This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/8hL0m9Fc9UNGzgjgGkhDpJap1MU.roa File: 8hL0m9Fc9UNGzgjgGkhDpJap1MU.roa (raw, json) Hash identifier: NlNwlvnTVX6u27vOfaFF+tRXHuEvNbAOslEtQ3I2hnw= Subject key identifier: F2:12:F4:9B:D1:5C:F5:43:46:CE:08:E0:1A:48:43:A4:96:A9:D4:C5 Certificate issuer: /CN=93b91eefa6d8046d918e364045604952640bc15d Certificate serial: 019B7CEE14803D77E1B5B9F0C21F8467CA4E Authority key identifier: 93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/8hL0m9Fc9UNGzgjgGkhDpJap1MU.roa Signing time: Fri 02 Jan 2026 04:18:56 +0000 ROA not before: Fri 02 Jan 2026 04:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56911 IP address blocks: 139.28.157.0/24 maxlen: 24 139.28.158.0/24 maxlen: 24 139.28.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/k7ke76bYBG2RjjZARWBJUmQLwV0.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/k7ke76bYBG2RjjZARWBJUmQLwV0.mft rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:14:80:3d:77:e1:b5:b9:f0:c2:1f:84:67:ca:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=93b91eefa6d8046d918e364045604952640bc15d Validity Not Before: Jan 2 04:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f212f49bd15cf54346ce08e01a4843a496a9d4c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:ab:f6:76:e2:53:6e:ac:48:a5:bc:99:9f:d3: e4:8f:a1:73:38:66:f3:e7:d4:ec:dd:96:0e:01:a1: da:6a:c2:3d:4c:8e:7b:ed:87:6f:b8:11:e5:41:ad: 95:e6:18:54:6e:1d:5c:6d:04:49:e4:eb:50:5a:ed: 71:1d:c6:2e:42:b9:60:59:09:59:0f:db:b0:f6:9f: 30:02:15:d6:93:2b:9e:2f:50:d5:5c:36:eb:41:0a: 6c:a1:e4:79:06:f0:1e:c8:1e:f8:88:62:91:f0:92: 6c:31:2e:4f:a2:3c:8e:b8:bb:87:04:77:b6:88:b2: d6:29:ff:7a:f3:f7:7f:d7:b1:f8:9e:c4:ea:c3:d1: a8:60:61:44:fc:d7:ae:fc:7e:8c:93:17:de:9a:fa: bd:b4:d8:60:3b:34:6c:ee:61:6c:03:61:5a:b0:7c: 5c:06:df:63:e4:e5:31:92:c5:88:68:68:55:aa:c5: 56:01:e2:1f:9a:8e:8c:91:c2:3a:1e:b4:ad:57:1a: 86:dd:3b:b1:a9:ae:2c:24:8d:41:c6:eb:6e:01:e3: f4:6e:62:f8:12:7c:0e:c0:ca:d2:09:c8:08:68:bf: eb:e5:68:84:04:ed:2e:51:d2:b0:4d:b4:73:07:3d: c9:2d:19:07:b2:90:d7:52:e4:e5:d3:08:ab:cc:b8: 33:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:12:F4:9B:D1:5C:F5:43:46:CE:08:E0:1A:48:43:A4:96:A9:D4:C5 X509v3 Authority Key Identifier: keyid:93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/8hL0m9Fc9UNGzgjgGkhDpJap1MU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/k7ke76bYBG2RjjZARWBJUmQLwV0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 