This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/JHlwQGDbvrC4juRVad57B3oI92U.roa File: JHlwQGDbvrC4juRVad57B3oI92U.roa (raw, json) Hash identifier: oSK/eP8u/19D2+8PlzxQLpygFc07vdIXajuQXABfEZE= Subject key identifier: 24:79:70:40:60:DB:BE:B0:B8:8E:E4:55:69:DE:7B:07:7A:08:F7:65 Certificate issuer: /CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f Certificate serial: 019B7E375D1D82167F6875D52B0F11B73DA0 Authority key identifier: AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/JHlwQGDbvrC4juRVad57B3oI92U.roa Signing time: Fri 02 Jan 2026 10:18:36 +0000 ROA not before: Fri 02 Jan 2026 10:18:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34762 IP address blocks: 213.158.76.0/22 maxlen: 24 213.158.84.0/22 maxlen: 24 213.158.88.0/23 maxlen: 24 213.158.90.0/23 maxlen: 24 213.158.92.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/rw3BKw8bUz2NBOxhF9a55RL8qp8.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/rw3BKw8bUz2NBOxhF9a55RL8qp8.mft rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:5d:1d:82:16:7f:68:75:d5:2b:0f:11:b7:3d:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f Validity Not Before: Jan 2 10:18:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2479704060dbbeb0b88ee45569de7b077a08f765 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:51:96:02:8e:f5:ba:27:44:38:a9:65:17:b0: 32:99:4e:dd:ea:68:fa:2d:0d:36:3c:4b:c9:fa:53: 55:a7:67:47:ce:a3:32:07:19:7d:26:8b:d9:ee:fc: ee:77:b1:2d:88:15:2e:04:c2:51:f3:46:ea:8f:8e: 6f:31:e3:26:73:e0:4a:3f:f4:55:04:c6:cf:34:a2: e7:be:35:14:29:2f:1f:15:3c:40:91:51:8a:07:f7: 47:57:b5:a0:8c:b5:23:fc:ac:41:79:8a:aa:45:e9: ca:4f:a1:cd:3d:91:96:9e:f8:3e:96:84:82:6d:33: 6a:4b:3a:6d:12:0e:4b:9c:d4:c6:c8:b2:96:48:52: dc:5e:b1:42:c7:02:db:6e:f2:57:63:73:e9:d2:df: d5:31:99:85:f5:06:dc:b5:ae:08:f4:9a:c5:1b:bd: e4:23:26:0e:7a:0a:c6:64:d3:91:55:ea:ee:a0:27: eb:59:87:d5:7c:eb:35:e4:11:0c:db:b0:bc:1e:d1: ab:e0:e8:a4:93:de:ac:e8:1f:20:40:6b:d7:f3:e0: 57:dd:52:44:3d:7b:70:26:66:b7:3f:0d:6f:32:e0: 5e:9e:7b:b2:7b:20:16:ad:d2:da:a3:66:ad:d8:84: 4c:00:41:45:f5:97:4f:89:a8:2f:c3:a7:e3:37:e2: 96:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:79:70:40:60:DB:BE:B0:B8:8E:E4:55:69:DE:7B:07:7A:08:F7:65 X509v3 Authority Key Identifier: keyid:AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/JHlwQGDbvrC4juRVad57B3oI92U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/rw3BKw8bUz2NBOxhF9a55RL8qp8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.158.76.0/22 