This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/NIh5X-X78HnV8OD004txMFNbvjM.roa File: NIh5X-X78HnV8OD004txMFNbvjM.roa (raw, json) Hash identifier: 94RoT+RPhL7upzRI0H0wJCdguwdTer9SXhjbnB7fpSY= Subject key identifier: 34:88:79:5F:E5:FB:F0:79:D5:F0:E0:F4:D3:8B:71:30:53:5B:BE:33 Certificate issuer: /CN=3de49b1844fe4422afbe10cdd2819c7448277e65 Certificate serial: 019B7D5B84DF13B02E09C6E4FAF52FB6A795 Authority key identifier: 3D:E4:9B:18:44:FE:44:22:AF:BE:10:CD:D2:81:9C:74:48:27:7E:65 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PeSbGET-RCKvvhDN0oGcdEgnfmU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/NIh5X-X78HnV8OD004txMFNbvjM.roa Signing time: Fri 02 Jan 2026 06:18:28 +0000 ROA not before: Fri 02 Jan 2026 06:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49544 IP address blocks: 45.153.18.0/23 maxlen: 23 45.153.18.0/24 maxlen: 24 45.153.19.0/24 maxlen: 24 2a00:1e29::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/PeSbGET-RCKvvhDN0oGcdEgnfmU.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/PeSbGET-RCKvvhDN0oGcdEgnfmU.mft rsync://rpki.ripe.net/repository/DEFAULT/PeSbGET-RCKvvhDN0oGcdEgnfmU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:84:df:13:b0:2e:09:c6:e4:fa:f5:2f:b6:a7:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3de49b1844fe4422afbe10cdd2819c7448277e65 Validity Not Before: Jan 2 06:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3488795fe5fbf079d5f0e0f4d38b7130535bbe33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ec:34:98:71:f9:06:ef:8d:b5:8c:ae:26:26: 52:30:f8:1b:66:4a:b2:b7:44:48:5e:f9:0f:47:4d: da:6c:3d:90:d0:57:2c:19:6a:66:f5:4e:b9:f5:2a: 60:5a:64:96:cc:99:7d:d7:b3:f6:c2:97:2f:34:ce: d5:72:76:71:ff:a0:09:10:c9:1e:9a:2f:bb:c4:e1: 3c:10:f2:a4:c2:f3:36:0f:12:62:0f:42:b7:97:b1: de:02:9c:25:fe:46:a7:5a:4f:bf:0a:44:bc:32:12: b7:31:51:16:0b:ec:05:b2:d6:ae:19:3c:1d:20:0e: 53:21:97:5e:f5:17:71:48:d3:ac:fd:85:9e:9f:86: 59:0a:17:79:fa:73:d9:22:b6:64:1e:92:a3:2a:6f: 59:14:ae:12:fe:fb:af:50:0e:e7:34:a6:34:8c:32: b0:8c:fe:9a:91:ee:b6:a6:ce:6b:ea:ec:92:64:91: 4f:7d:33:a2:fd:8a:7d:3d:49:93:b6:73:d8:4d:65: 0c:ad:49:0b:9f:0d:8d:b2:72:fd:2a:1a:61:88:f3: e3:d4:3a:0f:d9:a0:84:a6:50:d0:dc:52:10:87:9b: b7:b5:a5:4e:5b:94:53:28:30:0c:8f:b1:e2:06:17: 1f:f4:47:38:87:fa:c6:d7:bc:f4:9a:5c:11:00:e3: aa:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:88:79:5F:E5:FB:F0:79:D5:F0:E0:F4:D3:8B:71:30:53:5B:BE:33 X509v3 Authority Key Identifier: keyid:3D:E4:9B:18:44:FE:44:22:AF:BE:10:CD:D2:81:9C:74:48:27:7E:65 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PeSbGET-RCKvvhDN0oGcdEgnfmU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/NIh5X-X78HnV8OD004txMFNbvjM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/PeSbGET-RCKvvhDN0oGcdEgnfmU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.153.18.0/23 