This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/RGHMhabHZkPW5wXprVh6WUeUNEU.roa File: RGHMhabHZkPW5wXprVh6WUeUNEU.roa (raw, json) Hash identifier: aWxpktwD4HwK4DqUq/i3jSDZlGsjYGbb6rrk+6zxpz0= Subject key identifier: 44:61:CC:85:A6:C7:66:43:D6:E7:05:E9:AD:58:7A:59:47:94:34:45 Certificate issuer: /CN=aa5b471d0ba089d9e9f46c291319674fac8128d0 Certificate serial: 019B7BA37CB0A656A8AB0ED5C8BF4E2616B0 Authority key identifier: AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/RGHMhabHZkPW5wXprVh6WUeUNEU.roa Signing time: Thu 01 Jan 2026 22:17:50 +0000 ROA not before: Thu 01 Jan 2026 22:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207922 IP address blocks: 185.83.126.0/23 maxlen: 23 195.26.8.0/24 maxlen: 24 195.28.6.0/23 maxlen: 23 195.28.7.0/24 maxlen: 24 2a05:9b40::/29 maxlen: 29 2a0f:4a40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:7c:b0:a6:56:a8:ab:0e:d5:c8:bf:4e:26:16:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa5b471d0ba089d9e9f46c291319674fac8128d0 Validity Not Before: Jan 1 22:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4461cc85a6c76643d6e705e9ad587a5947943445 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:3e:d5:96:a0:69:bd:68:ff:dc:61:9c:e8:d3: 81:d6:9c:58:43:49:a4:e3:7b:ca:64:26:7f:ed:6f: 03:e5:28:d0:0b:2b:9d:88:96:50:e5:48:70:42:e2: 5c:f5:cc:78:6f:1d:de:46:15:d6:73:60:f3:9d:db: 12:6d:78:34:52:bc:e1:3e:9b:d1:91:54:56:74:7b: 31:df:92:ed:9f:cd:3e:bb:fc:e4:25:ce:53:24:7b: e8:85:fd:a8:04:00:b5:79:87:69:6c:46:72:9e:af: c4:85:46:2a:42:0c:1e:99:2e:0b:97:d9:b6:79:0e: c1:91:ea:07:40:b3:54:c5:26:ca:24:59:80:37:68: bf:09:be:b2:0b:9b:49:bc:6c:e8:62:95:dc:ad:56: aa:2a:73:72:ef:50:62:65:0d:61:ef:88:b3:57:75: ab:9f:ef:b7:e0:d5:47:b7:1f:91:93:29:ea:b5:ed: b6:97:02:8f:10:0f:fa:cd:7a:cc:ba:02:7d:4e:cc: a0:65:57:5c:bb:28:99:32:14:9a:0e:11:3d:62:b2: be:3f:b5:8f:1d:38:c6:bf:4d:b6:1a:46:3d:d9:a8: 68:aa:70:05:70:03:c8:b1:15:58:71:21:c3:da:8c: 29:1f:d8:b1:e5:b3:a2:ac:34:79:cd:6c:b8:28:06: 50:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:61:CC:85:A6:C7:66:43:D6:E7:05:E9:AD:58:7A:59:47:94:34:45 X509v3 Authority Key Identifier: keyid:AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/RGHMhabHZkPW5wXprVh6WUeUNEU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.83.126.0/23 195.26.8.0/24 195.28.6.0/23 IPv6: 2a05:9b40::/29 2a0f:4a40::/29 Signature Algorithm: