This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/H5LfcGZOE0woMI6tdZzE9r7HPEw.roa File: H5LfcGZOE0woMI6tdZzE9r7HPEw.roa (raw, json) Hash identifier: VVvZzi+5Bc0xtUjGUPjjK4zUfhmlu8TSLUbX+UCZJNM= Subject key identifier: 1F:92:DF:70:66:4E:13:4C:28:30:8E:AD:75:9C:C4:F6:BE:C7:3C:4C Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f Certificate serial: 019B7AC9410EC60B3EC068D9BB6736579D3B Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/H5LfcGZOE0woMI6tdZzE9r7HPEw.roa Signing time: Thu 01 Jan 2026 18:19:28 +0000 ROA not before: Thu 01 Jan 2026 18:19:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202265 IP address blocks: 94.199.1.0/24 maxlen: 24 2a04:5b80::/48 maxlen: 48 2a04:5b80:53::/48 maxlen: 48 2a04:5b80:200::/48 maxlen: 48 2a04:5b80:202::/48 maxlen: 48 2a04:5b81:1000::/40 maxlen: 40 2a04:5b81:1fff::/48 maxlen: 48 2a04:5b81:2010::/44 maxlen: 44 2a04:5b81:2060::/44 maxlen: 44 2a04:5b82::/44 maxlen: 44 2a04:5b82:8::/48 maxlen: 48 2a04:5b84:1::/48 maxlen: 48 2a04:5b86:1::/48 maxlen: 48 2a04:5b87:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.mft rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:41:0e:c6:0b:3e:c0:68:d9:bb:67:36:57:9d:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f Validity Not Before: Jan 1 18:19:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f92df70664e134c28308ead759cc4f6bec73c4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:95:55:b2:11:1b:14:eb:2b:e1:92:16:9d:f1: e6:e4:14:db:60:0b:77:80:8e:9a:6b:7b:a8:f6:51: 50:d1:49:66:f3:f5:b8:10:a8:45:bb:47:01:16:38: 38:79:2c:a3:ff:5f:bf:70:25:65:2d:74:45:ef:96: ba:df:22:0d:39:d5:97:e5:f2:5c:e5:ba:4a:de:79: 20:36:3f:41:5f:d5:ec:1b:c7:b6:d1:6e:6c:2f:8b: 09:17:be:64:78:7b:c4:1d:83:d0:d0:9b:a0:d5:60: 0a:c7:8b:17:c9:fc:80:f4:b4:e8:dd:3a:9e:cf:eb: 7e:bc:6c:37:7b:7e:8a:db:7b:29:e3:d4:bf:b6:69: 26:e4:cb:ff:fd:4c:e0:cc:3c:c5:4f:bb:cb:b1:f8: 3a:6b:56:4c:b6:7c:87:2b:f6:0b:22:d2:ed:1e:02: 1d:2f:22:37:80:00:90:c5:12:92:e5:fc:b6:7c:ad: ad:29:16:27:12:c0:3a:fb:34:40:0c:7b:e6:b3:4f: 61:cb:66:fb:2d:74:c1:d5:ab:db:50:26:f0:7c:e2: 32:e3:ae:8c:45:a4:c3:34:4d:ba:75:c8:53:56:cd: 79:55:07:2e:a5:04:86:3b:da:c8:b1:70:d0:78:bd: e9:de:fb:f7:36:e9:c5:58:a4:4d:65:20:0c:ec:95: f8:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:92:DF:70:66:4E:13:4C:28:30:8E:AD:75:9C:C4:F6:BE:C7:3C:4C X509v3 Authority Key Identifier: keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/H5LfcGZOE0woMI6tdZzE9r7HPEw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.199.1.0/24 IPv6: 2a04:5b80::/48 2a04:5b80:53::/48 