This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/642eb2-3fb9-4f0e-baf4-8cd79527e530/1/HSBygkTf7dqe7U2WUtpBTUwaXQw.roa File: HSBygkTf7dqe7U2WUtpBTUwaXQw.roa (raw, json) Hash identifier: Q1fpKqfIKqh1y1ml1lJpLEsGSFZBg21ZMx4ehtCz8ig= Subject key identifier: 1D:20:72:82:44:DF:ED:DA:9E:ED:4D:96:52:DA:41:4D:4C:1A:5D:0C Certificate issuer: /CN=b8951c8514b7dd21b333abb33caca3c4dae9d709 Certificate serial: 019B7CED506D14A3AC4F3C9729E97CF6567F Authority key identifier: B8:95:1C:85:14:B7:DD:21:B3:33:AB:B3:3C:AC:A3:C4:DA:E9:D7:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uJUchRS33SGzM6uzPKyjxNrp1wk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/642eb2-3fb9-4f0e-baf4-8cd79527e530/1/HSBygkTf7dqe7U2WUtpBTUwaXQw.roa Signing time: Fri 02 Jan 2026 04:18:06 +0000 ROA not before: Fri 02 Jan 2026 04:18:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34756 IP address blocks: 91.221.160.0/24 maxlen: 24 195.242.171.0/24 maxlen: 24 2001:67c:6b0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/642eb2-3fb9-4f0e-baf4-8cd79527e530/1/uJUchRS33SGzM6uzPKyjxNrp1wk.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/642eb2-3fb9-4f0e-baf4-8cd79527e530/1/uJUchRS33SGzM6uzPKyjxNrp1wk.mft rsync://rpki.ripe.net/repository/DEFAULT/uJUchRS33SGzM6uzPKyjxNrp1wk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:50:6d:14:a3:ac:4f:3c:97:29:e9:7c:f6:56:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b8951c8514b7dd21b333abb33caca3c4dae9d709 Validity Not Before: Jan 2 04:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1d20728244dfedda9eed4d9652da414d4c1a5d0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e5:23:29:83:9b:13:ca:6a:c9:5b:5a:22:db: 35:01:f6:43:d9:a9:c5:eb:fb:d3:4f:aa:11:82:f9: b0:ec:fb:64:87:06:f8:c3:6c:21:8e:a4:82:00:8b: 77:a6:a9:5f:42:e0:e5:cd:af:34:58:01:51:f3:a5: 75:aa:79:84:fc:1d:69:3f:b7:cb:6c:ed:77:ec:a9: e5:84:d5:68:88:ac:a6:6e:cf:fa:5b:1d:93:c8:6a: 48:fe:12:2d:ca:a4:59:0e:5b:78:e4:b1:0b:2f:c8: e6:2c:ad:20:e9:3c:99:04:16:f1:f3:0d:ae:e0:8b: 32:c0:b9:13:0e:91:d7:3f:6f:23:53:7f:4b:b9:9d: fb:12:b5:8d:49:53:03:7e:41:dd:b3:5c:0d:38:1c: ce:c8:40:36:64:ce:ef:35:d6:42:aa:6d:fa:31:e9: 27:29:66:f6:ba:cd:fb:8f:5b:b6:71:6b:91:49:8a: 6f:20:7d:6d:75:23:73:73:84:f9:b7:b3:eb:5d:7b: cc:ec:53:49:43:e5:bd:e0:a8:7b:19:27:b7:e6:9d: d9:73:5a:48:6b:e1:5e:d7:b3:6b:ab:c4:81:22:49: 12:8c:e5:91:2f:4d:40:d9:21:14:34:9d:6f:57:0f: f3:3d:3c:ba:00:7b:8a:e0:f3:6a:10:0a:88:d7:b9: 5a:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:20:72:82:44:DF:ED:DA:9E:ED:4D:96:52:DA:41:4D:4C:1A:5D:0C X509v3 Authority Key Identifier: keyid:B8:95:1C:85:14:B7:DD:21:B3:33:AB:B3:3C:AC:A3:C4:DA:E9:D7:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uJUchRS33SGzM6uzPKyjxNrp1wk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/642eb2-3fb9-4f0e-baf4-8cd79527e530/1/HSBygkTf7dqe7U2WUtpBTUwaXQw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/642eb2-3fb9-4f0e-baf4-8cd79527e530/1/uJUchRS33SGzM6uzPKyjxNrp1wk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.221.160.0/24 