This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/011234-cfb7-4275-9f79-40dc445c669a/1/hBm5sqEsYgYzGLvahciDaWXB5tc.roa File: hBm5sqEsYgYzGLvahciDaWXB5tc.roa (raw, json) Hash identifier: B8HbKYDNFdLFprrv9ZSAbv02c/Z7c5d/cp8eKIMZxIo= Subject key identifier: 84:19:B9:B2:A1:2C:62:06:33:18:BB:DA:85:C8:83:69:65:C1:E6:D7 Certificate issuer: /CN=8572d5acc25167699c7fcf3a1b804ea325ac4e5d Certificate serial: 019B77C687CC5C9012687B58BDCCC777CA7A Authority key identifier: 85:72:D5:AC:C2:51:67:69:9C:7F:CF:3A:1B:80:4E:A3:25:AC:4E:5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hXLVrMJRZ2mcf886G4BOoyWsTl0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/011234-cfb7-4275-9f79-40dc445c669a/1/hBm5sqEsYgYzGLvahciDaWXB5tc.roa Signing time: Thu 01 Jan 2026 04:17:38 +0000 ROA not before: Thu 01 Jan 2026 04:17:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202746 IP address blocks: 185.43.52.0/22 maxlen: 24 2a04:94c0::/30 maxlen: 31 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/011234-cfb7-4275-9f79-40dc445c669a/1/hXLVrMJRZ2mcf886G4BOoyWsTl0.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/011234-cfb7-4275-9f79-40dc445c669a/1/hXLVrMJRZ2mcf886G4BOoyWsTl0.mft rsync://rpki.ripe.net/repository/DEFAULT/hXLVrMJRZ2mcf886G4BOoyWsTl0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:87:cc:5c:90:12:68:7b:58:bd:cc:c7:77:ca:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8572d5acc25167699c7fcf3a1b804ea325ac4e5d Validity Not Before: Jan 1 04:17:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8419b9b2a12c62063318bbda85c8836965c1e6d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:fe:79:b9:2e:59:74:55:40:3c:28:c0:f9:7a: ba:7b:ed:9a:92:fb:42:97:c4:2e:a9:4c:e0:80:14: 30:81:b8:f3:b8:84:57:f9:ee:be:17:0d:cc:12:0d: f9:33:0d:c0:a0:d3:83:22:d8:08:a3:31:ae:d1:b1: 9c:61:92:0d:1c:d5:6d:9c:05:5a:09:0c:b4:62:5f: 22:5b:22:b9:a3:e1:2d:5d:56:8b:c1:18:2a:b6:f5: cd:c1:2b:85:1b:68:b2:df:2b:cc:90:f3:c0:d1:b1: da:5f:a0:91:87:fe:80:ea:86:7e:2b:c8:19:8d:9d: 91:d3:96:4a:ce:4e:90:bd:27:43:44:60:39:07:76: 8d:f1:6f:1f:a9:34:08:b2:32:de:69:9d:43:f7:9e: ef:6d:f4:c8:40:20:61:6d:5c:57:68:42:29:cf:f2: 69:f8:04:2a:28:13:c8:23:bb:fb:a7:2c:f4:13:b1: 5b:1f:03:e8:1c:26:1c:23:43:86:0e:c9:9c:71:40: 4e:aa:fb:dd:fe:93:7c:17:c1:94:30:7d:38:8f:1e: b5:55:2c:51:4c:01:fa:1b:49:05:3d:b9:39:2a:6c: b4:a1:53:c5:00:dc:bd:5b:08:89:9e:9f:e8:84:a3: 20:d4:27:19:ee:50:67:c5:e6:fc:a4:c5:ac:76:ef: a3:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:19:B9:B2:A1:2C:62:06:33:18:BB:DA:85:C8:83:69:65:C1:E6:D7 X509v3 Authority Key Identifier: keyid:85:72:D5:AC:C2:51:67:69:9C:7F:CF:3A:1B:80:4E:A3:25:AC:4E:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hXLVrMJRZ2mcf886G4BOoyWsTl0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/011234-cfb7-4275-9f79-40dc445c669a/1/hBm5sqEsYgYzGLvahciDaWXB5tc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/011234-cfb7-4275-9f79-40dc445c669a/1/hXLVrMJRZ2mcf886G4BOoyWsTl0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.43.52.0/22 