This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/f816d6-016a-4135-99e3-8c42bb2231ab/1/h4TyPM-lSUzBFc-GVJsAqMyi_Q8.roa File: h4TyPM-lSUzBFc-GVJsAqMyi_Q8.roa (raw, json) Hash identifier: QRRCqIhfzgSfHjTwanuS+mvIUE37zMG7bc9JISZqHPA= Subject key identifier: 87:84:F2:3C:CF:A5:49:4C:C1:15:CF:86:54:9B:00:A8:CC:A2:FD:0F Certificate issuer: /CN=72df697430cbb57c49a0a1993024d6d329f7e565 Certificate serial: 019B7834AD4A4F71C2DB1E56DC491361233B Authority key identifier: 72:DF:69:74:30:CB:B5:7C:49:A0:A1:99:30:24:D6:D3:29:F7:E5:65 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ct9pdDDLtXxJoKGZMCTW0yn35WU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/f816d6-016a-4135-99e3-8c42bb2231ab/1/h4TyPM-lSUzBFc-GVJsAqMyi_Q8.roa Signing time: Thu 01 Jan 2026 06:17:56 +0000 ROA not before: Thu 01 Jan 2026 06:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211222 IP address blocks: 45.95.10.0/24 maxlen: 24 2a0a:ccc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/f816d6-016a-4135-99e3-8c42bb2231ab/1/ct9pdDDLtXxJoKGZMCTW0yn35WU.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/f816d6-016a-4135-99e3-8c42bb2231ab/1/ct9pdDDLtXxJoKGZMCTW0yn35WU.mft rsync://rpki.ripe.net/repository/DEFAULT/ct9pdDDLtXxJoKGZMCTW0yn35WU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:ad:4a:4f:71:c2:db:1e:56:dc:49:13:61:23:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72df697430cbb57c49a0a1993024d6d329f7e565 Validity Not Before: Jan 1 06:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8784f23ccfa5494cc115cf86549b00a8cca2fd0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e5:79:07:73:e0:49:53:d8:9e:b2:52:4c:77: db:cc:1c:8b:42:37:25:a0:8d:34:f9:97:38:04:f9: 69:98:7b:b0:78:39:92:d3:06:55:7f:73:e4:f2:e2: ed:0d:1d:bf:1d:6d:8e:4f:c3:8e:50:c8:f8:e9:f9: 5d:f3:da:ca:96:7b:5d:0d:a6:13:50:2d:30:5a:3c: 74:ce:8e:aa:44:70:c5:2c:ac:70:3b:10:86:e8:fa: ca:a3:26:df:0f:49:09:84:23:5e:a1:a8:2a:48:11: a2:bd:4b:b5:4a:42:2b:cb:e4:23:18:d1:5e:55:f0: b2:a0:71:de:93:a6:dd:52:c3:a2:9c:6b:fd:41:95: f6:a8:62:88:31:45:44:1c:25:ca:e5:15:20:d2:42: c7:1d:ff:93:9c:ad:1c:8a:37:d3:24:95:34:98:9e: 6f:5f:4f:9b:36:ac:40:71:0d:80:f4:d3:46:2b:d1: 85:b3:9f:2f:5f:a4:a1:d8:b4:f9:c8:ea:54:8b:0d: 3b:cc:94:3d:d7:24:7e:80:e9:6b:d8:1e:26:98:3c: 44:2d:7a:23:d0:8b:47:b8:93:79:a4:07:df:82:a0: de:7e:0d:0f:82:f2:03:3b:e2:9f:19:7f:ed:a9:e5: 6c:06:91:dc:aa:a7:60:aa:36:5b:16:f0:a8:ba:46: df:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:84:F2:3C:CF:A5:49:4C:C1:15:CF:86:54:9B:00:A8:CC:A2:FD:0F X509v3 Authority Key Identifier: keyid:72:DF:69:74:30:CB:B5:7C:49:A0:A1:99:30:24:D6:D3:29:F7:E5:65 