This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/h0j6l-lUGZVgY3Rv492VG41-ZFk.roa File: h0j6l-lUGZVgY3Rv492VG41-ZFk.roa (raw, json) Hash identifier: 56BNuK3eWjFak2cfTvaneba9WrsnEtF+kdyzpa4U6Qs= Subject key identifier: 87:48:FA:97:E9:54:19:95:60:63:74:6F:E3:DD:95:1B:8D:7E:64:59 Certificate issuer: /CN=5df5ed040efe2e581754deb5c3cd82d99dfee8d9 Certificate serial: 019B7E392B33D1A77FFA3E00A3BC8212A94C Authority key identifier: 5D:F5:ED:04:0E:FE:2E:58:17:54:DE:B5:C3:CD:82:D9:9D:FE:E8:D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/h0j6l-lUGZVgY3Rv492VG41-ZFk.roa Signing time: Fri 02 Jan 2026 10:20:34 +0000 ROA not before: Fri 02 Jan 2026 10:20:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56911 IP address blocks: 176.58.80.0/21 maxlen: 21 185.49.248.0/22 maxlen: 24 185.146.64.0/24 maxlen: 24 185.169.236.0/23 maxlen: 24 185.169.236.0/24 maxlen: 24 185.169.237.0/24 maxlen: 24 185.169.238.0/23 maxlen: 24 195.234.92.0/24 maxlen: 24 2a01:a620::/32 maxlen: 48 2a0a:7300::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.crl rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.mft rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:2b:33:d1:a7:7f:fa:3e:00:a3:bc:82:12:a9:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5df5ed040efe2e581754deb5c3cd82d99dfee8d9 Validity Not Before: Jan 2 10:20:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8748fa97e95419956063746fe3dd951b8d7e6459 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:f1:c7:06:0e:4e:a3:1c:ba:f4:5c:06:af:d0: e2:a0:ee:ae:48:2f:4e:b4:73:7f:05:8d:5d:71:a6: 69:58:e1:3f:72:0f:b9:0d:c5:b3:93:7c:7e:5d:08: b4:56:31:67:5f:31:01:e5:09:35:57:12:e7:6d:7d: 47:cd:3b:a1:2c:ab:3e:e0:2c:92:a8:1b:d9:88:31: 5f:a7:97:78:6a:c4:c0:a4:54:f7:d0:25:ce:c7:41: 3a:d9:9a:48:c0:fa:93:58:d6:3e:12:61:f4:f1:f3: 9e:67:19:53:c4:3d:bb:c1:9f:ff:5c:b7:9a:28:b8: f3:83:22:22:3a:db:cf:f4:90:e7:20:32:06:c0:f7: d1:e1:63:08:80:a6:c0:53:b9:be:c3:83:f6:63:bf: e0:b3:2a:ea:d9:c0:aa:17:ac:fa:03:e1:1f:5a:83: b2:da:cb:36:b9:56:b3:ea:ef:df:c6:dd:78:4a:13: b7:46:ae:bf:6e:8b:50:4c:39:2f:61:92:34:a2:00: b7:98:ef:14:8e:56:cc:9d:83:7c:ed:87:12:9e:0a: f2:64:ea:3c:89:d5:76:42:54:73:bb:a6:2e:53:e9: cf:63:e1:3d:f7:02:d2:e0:5d:3c:a3:2f:a2:5d:98: 06:20:fd:c2:66:34:26:1f:d9:81:06:bc:c5:aa:77: 49:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:48:FA:97:E9:54:19:95:60:63:74:6F:E3:DD:95:1B:8D:7E:64:59 X509v3 Authority Key Identifier: keyid:5D:F5:ED:04:0E:FE:2E:58:17:54:DE:B5:C3:CD:82:D9:9D:FE:E8:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/h0j6l-lUGZVgY3Rv492VG41-ZFk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.58.80.0/21 185.49.248.0/22 185.146.64.0/24 