This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/SHujcaT_TY2fVI3CChxrrHTd3bQ.roa File: SHujcaT_TY2fVI3CChxrrHTd3bQ.roa (raw, json) Hash identifier: srjdfao4JMoPiZoVy+ekIeljUQ9qkbygkC/ghPAkZvU= Subject key identifier: 48:7B:A3:71:A4:FF:4D:8D:9F:54:8D:C2:0A:1C:6B:AC:74:DD:DD:B4 Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Certificate serial: 019B7BA528CFB4572A2B7C10951B0DFFFE73 Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/SHujcaT_TY2fVI3CChxrrHTd3bQ.roa Signing time: Thu 01 Jan 2026 22:19:40 +0000 ROA not before: Thu 01 Jan 2026 22:19:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8795 IP address blocks: 46.10.150.0/24 maxlen: 24 62.176.126.0/24 maxlen: 24 77.85.175.0/24 maxlen: 24 77.85.196.0/24 maxlen: 24 83.228.107.0/24 maxlen: 24 95.43.224.0/24 maxlen: 24 95.43.230.0/24 maxlen: 24 212.5.130.0/24 maxlen: 24 212.5.133.0/24 maxlen: 24 212.5.145.0/24 maxlen: 24 213.16.35.0/24 maxlen: 24 213.91.134.0/24 maxlen: 24 213.91.170.0/24 maxlen: 24 2a01:5a8:7::/56 maxlen: 56 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:28:cf:b4:57:2a:2b:7c:10:95:1b:0d:ff:fe:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Validity Not Before: Jan 1 22:19:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=487ba371a4ff4d8d9f548dc20a1c6bac74ddddb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:03:51:39:30:d9:74:11:c5:71:a0:a0:cc:8e: fc:3c:3c:d9:7a:a2:f7:51:5f:19:f8:c5:88:73:f3: 5e:68:c2:9a:8c:5a:4b:d9:0c:43:8b:bb:74:02:35: b1:a5:d5:a8:e0:63:77:e0:b8:d9:6a:fc:9b:11:8a: d8:00:f5:db:95:f2:79:74:55:85:ca:aa:f4:2a:07: 73:e1:f0:77:b0:bf:e0:f1:9b:03:1f:1c:44:3e:6d: 7f:16:6d:81:5b:76:7c:79:84:5e:7a:87:df:69:e9: 4e:3a:79:c1:53:84:0d:d3:68:ef:bf:aa:ad:3d:8f: 47:2f:96:04:84:20:c9:61:e3:37:ff:a8:97:b0:f3: d0:73:15:74:ab:3f:31:cd:ae:29:9d:9b:67:d4:7f: bf:48:98:49:f3:8c:58:c4:68:26:65:1b:82:47:3c: ca:e7:e7:f7:66:6a:ce:4d:1e:f1:4e:e9:c4:0c:b1: df:ee:af:96:6a:39:ac:c9:d0:88:21:94:c8:ea:16: 14:6f:83:f4:3c:e0:ca:fd:2c:7d:f8:3a:7f:42:34: d5:bd:7c:86:12:50:d0:64:1b:5c:bb:1b:b2:78:32: 00:d4:de:f3:a2:15:c6:24:29:24:bd:9f:74:ba:6b: 4a:4c:cf:df:0a:65:c6:41:12:6a:7c:68:53:68:15: 13:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:7B:A3:71:A4:FF:4D:8D:9F:54:8D:C2:0A:1C:6B:AC:74:DD:DD:B4 X509v3 Authority Key Identifier: keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/SHujcaT_TY2fVI3CChxrrHTd3bQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.10.150.0/24 62.176.126.0/24 77.85.175.0/24 77.85.196.0/24 83.228.107.0/24 