This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/mHSS8RyZtCL3oy4A4lGV53Ojtss.roa File: mHSS8RyZtCL3oy4A4lGV53Ojtss.roa (raw, json) Hash identifier: X30x02zaQbh4spEXrHW+ai+XgKCrKHdGXIu04TJmAmo= Subject key identifier: 98:74:92:F1:1C:99:B4:22:F7:A3:2E:00:E2:51:95:E7:73:A3:B6:CB Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9 Certificate serial: 019B7F845BFBF4749D09D9A8AC578ED2DDB7 Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/mHSS8RyZtCL3oy4A4lGV53Ojtss.roa Signing time: Fri 02 Jan 2026 16:22:19 +0000 ROA not before: Fri 02 Jan 2026 16:22:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9215 IP address blocks: 85.153.180.0/24 maxlen: 24 212.252.64.0/24 maxlen: 24 212.252.65.0/24 maxlen: 24 212.252.67.0/24 maxlen: 24 212.252.75.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:5b:fb:f4:74:9d:09:d9:a8:ac:57:8e:d2:dd:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9 Validity Not Before: Jan 2 16:22:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=987492f11c99b422f7a32e00e25195e773a3b6cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:5b:8e:5a:02:c0:03:81:d1:8f:eb:7a:c3:92: 59:e5:7a:d4:f1:d5:f7:b6:4c:36:32:63:8f:ff:f6: df:70:88:ba:d5:47:f4:24:b2:d4:ac:0d:4b:d2:fc: 29:0d:52:4d:a1:d5:96:52:ea:6e:6c:09:03:2b:4a: 50:4e:35:ee:84:6e:6c:b6:cc:3b:f9:ca:7d:48:1d: 83:72:a9:4f:a4:c3:47:56:3c:6c:c3:30:cb:0d:5d: ce:e5:1d:d0:51:55:19:36:5d:64:3d:c8:a8:06:46: 56:87:19:03:80:51:62:45:95:17:78:fd:e5:36:4f: 8d:73:2a:57:8a:95:74:ab:57:ea:1a:06:54:63:5e: 91:ea:48:62:bf:9b:41:79:89:16:3d:79:72:3c:3b: 42:37:75:40:e5:05:41:49:9f:1d:e7:16:eb:2e:a6: 02:8d:8e:7f:df:c1:15:6f:19:d0:a4:06:84:2b:99: 31:e7:83:95:32:09:9d:66:9a:32:c6:ff:81:c4:e2: 95:a2:71:64:05:56:a5:d5:1e:56:cd:10:ab:6f:2d: ff:c8:49:2f:c0:0f:3d:bf:cc:b3:36:cb:9e:cb:91: 7d:2b:44:4f:69:93:a8:2d:ac:9a:5f:a4:7b:e8:a9: 5f:d9:c9:0f:1d:1c:3b:f3:00:d5:5e:c8:df:de:39: 05:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:74:92:F1:1C:99:B4:22:F7:A3:2E:00:E2:51:95:E7:73:A3:B6:CB X509v3 Authority Key Identifier: keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/mHSS8RyZtCL3oy4A4lGV53Ojtss.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.153.180.0/24 212.252.64.0/23 212.252.67.0/24 212.252.75.0/24 Signature Algorithm: sha256WithRSAEncryption 57:d2:83:38:2e:1a:7a:d2:e7:a8:d2:9c:db:fc:a2:f2:e9:e2: 4e:72:45:68:03:7a:bd:e2:5e:c2:28:2a:88:8c:9f:2e:ab:a5: 8f:2d:37:99:7e:02:7e:fb:30:87:c9:70:a2:dc:89:89:e1:86: 12:51:c0:28:b3:3c:2d:29:8f:cf:ba:4c:4f:2b:94:27:34:1c: 25:af:f2:a6:b8:06:ec:f1:d0:6d:75:02:4a:15:03:9e:f4:66: 3c:fb:81:cf:10:44:3a:ca:fd:c6:fc:d7:26:e5:f5:3c:72:5e: 85:db:62:33:9a:57:56:79:33:9a:a6:1a:51:88:52:37:97:e5: 1a:51:7b:66:dc:19:0b:29:53:d3:ff:7a:78:1f:1e:c4:b6:79: 32:79:92:a9:30:67:fc:84:7f:28:ab:0e:21:bb:84:cb:a5:66: 3b:5e:88:2e:42:aa:f5:2f:9c:e4:cc:9d:d9:ab:41:2f:fe:43: 2c:b7:65:b6:90:1e:68:b8:fc:aa:e0:ac:aa:ae:0d:e5:ef:35: 45:14:fe:82:34:d2:dd:dc:ea:f5:d6:72:6a:89:b8:ff:f2:7c: 53:4a:83:f7:1e:dd:cb:1c:e6:06:2a:53:5d:c8:90:a8:33:61: 92:4a:41:0f:27:00:c2:24:2b:c2:49:ad:38:3b:30:61:52:3a: d5:81:9e:86 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt/hFv79HSdCdmorFeO0t23MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm YmQzZTkwHhcNMjYwMTAyMTYyMjE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ODc0OTJmMTFjOTliNDIyZjdhMzJlMDBlMjUxOTVlNzczYTNiNmNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxluOWgLAA4HRj+t6w5JZ5XrU8dX3 tkw2MmOP//bfcIi61Uf0JLLUrA1L0vwpDVJNodWWUupubAkDK0pQTjXuhG5stsw7 +cp9SB2DcqlPpMNHVjxswzDLDV3O5R3QUVUZNl1kPcioBkZWhxkDgFFiRZUXeP3l Nk+NcypXipV0q1fqGgZUY16R6khiv5tBeYkWPXlyPDtCN3VA5QVBSZ8d5xbrLqYC jY5/38EVbxnQpAaEK5kx54OVMgmdZpoyxv+BxOKVonFkBVal1R5WzRCrby3/yEkv wA89v8yzNsuey5F9K0RPaZOoLayaX6R76Klf2ckPHRw78wDVXsjf3jkFawIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFJh0kvEcmbQi96MuAOJRledzo7bLMB8GA1UdIwQY MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt ZjJiZTlmNmM2NjRjLzEvbUhTUzhSeVp0Q0wzb3k0QTRsR1Y1M09qdHNzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVZm0AwQB 1PxAAwQA1PxDAwQA1PxLMA0GCSqGSIb3DQEBCwUAA4IBAQBX0oM4Lhp60ueo0pzb /KLy6eJOckVoA3q94l7CKCqIjJ8uq6WPLTeZfgJ++zCHyXCi3ImJ4YYSUcAoszwt KY/PukxPK5QnNBwlr/KmuAbs8dBtdQJKFQOe9GY8+4HPEEQ6yv3G/Ncm5fU8cl6F 22IzmldWeTOaphpRiFI3l+UaUXtm3BkLKVPT/3p4Hx7EtnkyeZKpMGf8hH8oqw4h u4TLpWY7XoguQqr1L5zkzJ3Zq0Ev/kMst2W2kB5ouPyq4Kyqrg3l7zVFFP6CNNLd 3Or11nJqibj/8nxTSoP3Ht3LHOYGKlNdyJCoM2GSSkEPJwDCJCvCSa04OzBhUjrV gZ6G -----END CERTIFICATE-----Generated at Sun Jan 25 22:14:51 2026 by rpki-client