185.169.236.0/22 195.234.92.0/24 IPv6: 2a01:a620::/32 2a0a:7300::/32 Signature Algorithm: sha256WithRSAEncryption a7:44:4d:45:33:2d:d4:98:87:37:e6:78:98:3c:76:9f:a9:7f: d1:28:16:a1:92:f7:cb:dd:56:9a:7c:54:cf:6c:66:b3:38:04: c9:87:ff:91:5c:0d:69:e0:f0:f3:f7:84:74:14:57:2e:5c:e3: ae:11:df:09:5d:ba:b0:c6:9c:51:a0:3f:6a:84:84:08:89:51: 41:6d:01:43:62:d4:42:d9:f1:6c:e4:41:0b:55:23:a3:23:e1: 33:2d:bf:b6:b6:be:78:00:e8:a0:75:93:c2:74:fb:28:8e:42: 92:b9:a1:8c:81:39:66:65:b7:f1:cc:6b:12:3c:ab:ff:19:d0: 07:aa:4a:8c:61:76:d8:da:14:60:a8:b6:6d:87:5f:cc:ac:a6: 08:0c:82:03:8e:fc:4f:da:26:97:bd:40:60:73:21:2d:f2:f7: 3c:18:d7:b7:e0:f8:09:c9:0f:57:8e:55:40:c2:ce:e3:2c:2f: c8:f8:5f:d0:2a:e1:9c:3d:74:91:c9:73:23:0f:ff:2f:c1:e7: 44:63:b3:af:e3:84:e8:cb:20:4d:0f:3a:53:0e:54:ca:68:9a: 81:12:f0:62:82:46:24:9b:9a:09:05:ee:22:00:0d:42:b4:7c: a7:47:d3:72:58:74:60:8c:33:68:59:69:d7:4d:58:76:a5:19: f9:4e:9f:42 -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgISAZt+OSsz0ad/+j4Ao7yCEqlMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkZjVlZDA0MGVmZTJlNTgxNzU0ZGViNWMzY2Q4MmQ5OWRm ZWU4ZDkwHhcNMjYwMTAyMTAyMDM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NzQ4ZmE5N2U5NTQxOTk1NjA2Mzc0NmZlM2RkOTUxYjhkN2U2NDU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfHHBg5Ooxy69FwGr9DioO6uSC9O tHN/BY1dcaZpWOE/cg+5DcWzk3x+XQi0VjFnXzEB5Qk1VxLnbX1HzTuhLKs+4CyS qBvZiDFfp5d4asTApFT30CXOx0E62ZpIwPqTWNY+EmH08fOeZxlTxD27wZ//XLea KLjzgyIiOtvP9JDnIDIGwPfR4WMIgKbAU7m+w4P2Y7/gsyrq2cCqF6z6A+EfWoOy 2ss2uVaz6u/fxt14ShO3Rq6/botQTDkvYZI0ogC3mO8UjlbMnYN87YcSngryZOo8 idV2QlRzu6YuU+nPY+E99wLS4F08oy+iXZgGIP3CZjQmH9mBBrzFqndJ6QIDAQAB o4ICNzCCAjMwHQYDVR0OBBYEFIdI+pfpVBmVYGN0b+PdlRuNfmRZMB8GA1UdIwQY MBaAFF317QQO/i5YF1TetcPNgtmd/ujZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGZYdEJBNy1MbGdYVk42MXc4MkMyWjMtNk5rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iM2Q3NmYtNmVmOS00YzRhLTgxMmMt YmVmZTRiMzRjNmYwLzEvaDBqNmwtbFVHWlZnWTNSdjQ5MlZHNDEtWkZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni9iM2Q3NmYtNmVmOS00YzRhLTgxMmMtYmVmZTRiMzRjNmYw LzEvWGZYdEJBNy1MbGdYVk42MXc4MkMyWjMtNk5rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDsDpQAwQC uTH4AwQAuZJAAwQCuansAwQAw+pcMBQEAgACMA4DBQAqAaYgAwUAKgpzADANBgkq hkiG9w0BAQsFAAOCAQEAp0RNRTMt1JiHN+Z4mDx2n6l/0SgWoZL3y91WmnxUz2xm szgEyYf/kVwNaeDw8/eEdBRXLlzjrhHfCV26sMacUaA/aoSECIlRQW0BQ2LUQtnx bORBC1UjoyPhMy2/tra+eADooHWTwnT7KI5CkrmhjIE5ZmW38cxrEjyr/xnQB6pK jGF22NoUYKi2bYdfzKymCAyCA478T9oml71AYHMhLfL3PBjXt+D4CckPV45VQMLO 4ywvyPhf0CrhnD10kclzIw//L8HnRGOzr+OE6MsgTQ86Uw5UymiagRLwYoJGJJua CQXuIgANQrR8p0fTclh0YIwzaFlp101YdqUZ+U6fQg== -----END CERTIFICATE-----Generated at Mon Jan 26 10:49:21 2026 by rpki-client