This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/5h6iiCzzgrx94impUF3-0E0VH4M.roa File: 5h6iiCzzgrx94impUF3-0E0VH4M.roa (raw, json) Hash identifier: gAmFQIrj0BhLKJIyD6cNTjoBJomwxcy0Bn5O+lbR7yM= Subject key identifier: E6:1E:A2:88:2C:F3:82:BC:7D:E2:29:A9:50:5D:FE:D0:4D:15:1F:83 Certificate issuer: /CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3 Certificate serial: 019B7910E1EC286742DD90F3BFEC6C48EDE4 Authority key identifier: 37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/5h6iiCzzgrx94impUF3-0E0VH4M.roa Signing time: Thu 01 Jan 2026 10:18:28 +0000 ROA not before: Thu 01 Jan 2026 10:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215671 IP address blocks: 5.22.200.0/24 maxlen: 24 5.22.201.0/24 maxlen: 24 193.19.147.0/24 maxlen: 24 2a06:bd40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.mft rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 04:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:e1:ec:28:67:42:dd:90:f3:bf:ec:6c:48:ed:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3 Validity Not Before: Jan 1 10:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e61ea2882cf382bc7de229a9505dfed04d151f83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:0e:41:5b:b9:1b:48:4b:3d:b5:40:54:3a:15: 0a:94:ff:31:9c:e6:25:b3:7b:53:7f:09:8a:d3:2b: 6a:03:fa:b1:63:f4:23:5e:d4:a8:08:8c:1b:07:50: 4a:b4:32:72:2c:df:72:93:53:16:39:60:6b:3c:6b: b0:da:01:bb:54:83:95:d4:30:7e:9f:c7:88:e3:29: 78:5b:27:81:fa:e7:26:e7:07:11:98:cc:8b:05:e5: 00:42:0a:41:e8:58:7d:f6:c9:5c:93:a6:d8:2d:2b: 79:00:c1:0e:89:90:c3:ad:17:01:ba:8a:2b:57:60: 3e:fe:59:9b:4c:bb:9b:b8:6b:8d:9c:b3:89:a4:ce: 99:13:64:c9:e8:01:51:be:c9:97:4d:ca:77:4c:db: 67:69:ab:39:61:ce:f8:d3:98:f0:2f:81:80:bf:d4: ef:1e:8e:79:6c:53:ec:58:cf:cb:a6:48:89:3b:9c: c8:51:18:99:b6:28:73:4b:23:ee:1d:cb:21:b7:5e: bf:0a:9f:08:fd:29:1a:f2:ba:1c:bd:69:8f:e8:9c: 02:00:c5:6b:26:79:18:6d:1f:8a:0c:15:22:68:e6: 79:5f:9a:71:e3:29:86:72:99:8e:43:91:70:35:da: 93:f4:f2:3a:c4:4e:7e:a1:98:2b:96:c0:e9:f0:1b: 88:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:1E:A2:88:2C:F3:82:BC:7D:E2:29:A9:50:5D:FE:D0:4D:15:1F:83 X509v3 Authority Key Identifier: keyid:37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/5h6iiCzzgrx94impUF3-0E0VH4M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.22.200.0/23 193.19.147.0/24 IPv6: 2a06:bd40::/29 Signature Algorithm: sha256WithRSAEncryption 78:cd:cf:92:8b:0b:a4:f0:4d:e6:df:2b:d0:83:8b:64:76:04: 57:c8:f5:9f:c3:fa:c1:d4:e7:dc:db:74:3a:e5:e4:8d:75:ab: 25:76:54:b7:6e:ca:e3:16:16:a2:65:ea:13:eb:74:ab:31:61: 34:be:82:81:75:64:99:9d:3a:57:5e:6a:ff:d6:bc:83:5f:88: 71:a6:df:22:11:a6:a5:24:8a:4f:11:19:5e:67:8a:71:7d:a9: b4:7b:b5:d8:63:6e:e4:7c:93:1b:6b:3e:0a:46:8f:92:e4:a3: af:c0:b0:0d:32:9a:d7:f9:65:a1:21:53:a3:53:30:95:73:92: cf:c9:7e:8f:b5:64:89:78:24:2f:c4:1a:e1:21:ea:04:4b:25: 5c:77:91:69:0e:6d:c1:67:df:75:71:cf:7d:a5:ee:ef:a5:73: e3:35:be:9e:48:2a:58:c1:22:8f:12:c3:28:a0:aa:97:e3:a0: f5:15:5a:d2:a2:79:ef:31:9f:c9:04:8f:f8:59:54:39:00:3f: ef:11:8e:ec:e9:84:8f:63:d8:95:f7:c4:c6:02:7b:0c:89:01: 1f:8a:94:6a:ae:28:24:6e:4f:6e:77:a8:48:89:a4:8b:04:c2: 00:c4:de:b4:16:c1:55:ee:d1:75:84:d7:46:c3:f1:fe:e1:e3: ca:32:6a:6a -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5EOHsKGdC3ZDzv+xsSO3kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM3NGY2ZjNlM2NiOTczYmFjOGE0M2Y2YzBiODA2YjNkMTFj OWFkYzMwHhcNMjYwMTAxMTAxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNjFlYTI4ODJjZjM4MmJjN2RlMjI5YTk1MDVkZmVkMDRkMTUxZjgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Q5BW7kbSEs9tUBUOhUKlP8xnOYl s3tTfwmK0ytqA/qxY/QjXtSoCIwbB1BKtDJyLN9yk1MWOWBrPGuw2gG7VIOV1DB+ n8eI4yl4WyeB+ucm5wcRmMyLBeUAQgpB6Fh99slck6bYLSt5AMEOiZDDrRcBuoor V2A+/lmbTLubuGuNnLOJpM6ZE2TJ6AFRvsmXTcp3TNtnaas5Yc7405jwL4GAv9Tv Ho55bFPsWM/LpkiJO5zIURiZtihzSyPuHcsht16/Cp8I/Ska8rocvWmP6JwCAMVr JnkYbR+KDBUiaOZ5X5px4ymGcpmOQ5FwNdqT9PI6xE5+oZgrlsDp8BuIDQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFOYeoogs84K8feIpqVBd/tBNFR+DMB8GA1UdIwQY MBaAFDdPbz48uXO6yKQ/bAuAaz0Rya3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMt YzAxNzdkZmRhODQ3LzEvNWg2aWlDenpncng5NGltcFVGMy0wRTBWSDRNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMtYzAxNzdkZmRhODQ3 LzEvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBBRbIAwQA wROTMA0EAgACMAcDBQMqBr1AMA0GCSqGSIb3DQEBCwUAA4IBAQB4zc+Siwuk8E3m 3yvQg4tkdgRXyPWfw/rB1Ofc23Q65eSNdasldlS3bsrjFhaiZeoT63SrMWE0voKB dWSZnTpXXmr/1ryDX4hxpt8iEaalJIpPERleZ4pxfam0e7XYY27kfJMbaz4KRo+S 5KOvwLANMprX+WWhIVOjUzCVc5LPyX6PtWSJeCQvxBrhIeoESyVcd5FpDm3BZ991 cc99pe7vpXPjNb6eSCpYwSKPEsMooKqX46D1FVrSonnvMZ/JBI/4WVQ5AD/vEY7s 6YSPY9iV98TGAnsMiQEfipRqrigkbk9ud6hIiaSLBMIAxN60FsFV7tF1hNdGw/H+ 4ePKMmpq -----END CERTIFICATE-----Generated at Mon Jan 26 12:22:08 2026 by rpki-client