IPv6: 2a04:94c0::/30 Signature Algorithm: sha256WithRSAEncryption 0b:d6:5c:0c:ad:76:da:fa:2e:91:22:35:2e:11:bc:10:de:a6: 81:16:18:25:f7:78:9f:af:04:c7:d5:87:e3:d6:1b:1f:7b:90: 44:44:29:20:82:21:7b:c8:c3:4f:f6:d0:0c:5d:3b:34:85:36: 24:e6:07:d3:f5:da:39:f6:6e:e6:c2:7b:5a:df:1c:00:b3:f8: 15:3f:00:d0:f9:e9:01:46:c5:58:7d:ae:18:06:fe:01:9e:ab: f6:ff:4c:cc:b7:83:76:2f:ce:43:da:7f:ef:f6:bd:aa:6b:69: f2:94:c7:a2:54:33:b5:e0:a5:53:66:91:99:af:80:40:c3:8e: 55:21:ea:ff:29:2a:4a:94:2f:16:72:df:90:e3:5b:3e:cf:08: 58:75:a9:2e:3e:7d:17:f7:2a:e2:c9:f2:bb:69:df:1b:0d:4c: dc:b4:62:56:13:94:6a:ef:f3:4c:21:c6:20:20:21:c5:b8:6b: c4:7d:43:fb:25:6f:28:56:af:93:7c:c2:12:f0:c7:ef:6d:56: 16:33:b2:09:3e:d1:df:4f:81:38:8f:ce:8c:a5:3a:df:7b:d3: 4c:78:16:05:60:74:55:cc:ec:b8:f9:38:4a:be:75:c1:f8:f3: 26:d2:0e:3c:89:a1:1e:ac:f0:3c:b2:01:79:63:c8:f1:bc:d2: 8e:f1:8d:f3 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3xofMXJASaHtYvczHd8p6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1NzJkNWFjYzI1MTY3Njk5YzdmY2YzYTFiODA0ZWEzMjVh YzRlNWQwHhcNMjYwMTAxMDQxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDE5YjliMmExMmM2MjA2MzMxOGJiZGE4NWM4ODM2OTY1YzFlNmQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/55uS5ZdFVAPCjA+Xq6e+2akvtC l8QuqUzggBQwgbjzuIRX+e6+Fw3MEg35Mw3AoNODItgIozGu0bGcYZINHNVtnAVa CQy0Yl8iWyK5o+EtXVaLwRgqtvXNwSuFG2iy3yvMkPPA0bHaX6CRh/6A6oZ+K8gZ jZ2R05ZKzk6QvSdDRGA5B3aN8W8fqTQIsjLeaZ1D957vbfTIQCBhbVxXaEIpz/Jp +AQqKBPII7v7pyz0E7FbHwPoHCYcI0OGDsmccUBOqvvd/pN8F8GUMH04jx61VSxR TAH6G0kFPbk5Kmy0oVPFANy9WwiJnp/ohKMg1CcZ7lBnxeb8pMWsdu+jVwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIQZubKhLGIGMxi72oXIg2llwebXMB8GA1UdIwQY MBaAFIVy1azCUWdpnH/POhuATqMlrE5dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFhMVnJNSlJaMm1jZjg4Nkc0Qk9veVdzVGwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wMTEyMzQtY2ZiNy00Mjc1LTlmNzkt NDBkYzQ0NWM2NjlhLzEvaEJtNXNxRXNZZ1l6R0x2YWhjaURhV1hCNXRjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS8wMTEyMzQtY2ZiNy00Mjc1LTlmNzktNDBkYzQ0NWM2Njlh LzEvaFhMVnJNSlJaMm1jZjg4Nkc0Qk9veVdzVGwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSs0MA0E AgACMAcDBQIqBJTAMA0GCSqGSIb3DQEBCwUAA4IBAQAL1lwMrXba+i6RIjUuEbwQ 3qaBFhgl93ifrwTH1Yfj1hsfe5BERCkggiF7yMNP9tAMXTs0hTYk5gfT9do59m7m wnta3xwAs/gVPwDQ+ekBRsVYfa4YBv4Bnqv2/0zMt4N2L85D2n/v9r2qa2nylMei VDO14KVTZpGZr4BAw45VIer/KSpKlC8Wct+Q41s+zwhYdakuPn0X9yriyfK7ad8b DUzctGJWE5Rq7/NMIcYgICHFuGvEfUP7JW8oVq+TfMIS8MfvbVYWM7IJPtHfT4E4 j86MpTrfe9NMeBYFYHRVzOy4+ThKvnXB+PMm0g48iaEerPA8sgF5Y8jxvNKO8Y3z -----END CERTIFICATE-----Generated at Mon Feb 9 18:23:26 2026 by rpki-client