2a04:5b80:200::/48 2a04:5b80:202::/48 2a04:5b81:1000::/40 2a04:5b81:1fff::/48 2a04:5b81:2010::/44 2a04:5b81:2060::/44 2a04:5b82::/44 2a04:5b84:1::/48 2a04:5b86:1::/48 2a04:5b87:1::/48 Signature Algorithm: sha256WithRSAEncryption 39:0d:96:78:e7:ef:46:f8:e5:6f:13:ed:5c:9d:4e:47:bc:ae: 97:24:54:f5:36:0c:31:93:e9:43:19:80:01:d8:24:a7:e9:e2: 42:59:bd:a6:97:62:b5:43:ed:65:d0:d5:f9:72:0b:65:c6:2f: 31:fe:47:3c:47:c6:e1:eb:5c:27:80:83:64:ba:72:4b:82:83: 47:c1:19:a5:b7:34:71:83:c7:da:d3:a8:15:6a:9e:64:14:81: ed:49:f1:84:6a:11:c9:84:79:c5:92:1c:f8:eb:42:0f:02:6b: 1b:f9:f8:6b:1b:5d:26:69:22:9d:2d:bf:fd:32:5a:85:27:ec: 90:ef:25:1e:77:80:df:cf:b2:d2:ea:11:f4:f6:d0:af:d7:ea: f0:67:1b:02:62:03:c7:6a:69:94:12:73:3a:7f:38:8c:86:63: 8d:65:71:48:b6:d4:b6:6b:54:59:a7:73:87:3d:53:17:f4:1b: 65:2e:e0:79:f9:a3:4d:52:5b:ee:d9:26:e1:d6:38:00:9c:52: 7d:1f:d7:91:93:0f:36:5f:eb:35:03:3b:e9:f5:bc:db:a8:04: 18:8e:18:20:72:cd:ad:2c:23:1d:b9:54:54:fe:27:ee:b4:db: 7d:71:c2:e5:2a:3a:f4:21:8c:a4:1f:5a:12:5b:52:1e:32:5b: cd:c1:98:10 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgISAZt6yUEOxgs+wGjZu2c2V507MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1 MTNhMGYwHhcNMjYwMTAxMTgxOTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjkyZGY3MDY2NGUxMzRjMjgzMDhlYWQ3NTljYzRmNmJlYzczYzRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZVVshEbFOsr4ZIWnfHm5BTbYAt3 gI6aa3uo9lFQ0Ulm8/W4EKhFu0cBFjg4eSyj/1+/cCVlLXRF75a63yINOdWX5fJc 5bpK3nkgNj9BX9XsG8e20W5sL4sJF75keHvEHYPQ0Jug1WAKx4sXyfyA9LTo3Tqe z+t+vGw3e36K23sp49S/tmkm5Mv//UzgzDzFT7vLsfg6a1ZMtnyHK/YLItLtHgId LyI3gACQxRKS5fy2fK2tKRYnEsA6+zRADHvms09hy2b7LXTB1avbUCbwfOIy466M RaTDNE26dchTVs15VQcupQSGO9rIsXDQeL3p3vv3NunFWKRNZSAM7JX4CQIDAQAB o4ICfzCCAnswHQYDVR0OBBYEFB+S33BmThNMKDCOrXWcxPa+xzxMMB8GA1UdIwQY MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt MWQyMWQxYmNlM2ZlLzEvSDVMZmNHWk9FMHdvTUk2dGRaekU5cjdIUEV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTAMBAIAATAGAwQAXscB MHEEAgACMGsDBwAqBFuAAAADBwAqBFuAAFMDBwAqBFuAAgADBwAqBFuAAgIDBgAq BFuBEAMHACoEW4Ef/wMHBCoEW4EgEAMHBCoEW4EgYAMHBCoEW4IAAAMHACoEW4QA AQMHACoEW4YAAQMHACoEW4cAATANBgkqhkiG9w0BAQsFAAOCAQEAOQ2WeOfvRvjl bxPtXJ1OR7yulyRU9TYMMZPpQxmAAdgkp+niQlm9ppditUPtZdDV+XILZcYvMf5H PEfG4etcJ4CDZLpyS4KDR8EZpbc0cYPH2tOoFWqeZBSB7UnxhGoRyYR5xZIc+OtC DwJrG/n4axtdJmkinS2//TJahSfskO8lHneA38+y0uoR9PbQr9fq8GcbAmIDx2pp lBJzOn84jIZjjWVxSLbUtmtUWadzhz1TF/QbZS7gefmjTVJb7tkm4dY4AJxSfR/X kZMPNl/rNQM76fW826gEGI4YIHLNrSwjHblUVP4n7rTbfXHC5So69CGMpB9aEltS HjJbzcGYEA== -----END CERTIFICATE-----Generated at Sun Jan 25 15:06:23 2026 by rpki-client