sha256WithRSAEncryption 9a:75:5b:e4:f2:a5:b3:09:fa:6a:0b:2a:c0:54:83:87:b9:eb: d0:f6:01:eb:5a:59:ff:85:d4:f1:20:ff:a8:e6:5d:29:47:ca: bb:42:ba:d9:21:90:80:dc:4f:39:4b:20:48:dc:85:fd:c6:b5: 3c:4f:ca:a7:45:45:d7:92:d2:78:0b:72:ca:15:ef:18:04:b5: 9b:c0:4e:2c:0d:9f:35:66:f3:32:5a:c6:79:ea:97:79:83:d3: f1:9e:cb:8c:c1:b2:d1:73:4d:98:ee:85:28:ba:a8:bb:48:f4: 93:a4:e6:c7:a6:ea:b4:08:0f:24:25:e6:3f:76:71:7c:e3:1d: 81:7c:49:d5:c0:ec:05:a9:15:c7:fe:ce:e7:c1:9e:1a:64:fd: 77:04:70:6e:26:0c:30:93:55:79:77:6e:13:08:c3:63:a9:06: 9b:f5:25:ab:6c:11:c9:96:62:59:db:28:d5:30:83:b5:51:01: 50:ea:ad:17:62:85:2a:0b:5a:99:d9:58:65:37:ea:f4:46:3d: dc:94:7e:fc:59:73:a0:00:6f:76:35:b8:64:32:69:77:c2:eb: 4f:0d:bb:0f:66:db:ed:4c:db:22:8d:2d:08:10:f7:b7:99:eb: f7:c3:84:7c:ae:28:dc:e9:af:69:7f:7b:df:7d:78:9b:5c:78: 62:0d:e0:39 -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt7o3ywplaoqw7VyL9OJhawMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNWI0NzFkMGJhMDg5ZDllOWY0NmMyOTEzMTk2NzRmYWM4 MTI4ZDAwHhcNMjYwMTAxMjIxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NDYxY2M4NWE2Yzc2NjQzZDZlNzA1ZTlhZDU4N2E1OTQ3OTQzNDQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD7VlqBpvWj/3GGc6NOB1pxYQ0mk 43vKZCZ/7W8D5SjQCyudiJZQ5UhwQuJc9cx4bx3eRhXWc2DzndsSbXg0UrzhPpvR kVRWdHsx35Ltn80+u/zkJc5TJHvohf2oBAC1eYdpbEZynq/EhUYqQgwemS4Ll9m2 eQ7BkeoHQLNUxSbKJFmAN2i/Cb6yC5tJvGzoYpXcrVaqKnNy71BiZQ1h74izV3Wr n++34NVHtx+Rkynqte22lwKPEA/6zXrMugJ9TsygZVdcuyiZMhSaDhE9YrK+P7WP HTjGv022GkY92ahoqnAFcAPIsRVYcSHD2owpH9ix5bOirDR5zWy4KAZQywIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFERhzIWmx2ZD1ucF6a1YellHlDRFMB8GA1UdIwQY MBaAFKpbRx0LoInZ6fRsKRMZZ0+sgSjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgt NmYyZTI1MjliZTgyLzEvUkdITWhhYkhaa1BXNXdYcHJWaDZXVWVVTkVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgy LzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQBuVN+AwQA wxoIAwQBwxwGMBQEAgACMA4DBQMqBZtAAwUDKg9KQDANBgkqhkiG9w0BAQsFAAOC AQEAmnVb5PKlswn6agsqwFSDh7nr0PYB61pZ/4XU8SD/qOZdKUfKu0K62SGQgNxP OUsgSNyF/ca1PE/Kp0VF15LSeAtyyhXvGAS1m8BOLA2fNWbzMlrGeeqXeYPT8Z7L jMGy0XNNmO6FKLqou0j0k6Tmx6bqtAgPJCXmP3ZxfOMdgXxJ1cDsBakVx/7O58Ge GmT9dwRwbiYMMJNVeXduEwjDY6kGm/Ulq2wRyZZiWdso1TCDtVEBUOqtF2KFKgta mdlYZTfq9EY93JR+/FlzoABvdjW4ZDJpd8LrTw27D2bb7UzbIo0tCBD3t5nr98OE fK4o3OmvaX973314m1x4Yg3gOQ== -----END CERTIFICATE-----Generated at Mon Jan 26 07:23:41 2026 by rpki-client