This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/HlyQkRvIajic21yQ3EdpgC5Yqgg.roa File: HlyQkRvIajic21yQ3EdpgC5Yqgg.roa (raw, json) Hash identifier: DEi+PcIqXLpiPBIpLE3KgS4ClyQCr0Vig+hsaKKtuiM= Subject key identifier: 1E:5C:90:91:1B:C8:6A:38:9C:DB:5C:90:DC:47:69:80:2E:58:AA:08 Certificate issuer: /CN=480b4e6530f58db338e41d434e5c248eb8b49eb5 Certificate serial: 019B79ED5DFE70C22E89568208579C97D20B Authority key identifier: 48:0B:4E:65:30:F5:8D:B3:38:E4:1D:43:4E:5C:24:8E:B8:B4:9E:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAtOZTD1jbM45B1DTlwkjri0nrU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/HlyQkRvIajic21yQ3EdpgC5Yqgg.roa Signing time: Thu 01 Jan 2026 14:19:17 +0000 ROA not before: Thu 01 Jan 2026 14:19:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3266 IP address blocks: 91.211.177.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/SAtOZTD1jbM45B1DTlwkjri0nrU.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/SAtOZTD1jbM45B1DTlwkjri0nrU.mft rsync://rpki.ripe.net/repository/DEFAULT/SAtOZTD1jbM45B1DTlwkjri0nrU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:5d:fe:70:c2:2e:89:56:82:08:57:9c:97:d2:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=480b4e6530f58db338e41d434e5c248eb8b49eb5 Validity Not Before: Jan 1 14:19:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1e5c90911bc86a389cdb5c90dc4769802e58aa08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:bc:33:14:75:87:03:d0:19:f4:c8:4b:cd:82: 7c:06:3a:cb:5f:e6:5e:72:40:22:fb:df:15:51:f5: 85:9e:49:86:3a:67:ac:af:4a:e0:c6:bc:a5:40:35: 59:4c:c9:6d:c4:19:cd:6e:55:50:29:7a:28:a9:86: 2b:59:12:7e:b1:08:25:51:b5:f0:7c:eb:55:d0:c1: bd:b2:9c:be:07:19:cd:6d:d1:1e:ef:06:e2:f8:4c: 7b:f2:28:a7:d2:3a:4a:23:8b:b5:14:5f:f8:ca:bf: 50:ad:c4:2f:70:e9:00:1e:1d:c9:89:e5:86:df:b0: 1e:e7:9f:c2:58:ce:a9:c8:9b:42:75:42:59:d0:3c: 90:50:3f:09:ea:1f:cf:8a:2b:34:52:cd:2c:70:d4: cb:3a:d9:67:99:d3:68:63:64:55:3e:dc:06:76:73: 79:4f:dc:76:db:92:23:dc:f8:68:2b:7f:9c:86:87: ec:79:ec:91:93:89:ad:71:97:d8:b6:d0:40:e4:b3: d7:b9:47:9b:97:37:c8:45:ec:ea:f7:db:6b:7f:83: 92:88:9f:82:66:fa:ba:a4:a5:f0:94:50:56:4b:65: 97:32:85:c2:47:6c:ee:98:d4:6f:a4:3b:df:b5:14: 38:40:32:91:0d:78:67:55:20:8b:f3:87:4c:f0:31: 35:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:5C:90:91:1B:C8:6A:38:9C:DB:5C:90:DC:47:69:80:2E:58:AA:08 X509v3 Authority Key Identifier: keyid:48:0B:4E:65:30:F5:8D:B3:38:E4:1D:43:4E:5C:24:8E:B8:B4:9E:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAtOZTD1jbM45B1DTlwkjri0nrU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/HlyQkRvIajic21yQ3EdpgC5Yqgg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/SAtOZTD1jbM45B1DTlwkjri0nrU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.211.177.0/24 