This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/BHSiCUrFc-TEdSEPwjcFCNQnGR8.roa File: BHSiCUrFc-TEdSEPwjcFCNQnGR8.roa (raw, json) Hash identifier: hkVbYU9rreHO+iPmRQJ/E53L6MLfLKmzXEGQtgni27o= Subject key identifier: 04:74:A2:09:4A:C5:73:E4:C4:75:21:0F:C2:37:05:08:D4:27:19:1F Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Certificate serial: 019B76EB852CE69DE9E6258216EAE4357ED5 Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/BHSiCUrFc-TEdSEPwjcFCNQnGR8.roa Signing time: Thu 01 Jan 2026 00:18:25 +0000 ROA not before: Thu 01 Jan 2026 00:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56458 IP address blocks: 89.40.224.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 06:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:85:2c:e6:9d:e9:e6:25:82:16:ea:e4:35:7e:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Validity Not Before: Jan 1 00:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0474a2094ac573e4c475210fc2370508d427191f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:22:dc:02:f0:92:60:9f:00:cc:f8:7d:11:80: 63:66:3f:21:d2:cd:35:5a:23:f4:66:29:4a:b7:92: 71:84:2d:22:b9:ae:6a:8a:55:eb:f7:a3:d8:9e:47: f3:ab:d4:06:e9:5e:0e:6d:4f:3e:c0:ab:88:2e:93: 2c:42:45:04:86:8d:ea:44:62:bc:13:cf:25:52:59: 52:90:a2:52:8d:d4:ec:57:8f:93:d4:a4:fb:af:1f: 0e:6a:b4:4c:32:18:a7:8a:6e:0e:65:3b:9e:67:b2: db:e1:d4:d9:ea:bf:33:90:02:46:8d:23:ce:4f:62: f9:7f:31:4a:cc:32:da:f8:02:b8:f2:3f:2c:64:c4: 93:8c:50:58:68:9c:81:49:c0:af:96:54:74:a2:67: ae:c9:67:dc:07:22:15:66:b0:16:0c:e5:50:a6:43: b1:e1:7d:5f:87:c7:7e:e4:84:f8:42:9e:fc:f8:de: 78:83:ed:34:8a:01:52:d2:55:d6:d4:bf:a6:79:05: d5:c9:00:bb:36:44:a6:5a:de:72:1b:b4:46:2d:c0: cc:f5:e7:75:8b:40:30:23:52:a4:02:d0:61:22:26: 1f:6f:a4:4c:83:f5:3c:4f:c7:4d:cc:47:21:30:43: 93:87:c8:6e:ad:1d:03:6b:11:a6:96:90:32:de:23: f7:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:74:A2:09:4A:C5:73:E4:C4:75:21:0F:C2:37:05:08:D4:27:19:1F X509v3 Authority Key Identifier: keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/BHSiCUrFc-TEdSEPwjcFCNQnGR8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.40.224.0/24 Signature Algorithm: sha256WithRSAEncryption 10:86:1a:30:95:3b:ec:d1:3f:e7:21:c8:b4:11:81:a3:92:42: d0:8c:bb:d9:0f:96:5a:03:04:fc:ff:6b:9c:8a:9d:5e:51:d3: 79:42:20:ab:9d:94:ec:80:fe:c9:5e:c0:01:b9:38:3d:41:e9: 71:91:95:16:7b:32:96:18:e7:95:bb:46:7f:d5:1e:56:ce:d3: 2d:72:f0:2b:01:99:c0:4a:21:3c:39:a6:db:6c:29:3f:cd:40: 36:3f:ca:e9:79:e6:17:9f:73:33:16:f5:9d:53:56:9d:50:95: 4e:96:b8:bf:a7:59:d1:4b:4e:28:c2:1c:5f:8c:f3:0b:b4:3e: 89:c9:e1:54:29:c1:46:2f:95:89:17:e9:93:95:be:0d:17:09: 51:c4:b8:87:b3:4c:b0:7c:34:0f:1b:1a:c5:7a:48:11:58:9f: 73:79:d1:a3:67:d4:44:92:37:72:c3:23:e8:c4:f1:c9:93:19: d8:35:53:62:8d:d4:81:0e:a9:91:b0:86:96:60:69:38:04:90: e4:54:30:1d:3d:23:a0:bf:3f:80:e4:a1:29:e7:56:67:75:1a: d7:16:44:ed:24:7e:b3:04:5b:be:c7:61:7f:1a:96:91:bf:9e: 1e:61:7e:a9:07:76:57:e2:c7:a3:44:ac:81:50:b9:6b:7d:d1: 4d:9c:41:1a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt264Us5p3p5iWCFurkNX7VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3 YjQ1ODkwHhcNMjYwMTAxMDAxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNDc0YTIwOTRhYzU3M2U0YzQ3NTIxMGZjMjM3MDUwOGQ0MjcxOTFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CLcAvCSYJ8AzPh9EYBjZj8h0s01 WiP0ZilKt5JxhC0iua5qilXr96PYnkfzq9QG6V4ObU8+wKuILpMsQkUEho3qRGK8 E88lUllSkKJSjdTsV4+T1KT7rx8OarRMMhinim4OZTueZ7Lb4dTZ6r8zkAJGjSPO T2L5fzFKzDLa+AK48j8sZMSTjFBYaJyBScCvllR0omeuyWfcByIVZrAWDOVQpkOx 4X1fh8d+5IT4Qp78+N54g+00igFS0lXW1L+meQXVyQC7NkSmWt5yG7RGLcDM9ed1 i0AwI1KkAtBhIiYfb6RMg/U8T8dNzEchMEOTh8hurR0DaxGmlpAy3iP31QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAR0oglKxXPkxHUhD8I3BQjUJxkfMB8GA1UdIwQY MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt MmVjZTA0ZTE4NWMyLzEvQkhTaUNVckZjLVRFZFNFUHdqY0ZDTlFuR1I4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSjgMA0G CSqGSIb3DQEBCwUAA4IBAQAQhhowlTvs0T/nIci0EYGjkkLQjLvZD5ZaAwT8/2uc ip1eUdN5QiCrnZTsgP7JXsABuTg9QelxkZUWezKWGOeVu0Z/1R5WztMtcvArAZnA SiE8OabbbCk/zUA2P8rpeeYXn3MzFvWdU1adUJVOlri/p1nRS04owhxfjPMLtD6J yeFUKcFGL5WJF+mTlb4NFwlRxLiHs0ywfDQPGxrFekgRWJ9zedGjZ9REkjdywyPo xPHJkxnYNVNijdSBDqmRsIaWYGk4BJDkVDAdPSOgvz+A5KEp51ZndRrXFkTtJH6z BFu+x2F/GpaRv54eYX6pB3ZX4sejRKyBULlrfdFNnEEa -----END CERTIFICATE-----Generated at Wed Jan 21 11:07:37 2026 by rpki-client