95.43.224.0/24 95.43.230.0/24 212.5.130.0/24 212.5.133.0/24 212.5.145.0/24 213.16.35.0/24 213.91.134.0/24 213.91.170.0/24 IPv6: 2a01:5a8:7::/56 Signature Algorithm: sha256WithRSAEncryption 2e:c5:1e:14:c8:37:b4:a1:73:5e:10:8e:cf:53:f9:5b:84:89: 94:35:52:11:6f:0e:51:44:a6:f2:8e:0e:ff:b2:e4:9c:46:74: 65:ff:69:f0:37:8c:dd:6d:ae:73:2f:17:cc:98:66:03:82:81: 59:43:b0:7b:7c:1d:0c:5e:d9:ce:d8:02:a5:a7:f0:43:d4:d1: 63:01:55:36:cd:c1:40:27:91:03:4d:7e:af:cd:92:46:92:44: 31:3a:24:69:a0:a2:32:e7:ed:4d:89:80:77:18:33:92:89:86: fe:79:b7:ab:d7:5e:b5:b4:ad:93:8c:3e:5d:3c:12:cf:8c:e1: ff:35:5a:b8:bf:4e:67:6a:ab:1e:51:3e:94:a9:d0:49:a0:aa: ee:83:ce:4e:d4:14:4e:02:19:18:0a:b5:01:0c:8d:b4:4f:b4: 4e:47:95:f7:67:2a:de:22:d0:eb:18:2b:8d:95:75:54:6c:26: 55:7d:7b:91:c6:3c:c3:62:21:81:c2:ed:0b:92:3b:fc:44:de: a5:d4:0a:75:91:dd:f9:84:68:03:21:a0:76:6e:85:a3:44:51: ab:be:5d:0a:ee:46:6c:02:47:3e:b7:de:82:53:25:ea:71:9b: 9a:24:bc:44:1d:a5:a1:41:67:59:0b:e4:fc:93:3d:d9:c6:a6: d5:52:d2:53 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgISAZt7pSjPtFcqK3wQlRsN//5zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4 ZmI0YzQwHhcNMjYwMTAxMjIxOTQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ODdiYTM3MWE0ZmY0ZDhkOWY1NDhkYzIwYTFjNmJhYzc0ZGRkZGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgNROTDZdBHFcaCgzI78PDzZeqL3 UV8Z+MWIc/NeaMKajFpL2QxDi7t0AjWxpdWo4GN34LjZavybEYrYAPXblfJ5dFWF yqr0Kgdz4fB3sL/g8ZsDHxxEPm1/Fm2BW3Z8eYReeoffaelOOnnBU4QN02jvv6qt PY9HL5YEhCDJYeM3/6iXsPPQcxV0qz8xza4pnZtn1H+/SJhJ84xYxGgmZRuCRzzK 5+f3ZmrOTR7xTunEDLHf7q+WajmsydCIIZTI6hYUb4P0PODK/Sx9+Dp/QjTVvXyG ElDQZBtcuxuyeDIA1N7zohXGJCkkvZ90umtKTM/fCmXGQRJqfGhTaBUTCQIDAQAB o4ICYzCCAl8wHQYDVR0OBBYEFEh7o3Gk/02Nn1SNwgoca6x03d20MB8GA1UdIwQY MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct ODcyYmEyZDlmNDRjLzEvU0h1amNhVF9UWTJmVkkzQ0NoeHJySFRkM2JRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBUBAIAATBOAwQALgqWAwQA PrB+AwQATVWvAwQATVXEAwQAU+RrAwQAXyvgAwQAXyvmAwQA1AWCAwQA1AWFAwQA 1AWRAwQA1RAjAwQA1VuGAwQA1VuqMBAEAgACMAoDCAAqAQWoAAcAMA0GCSqGSIb3 DQEBCwUAA4IBAQAuxR4UyDe0oXNeEI7PU/lbhImUNVIRbw5RRKbyjg7/suScRnRl /2nwN4zdba5zLxfMmGYDgoFZQ7B7fB0MXtnO2AKlp/BD1NFjAVU2zcFAJ5EDTX6v zZJGkkQxOiRpoKIy5+1NiYB3GDOSiYb+eber1161tK2TjD5dPBLPjOH/NVq4v05n aqseUT6UqdBJoKrug85O1BROAhkYCrUBDI20T7ROR5X3ZyreItDrGCuNlXVUbCZV fXuRxjzDYiGBwu0Lkjv8RN6l1Ap1kd35hGgDIaB2boWjRFGrvl0K7kZsAkc+t96C UyXqcZuaJLxEHaWhQWdZC+T8kz3ZxqbVUtJT -----END CERTIFICATE-----Generated at Mon Jan 26 10:23:23 2026 by rpki-client