This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H1zr7s6FyoQooj9O-R5TGiL5WuM.roa File: H1zr7s6FyoQooj9O-R5TGiL5WuM.roa (raw, json) Hash identifier: Gl58J73FnJhKkjsfyJGxJf2CpyTm5jT/7mD3p9JxUXY= Subject key identifier: 1F:5C:EB:EE:CE:85:CA:84:28:A2:3F:4E:F9:1E:53:1A:22:F9:5A:E3 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D6038012E208565511FBA39254367 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H1zr7s6FyoQooj9O-R5TGiL5WuM.roa Signing time: Fri 02 Jan 2026 06:20:30 +0000 ROA not before: Fri 02 Jan 2026 06:20:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212609 IP address blocks: 223.27.113.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:60:38:01:2e:20:85:65:51:1f:ba:39:25:43:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f5cebeece85ca8428a23f4ef91e531a22f95ae3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:4e:1b:11:3b:a7:9a:52:0c:79:08:02:6b:25: 7a:4a:6e:eb:b8:01:68:b5:3b:e3:b4:c8:30:19:02: cb:47:f7:69:f4:09:11:87:ba:35:6e:3f:95:e6:2f: 9e:db:28:94:f1:00:4e:ac:41:dc:55:07:9b:7e:69: 73:32:d2:0a:80:51:66:74:4c:aa:41:71:cc:fc:eb: b4:68:bb:10:88:75:4d:fe:8b:ca:2e:21:bf:88:92: cc:44:a0:f1:0d:57:d3:b5:f7:88:b1:90:4b:0a:81: fe:45:e8:c3:be:65:45:55:36:d6:92:d2:af:7c:5c: 01:35:d4:70:3a:24:a4:e7:70:71:6a:e7:ab:17:3e: c3:d7:09:48:1f:87:87:1d:b6:48:40:0c:ac:5f:9d: 65:07:91:8c:7a:5a:70:21:dc:83:7f:d2:21:dc:7c: 00:69:b3:61:23:f8:6f:b2:60:84:2d:4e:94:ac:ab: 99:87:71:06:b2:c9:d6:0c:fd:2b:28:04:14:3d:72: d1:82:28:df:27:08:5b:d6:a2:f4:66:92:3c:0c:3e: 7e:f4:0f:ba:54:b5:9c:3e:ff:41:5f:e1:cb:90:6f: 7f:b0:2a:c6:9e:0b:be:bc:4c:94:e9:c1:a4:8a:18: 49:87:b4:be:04:2c:64:6d:fa:be:c2:65:bc:98:5b: 38:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:5C:EB:EE:CE:85:CA:84:28:A2:3F:4E:F9:1E:53:1A:22:F9:5A:E3 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H1zr7s6FyoQooj9O-R5TGiL5WuM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.27.113.0/24 Signature Algorithm: sha256WithRSAEncryption 25:bd:62:9b:89:5e:de:2d:d7:27:7a:42:c3:31:53:3d:cb:04: 8d:f6:7a:35:f6:2b:2e:00:c6:4b:a5:cd:ad:5e:44:9c:bd:12: ee:d2:ec:fc:33:0f:d6:6c:d4:31:73:d4:ee:5d:f8:b1:e1:e8: 58:27:1c:f0:48:7d:a1:d5:d9:2a:fd:1f:2d:0a:41:ba:2f:48: ec:4c:eb:5b:98:8a:19:14:b0:21:3a:bf:f3:b3:e7:77:86:d1: 65:b4:3e:50:77:c4:17:06:b5:e5:f5:6b:f8:3b:11:e4:e3:be: 76:b3:b4:6e:bb:1b:ec:ac:de:89:8e:af:61:00:3c:90:b0:09: 4d:f3:39:fe:c5:ff:4a:ed:06:ba:27:b3:d5:16:5b:25:05:f1: e8:80:cf:f5:3f:ef:3c:5f:84:8d:fb:de:08:cd:5c:c3:f9:30: 77:39:78:a6:b0:79:9a:65:1f:8a:55:d1:89:5f:bb:bb:33:82: 8b:a3:a9:13:cf:fb:8c:a8:5d:31:8d:25:df:47:66:f5:65:08: 62:a2:64:c1:d2:69:72:ae:5a:ca:cf:f7:bd:e4:5a:b1:56:a1: bc:bb:18:20:0c:c3:be:a0:48:d5:da:84:b6:82:1d:b3:16:5f: 08:a0:2f:d5:4e:87:ea:48:56:f5:4f:e3:35:d5:1b:0d:9c:c6: 26:ab:c0:f9 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9XWA4AS4ghWVRH7o5JUNnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjVjZWJlZWNlODVjYTg0MjhhMjNmNGVmOTFlNTMxYTIyZjk1YWUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2E4bETunmlIMeQgCayV6Sm7ruAFo tTvjtMgwGQLLR/dp9AkRh7o1bj+V5i+e2yiU8QBOrEHcVQebfmlzMtIKgFFmdEyq QXHM/Ou0aLsQiHVN/ovKLiG/iJLMRKDxDVfTtfeIsZBLCoH+RejDvmVFVTbWktKv fFwBNdRwOiSk53BxauerFz7D1wlIH4eHHbZIQAysX51lB5GMelpwIdyDf9Ih3HwA abNhI/hvsmCELU6UrKuZh3EGssnWDP0rKAQUPXLRgijfJwhb1qL0ZpI8DD5+9A+6 VLWcPv9BX+HLkG9/sCrGngu+vEyU6cGkihhJh7S+BCxkbfq+wmW8mFs4UQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFB9c6+7OhcqEKKI/TvkeUxoi+VrjMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvSDF6cjdzNkZ5b1Fvb2o5Ty1SNVRHaUw1V3VNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3xtxMA0G CSqGSIb3DQEBCwUAA4IBAQAlvWKbiV7eLdcnekLDMVM9ywSN9no19isuAMZLpc2t XkScvRLu0uz8Mw/WbNQxc9TuXfix4ehYJxzwSH2h1dkq/R8tCkG6L0jsTOtbmIoZ FLAhOr/zs+d3htFltD5Qd8QXBrXl9Wv4OxHk4752s7RuuxvsrN6Jjq9hADyQsAlN 8zn+xf9K7Qa6J7PVFlslBfHogM/1P+88X4SN+94IzVzD+TB3OXimsHmaZR+KVdGJ X7u7M4KLo6kTz/uMqF0xjSXfR2b1ZQhiomTB0mlyrlrKz/e95FqxVqG8uxggDMO+ oEjV2oS2gh2zFl8IoC/VTofqSFb1T+M11RsNnMYmq8D5 -----END CERTIFICATE-----Generated at Mon Jan 19 18:40:00 2026 by rpki-client