This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/bHMDlMDhjj2-rwmAydZItolyHyg.roa File: bHMDlMDhjj2-rwmAydZItolyHyg.roa (raw, json) Hash identifier: hd6jKewJxwvR2MdHNNeqZZ0ek7WFlO1ms4EfuK+fsmo= Subject key identifier: 6C:73:03:94:C0:E1:8E:3D:BE:AF:09:80:C9:D6:48:B6:89:72:1F:28 Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da Certificate serial: 019B7E37B85353F31DF1E7253A0CC2D643ED Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/bHMDlMDhjj2-rwmAydZItolyHyg.roa Signing time: Fri 02 Jan 2026 10:18:59 +0000 ROA not before: Fri 02 Jan 2026 10:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 46844 IP address blocks: 158.173.232.0/24 maxlen: 24 158.173.233.0/24 maxlen: 24 158.173.236.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 07:52:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:b8:53:53:f3:1d:f1:e7:25:3a:0c:c2:d6:43:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da Validity Not Before: Jan 2 10:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6c730394c0e18e3dbeaf0980c9d648b689721f28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:49:45:23:00:51:35:b7:57:4b:6e:8d:75:0f: a9:71:c4:df:07:61:ad:1b:ed:1a:6b:77:e2:89:80: d1:63:0f:44:8d:d8:b7:92:52:c4:8d:42:c8:f0:7b: 76:17:8f:d0:f2:ed:cf:6f:8a:d4:60:e7:b9:cd:b4: a4:a0:f5:ed:5c:8c:e1:3a:5e:2d:80:85:49:d3:cf: cd:90:87:02:48:06:f2:e3:a8:b8:d0:1c:06:85:bb: 42:4b:d7:ad:93:e3:bd:e5:7e:92:0e:e4:18:22:e4: 1c:61:67:db:41:8c:a3:6b:c8:d3:e3:67:e2:3a:a7: 7d:f8:a7:93:27:27:44:24:7e:2d:93:93:e3:af:55: 1e:df:56:70:fe:dd:17:11:a4:67:02:93:25:fd:2b: 90:af:85:ce:6b:00:89:36:86:f6:77:02:5b:e3:62: 24:2c:16:db:c3:3a:c5:d7:0d:b8:e7:24:17:01:e5: fa:b9:79:da:b3:62:4e:b8:0b:30:dc:1f:81:c7:b8: 52:7b:20:57:43:e2:ed:a8:40:a4:01:88:c0:e7:3b: 20:cd:96:37:93:75:19:31:cb:61:95:e8:12:3f:bc: 64:7f:78:d8:5b:bb:f7:ae:3c:12:4a:75:bb:8d:83: a5:9d:ee:d4:ce:c0:5a:b1:a1:40:fd:35:31:03:e5: 36:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:73:03:94:C0:E1:8E:3D:BE:AF:09:80:C9:D6:48:B6:89:72:1F:28 X509v3 Authority Key Identifier: keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/bHMDlMDhjj2-rwmAydZItolyHyg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.173.232.0/23 158.173.236.0/24 Signature Algorithm: sha256WithRSAEncryption a6:fa:d7:fc:bd:cf:00:53:2b:c2:8a:99:d9:58:5e:65:f9:5a: 0f:aa:52:5b:62:4f:fb:12:14:0f:21:cf:6a:f9:84:77:b4:e0: 55:20:6a:3c:b0:ee:60:17:2d:db:db:1c:7c:09:04:b4:83:b4: c8:28:42:bd:bb:1c:ac:f0:d3:e1:a3:5a:94:02:60:6b:58:9b: 10:58:7e:0c:8e:71:92:c7:ec:73:f6:c6:c3:5f:2c:c0:6d:6a: 6b:09:75:97:71:b0:3d:44:85:f4:20:9d:88:85:8d:ba:3f:ac: b7:b6:8b:1e:ed:1f:d8:0b:d7:f9:84:f6:ba:fe:a6:9e:c4:9a: 5c:2c:fd:bc:de:fc:a2:e7:fc:a9:28:d3:93:7b:0a:fb:40:f6: 6c:c3:e5:0a:46:4f:bf:32:17:e8:33:40:2a:c7:c2:09:6e:98: 33:ae:fc:a4:e5:6b:bb:e4:0a:a9:71:6c:36:b1:36:d4:ac:78: f4:b1:51:f7:c4:32:6a:4c:e3:94:7d:cd:e8:37:d5:11:2e:d4: 9f:5c:35:00:fa:f0:8b:f9:1a:8c:8e:36:69:3c:bb:d3:41:18: 72:a4:a5:28:27:0b:76:59:a5:8b:91:34:8f:8e:e0:35:da:61: 8e:2a:cb:20:c5:f7:5d:7f:0a:28:be:6b:57:c3:09:89:ab:b3: 6a:f5:5d:a1 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+N7hTU/Md8eclOgzC1kPtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5 NTkyZGEwHhcNMjYwMTAyMTAxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YzczMDM5NGMwZTE4ZTNkYmVhZjA5ODBjOWQ2NDhiNjg5NzIxZjI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA90lFIwBRNbdXS26NdQ+pccTfB2Gt G+0aa3fiiYDRYw9Ejdi3klLEjULI8Ht2F4/Q8u3Pb4rUYOe5zbSkoPXtXIzhOl4t gIVJ08/NkIcCSAby46i40BwGhbtCS9etk+O95X6SDuQYIuQcYWfbQYyja8jT42fi Oqd9+KeTJydEJH4tk5Pjr1Ue31Zw/t0XEaRnApMl/SuQr4XOawCJNob2dwJb42Ik LBbbwzrF1w245yQXAeX6uXnas2JOuAsw3B+Bx7hSeyBXQ+LtqECkAYjA5zsgzZY3 k3UZMcthlegSP7xkf3jYW7v3rjwSSnW7jYOlne7UzsBasaFA/TUxA+U2QwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGxzA5TA4Y49vq8JgMnWSLaJch8oMB8GA1UdIwQY MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt ZjVmYjcxYjlhNTFmLzEvYkhNRGxNRGhqajItcndtQXlkWkl0b2x5SHlnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnq3oAwQA nq3sMA0GCSqGSIb3DQEBCwUAA4IBAQCm+tf8vc8AUyvCipnZWF5l+VoPqlJbYk/7 EhQPIc9q+YR3tOBVIGo8sO5gFy3b2xx8CQS0g7TIKEK9uxys8NPho1qUAmBrWJsQ WH4MjnGSx+xz9sbDXyzAbWprCXWXcbA9RIX0IJ2IhY26P6y3tose7R/YC9f5hPa6 /qaexJpcLP283vyi5/ypKNOTewr7QPZsw+UKRk+/MhfoM0Aqx8IJbpgzrvyk5Wu7 5AqpcWw2sTbUrHj0sVH3xDJqTOOUfc3oN9URLtSfXDUA+vCL+RqMjjZpPLvTQRhy pKUoJwt2WaWLkTSPjuA12mGOKssgxfddfwoovmtXwwmJq7Nq9V2h -----END CERTIFICATE-----Generated at Sun Jan 11 15:07:39 2026 by rpki-client