This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/hhh3z06Bpe2m47ehC44Gk6XsxWY.roa File: hhh3z06Bpe2m47ehC44Gk6XsxWY.roa (raw, json) Hash identifier: D+hS8HY9ljD+1P/aopr0G/yuhchBVZY0zZMSPMrBOWg= Subject key identifier: 86:18:77:CF:4E:81:A5:ED:A6:E3:B7:A1:0B:8E:06:93:A5:EC:C5:66 Certificate issuer: /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa Certificate serial: 019B7F155DDE67BF30BF8330E49A32045E4A Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/hhh3z06Bpe2m47ehC44Gk6XsxWY.roa Signing time: Fri 02 Jan 2026 14:21:05 +0000 ROA not before: Fri 02 Jan 2026 14:21:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216153 IP address blocks: 185.153.235.0/24 maxlen: 24 204.235.104.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:5d:de:67:bf:30:bf:83:30:e4:9a:32:04:5e:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa Validity Not Before: Jan 2 14:21:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=861877cf4e81a5eda6e3b7a10b8e0693a5ecc566 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f8:90:16:42:59:6a:34:db:52:ae:fa:85:cf: 3e:92:b8:57:8b:c0:87:ac:d6:d8:17:af:cd:0e:df: 7a:ec:cd:05:be:6e:8c:d9:74:61:9c:89:c8:a8:12: 83:13:b7:bd:73:e8:a9:2e:dc:13:a1:71:f4:b4:c5: 57:ba:ea:33:d9:93:4c:b2:34:ca:f0:00:69:12:f6: 17:fa:5b:0b:93:60:2e:74:f2:68:f9:ff:f3:b0:a5: ea:62:af:35:4d:16:c5:c4:98:d2:6f:40:c0:57:48: 5d:75:d8:0e:da:af:d9:2b:cf:ee:96:ef:02:e8:1c: db:ab:38:f8:ef:90:9d:a9:84:98:d4:e4:c5:06:ac: 9b:1a:14:29:f7:0c:a8:43:4d:51:c3:1c:c4:01:0e: 46:3a:36:41:5f:21:d4:c5:26:05:de:37:2f:95:91: 30:7f:7c:ac:8d:05:66:0a:e2:67:d2:e0:2a:70:25: ba:f9:e1:88:20:11:c1:7d:83:e4:ff:3e:a8:75:5f: 1e:73:c9:e6:14:b6:66:3e:52:63:75:76:94:0f:c3: 93:e2:ea:74:6e:1f:c7:09:77:58:4f:36:16:6b:f0: 13:d8:f2:ae:20:99:5a:6b:45:67:de:c0:0b:db:f8: 47:1b:a6:4c:e3:92:ff:2b:91:34:27:b9:b4:7a:fa: ee:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:18:77:CF:4E:81:A5:ED:A6:E3:B7:A1:0B:8E:06:93:A5:EC:C5:66 X509v3 Authority Key Identifier: keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/hhh3z06Bpe2m47ehC44Gk6XsxWY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.153.235.0/24 204.235.104.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:90:08:1c:36:a7:a9:58:7b:39:64:32:e2:1c:7e:97:01:38: 07:9b:e5:53:48:92:ad:1c:61:88:83:95:ba:71:69:8f:52:cb: 03:b6:2f:03:1c:13:4f:7b:18:1a:cc:5a:d8:0d:9b:7e:14:94: 1c:25:6b:63:4e:08:f9:86:78:8c:a7:bc:d1:39:b5:ba:83:58: bb:5b:f9:ba:c4:1c:e9:ad:6a:31:2a:f3:6e:ad:62:07:87:e6: 62:2c:d8:4f:c3:e3:46:4b:f1:04:78:86:3b:fc:2b:3a:75:48: d7:9f:26:15:27:45:dc:ae:75:ba:3f:fb:05:0d:08:6d:3a:65: fc:b0:31:90:a7:1a:be:2d:97:d1:ee:36:94:bd:59:64:78:40: b6:c9:c8:3b:9d:72:53:3b:2c:46:47:26:98:25:4e:13:1b:2c: c6:7c:f8:0c:f8:a9:98:40:d4:aa:ad:59:46:81:54:40:11:0f: e1:e5:47:f8:59:c8:c4:8e:6e:61:7c:90:c2:8a:9d:a6:83:28: 7c:14:36:e2:86:aa:3b:40:58:a4:e3:5d:e5:35:26:b5:37:01: d2:a9:77:93:bb:80:5d:2b:51:68:44:b1:41:5c:af:a7:0c:8e: ea:09:c2:a4:9a:4c:51:33:b0:4e:a9:55:12:50:97:c2:62:9f: 7b:5c:0e:ce -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/FV3eZ78wv4Mw5JoyBF5KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk MmI5YWEwHhcNMjYwMTAyMTQyMTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjE4NzdjZjRlODFhNWVkYTZlM2I3YTEwYjhlMDY5M2E1ZWNjNTY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsviQFkJZajTbUq76hc8+krhXi8CH rNbYF6/NDt967M0Fvm6M2XRhnInIqBKDE7e9c+ipLtwToXH0tMVXuuoz2ZNMsjTK 8ABpEvYX+lsLk2AudPJo+f/zsKXqYq81TRbFxJjSb0DAV0hdddgO2q/ZK8/ulu8C 6Bzbqzj475CdqYSY1OTFBqybGhQp9wyoQ01RwxzEAQ5GOjZBXyHUxSYF3jcvlZEw f3ysjQVmCuJn0uAqcCW6+eGIIBHBfYPk/z6odV8ec8nmFLZmPlJjdXaUD8OT4up0 bh/HCXdYTzYWa/AT2PKuIJlaa0Vn3sAL2/hHG6ZM45L/K5E0J7m0evruMQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIYYd89OgaXtpuO3oQuOBpOl7MVmMB8GA1UdIwQY MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt MmNiMTdiN2JjNjE4LzEvaGhoM3owNkJwZTJtNDdlaEM0NEdrNlhzeFdZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4 LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZnrAwQA zOtoMA0GCSqGSIb3DQEBCwUAA4IBAQAukAgcNqepWHs5ZDLiHH6XATgHm+VTSJKt HGGIg5W6cWmPUssDti8DHBNPexgazFrYDZt+FJQcJWtjTgj5hniMp7zRObW6g1i7 W/m6xBzprWoxKvNurWIHh+ZiLNhPw+NGS/EEeIY7/Cs6dUjXnyYVJ0XcrnW6P/sF DQhtOmX8sDGQpxq+LZfR7jaUvVlkeEC2ycg7nXJTOyxGRyaYJU4TGyzGfPgM+KmY QNSqrVlGgVRAEQ/h5Uf4WcjEjm5hfJDCip2mgyh8FDbihqo7QFik413lNSa1NwHS qXeTu4BdK1FoRLFBXK+nDI7qCcKkmkxRM7BOqVUSUJfCYp97XA7O -----END CERTIFICATE-----Generated at Mon Feb 9 21:01:33 2026 by rpki-client