This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hSH0FnfrAjzuKZCTKD5JgeuY7TM.roa File: hSH0FnfrAjzuKZCTKD5JgeuY7TM.roa (raw, json) Hash identifier: S5ptWYS4Rs3CNd9AL0nFOJtKZJTZd/rdzytE6PeJ+RY= Subject key identifier: 85:21:F4:16:77:EB:02:3C:EE:29:90:93:28:3E:49:81:EB:98:ED:33 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B8D8767D57092AC8871292FBF649294F4 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hSH0FnfrAjzuKZCTKD5JgeuY7TM.roa Signing time: Mon 05 Jan 2026 09:40:19 +0000 ROA not before: Mon 05 Jan 2026 09:40:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62240 IP address blocks: 194.105.74.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8d:87:67:d5:70:92:ac:88:71:29:2f:bf:64:92:94:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 5 09:40:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8521f41677eb023cee299093283e4981eb98ed33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:b2:21:bf:fa:a4:7c:78:2d:1a:7b:85:0a:15: fe:41:85:4e:d0:84:34:6a:79:0f:f5:a6:22:5b:dd: 4f:79:cc:5f:f6:51:e7:fb:3d:ce:ef:45:8c:b5:a0: 56:cd:56:52:8c:64:bc:5d:fd:26:0a:06:86:b3:b7: 62:ba:eb:d4:24:73:b7:ca:d2:61:42:c0:c0:fd:e1: 1b:76:81:9f:ba:42:e9:57:31:f0:b0:a3:92:14:32: 0f:2e:30:88:58:bc:6d:86:d0:4d:de:d7:32:d1:f5: ee:f3:7c:93:f2:48:94:7a:3a:33:25:75:2f:d8:18: ae:95:9c:c5:89:53:2c:67:29:df:e1:71:8a:60:f5: d5:1b:4f:0f:3e:ab:1c:4b:09:cd:79:78:82:65:9f: b1:83:f6:bc:40:48:77:3d:82:df:65:1c:54:d3:47: b2:17:55:5c:61:f3:71:47:56:15:70:ab:b7:60:5e: 77:e0:04:ae:b0:34:49:45:a9:e8:f6:20:9d:fd:11: 30:fa:f1:7d:a9:8a:98:a9:15:aa:70:7e:5d:74:c1: e8:84:ec:7f:15:d8:32:e6:a6:46:f3:9b:8e:77:44: 65:00:93:ea:1f:d6:11:7a:aa:d8:d3:f8:b0:5a:39: 77:7f:49:7e:4d:2b:63:1a:9a:de:26:73:11:d3:aa: 3f:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:21:F4:16:77:EB:02:3C:EE:29:90:93:28:3E:49:81:EB:98:ED:33 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hSH0FnfrAjzuKZCTKD5JgeuY7TM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.105.74.0/24 Signature Algorithm: sha256WithRSAEncryption 47:62:90:6e:f2:68:1d:9c:f6:37:bd:19:b2:23:a5:9c:3d:00: c5:8e:74:5b:61:f1:5d:85:54:f9:54:b4:b5:24:53:a8:43:13: 97:6b:fa:dc:4f:fb:13:b2:87:5d:dd:26:c6:37:c7:bc:18:a9: 9b:ec:a3:5c:7c:29:62:94:99:69:2c:00:3c:fc:77:98:2e:f5: 91:b9:22:b0:1b:6a:0f:07:31:08:dc:85:c6:ce:c7:d1:57:5e: d6:3d:31:27:7a:91:c1:ec:bb:49:aa:2c:41:ba:80:91:0f:a1: ef:d8:f8:c6:0f:84:20:a9:55:91:1e:ab:d7:2b:52:13:0e:37: d3:11:42:b1:83:aa:a8:3f:85:07:ae:d9:0a:7d:02:b7:4b:c4: af:66:0c:eb:67:52:23:73:ef:a2:3e:33:52:08:31:93:d3:4f: ca:87:8a:f3:7c:4e:88:86:6b:75:de:1c:d4:79:ce:89:a2:49: 22:cb:fa:81:f2:cb:7f:7d:e1:ff:55:cb:4f:99:82:4c:b8:2c: f7:0f:a5:1d:44:42:92:77:d5:7b:d3:b5:d3:9a:de:99:92:23: 8d:b3:1d:27:b8:ee:7c:a4:bf:08:cd:03:04:32:61:3a:c4:48: 97:25:c1:bf:dc:b5:37:b2:19:0a:14:d5:a2:0e:2c:c9:f4:5e: c4:a8:04:3f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZuNh2fVcJKsiHEpL79kkpT0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTA1MDk0MDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTIxZjQxNjc3ZWIwMjNjZWUyOTkwOTMyODNlNDk4MWViOThlZDMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLIhv/qkfHgtGnuFChX+QYVO0IQ0 ankP9aYiW91Pecxf9lHn+z3O70WMtaBWzVZSjGS8Xf0mCgaGs7diuuvUJHO3ytJh QsDA/eEbdoGfukLpVzHwsKOSFDIPLjCIWLxthtBN3tcy0fXu83yT8kiUejozJXUv 2BiulZzFiVMsZynf4XGKYPXVG08PPqscSwnNeXiCZZ+xg/a8QEh3PYLfZRxU00ey F1VcYfNxR1YVcKu3YF534ASusDRJRano9iCd/REw+vF9qYqYqRWqcH5ddMHohOx/ Fdgy5qZG85uOd0RlAJPqH9YReqrY0/iwWjl3f0l+TStjGpreJnMR06o/ywIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIUh9BZ36wI87imQkyg+SYHrmO0zMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvaFNIMEZuZnJBanp1S1pDVEtENUpnZXVZN1RNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmlKMA0G CSqGSIb3DQEBCwUAA4IBAQBHYpBu8mgdnPY3vRmyI6WcPQDFjnRbYfFdhVT5VLS1 JFOoQxOXa/rcT/sTsodd3SbGN8e8GKmb7KNcfClilJlpLAA8/HeYLvWRuSKwG2oP BzEI3IXGzsfRV17WPTEnepHB7LtJqixBuoCRD6Hv2PjGD4QgqVWRHqvXK1ITDjfT EUKxg6qoP4UHrtkKfQK3S8SvZgzrZ1Ijc++iPjNSCDGT00/Kh4rzfE6Ihmt13hzU ec6Jokkiy/qB8st/feH/VctPmYJMuCz3D6UdREKSd9V707XTmt6ZkiONsx0nuO58 pL8IzQMEMmE6xEiXJcG/3LU3shkKFNWiDizJ9F7EqAQ/ -----END CERTIFICATE-----Generated at Sun Jan 25 10:08:59 2026 by rpki-client