This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/h1rJ_5IwT6r9srNzb0xH-naB6tI.roa File: h1rJ_5IwT6r9srNzb0xH-naB6tI.roa (raw, json) Hash identifier: 1/JRSZ3nsnOwZgC6F3kqzm5Oq+Y/WO+2ye58dNCreY4= Subject key identifier: 87:5A:C9:FF:92:30:4F:AA:FD:B2:B3:73:6F:4C:47:FA:76:81:EA:D2 Certificate issuer: /CN=cb0ca348ac891c336d8c7945a5bd5b3325eb5f0b Certificate serial: 019B78A305FBDDA27E92717769857E8CF73E Authority key identifier: CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/h1rJ_5IwT6r9srNzb0xH-naB6tI.roa Signing time: Thu 01 Jan 2026 08:18:28 +0000 ROA not before: Thu 01 Jan 2026 08:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43646 IP address blocks: 91.197.164.0/22 maxlen: 22 94.247.232.0/21 maxlen: 21 95.81.128.0/18 maxlen: 18 185.215.136.0/22 maxlen: 22 185.241.96.0/22 maxlen: 22 213.205.96.0/19 maxlen: 19 217.71.208.0/21 maxlen: 21 2a00:1080::/32 maxlen: 32 2a02:3e8::/32 maxlen: 32 2a02:e10::/32 maxlen: 32 2a0c:a080::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/ywyjSKyJHDNtjHlFpb1bMyXrXws.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/ywyjSKyJHDNtjHlFpb1bMyXrXws.mft rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 05:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:05:fb:dd:a2:7e:92:71:77:69:85:7e:8c:f7:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb0ca348ac891c336d8c7945a5bd5b3325eb5f0b Validity Not Before: Jan 1 08:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=875ac9ff92304faafdb2b3736f4c47fa7681ead2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:66:9b:6a:d5:8e:a9:6c:d8:f9:cc:17:5e:47: 8c:f3:a8:b3:8c:52:cf:8f:f5:63:f8:fa:d6:e7:ec: 7b:3c:13:c1:70:07:81:17:8d:7d:1c:ba:cb:ac:fe: a8:6e:d6:ab:b8:c1:c8:96:cb:11:a2:be:ac:f0:ed: 6a:5e:fd:f9:12:30:3a:4b:0f:65:6d:a4:27:21:5e: 4a:3d:c6:3f:04:e7:27:49:fb:ac:f1:8e:ca:8e:f9: 35:36:00:22:a7:3e:18:98:dc:d1:85:b2:19:d4:1a: 36:e9:0b:72:5d:a2:71:2d:e2:cd:fa:78:b2:df:03: 9a:87:bf:80:c9:2d:2b:ea:82:ae:1f:1c:c9:8d:9c: e8:0c:05:d1:cc:bd:a0:8e:6a:2b:b6:1e:9c:ce:5e: d7:02:ef:fd:ca:f6:66:62:d6:52:ff:dc:11:bb:93: b4:c8:a0:ee:27:c8:69:25:a7:72:93:36:7a:e0:62: e3:4d:77:0b:8f:ed:f3:53:40:78:b7:c1:fc:1c:a8: 20:69:81:0c:8a:6f:0e:06:8b:a4:0a:6d:2e:30:32: 84:67:45:92:35:41:3b:96:3d:46:00:97:d4:4b:aa: 3a:22:73:50:79:b7:9f:81:a2:d9:e4:b7:e0:83:27: 4f:de:b1:fc:13:3a:a1:c3:f6:c5:42:cd:6b:d2:e4: a6:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:5A:C9:FF:92:30:4F:AA:FD:B2:B3:73:6F:4C:47:FA:76:81:EA:D2 X509v3 Authority Key Identifier: keyid:CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/h1rJ_5IwT6r9srNzb0xH-naB6tI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/ywyjSKyJHDNtjHlFpb1bMyXrXws.