This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/rhGX_5s3UmZjlpks20dW8Uwf5xY.roa File: rhGX_5s3UmZjlpks20dW8Uwf5xY.roa (raw, json) Hash identifier: JBHH+NoWY0D+hMChID36tmQIbWsMkAg53XmNFpTIjc4= Subject key identifier: AE:11:97:FF:9B:37:52:66:63:96:99:2C:DB:47:56:F1:4C:1F:E7:16 Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea Certificate serial: 019B78343F0796753ED3961D8B6A8363C60D Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/rhGX_5s3UmZjlpks20dW8Uwf5xY.roa Signing time: Thu 01 Jan 2026 06:17:28 +0000 ROA not before: Thu 01 Jan 2026 06:17:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25369 IP address blocks: 217.144.176.0/22 maxlen: 32 217.144.180.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.mft rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 06:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:3f:07:96:75:3e:d3:96:1d:8b:6a:83:63:c6:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea Validity Not Before: Jan 1 06:17:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ae1197ff9b3752666396992cdb4756f14c1fe716 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:dd:7f:51:d4:74:e8:d9:e1:eb:b1:a5:f6:87: d7:98:24:50:5c:a5:d5:5a:e9:77:57:fc:83:73:db: 04:ff:2a:15:df:d1:ce:e7:b6:fc:71:9a:2a:ff:77: f9:c5:54:a3:3c:45:8d:d6:a9:73:4e:9f:21:86:4e: f4:49:14:09:45:8c:b3:66:91:03:97:d8:46:13:24: 36:cf:2e:44:ca:35:eb:97:2e:fe:4c:23:e2:dc:11: 51:71:de:52:6d:c8:56:0b:32:85:16:4d:00:77:87: 69:2f:d7:a8:db:17:b0:81:51:3c:f2:06:47:f0:17: d2:53:2c:87:75:cf:a4:35:f8:d3:20:9b:73:28:cd: 71:7d:20:71:0b:a1:e6:99:04:d7:43:2e:cd:c9:ba: b1:5d:e7:bf:5e:23:35:df:dc:c2:7b:22:7d:85:d5: 5e:a9:61:54:fa:97:04:d5:28:5a:19:47:2c:96:8e: 1b:14:fb:71:73:55:0c:52:c5:96:b6:a9:20:39:c4: d3:7e:92:49:6e:64:e2:f8:af:d7:d3:58:1f:b7:cb: 10:43:c2:d7:1a:ea:57:98:09:e2:7c:86:7d:2e:64: 68:78:4a:fc:ae:30:a9:9f:cb:3d:64:1d:65:02:ce: 97:c7:3b:5c:26:8f:10:d0:05:da:12:45:1b:9f:8a: 69:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:11:97:FF:9B:37:52:66:63:96:99:2C:DB:47:56:F1:4C:1F:E7:16 X509v3 Authority Key Identifier: keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/rhGX_5s3UmZjlpks20dW8Uwf5xY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.144.176.0/21 Signature Algorithm: sha256WithRSAEncryption ad:00:f1:e6:26:45:c5:60:2e:61:5a:1e:9d:af:64:33:f9:8a: 4a:c0:93:f7:1a:83:15:d0:ac:3f:17:f7:c6:ee:73:85:16:fb: f4:7e:19:d6:87:58:f9:25:f9:47:58:e7:41:14:7e:7f:18:e2: da:f9:f1:7d:9f:89:54:13:47:a2:c4:26:e6:2a:6d:e1:90:91: 0d:e3:bc:a3:c3:0b:34:92:b2:5b:7c:47:5a:18:44:b2:51:15: 4d:8d:e7:0f:66:4f:ca:02:12:22:3e:39:c0:5a:b6:18:ba:d0: 69:e0:1b:58:fc:6b:4c:bb:4d:d2:ba:49:48:2f:bf:93:3e:97: 38:da:16:af:54:8c:85:22:19:49:00:22:60:86:e0:68:c4:99: 26:e1:7d:06:6c:44:8a:00:43:d0:da:ca:e6:b2:a8:38:18:0c: e1:87:1f:cc:f3:16:49:91:b9:63:05:d6:2a:dc:7f:06:e0:ee: a9:c0:62:7a:a1:85:1e:94:cf:f2:69:4e:8e:43:c1:b7:28:90: ed:fd:f6:df:11:fa:70:f6:d8:45:54:a8:51:f7:57:27:4b:81: 0f:48:48:de:e0:2b:f0:42:36:b4:27:87:47:9a:aa:37:97:a5: 01:57:ce:4c:37:f3:db:bc:12:98:70:b1:4c:2d:8a:93:d0:bf: a2:3d:74:5b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4ND8HlnU+05Ydi2qDY8YNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5 M2NiZWEwHhcNMjYwMTAxMDYxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZTExOTdmZjliMzc1MjY2NjM5Njk5MmNkYjQ3NTZmMTRjMWZlNzE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt1/UdR06Nnh67Gl9ofXmCRQXKXV Wul3V/yDc9sE/yoV39HO57b8cZoq/3f5xVSjPEWN1qlzTp8hhk70SRQJRYyzZpED l9hGEyQ2zy5EyjXrly7+TCPi3BFRcd5SbchWCzKFFk0Ad4dpL9eo2xewgVE88gZH 8BfSUyyHdc+kNfjTIJtzKM1xfSBxC6HmmQTXQy7NybqxXee/XiM139zCeyJ9hdVe qWFU+pcE1ShaGUcslo4bFPtxc1UMUsWWtqkgOcTTfpJJbmTi+K/X01gft8sQQ8LX GupXmAnifIZ9LmRoeEr8rjCpn8s9ZB1lAs6XxztcJo8Q0AXaEkUbn4ppcwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFK4Rl/+bN1JmY5aZLNtHVvFMH+cWMB8GA1UdIwQY MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt ZGJmOWQ0MWYxNzk4LzEvcmhHWF81czNVbVpqbHBrczIwZFc4VXdmNXhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4 LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2ZCwMA0G CSqGSIb3DQEBCwUAA4IBAQCtAPHmJkXFYC5hWh6dr2Qz+YpKwJP3GoMV0Kw/F/fG 7nOFFvv0fhnWh1j5JflHWOdBFH5/GOLa+fF9n4lUE0eixCbmKm3hkJEN47yjwws0 krJbfEdaGESyURVNjecPZk/KAhIiPjnAWrYYutBp4BtY/GtMu03SuklIL7+TPpc4 2havVIyFIhlJACJghuBoxJkm4X0GbESKAEPQ2srmsqg4GAzhhx/M8xZJkbljBdYq 3H8G4O6pwGJ6oYUelM/yaU6OQ8G3KJDt/fbfEfpw9thFVKhR91cnS4EPSEje4Cvw Qja0J4dHmqo3l6UBV85MN/PbvBKYcLFMLYqT0L+iPXRb -----END CERTIFICATE-----Generated at Mon Jan 19 17:05:12 2026 by rpki-client