This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/gB28ikvXaAy5hSbZoUNZbTzRb2w.roa File: gB28ikvXaAy5hSbZoUNZbTzRb2w.roa (raw, json) Hash identifier: VDZz7b/Ru8Catta9bi8i3h+9lOqwQj0GwnjJ6fKuQOw= Subject key identifier: 80:1D:BC:8A:4B:D7:68:0C:B9:85:26:D9:A1:43:59:6D:3C:D1:6F:6C Certificate issuer: /CN=1c78b1836decab4ff5bdfa5e377a3df87f18fc0f Certificate serial: 019B7B35A343D75CBA4213C0C80CA2CDC733 Authority key identifier: 1C:78:B1:83:6D:EC:AB:4F:F5:BD:FA:5E:37:7A:3D:F8:7F:18:FC:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/gB28ikvXaAy5hSbZoUNZbTzRb2w.roa Signing time: Thu 01 Jan 2026 20:17:51 +0000 ROA not before: Thu 01 Jan 2026 20:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43500 IP address blocks: 185.130.208.0/22 maxlen: 24 185.139.218.0/23 maxlen: 24 195.189.144.0/24 maxlen: 24 212.46.44.0/24 maxlen: 24 2a12:b40::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HHixg23sq0_1vfpeN3o9-H8Y_A8.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HHixg23sq0_1vfpeN3o9-H8Y_A8.mft rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:a3:43:d7:5c:ba:42:13:c0:c8:0c:a2:cd:c7:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c78b1836decab4ff5bdfa5e377a3df87f18fc0f Validity Not Before: Jan 1 20:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=801dbc8a4bd7680cb98526d9a143596d3cd16f6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b0:ff:02:f9:dd:bf:e1:3a:7a:da:c4:0d:f4: 04:aa:29:33:0f:fc:7e:be:32:e4:7c:00:cd:c3:e9: d1:28:9a:76:4f:60:44:17:7a:75:e3:7e:e7:e5:e6: 4f:a6:c2:23:75:6e:bb:70:36:6c:f8:61:d2:ea:79: a5:87:27:b7:13:08:94:0d:ee:c0:aa:17:72:44:f7: 85:44:d1:7e:66:3a:dd:da:ca:71:7c:61:72:ee:be: 8a:41:1c:fb:22:15:b8:56:35:f3:0d:23:21:43:a5: 9f:25:d1:07:ca:23:0b:f3:47:d0:26:6a:0e:75:d6: 26:e6:b8:50:a3:c0:c8:35:48:33:7d:ba:53:d0:13: 99:08:2f:77:6e:00:de:7f:85:84:4f:a7:da:9e:2f: 2f:5b:87:e9:51:d2:31:de:dd:0b:31:e1:a5:bf:e6: 83:7a:48:86:66:21:6e:67:ec:a0:42:c8:87:02:28: 6f:42:0b:4a:5c:84:d5:8c:a0:1e:61:18:6f:69:ea: 10:d9:ae:71:7d:43:a6:ae:81:61:fd:a3:56:22:9e: 86:a4:8d:6f:65:f8:48:8d:e6:bb:e7:d4:83:5b:6e: 52:90:e2:55:1d:a4:37:78:5c:5d:27:c9:3a:69:7f: 95:0a:df:24:23:6c:84:87:0d:e7:e7:15:65:7d:1b: 09:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:1D:BC:8A:4B:D7:68:0C:B9:85:26:D9:A1:43:59:6D:3C:D1:6F:6C X509v3 Authority Key Identifier: keyid:1C:78:B1:83:6D:EC:AB:4F:F5:BD:FA:5E:37:7A:3D:F8:7F:18:FC:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/gB28ikvXaAy5hSbZoUNZbTzRb2w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HHixg23sq0_1vfpeN3o9-H8Y_A8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.130.208.0/22 185.139.218.0/23 