This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/roH8dSJ1cyQiwOhgeOOscUYpa4E.roa File: roH8dSJ1cyQiwOhgeOOscUYpa4E.roa (raw, json) Hash identifier: 3JORgmdPZaQ8xXUzauNxbxZQHf1X4hPOhgbsIE182Bg= Subject key identifier: AE:81:FC:75:22:75:73:24:22:C0:E8:60:78:E3:AC:71:46:29:6B:81 Certificate issuer: /CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0 Certificate serial: 019B7C80A004D16CC608D0BC58333FF4ADAD Authority key identifier: B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/roH8dSJ1cyQiwOhgeOOscUYpa4E.roa Signing time: Fri 02 Jan 2026 02:19:22 +0000 ROA not before: Fri 02 Jan 2026 02:19:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202365 IP address blocks: 45.153.248.0/22 maxlen: 24 185.170.9.0/24 maxlen: 24 2a10:f9c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/tSCiBPTgnMg6YljXqkT30vD6RKA.crl rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/tSCiBPTgnMg6YljXqkT30vD6RKA.mft rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:a0:04:d1:6c:c6:08:d0:bc:58:33:3f:f4:ad:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0 Validity Not Before: Jan 2 02:19:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ae81fc752275732422c0e86078e3ac7146296b81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:1d:57:0e:01:2c:8d:00:79:c4:71:17:d1:30: 79:4c:69:c1:00:00:a0:37:2b:fd:32:34:56:44:4d: 8d:97:32:f5:cd:3e:2e:6d:03:83:fb:ef:62:69:aa: ef:5f:e3:26:83:b9:27:95:30:d4:bd:6f:e3:e0:96: 66:88:f0:c3:36:c4:14:de:44:12:3d:c8:6c:0b:7f: 26:dd:73:6a:8a:a6:dc:9b:bb:93:bf:98:10:ba:83: 3f:66:c4:7f:b3:e3:fc:c9:28:25:6f:be:8d:99:d5: ca:78:a5:74:48:d2:c7:b0:76:ea:39:70:9f:a9:21: c8:6a:e0:91:32:3e:d5:96:af:9c:58:13:5f:f4:c0: f5:a7:79:81:44:e8:b0:d9:45:b9:1a:fe:36:3b:58: a0:d4:5c:ad:5d:70:9a:7e:40:1a:f8:81:9e:6d:23: 0d:4f:9c:1f:4d:b2:9c:b6:aa:a2:1e:fa:76:2d:64: 55:44:fb:a0:17:e4:e2:99:33:e6:01:3f:5c:25:a8: 8f:97:31:ee:a3:71:f2:ec:65:db:13:d0:5b:ed:0b: e4:ef:68:51:21:44:44:56:50:63:0a:fb:51:1b:91: 67:9a:3e:f5:ff:2a:ab:10:34:61:ff:13:ca:80:a6: 03:12:c0:95:8b:bb:49:fc:04:6d:23:fa:36:39:c8: a2:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:81:FC:75:22:75:73:24:22:C0:E8:60:78:E3:AC:71:46:29:6B:81 X509v3 Authority Key Identifier: keyid:B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/roH8dSJ1cyQiwOhgeOOscUYpa4E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/tSCiBPTgnMg6YljXqkT30vD6RKA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.153.248.0/22 