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.164.0/22 94.247.232.0/21 95.81.128.0/18 185.215.136.0/22 185.241.96.0/22 213.205.96.0/19 217.71.208.0/21 IPv6: 2a00:1080::/32 2a02:3e8::/32 2a02:e10::/32 2a0c:a080::/29 Signature Algorithm: sha256WithRSAEncryption 36:f5:d2:da:04:2c:f3:ec:58:35:00:5a:71:b0:8b:bf:ea:bf: 1e:49:9b:b8:ae:62:2a:ef:db:5d:9a:2f:a1:90:36:c6:45:37: 97:c5:1f:5d:53:3f:cb:65:a1:d3:35:e8:b5:b4:9a:51:6d:6d: 83:a5:d0:72:30:55:86:d4:18:9c:74:ed:34:65:9f:aa:19:41: fe:37:f5:84:99:f8:fb:8f:91:d1:cb:3d:de:4a:52:f2:7a:9b: fa:74:ce:dc:43:46:9a:ad:92:4a:ee:45:61:63:bf:a1:3d:1b: c4:fc:32:a8:e4:f9:d6:14:5d:4a:16:83:e7:01:47:e1:e8:62: cf:bc:8b:98:56:b8:a7:13:65:44:a4:0c:c7:15:76:6e:d4:b0: 10:e9:2f:b8:52:3b:35:27:74:3e:33:ca:12:ba:be:d6:35:3b: aa:6c:7a:f9:bb:9b:e2:2a:29:2d:44:cf:bd:a3:af:d5:bd:b8: 3b:dd:7c:d3:a2:74:75:f5:a9:de:de:d2:1c:bf:f2:5c:d8:75: dd:eb:cc:c6:9c:40:c7:81:60:04:fd:7e:7e:6a:62:6f:60:69: 14:e1:0c:fa:16:0c:e3:7d:dc:0d:b9:fd:8f:37:7b:0e:d4:6d: 1e:4f:06:1e:9c:d0:2a:23:bb:e8:0e:41:01:94:b4:01:c5:e5: fa:d1:72:17 -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgISAZt4owX73aJ+knF3aYV+jPc+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiMGNhMzQ4YWM4OTFjMzM2ZDhjNzk0NWE1YmQ1YjMzMjVl YjVmMGIwHhcNMjYwMTAxMDgxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NzVhYzlmZjkyMzA0ZmFhZmRiMmIzNzM2ZjRjNDdmYTc2ODFlYWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mabatWOqWzY+cwXXkeM86izjFLP j/Vj+PrW5+x7PBPBcAeBF419HLrLrP6obtaruMHIlssRor6s8O1qXv35EjA6Sw9l baQnIV5KPcY/BOcnSfus8Y7Kjvk1NgAipz4YmNzRhbIZ1Bo26QtyXaJxLeLN+niy 3wOah7+AyS0r6oKuHxzJjZzoDAXRzL2gjmorth6czl7XAu/9yvZmYtZS/9wRu5O0 yKDuJ8hpJadykzZ64GLjTXcLj+3zU0B4t8H8HKggaYEMim8OBoukCm0uMDKEZ0WS NUE7lj1GAJfUS6o6InNQebefgaLZ5LfggydP3rH8Ezqhw/bFQs1r0uSmlQIDAQAB o4ICUTCCAk0wHQYDVR0OBBYEFIdayf+SME+q/bKzc29MR/p2gerSMB8GA1UdIwQY MBaAFMsMo0isiRwzbYx5RaW9WzMl618LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXd5alNLeUpIRE50akhsRnBiMWJNeVhyWHdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lZjYxZDYtMDVkMS00ZmIyLWE2ZWEt NDI1MjMyZmQ1NjQzLzEvaDFySl81SXdUNnI5c3JOemIweEgtbmFCNnRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS9lZjYxZDYtMDVkMS00ZmIyLWE2ZWEtNDI1MjMyZmQ1NjQz LzEveXd5alNLeUpIRE50akhsRnBiMWJNeVhyWHdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjAwBAIAATAqAwQCW8WkAwQD XvfoAwQGX1GAAwQCudeIAwQCufFgAwQF1c1gAwQD2UfQMCIEAgACMBwDBQAqABCA AwUAKgID6AMFACoCDhADBQMqDKCAMA0GCSqGSIb3DQEBCwUAA4IBAQA29dLaBCzz 7Fg1AFpxsIu/6r8eSZu4rmIq79tdmi+hkDbGRTeXxR9dUz/LZaHTNei1tJpRbW2D pdByMFWG1BicdO00ZZ+qGUH+N/WEmfj7j5HRyz3eSlLyepv6dM7cQ0aarZJK7kVh Y7+hPRvE/DKo5PnWFF1KFoPnAUfh6GLPvIuYVrinE2VEpAzHFXZu1LAQ6S+4Ujs1 J3Q+M8oSur7WNTuqbHr5u5viKiktRM+9o6/Vvbg73XzTonR19ane3tIcv/Jc2HXd 68zGnEDHgWAE/X5+amJvYGkU4Qz6FgzjfdwNuf2PN3sO1G0eTwYenNAqI7voDkEB lLQBxeX60XIX -----END CERTIFICATE-----Generated at Wed Jan 21 10:29:17 2026 by rpki-client