f6: d8:b4:a0:29:e2:ec:21:5b:9e:e3:98:c7:0c:7e:75:3b:61:81: 70:48:26:b9:c1:bc:05:c2:9b:05:2a:6b:87:d8:52:d0:25:75: a4:32:0e:5d:c7:8d:ac:0b:4b:7b:ef:91:b3:ee:49:fe:b3:8a: 95:be:c1:6a:c6:3c:27:df:84:0d:cb:93:76:d0:a1:8d:84:1d: 90:59:bf:2b:86:6b:85:96:b7:d4:c1:46:a0:b6:79:8b:e6:57: f9:d7:1b:20:79:ce:91:d4:b8:aa:49:cc:5a:4c:ef:f4:37:93: 06:76:23:ac:3e:83:de:a0:d7:02:27:c2:ca:72:05:fc:97:11: 0c:1f:6e:62:89:c2:f4:ae:f4:51:a5:e4:16:09:7e:bd:f8:be: d1:83:16:21:e6:01:f1:6d:8b:1b:2c:3f:c4:90:a5:b8:24:02: 38:53:c3:82:61:66:70:8f:6b:71:39:ef:29:35:90:2a:ab:55: 43:93:3d:bd -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/FC11DV/pZod2qpK/ww4iMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEzMjNiZTZkNTQ4MTQ1ODY3ODYzYjdiMmZhNDY0YmRmODUx OGEwYzkwHhcNMjYwMTAyMTQxOTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMTkzMjFhNDc1YTk0YTM3YWNiOTBkYzkyYjQxZDA4YzI1NGNjNDE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvso5TmJ/92ug1GJNQ7NHCmObm0cR uQj3ynmVCiFqBREJUMyFgWBsEqqGG2dYKpqMBWpWOFVflFQstE6ag9Mu/XeQq7bO sKXeP7RRQhp6AVQy7tpSvM5mvBu2y7c70PKQxf122xGxFdTOAkrQ1PjbxWTqN0kl BenmpV/wllGysXHlPRWA3kic6ILnltOhSKcS3pBjdJtR9n7Jhm5ffF8G3/cuXzUv rzSsP/2BcDywSSlQt5nUrQi7UCKTMhPxg54N2pJ4+fTPBX/EiFzOH/oOvKgceoQN aCtMd9CTY4a8BExRJ3KSbGjB3IVj1r0n0Cq4I9tG7OJuVU4t4uWyJDHpSQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFPGTIaR1qUo3rLkNyStB0IwlTMQYMB8GA1UdIwQY MBaAFBMjvm1UgUWGeGO3svpGS9+FGKDJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRXlPLWJWU0JSWVo0WTdleS1rWkwzNFVZb01rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8yYTFmZWYtMjIxZC00MDU1LThjNTgt NWRlMzJiNjZkYjBhLzEvOFpNaHBIV3BTamVzdVEzSkswSFFqQ1ZNeEJnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS8yYTFmZWYtMjIxZC00MDU1LThjNTgtNWRlMzJiNjZkYjBh LzEvRXlPLWJWU0JSWVo0WTdleS1rWkwzNFVZb01rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBYZ4AwQC uTioMA0GCSqGSIb3DQEBCwUAA4IBAQCsraWvxOWOhMjgMo/d60ARYNM0DZ6Y+UAp 4zWuSEwszXG/V1wBUjYadIkumZDfZxtLD6hokSrd6FSSpnoC+ibHNZQ4mNzayfbY tKAp4uwhW57jmMcMfnU7YYFwSCa5wbwFwpsFKmuH2FLQJXWkMg5dx42sC0t775Gz 7kn+s4qVvsFqxjwn34QNy5N20KGNhB2QWb8rhmuFlrfUwUagtnmL5lf51xsgec6R 1LiqScxaTO/0N5MGdiOsPoPeoNcCJ8LKcgX8lxEMH25iicL0rvRRpeQWCX69+L7R gxYh5gHxbYsbLD/EkKW4JAI4U8OCYWZwj2txOe8pNZAqq1VDkz29 -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:15 2026 by rpki-client