195.189.144.0/24 212.46.44.0/24 IPv6: 2a12:b40::/29 Signature Algorithm: sha256WithRSAEncryption 22:71:9a:23:1a:45:ad:63:cc:60:d4:d0:0a:17:48:d4:18:f2: d3:ae:3a:9e:31:93:25:2d:13:dd:81:ef:52:29:0b:9a:73:be: 3d:fb:b0:4d:fd:05:7a:ba:28:dd:90:22:17:db:a4:90:75:01: fb:0a:22:3c:55:11:e2:cf:cb:fb:69:93:82:60:cd:ef:c9:41: 38:66:9a:56:9b:82:49:7a:99:67:0b:2e:8d:85:e2:b5:fa:9b: 10:97:83:d3:e7:7f:9e:b8:9a:d4:5b:f6:09:9f:62:4c:56:53: 50:5c:f5:dd:ca:4a:da:c2:0e:fe:8d:fe:c7:15:68:45:ce:10: 4f:94:3f:20:a9:8f:72:27:4c:cf:3c:48:78:61:07:6c:41:c0: fe:3b:c8:89:40:f8:ca:83:c0:4b:40:ab:ce:c5:df:b8:ca:26: fd:b1:d6:9b:d3:59:a4:31:f3:47:a1:f5:ff:6a:9f:22:a6:e2: e1:32:03:1b:94:7a:ea:d7:80:4f:f1:3a:c6:49:6f:35:79:0b: 32:3f:76:4a:1b:90:6a:5e:3f:1e:f4:a0:57:27:43:a5:8c:25: 50:1a:d7:30:43:a1:fb:5f:3b:69:37:bd:d0:12:95:17:21:0d: ff:e1:1c:22:9d:f1:15:51:96:b0:fc:c9:a6:d7:d8:9f:f0:21: 34:13:c9:79 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt7NaND11y6QhPAyAyizcczMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjNzhiMTgzNmRlY2FiNGZmNWJkZmE1ZTM3N2EzZGY4N2Yx OGZjMGYwHhcNMjYwMTAxMjAxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MDFkYmM4YTRiZDc2ODBjYjk4NTI2ZDlhMTQzNTk2ZDNjZDE2ZjZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbD/Avndv+E6etrEDfQEqikzD/x+ vjLkfADNw+nRKJp2T2BEF3p1437n5eZPpsIjdW67cDZs+GHS6nmlhye3EwiUDe7A qhdyRPeFRNF+Zjrd2spxfGFy7r6KQRz7IhW4VjXzDSMhQ6WfJdEHyiML80fQJmoO ddYm5rhQo8DINUgzfbpT0BOZCC93bgDef4WET6fani8vW4fpUdIx3t0LMeGlv+aD ekiGZiFuZ+ygQsiHAihvQgtKXITVjKAeYRhvaeoQ2a5xfUOmroFh/aNWIp6GpI1v ZfhIjea759SDW25SkOJVHaQ3eFxdJ8k6aX+VCt8kI2yEhw3n5xVlfRsJ/QIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFIAdvIpL12gMuYUm2aFDWW080W9sMB8GA1UdIwQY MBaAFBx4sYNt7KtP9b36Xjd6Pfh/GPwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEhpeGcyM3NxMF8xdmZwZU4zbzktSDhZX0E4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jNjE1MmQtMWM5MC00MGNjLWEyMDYt ZWMzY2IzNmQxMDI2LzEvZ0IyOGlrdlhhQXk1aFNiWm9VTlpiVHpSYjJ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC9jNjE1MmQtMWM5MC00MGNjLWEyMDYtZWMzY2IzNmQxMDI2 LzEvSEhpeGcyM3NxMF8xdmZwZU4zbzktSDhZX0E4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuYLQAwQB uYvaAwQAw72QAwQA1C4sMA0EAgACMAcDBQMqEgtAMA0GCSqGSIb3DQEBCwUAA4IB AQAicZojGkWtY8xg1NAKF0jUGPLTrjqeMZMlLRPdge9SKQuac749+7BN/QV6uijd kCIX26SQdQH7CiI8VRHiz8v7aZOCYM3vyUE4ZppWm4JJeplnCy6NheK1+psQl4PT 53+euJrUW/YJn2JMVlNQXPXdykrawg7+jf7HFWhFzhBPlD8gqY9yJ0zPPEh4YQds QcD+O8iJQPjKg8BLQKvOxd+4yib9sdab01mkMfNHofX/ap8ipuLhMgMblHrq14BP 8TrGSW81eQsyP3ZKG5BqXj8e9KBXJ0OljCVQGtcwQ6H7XztpN73QEpUXIQ3/4Rwi nfEVUZaw/Mmm19if8CE0E8l5 -----END CERTIFICATE-----Generated at Fri Jan 2 18:03:54 2026 by rpki-client