This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/HAB9cuTsLde3XFXZY2Nbmq3GLUA.roa File: HAB9cuTsLde3XFXZY2Nbmq3GLUA.roa (raw, json) Hash identifier: y8hO0Sxo2F3ybGp859zfrPy+Ge9PA0C88wBSkRBXGYM= Subject key identifier: 1C:00:7D:72:E4:EC:2D:D7:B7:5C:55:D9:63:63:5B:9A:AD:C6:2D:40 Certificate issuer: /CN=1bb45744a541285eea0e4e04e5de766a9c823b53 Certificate serial: 019B775943058610AFBA4B71577C958B8B5B Authority key identifier: 1B:B4:57:44:A5:41:28:5E:EA:0E:4E:04:E5:DE:76:6A:9C:82:3B:53 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G7RXRKVBKF7qDk4E5d52apyCO1M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/HAB9cuTsLde3XFXZY2Nbmq3GLUA.roa Signing time: Thu 01 Jan 2026 02:18:16 +0000 ROA not before: Thu 01 Jan 2026 02:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 64415 IP address blocks: 185.100.248.0/22 maxlen: 22 185.100.248.0/24 maxlen: 24 185.100.249.0/24 maxlen: 24 185.100.250.0/24 maxlen: 24 2a00:9da0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/G7RXRKVBKF7qDk4E5d52apyCO1M.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/G7RXRKVBKF7qDk4E5d52apyCO1M.mft rsync://rpki.ripe.net/repository/DEFAULT/G7RXRKVBKF7qDk4E5d52apyCO1M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:43:05:86:10:af:ba:4b:71:57:7c:95:8b:8b:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1bb45744a541285eea0e4e04e5de766a9c823b53 Validity Not Before: Jan 1 02:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1c007d72e4ec2dd7b75c55d963635b9aadc62d40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:81:ea:4f:65:51:de:51:15:72:51:f7:b9:bb: 52:bb:66:0b:54:7b:5a:fa:71:4b:5e:c6:79:29:10: a9:99:f4:27:da:05:d9:31:c4:40:a5:c1:bc:64:32: 52:f4:6e:cb:0d:ed:d9:b6:8c:0c:15:a2:25:e8:3b: aa:8b:77:b0:d0:2f:2a:3b:fb:f4:62:58:1a:9d:61: eb:32:6e:a9:1c:aa:9f:61:13:c9:08:b3:0d:fe:22: 7e:17:3a:7b:7c:9d:91:f1:2b:4a:2f:bc:83:32:83: b7:5d:a8:f8:89:cd:c2:4c:6f:d9:e8:aa:bc:22:71: 11:56:e3:ce:a5:ce:26:13:b0:3e:4d:83:a7:3f:70: 6a:d1:bc:1b:a9:ae:6a:5a:70:02:a7:aa:4a:54:55: a1:b7:56:db:da:c2:07:fe:89:a0:92:26:9f:ca:74: 60:5b:82:96:96:ea:b6:7a:69:c8:4a:0b:fe:36:1e: 40:aa:5d:f6:31:9d:0e:8c:b1:d1:de:26:29:6b:92: a6:73:58:a5:7f:df:56:a9:6d:db:f9:a8:3a:48:4b: dd:5a:86:0b:f0:9f:fe:a9:e2:59:ef:b5:ee:18:6c: 3a:fc:1a:34:ce:ad:ca:ab:62:44:69:ad:7d:c5:3c: 86:99:1c:7a:29:ed:e9:ec:76:d9:97:55:72:38:4e: c4:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:00:7D:72:E4:EC:2D:D7:B7:5C:55:D9:63:63:5B:9A:AD:C6:2D:40 X509v3 Authority Key Identifier: keyid:1B:B4:57:44:A5:41:28:5E:EA:0E:4E:04:E5:DE:76:6A:9C:82:3B:53 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7RXRKVBKF7qDk4E5d52apyCO1M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/HAB9cuTsLde3XFXZY2Nbmq3GLUA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c63f9e-9e7b-46dc-a402-879979d29e1e/1/G7RXRKVBKF7qDk4E5d52apyCO1M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.100.248.0/22 