185.170.9.0/24 IPv6: 2a10:f9c0::/29 Signature Algorithm: sha256WithRSAEncryption 4f:94:2f:b9:ac:c0:40:48:61:70:ea:f7:17:2e:6c:1f:b7:00: cd:f5:f2:74:68:0f:06:d6:4c:4e:de:7b:89:33:d5:2e:cd:c6: 5e:3c:54:eb:50:eb:c9:6d:a1:49:65:31:80:77:a0:a1:e9:2e: b6:7b:2b:e4:dd:26:bc:3c:77:6a:19:2d:ea:09:b7:22:fc:52: 5f:f5:56:f1:94:30:b8:0d:1a:15:10:70:1c:f0:07:2b:4b:2a: 6b:1f:4d:08:02:f1:8f:a3:b2:61:55:27:9f:17:8a:15:79:de: a1:73:89:db:77:8f:8c:16:3d:73:6b:f5:c8:74:05:d3:e6:c6: 00:e0:ec:90:e1:e0:a9:a0:5a:62:db:5a:0d:bb:93:2f:ce:06: c2:81:b4:2d:21:14:48:6d:52:45:f7:57:78:8b:03:46:bc:c5: 97:c1:5c:49:21:bb:cc:a1:18:6f:e9:f4:a8:d2:62:3d:82:33: 2c:6e:33:f8:33:69:ca:09:4b:68:d6:6b:5c:9f:74:c0:eb:12: 44:6d:c8:3e:98:31:30:67:81:e4:c7:88:65:e5:49:07:92:bb: 37:e7:25:3c:60:28:31:94:4e:eb:43:06:47:4d:33:b0:68:d3: 4d:58:08:38:0e:6b:3f:c1:88:96:92:26:36:1d:ed:3a:d1:14: 49:54:ec:0a -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8gKAE0WzGCNC8WDM/9K2tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MjBhMjA0ZjRlMDljYzgzYTYyNThkN2FhNDRmN2QyZjBm YTQ0YTAwHhcNMjYwMTAyMDIxOTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZTgxZmM3NTIyNzU3MzI0MjJjMGU4NjA3OGUzYWM3MTQ2Mjk2YjgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx1XDgEsjQB5xHEX0TB5TGnBAACg Nyv9MjRWRE2NlzL1zT4ubQOD++9iaarvX+Mmg7knlTDUvW/j4JZmiPDDNsQU3kQS PchsC38m3XNqiqbcm7uTv5gQuoM/ZsR/s+P8ySglb76NmdXKeKV0SNLHsHbqOXCf qSHIauCRMj7Vlq+cWBNf9MD1p3mBROiw2UW5Gv42O1ig1FytXXCafkAa+IGebSMN T5wfTbKctqqiHvp2LWRVRPugF+TimTPmAT9cJaiPlzHuo3Hy7GXbE9Bb7Qvk72hR IUREVlBjCvtRG5Fnmj71/yqrEDRh/xPKgKYDEsCVi7tJ/ARtI/o2OciixwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFK6B/HUidXMkIsDoYHjjrHFGKWuBMB8GA1UdIwQY MBaAFLUgogT04JzIOmJY16pE99Lw+kSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAt YjhiMWU0YjRlY2I5LzEvcm9IOGRTSjFjeVFpd09oZ2VPT3NjVVlwYTRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAtYjhiMWU0YjRlY2I5 LzEvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZn4AwQA uaoJMA0EAgACMAcDBQMqEPnAMA0GCSqGSIb3DQEBCwUAA4IBAQBPlC+5rMBASGFw 6vcXLmwftwDN9fJ0aA8G1kxO3nuJM9UuzcZePFTrUOvJbaFJZTGAd6Ch6S62eyvk 3Sa8PHdqGS3qCbci/FJf9VbxlDC4DRoVEHAc8AcrSyprH00IAvGPo7JhVSefF4oV ed6hc4nbd4+MFj1za/XIdAXT5sYA4OyQ4eCpoFpi21oNu5MvzgbCgbQtIRRIbVJF 91d4iwNGvMWXwVxJIbvMoRhv6fSo0mI9gjMsbjP4M2nKCUto1mtcn3TA6xJEbcg+ mDEwZ4Hkx4hl5UkHkrs35yU8YCgxlE7rQwZHTTOwaNNNWAg4Dms/wYiWkiY2He06 0RRJVOwK -----END CERTIFICATE-----Generated at Mon Jan 26 08:38:37 2026 by rpki-client