195.242.171.0/24 IPv6: 2001:67c:6b0::/48 Signature Algorithm: sha256WithRSAEncryption 36:b6:4f:73:79:d9:bd:4a:5f:6e:1a:d0:46:86:d8:f8:53:ee: f8:32:6f:ff:96:6d:7b:eb:b9:e4:20:45:d6:71:06:b6:37:b1: 48:47:93:50:a6:79:e3:65:98:af:39:e4:8c:08:4c:61:cb:fa: f7:cf:5f:33:da:0b:63:f9:fe:20:1a:1c:00:16:08:f0:00:6e: 84:68:34:62:85:d4:00:e3:84:8d:51:b2:5e:23:c5:ba:d2:cb: 07:2c:a1:c4:41:82:2a:c3:17:d6:6a:ae:e5:bb:04:a7:71:25: 41:39:2d:1b:b6:c8:7f:f3:1b:11:be:d7:a4:65:6d:91:b5:ca: f4:43:56:8d:6a:9d:f9:7b:15:60:31:62:1e:df:37:9f:b3:39: 35:bb:32:d4:2b:bd:c4:df:8d:5c:23:ac:14:b5:93:d0:17:0b: c7:80:35:93:a6:69:fd:22:0f:cb:c8:71:2a:13:bf:d1:49:5a: df:d9:10:ea:46:2e:21:38:50:a5:61:f3:cc:08:22:b5:11:08: d0:fb:c5:30:b9:7c:33:87:2a:78:b5:5b:3a:4e:2f:c8:e8:d9: d9:da:7b:2a:e5:78:45:1d:3a:9d:26:ae:a6:22:df:29:d3:07: 96:53:0c:f1:95:22:20:d8:68:5e:8b:d0:0e:5f:25:35:ac:a5: 51:fe:45:75 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt87VBtFKOsTzyXKel89lZ/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI4OTUxYzg1MTRiN2RkMjFiMzMzYWJiMzNjYWNhM2M0ZGFl OWQ3MDkwHhcNMjYwMTAyMDQxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZDIwNzI4MjQ0ZGZlZGRhOWVlZDRkOTY1MmRhNDE0ZDRjMWE1ZDBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeUjKYObE8pqyVtaIts1AfZD2anF 6/vTT6oRgvmw7Ptkhwb4w2whjqSCAIt3pqlfQuDlza80WAFR86V1qnmE/B1pP7fL bO137KnlhNVoiKymbs/6Wx2TyGpI/hItyqRZDlt45LELL8jmLK0g6TyZBBbx8w2u 4IsywLkTDpHXP28jU39LuZ37ErWNSVMDfkHds1wNOBzOyEA2ZM7vNdZCqm36Mekn KWb2us37j1u2cWuRSYpvIH1tdSNzc4T5t7PrXXvM7FNJQ+W94Kh7GSe35p3Zc1pI a+Fe17Nrq8SBIkkSjOWRL01A2SEUNJ1vVw/zPTy6AHuK4PNqEAqI17laNwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFB0gcoJE3+3anu1NllLaQU1MGl0MMB8GA1UdIwQY MBaAFLiVHIUUt90hszOrszyso8Ta6dcJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdUpVY2hSUzMzU0d6TTZ1elBLeWp4TnJwMXdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82NDJlYjItM2ZiOS00ZjBlLWJhZjQt OGNkNzk1MjdlNTMwLzEvSFNCeWdrVGY3ZHFlN1UyV1V0cEJUVXdhWFF3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS82NDJlYjItM2ZiOS00ZjBlLWJhZjQtOGNkNzk1MjdlNTMw LzEvdUpVY2hSUzMzU0d6TTZ1elBLeWp4TnJwMXdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW92gAwQA w/KrMA8EAgACMAkDBwAgAQZ8BrAwDQYJKoZIhvcNAQELBQADggEBADa2T3N52b1K X24a0EaG2PhT7vgyb/+WbXvrueQgRdZxBrY3sUhHk1CmeeNlmK855IwITGHL+vfP XzPaC2P5/iAaHAAWCPAAboRoNGKF1ADjhI1Rsl4jxbrSywcsocRBgirDF9ZqruW7 BKdxJUE5LRu2yH/zGxG+16RlbZG1yvRDVo1qnfl7FWAxYh7fN5+zOTW7MtQrvcTf jVwjrBS1k9AXC8eANZOmaf0iD8vIcSoTv9FJWt/ZEOpGLiE4UKVh88wIIrURCND7 xTC5fDOHKni1WzpOL8jo2dnaeyrleEUdOp0mrqYi3ynTB5ZTDPGVIiDYaF6L0A5f JTWspVH+RXU= -----END CERTIFICATE-----Generated at Sun Jan 25 16:53:54 2026 by rpki-client