This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/bhiGtzF7RuIEDHlSsVtceIRxH38.roa File: bhiGtzF7RuIEDHlSsVtceIRxH38.roa (raw, json) Hash identifier: akX2koLtc0Hj8AOQToNc3k0ORycX0LTS6PyoFdzhc4U= Subject key identifier: 6E:18:86:B7:31:7B:46:E2:04:0C:79:52:B1:5B:5C:78:84:71:1F:7F Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec Certificate serial: 019B7A5AB1E81B5FA14B64D90E270B8E4153 Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/bhiGtzF7RuIEDHlSsVtceIRxH38.roa Signing time: Thu 01 Jan 2026 16:18:42 +0000 ROA not before: Thu 01 Jan 2026 16:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57433 IP address blocks: 37.114.32.0/19 maxlen: 32 37.114.32.0/24 maxlen: 24 37.114.37.0/24 maxlen: 24 37.114.44.0/24 maxlen: 24 37.114.46.0/24 maxlen: 24 37.114.50.0/24 maxlen: 24 37.114.54.0/24 maxlen: 24 43.251.160.0/22 maxlen: 32 43.251.160.0/24 maxlen: 24 43.251.161.0/24 maxlen: 24 43.251.162.0/24 maxlen: 24 43.251.163.0/24 maxlen: 24 94.154.48.0/21 maxlen: 32 94.154.48.0/24 maxlen: 24 94.154.49.0/24 maxlen: 24 94.154.50.0/24 maxlen: 24 94.154.51.0/24 maxlen: 24 94.154.52.0/24 maxlen: 24 94.154.53.0/24 maxlen: 24 94.154.54.0/24 maxlen: 24 94.154.55.0/24 maxlen: 24 103.252.88.0/22 maxlen: 32 176.100.32.0/21 maxlen: 32 176.100.32.0/24 maxlen: 24 176.100.38.0/24 maxlen: 24 176.100.39.0/24 maxlen: 24 185.14.92.0/22 maxlen: 32 185.14.92.0/24 maxlen: 24 185.14.93.0/24 maxlen: 24 2a00:ccc0::/29 maxlen: 128 2a00:ccc0::/32 maxlen: 32 2a00:ccc0::/48 maxlen: 48 2a00:ccc1::/32 maxlen: 48 2a00:ccc1::/48 maxlen: 48 2a00:ccc1:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 19:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:b1:e8:1b:5f:a1:4b:64:d9:0e:27:0b:8e:41:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec Validity Not Before: Jan 1 16:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6e1886b7317b46e2040c7952b15b5c7884711f7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:0a:b3:87:fd:16:b9:43:e5:a6:0f:dc:df:be: 12:f8:ea:0a:46:0b:cd:fd:ec:3c:d0:54:84:b2:ee: dd:e0:94:2b:be:2a:57:e8:04:18:e7:c6:c9:f6:1c: b1:67:c6:8a:eb:b9:7e:59:e0:92:f0:4c:7a:0e:16: 86:4e:02:af:81:46:ec:f3:96:10:ad:5d:ab:0b:76: 6a:0d:a7:40:c1:74:58:98:ab:30:e2:de:c8:ff:b1: 81:76:eb:5c:8a:c2:06:0c:99:3e:dd:98:85:e4:cd: ff:22:d0:09:b7:54:94:61:ae:a8:e0:d3:56:01:84: a9:b4:75:b4:ae:64:2c:d8:5f:94:53:e8:e3:24:65: 67:76:18:45:a5:93:2f:15:67:45:a1:4a:9a:85:52: bb:3c:8a:63:4f:5f:2d:93:97:18:bd:8f:b3:26:46: f8:4c:92:c4:7c:73:0d:de:05:16:5f:c6:29:d5:ad: 40:d3:58:ec:f2:6a:b9:86:bb:cd:0d:b2:5c:d0:3f: 5a:cb:a5:d4:d8:a6:9f:ae:be:84:00:e6:e2:83:26: f4:57:5e:c8:69:8f:76:70:71:a8:a4:bc:e7:ee:14: d6:f1:6a:1a:5f:ff:68:90:34:f3:f3:fa:ff:f5:09: 9c:7a:0a:6a:fc:80:fe:d7:0a:b8:83:2b:49:96:46: 98:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:18:86:B7:31:7B:46:E2:04:0C:79:52:B1:5B:5C:78:84:71:1F:7F X509v3 Authority Key Identifier: keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/bhiGtzF7RuIEDHlSsVtceIRxH38.