This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/8hDvXAFXtwTiaPxitWHApgLE65k.roa File: 8hDvXAFXtwTiaPxitWHApgLE65k.roa (raw, json) Hash identifier: EiRwFtmOo1DVVx7O1xctBpgvgnvAfczha5+H5oxZvkk= Subject key identifier: F2:10:EF:5C:01:57:B7:04:E2:68:FC:62:B5:61:C0:A6:02:C4:EB:99 Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc Certificate serial: 019B7BA51985951F364EF4B639F2FD6CB759 Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/8hDvXAFXtwTiaPxitWHApgLE65k.roa Signing time: Thu 01 Jan 2026 22:19:36 +0000 ROA not before: Thu 01 Jan 2026 22:19:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212012 IP address blocks: 91.240.72.0/24 maxlen: 24 185.42.232.0/24 maxlen: 24 185.42.233.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.mft rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:19:85:95:1f:36:4e:f4:b6:39:f2:fd:6c:b7:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc Validity Not Before: Jan 1 22:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f210ef5c0157b704e268fc62b561c0a602c4eb99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:ec:b8:7a:dd:ef:04:4e:08:43:a6:d4:3e:06: 90:e5:fc:7b:4d:b4:55:23:92:74:59:37:63:de:03: 96:c5:22:4b:41:8d:c8:e8:96:ef:dd:0c:a8:a4:1f: 29:69:31:30:e4:90:2d:2c:f8:4e:de:bc:a2:58:e8: 29:1f:71:32:5d:a1:21:c7:a4:f3:a4:af:f7:08:ce: 10:71:47:cb:29:1e:a0:69:2f:80:1f:b8:29:6f:09: 01:fb:31:58:9b:c9:4a:06:ee:3a:1e:2e:5a:f2:12: 82:d4:c7:78:7d:45:34:de:35:d5:31:66:b7:a4:1f: b2:89:c2:bc:da:c2:ef:a3:79:a1:62:6f:76:c4:e1: 80:12:96:07:f7:7a:12:db:24:73:1e:48:83:b6:12: 5c:9a:85:8b:ef:57:6f:12:68:a4:bc:0f:5f:f1:17: e2:75:e0:ae:0f:ed:9d:6a:1d:a5:f9:a2:27:85:f8: 75:80:e9:29:3c:02:8a:ca:5b:81:85:50:4f:ba:c9: b0:87:5d:2d:3d:5c:dc:f8:9d:f8:da:13:a3:88:1c: 78:6f:a9:b1:13:47:fe:dc:17:96:93:17:ea:62:87: d8:aa:a9:99:e1:f2:40:6a:b2:76:36:c3:83:ab:72: 08:d1:d1:bc:1f:1a:aa:e5:09:fb:83:61:8c:47:ff: c1:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:10:EF:5C:01:57:B7:04:E2:68:FC:62:B5:61:C0:A6:02:C4:EB:99 X509v3 Authority Key Identifier: keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/8hDvXAFXtwTiaPxitWHApgLE65k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.240.72.0/24 185.42.232.0/23 Signature Algorithm: sha256WithRSAEncryption 6f:d0:d4:db:d0:73:74:c5:7b:9e:77:73:af:bd:0b:9c:46:e3: cb:b8:27:a8:d1:43:b4:57:60:3d:b3:90:bc:54:ef:e5:07:e9: ac:a3:98:e7:97:5c:20:5f:fe:32:e3:67:1c:fa:6e:6c:58:81: ba:f4:d1:1d:78:a7:70:75:9f:e8:b9:42:be:ae:80:33:99:98: 5c:67:8f:51:dd:08:67:87:c9:2a:8b:c9:67:a7:1a:95:7a:6f: 5f:e8:31:a2:ba:dd:a1:c9:f1:24:55:f2:12:d5:00:36:14:f9: 30:da:7d:ea:95:fc:88:cc:1b:91:ac:73:00:ee:de:63:00:1c: c5:b0:14:ec:8b:9c:b2:4f:6e:62:ad:72:95:51:d3:07:61:c1: 44:93:4d:d9:9e:25:24:22:9f:c3:a6:9c:48:48:40:80:07:0b: 29:e1:eb:78:5c:77:a2:a2:d0:a2:69:ec:05:b8:d5:03:af:96: 88:c6:c4:97:c0:76:3e:af:54:86:d5:e4:83:ea:02:ac:7b:67: a7:81:c1:3f:98:10:34:7f:7e:8a:6b:93:17:e3:e6:93:35:bf: 6b:46:f6:6d:2d:19:29:36:d8:43:d8:c4:fd:89:5b:d7:a6:b6: 65:0c:a9:b0:2f:0e:15:3a:ff:9e:fc:4c:7c:3a:00:4b:b4:a8: 09:69:39:fd -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7pRmFlR82TvS2OfL9bLdZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux ZTllZGMwHhcNMjYwMTAxMjIxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMjEwZWY1YzAxNTdiNzA0ZTI2OGZjNjJiNTYxYzBhNjAyYzRlYjk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOy4et3vBE4IQ6bUPgaQ5fx7TbRV I5J0WTdj3gOWxSJLQY3I6Jbv3QyopB8paTEw5JAtLPhO3ryiWOgpH3EyXaEhx6Tz pK/3CM4QcUfLKR6gaS+AH7gpbwkB+zFYm8lKBu46Hi5a8hKC1Md4fUU03jXVMWa3 pB+yicK82sLvo3mhYm92xOGAEpYH93oS2yRzHkiDthJcmoWL71dvEmikvA9f8Rfi deCuD+2dah2l+aInhfh1gOkpPAKKyluBhVBPusmwh10tPVzc+J342hOjiBx4b6mx E0f+3BeWkxfqYofYqqmZ4fJAarJ2NsODq3II0dG8Hxqq5Qn7g2GMR//BuwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFPIQ71wBV7cE4mj8YrVhwKYCxOuZMB8GA1UdIwQY MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt MTAwZWVkODEyYzQwLzEvOGhEdlhBRlh0d1RpYVB4aXRXSEFwZ0xFNjVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMtMTAwZWVkODEyYzQw LzEvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/BIAwQB uSroMA0GCSqGSIb3DQEBCwUAA4IBAQBv0NTb0HN0xXued3OvvQucRuPLuCeo0UO0 V2A9s5C8VO/lB+mso5jnl1wgX/4y42cc+m5sWIG69NEdeKdwdZ/ouUK+roAzmZhc Z49R3Qhnh8kqi8lnpxqVem9f6DGiut2hyfEkVfIS1QA2FPkw2n3qlfyIzBuRrHMA 7t5jABzFsBTsi5yyT25irXKVUdMHYcFEk03ZniUkIp/DppxISECABwsp4et4XHei otCiaewFuNUDr5aIxsSXwHY+r1SG1eSD6gKse2engcE/mBA0f36Ka5MX4+aTNb9r RvZtLRkpNthD2MT9iVvXprZlDKmwLw4VOv+e/Ex8OgBLtKgJaTn9 -----END CERTIFICATE-----Generated at Mon Jan 26 05:04:45 2026 by rpki-client