Signature Algorithm: sha256WithRSAEncryption cd:54:5a:b6:bc:3b:24:2a:28:66:fd:aa:51:76:5a:6f:e0:ce: 8a:b3:a5:96:f9:02:8d:9b:b6:15:16:ca:4b:81:81:c7:f7:14: 49:6d:04:72:fb:be:0d:96:d2:e7:6d:bc:c4:24:5e:c0:7b:b1: d0:31:a8:34:76:6b:73:e4:23:2e:ce:fa:1d:a8:65:b4:21:af: 35:38:1d:4a:2b:aa:c5:21:49:90:29:27:05:0d:88:67:cc:cf: 22:40:6c:94:6f:8e:05:01:e7:4f:68:7c:4c:ea:b9:89:29:04: ed:1c:9a:cf:27:64:71:b3:27:dd:2a:ae:3f:88:1c:3e:60:87: 4b:ea:4a:13:5e:7e:97:61:52:12:41:4d:1e:6a:c5:23:7a:ec: ce:26:3d:59:67:5b:ab:0a:34:fc:7a:e4:dd:5b:5f:30:e8:35: 53:9f:ca:74:5b:bb:e0:28:02:a5:70:f9:db:2c:1f:11:8f:1f: 10:50:ad:36:a1:f0:94:85:e6:8f:c1:27:e2:e5:ba:96:c6:83: 82:29:97:c3:23:4a:1b:b0:6a:38:a8:c4:f0:78:af:5b:ee:9c: 8d:6d:96:10:7b:47:b0:fe:c8:b9:30:4a:e9:7e:4d:ef:6c:94: 2d:3d:94:f6:66:36:7f:54:11:39:44:c2:96:db:85:fa:e6:8e: c0:e8:69:2e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt57V3+cMIuiVaCCFecl9ILMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ4MGI0ZTY1MzBmNThkYjMzOGU0MWQ0MzRlNWMyNDhlYjhi NDllYjUwHhcNMjYwMTAxMTQxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZTVjOTA5MTFiYzg2YTM4OWNkYjVjOTBkYzQ3Njk4MDJlNThhYTA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorwzFHWHA9AZ9MhLzYJ8BjrLX+Ze ckAi+98VUfWFnkmGOmesr0rgxrylQDVZTMltxBnNblVQKXooqYYrWRJ+sQglUbXw fOtV0MG9spy+BxnNbdEe7wbi+Ex78iin0jpKI4u1FF/4yr9QrcQvcOkAHh3JieWG 37Ae55/CWM6pyJtCdUJZ0DyQUD8J6h/Piis0Us0scNTLOtlnmdNoY2RVPtwGdnN5 T9x225Ij3PhoK3+chofseeyRk4mtcZfYttBA5LPXuUeblzfIRezq99trf4OSiJ+C Zvq6pKXwlFBWS2WXMoXCR2zumNRvpDvftRQ4QDKRDXhnVSCL84dM8DE1TwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFB5ckJEbyGo4nNtckNxHaYAuWKoIMB8GA1UdIwQY MBaAFEgLTmUw9Y2zOOQdQ05cJI64tJ61MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU0F0T1pURDFqYk00NUIxRFRsd2tqcmkwbnJVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yYTcyZWUtZWMxZi00MGM2LWFkOWQt NWE0ZGY4OTZmYzNlLzEvSGx5UWtSdklhamljMjF5UTNFZHBnQzVZcWdnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi8yYTcyZWUtZWMxZi00MGM2LWFkOWQtNWE0ZGY4OTZmYzNl LzEvU0F0T1pURDFqYk00NUIxRFRsd2tqcmkwbnJVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9OxMA0G CSqGSIb3DQEBCwUAA4IBAQDNVFq2vDskKihm/apRdlpv4M6Ks6WW+QKNm7YVFspL gYHH9xRJbQRy+74NltLnbbzEJF7Ae7HQMag0dmtz5CMuzvodqGW0Ia81OB1KK6rF IUmQKScFDYhnzM8iQGyUb44FAedPaHxM6rmJKQTtHJrPJ2RxsyfdKq4/iBw+YIdL 6koTXn6XYVISQU0easUjeuzOJj1ZZ1urCjT8euTdW18w6DVTn8p0W7vgKAKlcPnb LB8Rjx8QUK02ofCUheaPwSfi5bqWxoOCKZfDI0obsGo4qMTweK9b7pyNbZYQe0ew /si5MErpfk3vbJQtPZT2ZjZ/VBE5RMKW24X65o7A6Gku -----END CERTIFICATE-----Generated at Tue Feb 10 03:10:23 2026 by rpki-client