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.114.32.0/19 43.251.160.0/22 94.154.48.0/21 103.252.88.0/22 176.100.32.0/21 185.14.92.0/22 IPv6: 2a00:ccc0::/29 Signature Algorithm: sha256WithRSAEncryption 90:48:6d:6d:a1:c3:b2:f2:f3:b4:fe:1b:7f:d1:34:07:e9:36: 8e:08:31:65:89:96:24:60:68:2f:2a:52:3a:db:f8:47:ac:27: 87:bd:f2:e4:0a:8c:86:3c:1a:8c:25:ea:0b:83:ee:eb:83:87: 73:0e:f1:0a:98:3e:d5:93:da:07:e6:ce:18:c4:65:87:f2:db: 02:18:07:87:26:b1:fc:ed:6e:23:2e:97:f0:25:8f:23:77:07: a9:2e:2b:46:17:5f:71:f0:52:15:57:fb:8f:a1:64:0f:a6:d2: 02:fc:cb:4e:bd:d6:9e:3e:e5:e9:d9:32:60:b4:a8:3b:5e:90: ee:1c:b6:a4:b5:36:c9:e3:b1:9f:bc:2d:85:61:c3:62:68:a1: 5b:b2:5f:dd:5d:af:81:45:27:1f:83:a7:ae:0a:1f:ba:39:0d: f2:c5:3f:bf:a9:db:55:0d:1c:43:d4:9c:67:57:1e:e6:e8:a7: 2a:58:4e:4f:78:17:e8:cf:2a:16:74:92:27:c3:98:57:af:92: 15:06:77:c2:20:04:a7:db:81:da:b3:8c:b4:26:39:40:2d:f4: 3e:b0:d0:db:e3:9e:a9:81:ed:d4:fe:bc:c3:26:84:44:3e:4c: dc:13:a7:b2:56:b2:ab:20:3c:d8:45:82:6f:e7:26:4f:66:7e: 8f:6d:e8:49 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt6WrHoG1+hS2TZDicLjkFTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj YmU3ZWMwHhcNMjYwMTAxMTYxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZTE4ODZiNzMxN2I0NmUyMDQwYzc5NTJiMTViNWM3ODg0NzExZjdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Qqzh/0WuUPlpg/c374S+OoKRgvN /ew80FSEsu7d4JQrvipX6AQY58bJ9hyxZ8aK67l+WeCS8Ex6DhaGTgKvgUbs85YQ rV2rC3ZqDadAwXRYmKsw4t7I/7GBdutcisIGDJk+3ZiF5M3/ItAJt1SUYa6o4NNW AYSptHW0rmQs2F+UU+jjJGVndhhFpZMvFWdFoUqahVK7PIpjT18tk5cYvY+zJkb4 TJLEfHMN3gUWX8Yp1a1A01js8mq5hrvNDbJc0D9ay6XU2Kafrr6EAObigyb0V17I aY92cHGopLzn7hTW8WoaX/9okDTz8/r/9Qmcegpq/ID+1wq4gytJlkaY3QIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFG4Yhrcxe0biBAx5UrFbXHiEcR9/MB8GA1UdIwQY MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt MWI3Y2JiMDhkNzNmLzEvYmhpR3R6RjdSdUlFREhsU3NWdGNlSVJ4SDM4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFJXIgAwQC K/ugAwQDXpowAwQCZ/xYAwQDsGQgAwQCuQ5cMA0EAgACMAcDBQMqAMzAMA0GCSqG SIb3DQEBCwUAA4IBAQCQSG1tocOy8vO0/ht/0TQH6TaOCDFliZYkYGgvKlI62/hH rCeHvfLkCoyGPBqMJeoLg+7rg4dzDvEKmD7Vk9oH5s4YxGWH8tsCGAeHJrH87W4j LpfwJY8jdwepLitGF19x8FIVV/uPoWQPptIC/MtOvdaePuXp2TJgtKg7XpDuHLak tTbJ47GfvC2FYcNiaKFbsl/dXa+BRScfg6euCh+6OQ3yxT+/qdtVDRxD1JxnVx7m 6KcqWE5PeBfozyoWdJInw5hXr5IVBnfCIASn24Has4y0JjlALfQ+sNDb456pge3U /rzDJoREPkzcE6eyVrKrIDzYRYJv5yZPZn6PbehJ -----END CERTIFICATE-----Generated at Wed Jan 21 06:06:37 2026 by rpki-client