This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6366b4-dd6f-4040-8895-71be0d51919d/1/hTjSrcovPq648FqPM_7hdgfN-EI.roa File: hTjSrcovPq648FqPM_7hdgfN-EI.roa (raw, json) Hash identifier: lYgMjkKMuEdbys29eJuErKr4659N+NA6qhwRfkiwEHE= Subject key identifier: 85:38:D2:AD:CA:2F:3E:AE:B8:F0:5A:8F:33:FE:E1:76:07:CD:F8:42 Certificate issuer: /CN=55c9b2025e0e695808f6b61ee276aed4fb5680cd Certificate serial: 019B7A5B9CB14C3A155F481C22947500C49B Authority key identifier: 55:C9:B2:02:5E:0E:69:58:08:F6:B6:1E:E2:76:AE:D4:FB:56:80:CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VcmyAl4OaVgI9rYe4nau1PtWgM0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6366b4-dd6f-4040-8895-71be0d51919d/1/hTjSrcovPq648FqPM_7hdgfN-EI.roa Signing time: Thu 01 Jan 2026 16:19:42 +0000 ROA not before: Thu 01 Jan 2026 16:19:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5650 IP address blocks: 167.150.18.0/24 maxlen: 24 167.150.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/6366b4-dd6f-4040-8895-71be0d51919d/1/VcmyAl4OaVgI9rYe4nau1PtWgM0.crl rsync://rpki.ripe.net/repository/DEFAULT/be/6366b4-dd6f-4040-8895-71be0d51919d/1/VcmyAl4OaVgI9rYe4nau1PtWgM0.mft rsync://rpki.ripe.net/repository/DEFAULT/VcmyAl4OaVgI9rYe4nau1PtWgM0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:9c:b1:4c:3a:15:5f:48:1c:22:94:75:00:c4:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=55c9b2025e0e695808f6b61ee276aed4fb5680cd Validity Not Before: Jan 1 16:19:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8538d2adca2f3eaeb8f05a8f33fee17607cdf842 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:63:8c:52:1f:ee:81:de:ad:59:25:e6:c5:db: 2e:26:b0:26:77:52:1d:cc:69:4d:d1:bb:64:e7:19: 89:26:a6:dd:a1:76:f3:69:a1:d0:1a:e8:4f:b6:80: 6f:7d:e6:5c:31:42:d8:f9:20:84:31:40:8b:05:64: ab:67:15:53:88:a7:53:92:d4:1f:55:b4:3d:77:9e: 81:ee:41:92:90:1d:69:62:ad:cd:d9:7f:d7:ff:20: 29:fd:fa:52:5b:25:17:cd:17:bc:5b:d2:5c:b2:c7: 6b:46:00:c8:dc:7e:8d:17:a1:0d:8d:e5:64:f1:0d: 39:66:2e:9d:cf:c9:ad:2f:3a:57:dc:3e:ea:b0:25: bb:b9:1c:ea:a7:67:6f:cd:2c:d0:a0:2d:e3:d2:e2: af:80:aa:ba:fa:76:4c:68:6a:f8:d9:aa:1f:ae:f1: 43:6f:75:b5:44:42:b2:f5:b4:55:6e:b3:c3:d2:bf: a6:99:0a:28:12:c2:eb:94:f3:d1:ba:6e:1e:ec:6c: 1b:38:81:c1:ce:f0:ac:7b:ba:d6:ce:ea:f1:1c:0b: 26:d0:db:6d:4a:98:02:2a:a1:59:d1:66:f1:14:48: ce:3a:ee:f1:d1:79:f1:7f:af:2a:00:c3:ce:30:a6: 6b:8f:1e:b7:ec:c8:20:ee:ae:2b:7e:bc:2e:d5:fe: af:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:38:D2:AD:CA:2F:3E:AE:B8:F0:5A:8F:33:FE:E1:76:07:CD:F8:42 X509v3 Authority Key Identifier: keyid:55:C9:B2:02:5E:0E:69:58:08:F6:B6:1E:E2:76:AE:D4:FB:56:80:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VcmyAl4OaVgI9rYe4nau1PtWgM0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6366b4-dd6f-4040-8895-71be0d51919d/1/hTjSrcovPq648FqPM_7hdgfN-EI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6366b4-dd6f-4040-8895-71be0d51919d/1/VcmyAl4OaVgI9rYe4nau1PtWgM0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 