This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/h1mmEmquZ99o6cDHP1Sk61I_DC0.roa File: h1mmEmquZ99o6cDHP1Sk61I_DC0.roa (raw, json) Hash identifier: zGPSsDsxw4pForFMNU0mmMEvIvjun+XXzgIsgxxZKWw= Subject key identifier: 87:59:A6:12:6A:AE:67:DF:68:E9:C0:C7:3F:54:A4:EB:52:3F:0C:2D Certificate issuer: /CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c Certificate serial: 019B7B35E924CE65EDB3035D2A5CC6C7AF42 Authority key identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/h1mmEmquZ99o6cDHP1Sk61I_DC0.roa Signing time: Thu 01 Jan 2026 20:18:09 +0000 ROA not before: Thu 01 Jan 2026 20:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 37.221.72.0/22 maxlen: 24 37.221.72.0/24 maxlen: 24 2a09:ea00::/40 maxlen: 56 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.mft rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:e9:24:ce:65:ed:b3:03:5d:2a:5c:c6:c7:af:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c Validity Not Before: Jan 1 20:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8759a6126aae67df68e9c0c73f54a4eb523f0c2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:68:42:e5:da:73:18:4c:0c:ef:ab:34:3d:7e: 7a:51:6a:9b:39:74:54:08:04:c2:47:3f:9e:b3:ca: a0:a3:0c:74:46:ae:68:32:1a:d8:eb:d6:1a:75:f4: 0b:4f:b6:80:cd:d5:2a:e1:56:d7:f9:90:18:1b:b7: 23:84:68:da:e6:d1:d4:16:7e:a3:11:64:09:fb:2f: 3e:cf:cd:8f:95:a3:c5:72:49:e9:85:f8:5d:d4:ce: c7:90:b4:95:b3:b1:39:27:e1:fc:de:46:55:72:ee: c5:1d:aa:80:d6:7c:4b:61:ac:03:56:4b:56:c9:aa: 79:29:98:cc:c6:d8:5f:75:aa:ed:ce:a2:69:17:7e: 78:93:35:cc:a6:fc:6d:3a:a3:c0:ba:fb:19:eb:e9: ec:47:b8:9c:b8:d1:87:7a:1a:aa:c5:a6:95:88:08: 09:9f:18:9d:32:5c:02:62:d0:8e:37:51:6a:e3:4a: fc:01:c0:1c:27:3e:6a:2e:90:17:80:bc:e3:91:35: 47:aa:51:53:88:e4:24:4a:24:e5:ea:77:13:47:cf: f4:f7:94:75:b4:61:af:65:77:12:6a:fe:27:d5:f2: a2:ff:5a:ab:48:fc:40:41:f4:c6:6d:55:e1:31:e7: b3:55:59:b8:b4:92:61:45:77:f9:f3:70:fb:d1:91: ef:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:59:A6:12:6A:AE:67:DF:68:E9:C0:C7:3F:54:A4:EB:52:3F:0C:2D X509v3 Authority Key Identifier: keyid:4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/h1mmEmquZ99o6cDHP1Sk61I_DC0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.221.72.0/22 IPv6: 2a09:ea00::/40 Signature Algorithm: sha256WithRSAEncryption 1f:6b:95:2f:37:18:47:5e:40:8e:a8:30:c3:93:dc:a6:5b:b9: 3c:11:db:56:da:7f:87:f7:83:c3:5a:86:16:2f:53:50:f1:2d: c9:9b:f6:07:58:23:40:18:c4:dc:a8:f5:a8:06:16:bd:85:1d: 8f:af:08:90:13:d8:5e:9b:26:04:79:5c:bd:86:ed:ab:4e:5f: 63:73:f2:44:7d:22:d2:f7:63:e6:c5:4c:a3:f6:a7:03:88:07: 63:f5:20:d6:d5:09:a0:d3:52:a0:4e:f5:10:9e:70:38:5e:81: dd:fa:10:ec:31:9d:fc:5a:46:4e:de:19:18:19:48:5e:63:17: 0c:5e:83:88:13:2d:99:36:c2:de:13:3b:0b:8b:6c:58:ef:42: 17:f5:0f:62:ab:37:a6:38:aa:08:f5:d5:bc:3b:fc:03:f8:b4: 51:d7:b8:b1:34:6f:2c:54:25:55:fc:99:3f:02:84:ee:dc:c6: 73:63:bc:e3:e8:f2:4d:ab:57:af:84:3e:ea:17:2c:07:75:9a: 9c:c5:d3:c0:97:f3:9f:30:0f:71:b0:0c:5e:df:5e:3f:6b:d9: 7c:61:08:b7:71:3f:ce:cf:94:8e:6e:92:2a:42:39:40:60:98: d7:51:0a:f3:f3:a6:db:f1:b4:ac:12:5e:f9:f4:84:40:f6:81: 62:3c:01:e1 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt7NekkzmXtswNdKlzGx69CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmN2Q4ODUzOTNiMzJiNWVlZTNhMGJmNDMzOGUwZmFhZWYz Yzc1M2MwHhcNMjYwMTAxMjAxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NzU5YTYxMjZhYWU2N2RmNjhlOWMwYzczZjU0YTRlYjUyM2YwYzJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGhC5dpzGEwM76s0PX56UWqbOXRU CATCRz+es8qgowx0Rq5oMhrY69YadfQLT7aAzdUq4VbX+ZAYG7cjhGja5tHUFn6j EWQJ+y8+z82PlaPFcknphfhd1M7HkLSVs7E5J+H83kZVcu7FHaqA1nxLYawDVktW yap5KZjMxthfdartzqJpF354kzXMpvxtOqPAuvsZ6+nsR7icuNGHehqqxaaViAgJ nxidMlwCYtCON1Fq40r8AcAcJz5qLpAXgLzjkTVHqlFTiOQkSiTl6ncTR8/095R1 tGGvZXcSav4n1fKi/1qrSPxAQfTGbVXhMeezVVm4tJJhRXf583D70ZHv+wIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFIdZphJqrmffaOnAxz9UpOtSPwwtMB8GA1UdIwQY MBaAFE99iFOTsyte7joL9DOOD6rvPHU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEt YjE4ZGFjMmQyNTliLzEvaDFtbUVtcXVaOTlvNmNESFAxU2s2MUlfREMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEtYjE4ZGFjMmQyNTli LzEvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCJd1IMA4E AgACMAgDBgAqCeoAADANBgkqhkiG9w0BAQsFAAOCAQEAH2uVLzcYR15Ajqgww5Pc plu5PBHbVtp/h/eDw1qGFi9TUPEtyZv2B1gjQBjE3Kj1qAYWvYUdj68IkBPYXpsm BHlcvYbtq05fY3PyRH0i0vdj5sVMo/anA4gHY/Ug1tUJoNNSoE71EJ5wOF6B3foQ 7DGd/FpGTt4ZGBlIXmMXDF6DiBMtmTbC3hM7C4tsWO9CF/UPYqs3pjiqCPXVvDv8 A/i0Ude4sTRvLFQlVfyZPwKE7tzGc2O84+jyTatXr4Q+6hcsB3WanMXTwJfznzAP cbAMXt9eP2vZfGEIt3E/zs+Ujm6SKkI5QGCY11EK8/Om2/G0rBJe+fSEQPaBYjwB 4Q== -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:21 2026 by rpki-client