139.28.157.0-139.28.159.255 Signature Algorithm: sha256WithRSAEncryption 2f:4f:46:02:bb:a0:16:cb:4f:12:66:06:91:e2:6a:00:87:10: c4:e5:bc:db:a1:b2:53:4b:a4:bf:08:c0:0c:70:a4:70:9b:99: c7:a1:c1:46:76:10:51:46:76:d3:83:27:7e:bb:82:95:b9:c8: 4a:87:bf:83:bf:d3:e0:f5:b9:cf:6f:df:8a:60:bb:01:83:36: d7:49:b4:04:51:db:a8:04:a0:e8:06:83:c0:bc:f2:55:32:6b: 0c:d3:a2:ae:69:22:8d:82:05:3a:6e:e9:67:3b:8d:77:30:35: 27:4a:f8:72:48:1c:d8:a4:51:94:71:65:a9:ce:7f:fe:9c:43: a8:da:e3:cb:ba:9d:c9:c5:88:5a:4b:20:c6:61:2e:2f:1d:59: 68:8a:1d:6c:30:20:e8:58:87:c4:ad:e1:bd:85:d9:27:f5:6e: 00:11:03:a0:2d:bd:fb:05:5e:89:4c:f2:0f:e4:25:c8:3f:2c: 7d:86:4a:b4:97:d0:6d:07:64:f4:ad:73:27:32:b7:db:92:d7: d7:45:1e:eb:92:6a:89:72:a7:20:84:23:dc:b4:06:bb:3e:9f: 27:1c:94:89:60:6a:03:5a:09:56:b0:c5:34:1d:5c:b4:2c:8e: 13:4d:81:80:87:b5:e8:77:42:dd:d3:43:2a:6d:f4:df:88:52: 2f:d2:b5:f1 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt87hSAPXfhtbnwwh+EZ8pOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzYjkxZWVmYTZkODA0NmQ5MThlMzY0MDQ1NjA0OTUyNjQw YmMxNWQwHhcNMjYwMTAyMDQxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMjEyZjQ5YmQxNWNmNTQzNDZjZTA4ZTAxYTQ4NDNhNDk2YTlkNGM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Kv2duJTbqxIpbyZn9Pkj6FzOGbz 59Ts3ZYOAaHaasI9TI577YdvuBHlQa2V5hhUbh1cbQRJ5OtQWu1xHcYuQrlgWQlZ D9uw9p8wAhXWkyueL1DVXDbrQQpsoeR5BvAeyB74iGKR8JJsMS5PojyOuLuHBHe2 iLLWKf968/d/17H4nsTqw9GoYGFE/Neu/H6Mkxfemvq9tNhgOzRs7mFsA2FasHxc Bt9j5OUxksWIaGhVqsVWAeIfmo6MkcI6HrStVxqG3Tuxqa4sJI1BxutuAeP0bmL4 EnwOwMrSCcgIaL/r5WiEBO0uUdKwTbRzBz3JLRkHspDXUuTl0wirzLgzRwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFPIS9JvRXPVDRs4I4BpIQ6SWqdTFMB8GA1UdIwQY MBaAFJO5Hu+m2ARtkY42QEVgSVJkC8FdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEt MzU4NmFhZTEzZGE3LzEvOGhMMG05RmM5VU5HemdqZ0draERwSmFwMU1VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEtMzU4NmFhZTEzZGE3 LzEvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACLHJ0D BAWLHIAwDQYJKoZIhvcNAQELBQADggEBAC9PRgK7oBbLTxJmBpHiagCHEMTlvNuh slNLpL8IwAxwpHCbmcehwUZ2EFFGdtODJ367gpW5yEqHv4O/0+D1uc9v34pguwGD NtdJtARR26gEoOgGg8C88lUyawzToq5pIo2CBTpu6Wc7jXcwNSdK+HJIHNikUZRx ZanOf/6cQ6ja48u6ncnFiFpLIMZhLi8dWWiKHWwwIOhYh8St4b2F2Sf1bgARA6At vfsFXolM8g/kJcg/LH2GSrSX0G0HZPStcycyt9uS19dFHuuSaolypyCEI9y0Brs+ nycclIlgagNaCVawxTQdXLQsjhNNgYCHteh3Qt3TQypt9N+IUi/StfE= -----END CERTIFICATE-----Generated at Mon Jan 26 09:23:06 2026 by rpki-client