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ct9pdDDLtXxJoKGZMCTW0yn35WU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f816d6-016a-4135-99e3-8c42bb2231ab/1/h4TyPM-lSUzBFc-GVJsAqMyi_Q8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f816d6-016a-4135-99e3-8c42bb2231ab/1/ct9pdDDLtXxJoKGZMCTW0yn35WU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.95.10.0/24 IPv6: 2a0a:ccc0::/32 Signature Algorithm: sha256WithRSAEncryption 40:7f:d1:49:cf:32:87:e4:05:1f:f8:76:3d:3e:8d:31:2c:50: f6:4e:1a:a2:d3:b2:04:2a:54:89:9a:18:9e:62:ee:88:39:7e: 12:19:60:76:97:e0:1b:2c:fd:36:46:a1:a6:5c:69:ed:c3:1d: 04:0f:c8:31:06:e5:31:b2:7e:80:40:94:fe:70:38:2c:b6:82: 4c:13:63:4d:01:08:54:98:75:90:01:13:94:5c:70:40:7e:c9: 89:e6:46:4d:4b:4a:c2:d5:de:91:c0:5a:0b:3d:36:bd:57:54: db:6e:5b:9d:4f:a2:b1:5e:cd:b5:d6:a8:01:c3:1a:df:0a:e7: f9:db:ab:98:9a:ba:3b:d2:5d:69:ec:98:1d:76:c2:87:96:1d: 5f:af:3b:b2:94:24:93:66:54:88:00:0a:7d:1d:01:88:b1:5a: 90:ac:e8:c0:b2:4b:5c:3b:18:76:66:39:b0:a8:87:7b:b8:19: 68:8e:96:a3:7a:8c:c6:e8:d6:d2:5f:46:2a:38:83:a5:15:5c: 34:91:6a:07:61:00:6e:47:88:83:98:8e:9d:11:72:a6:06:b4: 52:3b:36:4e:84:e8:de:ff:66:db:24:e6:2b:ec:6c:0d:c7:f9: 5f:fa:a4:c6:98:0d:6c:78:ab:97:f2:e6:39:b5:2d:9a:69:c1: 03:0d:a7:fe -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4NK1KT3HC2x5W3EkTYSM7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyZGY2OTc0MzBjYmI1N2M0OWEwYTE5OTMwMjRkNmQzMjlm N2U1NjUwHhcNMjYwMTAxMDYxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4Nzg0ZjIzY2NmYTU0OTRjYzExNWNmODY1NDliMDBhOGNjYTJmZDBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweV5B3PgSVPYnrJSTHfbzByLQjcl oI00+Zc4BPlpmHuweDmS0wZVf3Pk8uLtDR2/HW2OT8OOUMj46fld89rKlntdDaYT UC0wWjx0zo6qRHDFLKxwOxCG6PrKoybfD0kJhCNeoagqSBGivUu1SkIry+QjGNFe VfCyoHHek6bdUsOinGv9QZX2qGKIMUVEHCXK5RUg0kLHHf+TnK0cijfTJJU0mJ5v X0+bNqxAcQ2A9NNGK9GFs58vX6Sh2LT5yOpUiw07zJQ91yR+gOlr2B4mmDxELXoj 0ItHuJN5pAffgqDefg0PgvIDO+KfGX/tqeVsBpHcqqdgqjZbFvCoukbfSQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIeE8jzPpUlMwRXPhlSbAKjMov0PMB8GA1UdIwQY MBaAFHLfaXQwy7V8SaChmTAk1tMp9+VlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3Q5cGREREx0WHhKb0tHWk1DVFcweW4zNVdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9mODE2ZDYtMDE2YS00MTM1LTk5ZTMt OGM0MmJiMjIzMWFiLzEvaDRUeVBNLWxTVXpCRmMtR1ZKc0FxTXlpX1E4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS9mODE2ZDYtMDE2YS00MTM1LTk5ZTMtOGM0MmJiMjIzMWFi LzEvY3Q5cGREREx0WHhKb0tHWk1DVFcweW4zNVdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALV8KMA0E AgACMAcDBQAqCszAMA0GCSqGSIb3DQEBCwUAA4IBAQBAf9FJzzKH5AUf+HY9Po0x LFD2Thqi07IEKlSJmhieYu6IOX4SGWB2l+AbLP02RqGmXGntwx0ED8gxBuUxsn6A QJT+cDgstoJME2NNAQhUmHWQAROUXHBAfsmJ5kZNS0rC1d6RwFoLPTa9V1Tbblud T6KxXs211qgBwxrfCuf526uYmro70l1p7JgddsKHlh1frzuylCSTZlSIAAp9HQGI sVqQrOjAsktcOxh2ZjmwqId7uBlojpajeozG6NbSX0YqOIOlFVw0kWoHYQBuR4iD mI6dEXKmBrRSOzZOhOje/2bbJOYr7GwNx/lf+qTGmA1seKuX8uY5tS2aacEDDaf+ -----END CERTIFICATE-----Generated at Mon Feb 9 22:29:19 2026 by rpki-client