167.150.18.0/23 Signature Algorithm: sha256WithRSAEncryption be:0a:50:cd:8a:9e:2a:58:a0:4a:e0:da:a0:0b:d0:1d:fb:e2: f6:a3:ed:ff:e3:83:d0:e6:83:d6:08:07:bf:43:34:62:10:21: 53:9e:a0:23:29:2f:ad:5d:45:03:9d:71:84:48:68:28:52:d2: cb:96:4f:ad:95:03:8d:1e:4b:4b:96:88:65:66:e3:58:d9:a3: 8b:e8:cb:d0:32:31:23:e4:be:aa:de:01:c9:eb:b5:c4:59:49: 82:85:0c:3d:73:0f:91:f1:4e:5c:36:24:fa:3f:4e:79:fd:dd: b5:53:2a:0d:e0:76:d1:7d:cb:fd:cf:9a:28:7a:d5:2c:b9:91: 37:e9:43:fd:fb:4c:22:75:1d:55:50:0d:90:c0:69:24:42:de: d7:ca:7e:92:3a:92:8b:e1:c0:23:dc:3e:6b:7b:8f:6a:62:58: c0:f6:a7:15:ed:80:11:a3:8c:ae:06:e6:fd:e4:4c:1b:3a:d9: 47:15:81:28:0d:2e:a4:3e:da:ea:01:70:c7:0f:a5:fa:53:43: b7:1d:d8:ee:21:0c:d0:e8:8f:f0:99:87:9c:16:1d:00:f3:e4: 74:47:db:99:c4:01:25:23:84:e7:71:bd:f2:07:44:d5:b5:de: 69:f0:d2:eb:a6:d0:24:86:61:8a:a1:72:fc:ff:80:d2:40:f4: 7f:dd:50:51 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6W5yxTDoVX0gcIpR1AMSbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU1YzliMjAyNWUwZTY5NTgwOGY2YjYxZWUyNzZhZWQ0ZmI1 NjgwY2QwHhcNMjYwMTAxMTYxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTM4ZDJhZGNhMmYzZWFlYjhmMDVhOGYzM2ZlZTE3NjA3Y2RmODQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGOMUh/ugd6tWSXmxdsuJrAmd1Id zGlN0btk5xmJJqbdoXbzaaHQGuhPtoBvfeZcMULY+SCEMUCLBWSrZxVTiKdTktQf VbQ9d56B7kGSkB1pYq3N2X/X/yAp/fpSWyUXzRe8W9JcssdrRgDI3H6NF6ENjeVk 8Q05Zi6dz8mtLzpX3D7qsCW7uRzqp2dvzSzQoC3j0uKvgKq6+nZMaGr42aofrvFD b3W1REKy9bRVbrPD0r+mmQooEsLrlPPRum4e7GwbOIHBzvCse7rWzurxHAsm0Ntt SpgCKqFZ0WbxFEjOOu7x0Xnxf68qAMPOMKZrjx637Mgg7q4rfrwu1f6vrwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIU40q3KLz6uuPBajzP+4XYHzfhCMB8GA1UdIwQY MBaAFFXJsgJeDmlYCPa2HuJ2rtT7VoDNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVmNteUFsNE9hVmdJOXJZZTRuYXUxUHRXZ00wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82MzY2YjQtZGQ2Zi00MDQwLTg4OTUt NzFiZTBkNTE5MTlkLzEvaFRqU3Jjb3ZQcTY0OEZxUE1fN2hkZ2ZOLUVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS82MzY2YjQtZGQ2Zi00MDQwLTg4OTUtNzFiZTBkNTE5MTlk LzEvVmNteUFsNE9hVmdJOXJZZTRuYXUxUHRXZ00wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBp5YSMA0G CSqGSIb3DQEBCwUAA4IBAQC+ClDNip4qWKBK4NqgC9Ad++L2o+3/44PQ5oPWCAe/ QzRiECFTnqAjKS+tXUUDnXGESGgoUtLLlk+tlQONHktLlohlZuNY2aOL6MvQMjEj 5L6q3gHJ67XEWUmChQw9cw+R8U5cNiT6P055/d21UyoN4HbRfcv9z5ooetUsuZE3 6UP9+0widR1VUA2QwGkkQt7Xyn6SOpKL4cAj3D5re49qYljA9qcV7YARo4yuBub9 5EwbOtlHFYEoDS6kPtrqAXDHD6X6U0O3HdjuIQzQ6I/wmYecFh0A8+R0R9uZxAEl I4Tncb3yB0TVtd5p8NLrptAkhmGKoXL8/4DSQPR/3VBR -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:30 2026 by rpki-client