IPv6: 2a00:1e29::/32 Signature Algorithm: sha256WithRSAEncryption a2:d7:d9:66:4a:99:93:4e:f9:ad:7c:70:4b:11:3a:e4:9b:01: 14:f7:af:36:1f:d4:0f:98:7a:7b:3f:b4:40:75:68:3b:da:46: 6b:c9:24:fb:09:d9:44:d1:99:79:87:31:c7:62:9a:8c:12:6e: 2c:ed:a0:e8:52:fe:8d:61:64:e0:74:92:f2:51:a0:85:52:bc: 80:3c:66:14:e8:5d:4d:78:d4:4a:2d:56:fe:fe:f7:d2:4d:5a: 6a:70:3d:50:04:d2:3a:85:d0:7d:92:6f:60:42:4d:92:ae:13: 50:ec:1c:8c:2d:46:ac:83:01:32:2f:09:43:c0:e1:71:47:7a: b0:e2:4e:ca:47:d7:87:c6:42:e4:40:c2:c3:66:b2:73:eb:6d: 3b:e0:d7:2f:57:dd:3d:a7:af:87:e2:f1:be:ef:5b:7d:cd:2e: 5c:8a:2c:8d:ba:82:34:b7:16:e3:ef:c5:d7:eb:d4:c8:84:ad: 1c:98:cf:db:2e:a0:5e:cf:d9:89:01:fc:8f:0b:92:63:96:6d: 47:cf:fe:87:42:a5:c2:52:d8:0d:5d:fd:f7:36:9f:9d:8a:0d: 09:01:d5:f6:2a:b6:85:95:43:29:bd:fa:c1:00:f3:0e:d0:3c: 85:cd:20:32:cc:22:65:57:09:dc:9a:ee:2a:43:cc:cf:89:55: f7:b9:58:cc -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9W4TfE7AuCcbk+vUvtqeVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkZTQ5YjE4NDRmZTQ0MjJhZmJlMTBjZGQyODE5Yzc0NDgy NzdlNjUwHhcNMjYwMTAyMDYxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNDg4Nzk1ZmU1ZmJmMDc5ZDVmMGUwZjRkMzhiNzEzMDUzNWJiZTMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+w0mHH5Bu+NtYyuJiZSMPgbZkqy t0RIXvkPR03abD2Q0FcsGWpm9U659SpgWmSWzJl917P2wpcvNM7VcnZx/6AJEMke mi+7xOE8EPKkwvM2DxJiD0K3l7HeApwl/kanWk+/CkS8MhK3MVEWC+wFstauGTwd IA5TIZde9RdxSNOs/YWen4ZZChd5+nPZIrZkHpKjKm9ZFK4S/vuvUA7nNKY0jDKw jP6ake62ps5r6uySZJFPfTOi/Yp9PUmTtnPYTWUMrUkLnw2NsnL9KhphiPPj1DoP 2aCEplDQ3FIQh5u3taVOW5RTKDAMj7HiBhcf9Ec4h/rG17z0mlwRAOOqewIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDSIeV/l+/B51fDg9NOLcTBTW74zMB8GA1UdIwQY MBaAFD3kmxhE/kQir74QzdKBnHRIJ35lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUGVTYkdFVC1SQ0t2dmhETjBvR2NkRWduZm1VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84MWIxODgtMjU1ZC00OWM3LTlmOTgt MGFjOWI0ZDdlYWI3LzEvTkloNVgtWDc4SG5WOE9EMDA0dHhNRk5idmpNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC84MWIxODgtMjU1ZC00OWM3LTlmOTgtMGFjOWI0ZDdlYWI3 LzEvUGVTYkdFVC1SQ0t2dmhETjBvR2NkRWduZm1VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLZkSMA0E AgACMAcDBQAqAB4pMA0GCSqGSIb3DQEBCwUAA4IBAQCi19lmSpmTTvmtfHBLETrk mwEU9682H9QPmHp7P7RAdWg72kZryST7CdlE0Zl5hzHHYpqMEm4s7aDoUv6NYWTg dJLyUaCFUryAPGYU6F1NeNRKLVb+/vfSTVpqcD1QBNI6hdB9km9gQk2SrhNQ7ByM LUasgwEyLwlDwOFxR3qw4k7KR9eHxkLkQMLDZrJz62074NcvV909p6+H4vG+71t9 zS5ciiyNuoI0txbj78XX69TIhK0cmM/bLqBez9mJAfyPC5Jjlm1Hz/6HQqXCUtgN Xf33Np+dig0JAdX2KraFlUMpvfrBAPMO0DyFzSAyzCJlVwncmu4qQ8zPiVX3uVjM -----END CERTIFICATE-----Generated at Tue Jan 20 01:22:10 2026 by rpki-client