213.158.84.0-213.158.95.255 Signature Algorithm: sha256WithRSAEncryption 2e:39:bb:15:99:db:a2:5a:35:05:0c:66:f4:04:98:dd:99:a7: 03:81:8d:96:67:c2:b1:15:56:9c:29:be:23:fd:52:4a:75:6e: 91:a9:0e:c3:43:67:8e:f5:07:ef:f9:d2:6d:c4:92:38:c2:b8: 89:d8:5f:aa:cf:8b:ee:5b:c4:f6:d3:60:a8:13:05:cd:f4:47: f3:e6:d4:db:7f:a3:44:ff:7e:08:8b:19:10:45:47:44:34:31: 0f:50:5e:bf:fa:80:6b:9e:17:b2:62:6d:a6:51:c1:d0:d9:14: d7:63:a3:5e:33:65:15:c2:2b:3d:6d:55:9b:93:52:b8:d1:27: 64:9f:78:97:69:84:9e:5e:17:6a:54:15:88:bf:b7:b2:48:09: 89:13:e8:9e:c0:31:fe:c4:11:11:76:78:48:a1:05:7f:1f:46: a2:e7:63:7b:84:a8:fc:7d:0a:31:6e:e0:d2:13:84:0e:42:30: 41:7f:83:b9:ad:82:d9:95:4c:a1:ed:40:3b:2c:e6:8e:b0:0c: 3a:10:1e:1f:cd:d5:33:03:23:bd:27:14:f6:bc:ba:96:27:b4: a8:a6:f9:65:32:0d:29:14:89:3b:69:c9:99:9d:2a:7c:b9:ef: b4:cb:ff:fd:1e:2e:37:57:68:5a:bc:f8:43:a2:14:5d:d7:7b: 54:e4:17:30 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt+N10dghZ/aHXVKw8Rtz2gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMGRjMTJiMGYxYjUzM2Q4ZDA0ZWM2MTE3ZDZiOWU1MTJm Y2FhOWYwHhcNMjYwMTAyMTAxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNDc5NzA0MDYwZGJiZWIwYjg4ZWU0NTU2OWRlN2IwNzdhMDhmNzY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1GWAo71uidEOKllF7AymU7d6mj6 LQ02PEvJ+lNVp2dHzqMyBxl9JovZ7vzud7EtiBUuBMJR80bqj45vMeMmc+BKP/RV BMbPNKLnvjUUKS8fFTxAkVGKB/dHV7WgjLUj/KxBeYqqRenKT6HNPZGWnvg+loSC bTNqSzptEg5LnNTGyLKWSFLcXrFCxwLbbvJXY3Pp0t/VMZmF9Qbcta4I9JrFG73k IyYOegrGZNORVeruoCfrWYfVfOs15BEM27C8HtGr4Oikk96s6B8gQGvX8+BX3VJE PXtwJma3Pw1vMuBennuyeyAWrdLao2at2IRMAEFF9ZdPiagvw6fjN+KWWQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFCR5cEBg276wuI7kVWneewd6CPdlMB8GA1UdIwQY MBaAFK8NwSsPG1M9jQTsYRfWueUS/KqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYt YmM1YjY5MTQ0NTg3LzEvSkhsd1FHRGJ2ckM0anVSVmFkNTdCM29JOTJVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYtYmM1YjY5MTQ0NTg3 LzEvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC1Z5MMAwD BALVnlQDBAXVnkAwDQYJKoZIhvcNAQELBQADggEBAC45uxWZ26JaNQUMZvQEmN2Z pwOBjZZnwrEVVpwpviP9Ukp1bpGpDsNDZ471B+/50m3EkjjCuInYX6rPi+5bxPbT YKgTBc30R/Pm1Nt/o0T/fgiLGRBFR0Q0MQ9QXr/6gGueF7JibaZRwdDZFNdjo14z ZRXCKz1tVZuTUrjRJ2SfeJdphJ5eF2pUFYi/t7JICYkT6J7AMf7EERF2eEihBX8f RqLnY3uEqPx9CjFu4NIThA5CMEF/g7mtgtmVTKHtQDss5o6wDDoQHh/N1TMDI70n FPa8upYntKim+WUyDSkUiTtpyZmdKny577TL//0eLjdXaFq8+EOiFF3Xe1TkFzA= -----END CERTIFICATE-----Generated at Mon Jan 26 03:07:26 2026 by rpki-client