This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hIGtzhhMdXmD2U4PyJJZxmPVlzA.roa File: hIGtzhhMdXmD2U4PyJJZxmPVlzA.roa (raw, json) Hash identifier: f/ZxV2P0fWH9HvwhdfplsV+5f71xnoOsxQDiDjxQWSI= Subject key identifier: 84:81:AD:CE:18:4C:75:79:83:D9:4E:0F:C8:92:59:C6:63:D5:97:30 Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Certificate serial: 019B7BA52758A8D64F310E84B40D02AD0187 Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hIGtzhhMdXmD2U4PyJJZxmPVlzA.roa Signing time: Thu 01 Jan 2026 22:19:39 +0000 ROA not before: Thu 01 Jan 2026 22:19:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 4755 IP address blocks: 212.5.156.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:27:58:a8:d6:4f:31:0e:84:b4:0d:02:ad:01:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Validity Not Before: Jan 1 22:19:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8481adce184c757983d94e0fc89259c663d59730 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:96:bc:1c:65:d9:f3:59:88:b7:46:e6:15:23: 4d:cd:3b:f9:79:66:dc:3c:c2:4f:c8:b2:f6:8f:cc: a2:a8:53:01:b2:32:48:27:bc:d2:41:35:f2:91:7f: 40:b8:40:7d:9a:3a:20:21:c6:86:4a:3f:de:c5:13: 35:7d:ea:a6:04:05:1b:8b:06:f8:71:33:05:15:08: 5e:a8:2e:13:39:4c:22:9e:e0:5d:85:c1:74:fd:7f: d5:a5:3a:d4:cf:29:3e:bf:d4:06:b0:c4:50:8e:6d: 3c:ae:c2:a0:69:37:5e:4c:6b:e9:02:22:e9:51:fe: be:45:74:13:80:28:f9:8b:00:2f:38:aa:20:f8:01: 97:13:cf:6e:86:21:fb:ce:a1:ef:54:9b:55:2b:8c: 85:f0:89:ab:3b:94:e0:60:ff:62:f1:11:ec:b5:a8: 94:8b:e4:63:b3:e3:9b:08:bc:9b:a5:14:6f:f0:0b: a4:79:15:4f:ce:b6:d8:05:52:7c:b3:02:56:fe:69: d1:c3:b7:1b:4a:ea:73:18:86:79:23:36:2b:4b:3f: b6:12:ef:f8:a0:05:bd:a3:e5:a1:94:59:98:cc:73: c1:ba:47:0a:5f:26:25:6b:0a:07:8b:eb:3f:c7:2f: cc:5f:49:d0:18:6e:02:49:18:2a:cc:4a:cc:a6:ac: 8b:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:81:AD:CE:18:4C:75:79:83:D9:4E:0F:C8:92:59:C6:63:D5:97:30 X509v3 Authority Key Identifier: keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hIGtzhhMdXmD2U4PyJJZxmPVlzA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.5.156.0/24 Signature Algorithm: sha256WithRSAEncryption 11:38:a3:10:6e:c5:86:1e:9d:37:38:b4:7f:d1:02:b0:94:7e: 2b:1e:ed:a2:ca:f1:f7:16:75:76:f4:96:99:fa:58:48:35:1d: d0:9b:de:a5:cf:84:02:d3:9b:a5:0a:ca:8a:71:21:11:58:89: 89:7a:a8:41:3b:f4:b1:95:23:a1:fc:44:84:f5:fd:03:f5:34: 7c:ba:10:1a:b9:97:de:a1:98:c2:8c:81:42:d5:3a:4b:41:ca: bf:e3:21:5c:07:08:dc:a5:30:27:08:49:3f:af:10:8f:b1:57: 38:f7:d5:7e:86:dc:f3:a8:3b:42:6d:b3:94:27:21:74:6d:b3: 32:c1:98:8f:23:9e:65:fd:dd:de:23:9b:38:96:93:1d:bd:31: e4:75:b1:0b:2e:b0:38:47:8c:31:4f:4d:c2:d7:78:f0:ef:b6: 8a:93:6a:25:48:e3:07:37:79:2f:f4:21:8d:ea:8e:3d:dc:c0: 58:f4:52:3e:0f:e8:98:ad:3f:a8:5b:a3:02:a7:91:d6:f0:6b: 3a:47:ab:79:5a:11:85:90:37:dc:28:4d:f5:7e:a0:1c:80:20: dd:72:a3:b8:f8:a9:eb:af:3f:73:bb:4f:30:64:4e:79:f4:26: d9:14:f6:74:5d:57:da:7e:0b:27:cd:70:3c:73:44:e7:a0:51: 1a:28:16:ea -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7pSdYqNZPMQ6EtA0CrQGHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4 ZmI0YzQwHhcNMjYwMTAxMjIxOTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDgxYWRjZTE4NGM3NTc5ODNkOTRlMGZjODkyNTljNjYzZDU5NzMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15a8HGXZ81mIt0bmFSNNzTv5eWbc PMJPyLL2j8yiqFMBsjJIJ7zSQTXykX9AuEB9mjogIcaGSj/exRM1feqmBAUbiwb4 cTMFFQheqC4TOUwinuBdhcF0/X/VpTrUzyk+v9QGsMRQjm08rsKgaTdeTGvpAiLp Uf6+RXQTgCj5iwAvOKog+AGXE89uhiH7zqHvVJtVK4yF8ImrO5TgYP9i8RHstaiU i+Rjs+ObCLybpRRv8AukeRVPzrbYBVJ8swJW/mnRw7cbSupzGIZ5IzYrSz+2Eu/4 oAW9o+WhlFmYzHPBukcKXyYlawoHi+s/xy/MX0nQGG4CSRgqzErMpqyL4wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFISBrc4YTHV5g9lOD8iSWcZj1ZcwMB8GA1UdIwQY MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct ODcyYmEyZDlmNDRjLzEvaElHdHpoaE1kWG1EMlU0UHlKSlp4bVBWbHpBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AWcMA0G CSqGSIb3DQEBCwUAA4IBAQAROKMQbsWGHp03OLR/0QKwlH4rHu2iyvH3FnV29JaZ +lhINR3Qm96lz4QC05ulCsqKcSERWImJeqhBO/SxlSOh/ESE9f0D9TR8uhAauZfe oZjCjIFC1TpLQcq/4yFcBwjcpTAnCEk/rxCPsVc499V+htzzqDtCbbOUJyF0bbMy wZiPI55l/d3eI5s4lpMdvTHkdbELLrA4R4wxT03C13jw77aKk2olSOMHN3kv9CGN 6o493MBY9FI+D+iYrT+oW6MCp5HW8Gs6R6t5WhGFkDfcKE31fqAcgCDdcqO4+Knr rz9zu08wZE559CbZFPZ0XVfafgsnzXA8c0TnoFEaKBbq -----END CERTIFICATE-----Generated at Tue Jan 20 02:56:21 2026 by rpki-client