This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/HR-RlvhPR2KFSwj8wKhoiIZcdOs.roa File: HR-RlvhPR2KFSwj8wKhoiIZcdOs.roa (raw, json) Hash identifier: jF+Fcte6nQCVsXtXgwFb6S4rPJtc/cAAhfv54qZplv4= Subject key identifier: 1D:1F:91:96:F8:4F:47:62:85:4B:08:FC:C0:A8:68:88:86:5C:74:EB Certificate issuer: /CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290 Certificate serial: 019B7B36887727A552537145DEA14C6E31F3 Authority key identifier: 3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/HR-RlvhPR2KFSwj8wKhoiIZcdOs.roa Signing time: Thu 01 Jan 2026 20:18:49 +0000 ROA not before: Thu 01 Jan 2026 20:18:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206801 IP address blocks: 5.180.168.0/22 maxlen: 22 5.180.168.0/23 maxlen: 23 5.180.168.0/24 maxlen: 24 5.180.169.0/24 maxlen: 24 5.180.170.0/23 maxlen: 23 5.180.170.0/24 maxlen: 24 5.180.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.mft rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:88:77:27:a5:52:53:71:45:de:a1:4c:6e:31:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d8012fa14ace7a0c3bd2e82e0a29d9a44bfe290 Validity Not Before: Jan 1 20:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1d1f9196f84f4762854b08fcc0a86888865c74eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:8f:af:e6:63:76:00:78:5b:4c:6e:de:c9:d0: f5:fa:ea:0f:4e:6f:d7:33:b6:cb:e5:4c:15:eb:45: 46:25:e8:60:a8:f7:ed:ca:10:1a:4e:92:26:1a:85: f7:1c:74:11:f5:96:ee:64:2a:d5:c8:fc:38:af:dd: fd:a4:58:03:2d:2f:1a:d2:15:a6:0d:95:99:80:f5: c2:6c:d6:71:d4:46:6e:80:20:66:13:54:d8:af:2a: 0f:03:07:2b:8b:10:ee:01:34:b0:bb:04:60:97:15: 49:6f:c5:b0:f9:65:7e:14:94:cf:f8:d1:94:d7:d5: 00:34:3b:cc:57:96:9c:09:19:a0:fc:d6:f9:cd:59: a3:19:cc:74:46:27:03:22:ff:47:50:75:23:c7:51: 5d:9e:4a:32:94:91:1b:44:27:01:21:2a:37:5c:8e: 45:5f:f1:74:56:a8:f9:00:6a:d2:bb:ff:3a:80:a5: 9f:dc:15:5f:fe:0d:c0:9e:3d:b7:79:b6:d9:6c:e2: b9:08:21:76:dd:8e:4e:00:3e:ed:2a:1c:81:42:39: c4:33:fd:c6:7a:3b:84:0f:5b:dc:c7:ae:e6:ad:08: 82:a6:3f:79:7d:14:6f:0e:08:40:ec:b2:2a:ec:82: 3f:bc:96:c2:9e:5b:21:93:be:6f:e4:bd:c3:86:01: 69:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:1F:91:96:F8:4F:47:62:85:4B:08:FC:C0:A8:68:88:86:5C:74:EB X509v3 Authority Key Identifier: keyid:3D:80:12:FA:14:AC:E7:A0:C3:BD:2E:82:E0:A2:9D:9A:44:BF:E2:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYAS-hSs56DDvS6C4KKdmkS_4pA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/HR-RlvhPR2KFSwj8wKhoiIZcdOs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ef5ed1-bdee-4639-9248-77f84c562a5f/1/PYAS-hSs56DDvS6C4KKdmkS_4pA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.180.168.0/22 