This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/d1c70e-226a-4781-b662-741ab92997d0/1/hTMMYpMuqGPoG2J1CKhmES38yHA.roa File: hTMMYpMuqGPoG2J1CKhmES38yHA.roa (raw, json) Hash identifier: rvTmRXH6/6D95X7iHQWTgs6oiDZA0aQ3QNoQMnR5ayw= Subject key identifier: 85:33:0C:62:93:2E:A8:63:E8:1B:62:75:08:A8:66:11:2D:FC:C8:70 Certificate issuer: /CN=bd252a75c961ad338fd91147d461dd8b3d20cf51 Certificate serial: 019B7BA50D03A66471D0654BF5F7D7A3E6F7 Authority key identifier: BD:25:2A:75:C9:61:AD:33:8F:D9:11:47:D4:61:DD:8B:3D:20:CF:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vSUqdclhrTOP2RFH1GHdiz0gz1E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/d1c70e-226a-4781-b662-741ab92997d0/1/hTMMYpMuqGPoG2J1CKhmES38yHA.roa Signing time: Thu 01 Jan 2026 22:19:32 +0000 ROA not before: Thu 01 Jan 2026 22:19:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15404 IP address blocks: 5.182.152.0/24 maxlen: 24 2a0e:900:d001::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/d1c70e-226a-4781-b662-741ab92997d0/1/vSUqdclhrTOP2RFH1GHdiz0gz1E.crl rsync://rpki.ripe.net/repository/DEFAULT/81/d1c70e-226a-4781-b662-741ab92997d0/1/vSUqdclhrTOP2RFH1GHdiz0gz1E.mft rsync://rpki.ripe.net/repository/DEFAULT/vSUqdclhrTOP2RFH1GHdiz0gz1E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:0d:03:a6:64:71:d0:65:4b:f5:f7:d7:a3:e6:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bd252a75c961ad338fd91147d461dd8b3d20cf51 Validity Not Before: Jan 1 22:19:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85330c62932ea863e81b627508a866112dfcc870 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:95:bb:bc:dd:db:7c:78:6e:1c:75:86:82:85: fc:02:6f:e0:38:40:40:82:68:a1:2e:3b:e4:b4:d1: 59:ac:2a:ad:25:83:71:33:13:12:37:ce:ce:78:5d: 76:7b:c2:9f:13:f3:64:dc:6e:28:9d:06:d9:6e:fc: 19:76:89:69:85:e7:f2:16:b1:b6:70:ff:4b:fd:52: 1b:0b:8f:c5:e5:ea:c8:64:5d:bc:61:75:e4:b6:02: 58:4e:0d:a6:b5:61:30:25:bd:5f:e6:7a:99:fb:54: dd:93:09:0f:7f:7a:8b:7b:90:3b:8b:6b:79:18:be: ca:46:57:bc:92:6c:2c:45:0b:ed:33:f3:13:29:7c: 33:fa:91:83:9a:56:45:dd:e9:e5:c6:4e:c3:91:88: f2:88:4c:34:25:45:9f:7a:f9:db:6a:1d:97:b1:e4: 1a:db:f9:61:cc:23:cb:35:55:50:ba:ab:96:68:63: 26:89:d8:f7:2e:16:c6:b1:95:b7:a5:1f:29:ef:50: 28:8f:f8:6e:18:4a:62:a9:cc:c7:aa:4a:6a:66:7c: 11:f6:3d:83:e9:23:2c:e0:19:cd:f3:1c:11:e7:38: 60:d1:5a:1f:a2:84:89:c3:87:6e:08:90:e0:c0:70: b9:01:b2:c6:6b:c3:18:b3:23:01:51:d3:81:2a:2d: c0:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:33:0C:62:93:2E:A8:63:E8:1B:62:75:08:A8:66:11:2D:FC:C8:70 X509v3 Authority Key Identifier: keyid:BD:25:2A:75:C9:61:AD:33:8F:D9:11:47:D4:61:DD:8B:3D:20:CF:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vSUqdclhrTOP2RFH1GHdiz0gz1E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1c70e-226a-4781-b662-741ab92997d0/1/hTMMYpMuqGPoG2J1CKhmES38yHA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1c70e-226a-4781-b662-741ab92997d0/1/vSUqdclhrTOP2RFH1GHdiz0gz1E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.182.152.0/24 