This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hDwrKqUUUgRdKzbpNVgH5Y1YoHs.roa File: hDwrKqUUUgRdKzbpNVgH5Y1YoHs.roa (raw, json) Hash identifier: XvFMK3zGDB8gXRWORYppQDe5CYwmAhj7aREhIcAaTXg= Subject key identifier: 84:3C:2B:2A:A5:14:52:04:5D:2B:36:E9:35:58:07:E5:8D:58:A0:7B Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019BBDA3FF2122F8EA9209FD0FF36347B4FC Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hDwrKqUUUgRdKzbpNVgH5Y1YoHs.roa Signing time: Wed 14 Jan 2026 17:53:20 +0000 ROA not before: Wed 14 Jan 2026 17:53:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13335 IP address blocks: 151.240.3.0/24 maxlen: 24 151.241.161.0/24 maxlen: 24 151.242.227.0/24 maxlen: 24 151.243.113.0/24 maxlen: 24 151.243.133.0/24 maxlen: 24 151.245.127.0/24 maxlen: 24 151.246.216.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 21:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:bd:a3:ff:21:22:f8:ea:92:09:fd:0f:f3:63:47:b4:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Jan 14 17:53:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=843c2b2aa51452045d2b36e9355807e58d58a07b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:92:a4:dc:73:c0:71:16:db:1d:9f:f6:67:75: 5b:a0:1d:ba:95:67:f7:10:c1:dc:15:b6:6e:da:06: 29:da:61:2a:0b:bd:95:6e:2a:06:ef:82:99:95:5b: 95:65:36:b6:4b:24:d6:a6:06:39:46:84:73:0f:f1: ce:98:29:80:2d:32:61:4e:11:23:21:3e:b4:21:c7: ce:ab:21:cd:99:87:92:35:59:a3:e4:f9:63:7a:98: d8:35:7d:66:e2:ef:3d:3e:6c:80:de:cb:e8:4a:91: 7d:75:87:d6:1e:d5:b2:21:83:97:d5:9a:85:bc:e5: cb:7e:ed:e1:f6:3e:67:46:ef:20:d5:d3:5d:67:2c: 2a:84:16:bf:ab:8b:0d:5c:c3:dc:0b:d9:2c:89:99: b1:f0:c1:4e:23:07:99:53:0a:34:96:4b:e0:53:49: 9f:e8:7b:82:13:ee:a0:79:77:51:2a:3a:c4:3c:9d: 99:fc:20:95:b9:a6:3a:2a:8e:e4:d0:f4:6b:f5:1b: b2:a3:bf:73:71:53:9d:c7:50:60:89:6a:c0:1e:a6: 7f:1e:6e:e8:b2:90:0b:fd:3b:34:ad:b1:b1:40:64: 77:c3:25:68:8b:96:5a:7d:f4:78:2d:0d:62:62:a1: 1b:c1:27:01:ef:1b:6d:0e:30:14:ea:de:e4:4d:59: f2:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:3C:2B:2A:A5:14:52:04:5D:2B:36:E9:35:58:07:E5:8D:58:A0:7B X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hDwrKqUUUgRdKzbpNVgH5Y1YoHs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.240.3.0/24 151.241.161.0/24 151.242.227.0/24 151.243.113.0/24 151.243.133.0/24 151.245.127.0/24 151.246.216.0/23 Signature Algorithm: sha256WithRSAEncryption 86:3a:cb:1a:05:12:ef:a0:e5:de:ec:93:b6:f7:ff:29:cd:0e: e6:d3:53:20:77:8c:86:cb:f3:95:e2:35:c5:73:ba:67:ba:ca: fe:52:d3:b8:bf:38:c1:ae:4f:eb:51:24:26:f5:ad:3f:48:59: 19:5d:91:c4:ca:9f:87:2f:72:4b:29:2b:1f:d8:b6:f7:d0:26: a2:25:13:a9:93:52:69:3d:87:46:d2:6c:2a:b3:76:5f:50:1b: 6c:c0:c1:cd:a5:fc:e0:e7:bc:cf:b3:f5:fa:7b:cd:68:84:5f: a6:81:63:c2:84:55:8e:98:b3:da:1f:dc:80:ee:4d:f5:54:f0: 6e:16:76:b9:0d:1a:76:90:b0:b8:1a:79:79:7c:53:af:68:de: 72:55:43:80:ae:60:0f:5b:4d:38:17:d7:d2:91:25:f6:92:42: ce:cf:c6:38:81:09:b5:ca:a9:b3:d9:2a:ee:9e:2c:95:dd:51: da:f9:95:3e:a6:82:94:df:26:9f:de:43:e0:eb:7b:79:d7:0d: 83:a3:ad:2a:d2:d6:4a:3c:8c:37:97:78:b5:6a:70:25:01:73: 3a:12:8f:16:10:d0:c5:61:df:18:e2:d8:6d:6a:bd:34:2e:ba: 4c:2a:6a:3b:53:c4:65:a9:11:e7:56:f9:46:f6:0f:71:a9:c2: 17:eb:02:54 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZu9o/8hIvjqkgn9D/NjR7T8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjYwMTE0MTc1MzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDNjMmIyYWE1MTQ1MjA0NWQyYjM2ZTkzNTU4MDdlNThkNThhMDdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupKk3HPAcRbbHZ/2Z3VboB26lWf3 EMHcFbZu2gYp2mEqC72VbioG74KZlVuVZTa2SyTWpgY5RoRzD/HOmCmALTJhThEj IT60IcfOqyHNmYeSNVmj5PljepjYNX1m4u89PmyA3svoSpF9dYfWHtWyIYOX1ZqF vOXLfu3h9j5nRu8g1dNdZywqhBa/q4sNXMPcC9ksiZmx8MFOIweZUwo0lkvgU0mf 6HuCE+6geXdRKjrEPJ2Z/CCVuaY6Ko7k0PRr9Ruyo79zcVOdx1BgiWrAHqZ/Hm7o spAL/Ts0rbGxQGR3wyVoi5ZaffR4LQ1iYqEbwScB7xttDjAU6t7kTVnyaQIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFIQ8KyqlFFIEXSs26TVYB+WNWKB7MB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvaER3cktxVVVVZ1JkS3picE5WZ0g1WTFZb0hzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAl/ADAwQA l/GhAwQAl/LjAwQAl/NxAwQAl/OFAwQAl/V/AwQBl/bYMA0GCSqGSIb3DQEBCwUA A4IBAQCGOssaBRLvoOXe7JO29/8pzQ7m01Mgd4yGy/OV4jXFc7pnusr+UtO4vzjB rk/rUSQm9a0/SFkZXZHEyp+HL3JLKSsf2Lb30CaiJROpk1JpPYdG0mwqs3ZfUBts wMHNpfzg57zPs/X6e81ohF+mgWPChFWOmLPaH9yA7k31VPBuFna5DRp2kLC4Gnl5 fFOvaN5yVUOArmAPW004F9fSkSX2kkLOz8Y4gQm1yqmz2SruniyV3VHa+ZU+poKU 3yaf3kPg63t51w2Do60q0tZKPIw3l3i1anAlAXM6Eo8WENDFYd8Y4thtar00LrpM Kmo7U8RlqRHnVvlG9g9xqcIX6wJU -----END CERTIFICATE-----Generated at Sun Jan 18 06:31:38 2026 by rpki-client