Signature Algorithm: sha256WithRSAEncryption 5e:8e:89:39:22:12:a8:1b:c0:31:99:1c:2e:93:bc:41:85:c8: 54:86:77:18:2f:b3:c0:f0:35:05:fb:d0:ac:32:db:c0:44:b3: 6f:d0:a8:57:07:b6:46:47:96:15:a8:cb:a7:94:b8:e6:45:e6: 40:87:05:51:ac:12:2e:e9:61:f3:b8:b2:63:25:48:22:c6:f0: 34:ba:54:14:35:fa:6a:4f:51:4f:be:85:e7:bd:50:65:ab:dc: cc:8b:41:f7:d8:a4:8c:f2:4e:36:69:4f:22:c7:de:2d:af:c0: 68:4f:71:13:ac:f5:4a:bb:29:7c:75:02:73:a5:38:f8:23:3a: 27:0f:b4:43:51:c6:c6:5d:b2:39:38:f2:52:cb:3d:57:47:71: 22:0c:96:42:bb:fc:99:da:06:6a:35:7f:e5:51:90:f9:9f:5c: 9d:e0:6a:1d:1b:65:b3:a4:9e:f7:9d:bd:88:1c:a7:7f:7e:19: b4:03:77:83:fa:e8:f1:87:33:ce:c1:a1:8a:db:42:60:41:1a: 76:e5:df:b6:55:72:7d:8f:08:06:d9:77:3f:c5:f7:ec:98:73: 12:a2:35:47:6a:ec:9e:7e:90:03:31:11:17:f3:87:3a:ab:53: e7:dd:96:3b:eb:62:a8:74:33:74:50:d2:91:f3:37:60:72:01: b5:01:6d:0b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7Noh3J6VSU3FF3qFMbjHzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkODAxMmZhMTRhY2U3YTBjM2JkMmU4MmUwYTI5ZDlhNDRi ZmUyOTAwHhcNMjYwMTAxMjAxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZDFmOTE5NmY4NGY0NzYyODU0YjA4ZmNjMGE4Njg4ODg2NWM3NGViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI+v5mN2AHhbTG7eydD1+uoPTm/X M7bL5UwV60VGJehgqPftyhAaTpImGoX3HHQR9ZbuZCrVyPw4r939pFgDLS8a0hWm DZWZgPXCbNZx1EZugCBmE1TYryoPAwcrixDuATSwuwRglxVJb8Ww+WV+FJTP+NGU 19UANDvMV5acCRmg/Nb5zVmjGcx0RicDIv9HUHUjx1FdnkoylJEbRCcBISo3XI5F X/F0Vqj5AGrSu/86gKWf3BVf/g3Anj23ebbZbOK5CCF23Y5OAD7tKhyBQjnEM/3G ejuED1vcx67mrQiCpj95fRRvDghA7LIq7II/vJbCnlshk75v5L3DhgFpUwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFB0fkZb4T0dihUsI/MCoaIiGXHTrMB8GA1UdIwQY MBaAFD2AEvoUrOegw70uguCinZpEv+KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgt NzdmODRjNTYyYTVmLzEvSFItUmx2aFBSMktGU3dqOHdLaG9pSVpjZE9zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yy9lZjVlZDEtYmRlZS00NjM5LTkyNDgtNzdmODRjNTYyYTVm LzEvUFlBUy1oU3M1NkREdlM2QzRLS2Rta1NfNHBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbSoMA0G CSqGSIb3DQEBCwUAA4IBAQBejok5IhKoG8AxmRwuk7xBhchUhncYL7PA8DUF+9Cs MtvARLNv0KhXB7ZGR5YVqMunlLjmReZAhwVRrBIu6WHzuLJjJUgixvA0ulQUNfpq T1FPvoXnvVBlq9zMi0H32KSM8k42aU8ix94tr8BoT3ETrPVKuyl8dQJzpTj4Izon D7RDUcbGXbI5OPJSyz1XR3EiDJZCu/yZ2gZqNX/lUZD5n1yd4GodG2WzpJ73nb2I HKd/fhm0A3eD+ujxhzPOwaGK20JgQRp25d+2VXJ9jwgG2Xc/xffsmHMSojVHauye fpADMREX84c6q1Pn3ZY762KodDN0UNKR8zdgcgG1AW0L -----END CERTIFICATE-----Generated at Tue Feb 10 00:02:56 2026 by rpki-client