This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/h1IcZRGY_rRXRhpZWTLbtpzh9tM.roa File: h1IcZRGY_rRXRhpZWTLbtpzh9tM.roa (raw, json) Hash identifier: L8O1+G2QnBwVNFEY7LCl7zf6sGt3HNSfVfaE38wa8Uo= Subject key identifier: 87:52:1C:65:11:98:FE:B4:57:46:1A:59:59:32:DB:B6:9C:E1:F6:D3 Certificate issuer: /CN=c88623876dd1ad8e624a23dd528b2c64c80a8521 Certificate serial: 019B7EA448776F05FBFA29CB26CD38A945A5 Authority key identifier: C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/h1IcZRGY_rRXRhpZWTLbtpzh9tM.roa Signing time: Fri 02 Jan 2026 12:17:34 +0000 ROA not before: Fri 02 Jan 2026 12:17:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9294 IP address blocks: 193.107.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:48:77:6f:05:fb:fa:29:cb:26:cd:38:a9:45:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c88623876dd1ad8e624a23dd528b2c64c80a8521 Validity Not Before: Jan 2 12:17:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=87521c651198feb457461a595932dbb69ce1f6d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b1:f5:09:d4:a9:3f:36:b0:72:af:2f:46:4f: 0b:cd:1e:78:85:59:21:12:e6:df:3f:5f:eb:6e:47: 5c:1d:80:45:55:59:64:ac:0f:29:a3:99:dd:72:ba: f6:43:7c:15:e2:6e:3f:55:4a:26:7f:46:ac:a2:b4: 44:cb:14:c1:38:c5:ca:71:c3:0e:1f:33:1c:bd:57: ce:f4:e0:cd:4d:bf:86:1a:ce:7e:3d:a2:b3:98:66: e7:b3:5c:0c:23:c0:f6:25:ea:02:db:6f:96:d8:56: af:26:fd:67:ba:4a:fa:fc:32:5f:8b:3a:4c:52:c7: a7:c2:cd:91:fc:12:c7:e8:3b:ee:a5:cf:f6:ca:55: 0c:a4:d5:14:92:e3:9a:b2:83:76:b6:cf:0d:44:49: 97:a2:2c:cf:1a:16:5f:20:6c:21:87:04:f7:5b:8e: a6:dd:c9:d6:00:6b:f2:ec:f0:a4:89:3d:77:ba:5b: c7:4d:c0:2b:b0:eb:41:86:7e:07:22:21:82:e7:da: d6:fd:08:7a:a3:19:6a:2a:52:08:e6:16:2b:53:a8: c1:ad:cf:19:67:9f:f5:a2:e5:4b:a3:a1:a0:e2:fa: ea:32:d3:b6:43:ca:14:79:e6:75:36:b7:ab:e8:74: 8e:1c:d7:b0:9e:79:96:70:a3:aa:4f:c7:ed:d5:ee: a0:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:52:1C:65:11:98:FE:B4:57:46:1A:59:59:32:DB:B6:9C:E1:F6:D3 X509v3 Authority Key Identifier: keyid:C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/h1IcZRGY_rRXRhpZWTLbtpzh9tM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.107.23.0/24 Signature Algorithm: sha256WithRSAEncryption 19:21:0a:7e:7d:7e:92:9b:3b:80:bb:d3:41:dd:a6:5d:74:f4: cd:d5:09:4e:08:60:6d:c1:73:a6:b5:94:e4:79:78:94:0a:ed: 11:18:98:73:42:2a:84:1c:f4:a4:90:97:3e:2e:3f:4f:e4:99: 50:86:72:f9:4d:4d:95:16:db:15:f4:00:22:ad:c5:85:b0:2c: de:d2:c9:fe:32:1b:a0:b7:ef:e6:5b:67:83:24:06:d5:52:18: 9f:60:53:4d:44:b0:b8:47:13:f8:67:38:56:02:51:4f:66:d0: 6b:c6:49:37:a8:8b:88:7c:20:e6:2d:04:af:76:b2:b3:8f:c7: 11:58:e8:93:d1:66:f5:40:ee:e8:fd:a6:6a:0e:aa:50:05:b2: 76:91:e9:e0:76:b7:31:04:80:29:5f:83:e2:bb:3f:79:0c:78: e1:06:21:dd:97:92:07:54:5c:61:31:1b:64:1c:c8:6d:47:49: ae:b8:be:59:a3:f9:42:01:00:41:e3:7f:10:ba:4e:42:7c:00: 2c:02:a2:0f:7c:98:8d:50:84:0d:81:28:62:83:b7:00:2c:2a: ec:cf:ed:ec:52:ea:51:95:8b:b8:11:d6:7c:e0:cf:2b:23:1f: 8b:63:22:63:ca:67:02:82:c1:f7:d6:d3:c9:8c:68:14:89:03: c9:3d:d3:d0 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pEh3bwX7+inLJs04qUWlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4ODYyMzg3NmRkMWFkOGU2MjRhMjNkZDUyOGIyYzY0Yzgw YTg1MjEwHhcNMjYwMTAyMTIxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NzUyMWM2NTExOThmZWI0NTc0NjFhNTk1OTMyZGJiNjljZTFmNmQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubH1CdSpPzawcq8vRk8LzR54hVkh EubfP1/rbkdcHYBFVVlkrA8po5ndcrr2Q3wV4m4/VUomf0asorREyxTBOMXKccMO HzMcvVfO9ODNTb+GGs5+PaKzmGbns1wMI8D2JeoC22+W2FavJv1nukr6/DJfizpM Usenws2R/BLH6Dvupc/2ylUMpNUUkuOasoN2ts8NREmXoizPGhZfIGwhhwT3W46m 3cnWAGvy7PCkiT13ulvHTcArsOtBhn4HIiGC59rW/Qh6oxlqKlII5hYrU6jBrc8Z Z5/1ouVLo6Gg4vrqMtO2Q8oUeeZ1Nrer6HSOHNewnnmWcKOqT8ft1e6g0wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIdSHGURmP60V0YaWVky27ac4fbTMB8GA1UdIwQY MBaAFMiGI4dt0a2OYkoj3VKLLGTICoUhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQt MmViNTEyNjFkZGJhLzEvaDFJY1pSR1lfclJYUmhwWldUTGJ0cHpoOXRNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQtMmViNTEyNjFkZGJh LzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWsXMA0G CSqGSIb3DQEBCwUAA4IBAQAZIQp+fX6SmzuAu9NB3aZddPTN1QlOCGBtwXOmtZTk eXiUCu0RGJhzQiqEHPSkkJc+Lj9P5JlQhnL5TU2VFtsV9AAircWFsCze0sn+Mhug t+/mW2eDJAbVUhifYFNNRLC4RxP4ZzhWAlFPZtBrxkk3qIuIfCDmLQSvdrKzj8cR WOiT0Wb1QO7o/aZqDqpQBbJ2kengdrcxBIApX4Piuz95DHjhBiHdl5IHVFxhMRtk HMhtR0muuL5Zo/lCAQBB438Quk5CfAAsAqIPfJiNUIQNgShig7cALCrsz+3sUupR lYu4EdZ84M8rIx+LYyJjymcCgsH31tPJjGgUiQPJPdPQ -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:14 2026 by rpki-client