This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aohirv7E5-f3mNOa3P1BBx6jGdc.roa File: aohirv7E5-f3mNOa3P1BBx6jGdc.roa (raw, json) Hash identifier: 8SqClX/zt+xpvZVfckH0cHwyGYrHuJ/h7Ey9+EOiLco= Subject key identifier: 6A:88:62:AE:FE:C4:E7:E7:F7:98:D3:9A:DC:FD:41:07:1E:A3:19:D7 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5A95BD1CDBD7AAAFABE4F03E4C16ED Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aohirv7E5-f3mNOa3P1BBx6jGdc.roa Signing time: Thu 01 Jan 2026 16:18:35 +0000 ROA not before: Thu 01 Jan 2026 16:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9002 IP address blocks: 213.218.244.0/24 maxlen: 24 213.218.245.0/24 maxlen: 24 213.218.246.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:95:bd:1c:db:d7:aa:af:ab:e4:f0:3e:4c:16:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a8862aefec4e7e7f798d39adcfd41071ea319d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:3b:7a:2b:b7:c3:09:82:3c:13:04:9d:9c:6a: 4e:a9:17:11:77:ba:c4:9b:8e:5a:30:db:fb:dc:35: 2c:de:ef:5b:07:d2:81:43:cd:61:ed:45:ff:d1:ba: af:b4:b1:aa:cd:e3:ab:38:b7:eb:2a:3d:67:2d:ba: 94:13:a5:c4:c4:0e:30:d5:58:00:17:f4:1a:15:fd: 18:2d:e4:50:a2:e5:06:fc:6b:0c:85:d1:f7:26:18: 88:05:9c:0f:d4:e1:bf:8f:a0:f6:78:ad:45:67:eb: 9a:b0:b0:3e:e6:29:66:13:fa:12:74:4d:56:9c:26: 25:b7:32:dd:7b:49:4a:b4:97:c4:88:e0:68:e9:4d: 32:bd:56:29:a9:0b:f9:cd:7e:46:61:4b:cd:52:af: 90:90:56:f5:69:d3:c9:5f:cf:be:0a:1b:4a:28:71: 67:2f:a8:89:a3:17:9d:c8:de:d6:8e:12:3d:b2:dc: e9:5f:e0:d8:db:e2:4c:f5:6f:50:7f:c0:58:65:66: 2d:4c:e0:55:a0:6a:00:d3:2f:87:47:df:f5:11:1a: 75:de:53:ad:58:72:fa:05:76:30:23:35:e4:59:9e: 3e:c9:7c:a5:2e:89:9e:dc:31:38:f5:f5:d8:f1:ab: 81:c3:ed:ed:50:95:39:2e:9a:7b:d1:ae:3a:46:17: b5:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:88:62:AE:FE:C4:E7:E7:F7:98:D3:9A:DC:FD:41:07:1E:A3:19:D7 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aohirv7E5-f3mNOa3P1BBx6jGdc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.218.244.0-213.218.246.255 Signature Algorithm: sha256WithRSAEncryption a5:11:d1:97:23:15:58:66:3f:b6:03:f0:f4:46:a9:c6:95:c3: 7e:0e:91:d6:0e:fc:a3:6a:fe:33:ca:44:c8:7c:2a:e8:81:83: a6:af:66:be:56:7b:76:14:4f:a0:f6:53:48:a4:ba:5d:62:c5: f8:c4:3e:34:ad:7c:bf:6c:7f:e9:25:a3:33:dc:7e:71:8b:e4: a8:64:61:69:03:f1:bc:2c:ff:e0:21:97:a3:e4:91:17:6c:f2: 52:81:69:c1:f0:d0:5d:3a:88:50:e6:32:ad:f5:bc:5b:78:13: 48:32:f8:bb:2b:0c:68:31:cd:96:a5:25:ef:2a:b0:c1:d8:17: d7:d9:f7:97:c3:9c:d5:86:e3:63:1e:58:79:9a:55:b3:5c:92: 49:af:64:42:88:c0:02:a3:8b:32:21:df:8f:db:ff:49:f4:a9: af:d8:96:24:8f:dc:fe:72:e7:9e:ca:65:24:64:9b:0a:02:e6: e7:a4:79:de:3b:2d:f6:25:f7:43:3c:87:a1:54:01:d0:85:15: da:c5:d7:2c:4b:96:4b:46:04:7c:97:e8:78:77:4e:21:87:cd: 9f:50:e5:01:76:64:4e:a5:d6:bf:33:54:4a:65:ff:8d:72:2e: be:9d:c9:51:f8:32:f3:6d:d8:f9:6c:6e:2b:2a:5b:b2:5e:87: 93:31:48:5b -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt6WpW9HNvXqq+r5PA+TBbtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YTg4NjJhZWZlYzRlN2U3Zjc5OGQzOWFkY2ZkNDEwNzFlYTMxOWQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDt6K7fDCYI8EwSdnGpOqRcRd7rE m45aMNv73DUs3u9bB9KBQ81h7UX/0bqvtLGqzeOrOLfrKj1nLbqUE6XExA4w1VgA F/QaFf0YLeRQouUG/GsMhdH3JhiIBZwP1OG/j6D2eK1FZ+uasLA+5ilmE/oSdE1W nCYltzLde0lKtJfEiOBo6U0yvVYpqQv5zX5GYUvNUq+QkFb1adPJX8++ChtKKHFn L6iJoxedyN7WjhI9stzpX+DY2+JM9W9Qf8BYZWYtTOBVoGoA0y+HR9/1ERp13lOt WHL6BXYwIzXkWZ4+yXylLome3DE49fXY8auBw+3tUJU5Lpp70a46Rhe1zQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFGqIYq7+xOfn95jTmtz9QQceoxnXMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvYW9oaXJ2N0U1LWYzbU5PYTNQMUJCeDZqR2RjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALV2vQD BADV2vYwDQYJKoZIhvcNAQELBQADggEBAKUR0ZcjFVhmP7YD8PRGqcaVw34OkdYO /KNq/jPKRMh8KuiBg6avZr5We3YUT6D2U0ikul1ixfjEPjStfL9sf+klozPcfnGL 5KhkYWkD8bws/+Ahl6PkkRds8lKBacHw0F06iFDmMq31vFt4E0gy+LsrDGgxzZal Je8qsMHYF9fZ95fDnNWG42MeWHmaVbNckkmvZEKIwAKjizIh34/b/0n0qa/YliSP 3P5y557KZSRkmwoC5ueked47LfYl90M8h6FUAdCFFdrF1yxLlktGBHyX6Hh3TiGH zZ9Q5QF2ZE6l1r8zVEpl/41yLr6dyVH4MvNt2PlsbisqW7Jeh5MxSFs= -----END CERTIFICATE-----Generated at Sun Jan 25 11:42:27 2026 by rpki-client