This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/0c4e20-d591-415e-a06f-008a508bae9d/1/hSyCHHwvePnnhJaLoj0bPLiKrY0.roa File: hSyCHHwvePnnhJaLoj0bPLiKrY0.roa (raw, json) Hash identifier: Q5kLVpiwwKotr0YZjLtoW5+DY5vy3ewkjBXAVZYPMBk= Subject key identifier: 85:2C:82:1C:7C:2F:78:F9:E7:84:96:8B:A2:3D:1B:3C:B8:8A:AD:8D Certificate issuer: /CN=0843e9c2487954691227b1e32175d8f7a1cc3ef5 Certificate serial: 019B7C7F826D55FE7FFB8F57FFA5FD821738 Authority key identifier: 08:43:E9:C2:48:79:54:69:12:27:B1:E3:21:75:D8:F7:A1:CC:3E:F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEPpwkh5VGkSJ7HjIXXY96HMPvU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/0c4e20-d591-415e-a06f-008a508bae9d/1/hSyCHHwvePnnhJaLoj0bPLiKrY0.roa Signing time: Fri 02 Jan 2026 02:18:09 +0000 ROA not before: Fri 02 Jan 2026 02:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212131 IP address blocks: 85.208.168.0/22 maxlen: 22 2a10:ae80::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/0c4e20-d591-415e-a06f-008a508bae9d/1/CEPpwkh5VGkSJ7HjIXXY96HMPvU.crl rsync://rpki.ripe.net/repository/DEFAULT/80/0c4e20-d591-415e-a06f-008a508bae9d/1/CEPpwkh5VGkSJ7HjIXXY96HMPvU.mft rsync://rpki.ripe.net/repository/DEFAULT/CEPpwkh5VGkSJ7HjIXXY96HMPvU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 17:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:82:6d:55:fe:7f:fb:8f:57:ff:a5:fd:82:17:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0843e9c2487954691227b1e32175d8f7a1cc3ef5 Validity Not Before: Jan 2 02:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=852c821c7c2f78f9e784968ba23d1b3cb88aad8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:05:c5:52:7d:81:4f:dc:58:7b:66:b8:17:38: dd:bc:d9:5b:d1:1e:31:15:43:4d:86:7e:78:91:02: 8d:fe:b3:e4:1f:92:21:dc:cc:89:02:01:fe:06:dd: 04:57:d6:a8:94:b0:8c:7e:e6:06:e1:57:a9:b7:b2: 5b:12:df:7c:97:a0:a4:44:62:4b:f8:48:52:ac:43: 30:9a:a1:c6:7e:52:51:4e:39:38:dc:62:0f:a8:68: 1a:7c:17:70:a3:fd:83:ce:5d:78:d5:47:f7:12:1c: af:34:f9:87:9b:8e:7d:6e:0f:e2:4c:d1:76:c2:eb: 6d:c9:81:61:e1:b3:ed:56:96:88:71:0c:23:4d:30: 31:01:a4:92:2b:14:cc:95:60:ad:f4:56:cd:b0:27: df:48:cc:10:59:49:ab:9e:0e:2e:28:ca:e5:6e:d7: bf:aa:1e:8f:07:38:77:f0:12:26:9e:8b:c8:d5:bd: f4:83:df:21:b4:01:0e:6d:47:7f:c4:c2:ae:4a:ec: 50:b9:1c:75:97:16:3e:de:e4:9b:8a:79:45:af:eb: 41:bc:3c:ad:62:cc:95:5c:43:8f:fd:b3:14:31:34: 87:c0:5e:bc:16:ae:f3:a2:72:c4:9c:53:e3:52:74: 92:49:39:f6:cc:88:c8:35:a6:28:b3:17:d7:62:df: 01:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:2C:82:1C:7C:2F:78:F9:E7:84:96:8B:A2:3D:1B:3C:B8:8A:AD:8D X509v3 Authority Key Identifier: keyid:08:43:E9:C2:48:79:54:69:12:27:B1:E3:21:75:D8:F7:A1:CC:3E:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEPpwkh5VGkSJ7HjIXXY96HMPvU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0c4e20-d591-415e-a06f-008a508bae9d/1/hSyCHHwvePnnhJaLoj0bPLiKrY0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0c4e20-d591-415e-a06f-008a508bae9d/1/CEPpwkh5VGkSJ7HjIXXY96HMPvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.208.168.0/22 IPv6: 2a10:ae80::/29 Signature Algorithm: sha256WithRSAEncryption 1b:ed:88:de:c2:0e:2c:bb:7e:d9:72:6d:86:6d:82:84:ee:69: 6a:81:ee:88:c9:6d:97:4b:69:bf:61:a3:70:ae:8d:42:05:80: 80:8f:68:2e:6d:a2:12:63:f7:41:c5:24:2d:b6:cc:54:d7:34: 2e:38:c1:d7:5d:21:c5:c3:0f:44:ef:a2:e4:7e:c6:af:00:75: d1:77:6c:cd:06:d4:81:bc:16:01:68:da:c4:34:b4:5d:2b:b1: 54:2b:67:ea:7a:cb:df:65:24:61:61:b7:cf:b6:9f:ae:43:14: 16:01:08:af:67:5e:2f:c7:da:59:a2:ec:9f:68:d0:a4:55:9a: ad:8f:bb:ef:89:4b:67:67:3a:d3:67:49:eb:f2:5b:64:84:05: fb:d8:8b:6d:f6:fe:ea:60:2e:47:0c:1f:e5:36:35:b4:b4:a1: 51:c2:46:0a:51:c0:02:8d:25:c0:2d:3b:a6:9d:ff:e3:8d:94: fe:04:6d:7c:91:0b:9d:28:ef:da:12:0d:a4:63:2f:d5:2f:1d: 6a:44:19:fa:50:b1:49:fb:08:98:52:1c:43:fb:a7:6e:d1:76: f3:81:a2:41:b8:63:db:bc:e2:9f:71:24:84:c9:09:0a:2e:64: 31:65:bf:00:24:31:dc:9c:6c:d9:7a:03:ea:eb:6f:d3:a8:68: 5c:61:af:03 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8f4JtVf5/+49X/6X9ghc4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4NDNlOWMyNDg3OTU0NjkxMjI3YjFlMzIxNzVkOGY3YTFj YzNlZjUwHhcNMjYwMTAyMDIxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTJjODIxYzdjMmY3OGY5ZTc4NDk2OGJhMjNkMWIzY2I4OGFhZDhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8gXFUn2BT9xYe2a4FzjdvNlb0R4x FUNNhn54kQKN/rPkH5Ih3MyJAgH+Bt0EV9aolLCMfuYG4Vept7JbEt98l6CkRGJL +EhSrEMwmqHGflJRTjk43GIPqGgafBdwo/2Dzl141Uf3EhyvNPmHm459bg/iTNF2 wuttyYFh4bPtVpaIcQwjTTAxAaSSKxTMlWCt9FbNsCffSMwQWUmrng4uKMrlbte/ qh6PBzh38BImnovI1b30g98htAEObUd/xMKuSuxQuRx1lxY+3uSbinlFr+tBvDyt YsyVXEOP/bMUMTSHwF68Fq7zonLEnFPjUnSSSTn2zIjINaYosxfXYt8BaQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIUsghx8L3j554SWi6I9Gzy4iq2NMB8GA1UdIwQY MBaAFAhD6cJIeVRpEiex4yF12PehzD71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0VQcHdraDVWR2tTSjdIaklYWFk5NkhNUHZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8wYzRlMjAtZDU5MS00MTVlLWEwNmYt MDA4YTUwOGJhZTlkLzEvaFN5Q0hId3ZlUG5uaEphTG9qMGJQTGlLclkwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC8wYzRlMjAtZDU5MS00MTVlLWEwNmYtMDA4YTUwOGJhZTlk LzEvQ0VQcHdraDVWR2tTSjdIaklYWFk5NkhNUHZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdCoMA0E AgACMAcDBQMqEK6AMA0GCSqGSIb3DQEBCwUAA4IBAQAb7Yjewg4su37Zcm2GbYKE 7mlqge6IyW2XS2m/YaNwro1CBYCAj2gubaISY/dBxSQttsxU1zQuOMHXXSHFww9E 76LkfsavAHXRd2zNBtSBvBYBaNrENLRdK7FUK2fqesvfZSRhYbfPtp+uQxQWAQiv Z14vx9pZouyfaNCkVZqtj7vviUtnZzrTZ0nr8ltkhAX72Itt9v7qYC5HDB/lNjW0 tKFRwkYKUcACjSXALTumnf/jjZT+BG18kQudKO/aEg2kYy/VLx1qRBn6ULFJ+wiY UhxD+6du0XbzgaJBuGPbvOKfcSSEyQkKLmQxZb8AJDHcnGzZegPq62/TqGhcYa8D -----END CERTIFICATE-----Generated at Tue Feb 10 02:42:35 2026 by rpki-client