IPv6: 2a0e:900:d001::/48 Signature Algorithm: sha256WithRSAEncryption 56:52:f5:44:17:7c:37:11:cf:19:b6:47:5c:2b:f0:08:7c:0b: e0:7c:52:35:da:f3:62:00:c5:5c:d1:21:17:7d:19:eb:48:8d: b4:6c:74:2f:b8:5b:6e:f6:d6:1c:5c:da:f0:e9:bc:54:5d:05: 2c:58:ea:7d:b5:61:3c:cb:6b:b0:75:50:e1:a3:13:66:d8:27: 36:67:0f:f2:ab:0e:3b:fe:53:f4:d3:47:7e:c6:f7:ff:21:2e: 01:5a:79:e0:7a:c8:43:f1:d7:73:d7:9a:94:4c:3c:f6:93:eb: 12:ea:67:69:76:82:f3:cf:4b:da:ed:aa:3b:75:61:b4:16:7f: 15:c8:bc:13:a6:a0:a8:75:3d:0f:c2:00:50:78:a3:8b:23:c9: 29:db:14:e8:1f:f6:f8:26:6a:d7:20:12:ea:c9:53:00:42:be: f4:d9:3d:79:07:23:39:e2:cb:e9:b0:bd:3c:85:0b:0b:ca:b7: 5e:ad:1f:da:6a:48:d7:cd:a3:75:3e:65:c5:15:8a:46:32:2e: c6:9c:c1:b6:3e:78:d7:ac:a2:94:7c:b5:28:f7:41:d8:6f:a4: bc:e9:16:39:fa:18:96:1e:35:17:d6:23:57:15:33:55:ec:55: cf:5e:28:96:78:7a:24:ba:91:5c:fe:df:3a:a6:a5:6c:ad:5f: fd:5c:a3:04 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt7pQ0DpmRx0GVL9ffXo+b3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkMjUyYTc1Yzk2MWFkMzM4ZmQ5MTE0N2Q0NjFkZDhiM2Qy MGNmNTEwHhcNMjYwMTAxMjIxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTMzMGM2MjkzMmVhODYzZTgxYjYyNzUwOGE4NjYxMTJkZmNjODcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZW7vN3bfHhuHHWGgoX8Am/gOEBA gmihLjvktNFZrCqtJYNxMxMSN87OeF12e8KfE/Nk3G4onQbZbvwZdolphefyFrG2 cP9L/VIbC4/F5erIZF28YXXktgJYTg2mtWEwJb1f5nqZ+1TdkwkPf3qLe5A7i2t5 GL7KRle8kmwsRQvtM/MTKXwz+pGDmlZF3enlxk7DkYjyiEw0JUWfevnbah2XseQa 2/lhzCPLNVVQuquWaGMmidj3LhbGsZW3pR8p71Aoj/huGEpiqczHqkpqZnwR9j2D 6SMs4BnN8xwR5zhg0VofooSJw4duCJDgwHC5AbLGa8MYsyMBUdOBKi3AmwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFIUzDGKTLqhj6BtidQioZhEt/MhwMB8GA1UdIwQY MBaAFL0lKnXJYa0zj9kRR9Rh3Ys9IM9RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdlNVcWRjbGhyVE9QMlJGSDFHSGRpejBnejFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kMWM3MGUtMjI2YS00NzgxLWI2NjIt NzQxYWI5Mjk5N2QwLzEvaFRNTVlwTXVxR1BvRzJKMUNLaG1FUzM4eUhBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS9kMWM3MGUtMjI2YS00NzgxLWI2NjItNzQxYWI5Mjk5N2Qw LzEvdlNVcWRjbGhyVE9QMlJGSDFHSGRpejBnejFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABbaYMA8E AgACMAkDBwAqDgkA0AEwDQYJKoZIhvcNAQELBQADggEBAFZS9UQXfDcRzxm2R1wr 8Ah8C+B8UjXa82IAxVzRIRd9GetIjbRsdC+4W2721hxc2vDpvFRdBSxY6n21YTzL a7B1UOGjE2bYJzZnD/KrDjv+U/TTR37G9/8hLgFaeeB6yEPx13PXmpRMPPaT6xLq Z2l2gvPPS9rtqjt1YbQWfxXIvBOmoKh1PQ/CAFB4o4sjySnbFOgf9vgmatcgEurJ UwBCvvTZPXkHIzniy+mwvTyFCwvKt16tH9pqSNfNo3U+ZcUVikYyLsacwbY+eNes opR8tSj3QdhvpLzpFjn6GJYeNRfWI1cVM1XsVc9eKJZ4eiS6kVz+3zqmpWytX/1c owQ= -----END CERTIFICATE-----Generated at Wed Jan 21 13:16:58 2026 by rpki-client