IPv6: 2a00:9da0::/32 Signature Algorithm: sha256WithRSAEncryption 0e:36:09:e9:3a:7b:17:40:6a:ff:00:41:8b:f2:8f:21:ea:9f: 63:95:71:ba:46:a0:8f:51:e6:8b:79:c4:e6:f5:e8:6d:dd:17: 0c:ff:2b:bb:27:5d:50:13:72:96:d4:c9:c1:62:11:04:70:7c: f0:44:af:03:80:f8:ba:45:ab:66:2f:f3:4f:4e:bd:22:70:5a: ed:e6:5b:87:a7:ce:8c:0f:8a:9a:59:a3:48:65:36:25:1b:77: 4d:b6:68:dd:53:82:19:b2:04:60:e4:bb:31:9f:82:81:71:ac: d6:1f:76:54:25:c2:38:d6:21:95:57:64:98:59:2c:9e:64:6e: e2:06:c4:0b:11:57:71:c7:d8:d5:5a:35:9b:34:4e:35:57:08: 0e:db:33:be:a8:99:d9:a4:9c:f2:11:25:c3:1e:4f:0d:69:c0: ec:07:92:ec:33:97:36:4e:dc:9d:64:c7:c6:e0:9a:1b:bc:84: 27:af:60:f9:39:7b:9d:17:c9:8b:a2:bd:cb:70:8e:43:b1:2b: 3e:cd:62:db:f2:dc:0d:70:1a:18:55:cd:bd:43:79:ef:52:54: c3:5c:19:76:71:25:c6:cd:83:92:bc:9e:62:26:3b:eb:9a:46: 3c:36:fc:7f:37:f1:92:19:b6:c5:27:fa:d7:09:6a:ab:c9:77: 0c:84:11:d0 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3WUMFhhCvuktxV3yVi4tbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiYjQ1NzQ0YTU0MTI4NWVlYTBlNGUwNGU1ZGU3NjZhOWM4 MjNiNTMwHhcNMjYwMTAxMDIxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYzAwN2Q3MmU0ZWMyZGQ3Yjc1YzU1ZDk2MzYzNWI5YWFkYzYyZDQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4HqT2VR3lEVclH3ubtSu2YLVHta +nFLXsZ5KRCpmfQn2gXZMcRApcG8ZDJS9G7LDe3ZtowMFaIl6Duqi3ew0C8qO/v0 YlganWHrMm6pHKqfYRPJCLMN/iJ+Fzp7fJ2R8StKL7yDMoO3Xaj4ic3CTG/Z6Kq8 InERVuPOpc4mE7A+TYOnP3Bq0bwbqa5qWnACp6pKVFWht1bb2sIH/omgkiafynRg W4KWluq2emnISgv+Nh5Aql32MZ0OjLHR3iYpa5Kmc1ilf99WqW3b+ag6SEvdWoYL 8J/+qeJZ77XuGGw6/Bo0zq3Kq2JEaa19xTyGmRx6Ke3p7HbZl1VyOE7ELwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFBwAfXLk7C3Xt1xV2WNjW5qtxi1AMB8GA1UdIwQY MBaAFBu0V0SlQShe6g5OBOXedmqcgjtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzdSWFJLVkJLRjdxRGs0RTVkNTJhcHlDTzFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jNjNmOWUtOWU3Yi00NmRjLWE0MDIt ODc5OTc5ZDI5ZTFlLzEvSEFCOWN1VHNMZGUzWEZYWlkyTmJtcTNHTFVBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi9jNjNmOWUtOWU3Yi00NmRjLWE0MDItODc5OTc5ZDI5ZTFl LzEvRzdSWFJLVkJLRjdxRGs0RTVkNTJhcHlDTzFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWT4MA0E AgACMAcDBQAqAJ2gMA0GCSqGSIb3DQEBCwUAA4IBAQAONgnpOnsXQGr/AEGL8o8h 6p9jlXG6RqCPUeaLecTm9eht3RcM/yu7J11QE3KW1MnBYhEEcHzwRK8DgPi6Ratm L/NPTr0icFrt5luHp86MD4qaWaNIZTYlG3dNtmjdU4IZsgRg5Lsxn4KBcazWH3ZU JcI41iGVV2SYWSyeZG7iBsQLEVdxx9jVWjWbNE41VwgO2zO+qJnZpJzyESXDHk8N acDsB5LsM5c2TtydZMfG4JobvIQnr2D5OXudF8mLor3LcI5DsSs+zWLb8twNcBoY Vc29Q3nvUlTDXBl2cSXGzYOSvJ5iJjvrmkY8Nvx/N/GSGbbFJ/rXCWqryXcMhBHQ -----END CERTIFICATE-----Generated at Mon Jan 26 06:17:54 2026 by rpki-client