This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hlmj5oV538ZUDh4Itji7yCREfWI.roa File: hlmj5oV538ZUDh4Itji7yCREfWI.roa (raw, json) Hash identifier: HoOdAl26LihpqE2bXPI8FiQkYf632D1dtXTIrO0nqSE= Subject key identifier: 86:59:A3:E6:85:79:DF:C6:54:0E:1E:08:B6:38:BB:C8:24:44:7D:62 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D2E3F7E048DBF1C7C315ADB4397F9 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hlmj5oV538ZUDh4Itji7yCREfWI.roa Signing time: Fri 02 Jan 2026 06:20:17 +0000 ROA not before: Fri 02 Jan 2026 06:20:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14178 IP address blocks: 45.65.92.0/22 maxlen: 24 185.35.228.0/22 maxlen: 24 193.187.136.0/22 maxlen: 24 194.61.42.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:2e:3f:7e:04:8d:bf:1c:7c:31:5a:db:43:97:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8659a3e68579dfc6540e1e08b638bbc824447d62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:3a:39:34:be:5d:c6:95:60:5c:03:4a:b7:7b: 9d:88:9c:c5:7e:21:d6:a9:37:33:1c:f5:d6:92:2a: b7:b3:5e:d0:78:49:17:61:9b:81:28:63:2b:f6:29: 1d:2d:ef:6e:73:21:74:07:ae:04:84:33:88:69:38: 74:6f:f2:3e:cd:cf:96:df:2d:d3:2b:91:7b:11:a6: 2e:c3:7c:63:c1:f6:3e:20:32:74:48:30:c4:04:23: 67:78:fc:65:ce:56:dc:22:fa:fa:d2:c8:0e:30:ca: 18:d0:77:61:5f:2e:ae:84:bf:70:00:3e:39:37:9f: f7:bf:28:1d:d4:a0:ba:71:b1:69:7e:48:2e:87:22: 1e:a8:6c:b8:96:8e:87:26:1e:34:eb:b9:a8:dc:89: a8:29:60:19:42:28:e3:9b:1a:23:cd:90:1c:a2:5d: 84:d6:84:94:70:1f:b3:f7:53:fc:07:dc:72:62:28: 4f:6b:fe:46:f8:a4:25:b3:1f:0d:de:82:3c:b8:7a: 32:73:2a:34:df:da:23:83:ef:16:84:e5:3d:19:e9: 9d:ed:76:d2:6f:82:7e:f7:e1:41:4d:de:c0:2a:8f: 9d:71:be:46:f5:f8:37:00:94:88:8f:f6:f5:a8:e4: 48:8e:9a:8f:5f:0c:ed:27:f9:be:f5:bc:2b:9d:30: 40:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:59:A3:E6:85:79:DF:C6:54:0E:1E:08:B6:38:BB:C8:24:44:7D:62 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hlmj5oV538ZUDh4Itji7yCREfWI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.65.92.0/22 185.35.228.0/22 193.187.136.0/22 194.61.42.0/23 Signature Algorithm: sha256WithRSAEncryption 27:30:85:ad:62:8c:f1:a8:74:fd:fe:84:43:d1:ec:c6:74:3b: 2f:09:ef:10:cb:12:92:13:90:92:00:87:b6:9a:d4:b7:0b:9a: db:e0:b9:37:b8:e1:f9:35:b9:91:6d:ec:b3:6b:97:4c:ec:e7: 80:12:c1:0c:06:5e:8e:7a:84:dd:bf:5b:48:0e:5f:14:3c:e8: ff:e0:48:5b:b5:b0:08:5f:8b:aa:66:52:61:10:47:da:d4:60: 10:af:e2:73:8e:cb:9b:0e:9b:cf:a1:62:51:eb:00:a3:12:57: 75:c0:72:a6:bc:17:41:09:ca:74:d5:63:b8:0d:cf:2b:27:69: 88:90:f4:58:96:fc:bc:d6:29:ca:8e:a8:d1:2c:54:43:29:71: 06:eb:9e:c1:e6:e2:18:d5:53:bd:9e:00:9b:9e:2c:9c:27:6f: 3c:57:0a:97:fb:f6:93:d1:df:cc:a1:5e:9b:a5:f7:e0:8c:e0: 15:55:70:ed:43:21:ff:30:61:4f:ef:1d:d8:a3:2f:27:a5:ec: 52:68:ae:7d:de:18:b1:35:c5:6d:0d:2c:2e:0e:ed:f7:d8:fd: fa:be:95:7f:f0:fb:8e:b1:ed:16:12:71:ee:d4:54:12:00:98: bb:36:d8:4d:80:cf:83:17:c6:b0:cd:0f:32:15:2f:e8:cc:31: dc:15:f8:77 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt9XS4/fgSNvxx8MVrbQ5f5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjU5YTNlNjg1NzlkZmM2NTQwZTFlMDhiNjM4YmJjODI0NDQ3ZDYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjo5NL5dxpVgXANKt3udiJzFfiHW qTczHPXWkiq3s17QeEkXYZuBKGMr9ikdLe9ucyF0B64EhDOIaTh0b/I+zc+W3y3T K5F7EaYuw3xjwfY+IDJ0SDDEBCNnePxlzlbcIvr60sgOMMoY0HdhXy6uhL9wAD45 N5/3vygd1KC6cbFpfkguhyIeqGy4lo6HJh4067mo3ImoKWAZQijjmxojzZAcol2E 1oSUcB+z91P8B9xyYihPa/5G+KQlsx8N3oI8uHoycyo039ojg+8WhOU9Gemd7XbS b4J+9+FBTd7AKo+dcb5G9fg3AJSIj/b1qORIjpqPXwztJ/m+9bwrnTBApwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFIZZo+aFed/GVA4eCLY4u8gkRH1iMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvaGxtajVvVjUzOFpVRGg0SXRqaTd5Q1JFZldJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLUFcAwQC uSPkAwQCwbuIAwQBwj0qMA0GCSqGSIb3DQEBCwUAA4IBAQAnMIWtYozxqHT9/oRD 0ezGdDsvCe8QyxKSE5CSAIe2mtS3C5rb4Lk3uOH5NbmRbeyza5dM7OeAEsEMBl6O eoTdv1tIDl8UPOj/4EhbtbAIX4uqZlJhEEfa1GAQr+JzjsubDpvPoWJR6wCjEld1 wHKmvBdBCcp01WO4Dc8rJ2mIkPRYlvy81inKjqjRLFRDKXEG657B5uIY1VO9ngCb niycJ288VwqX+/aT0d/MoV6bpffgjOAVVXDtQyH/MGFP7x3Yoy8npexSaK593hix NcVtDSwuDu332P36vpV/8PuOse0WEnHu1FQSAJi7NthNgM+DF8awzQ8yFS/ozDHc Ffh3 -----END CERTIFICATE-----Generated at Mon Jan 19 19:56:25 2026 by rpki-client