This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/288330-0fe3-42aa-b264-9dfd795a5ada/1/W-HA5m7hemLDXdHbhWk4pSkmXKQ.roa File: W-HA5m7hemLDXdHbhWk4pSkmXKQ.roa (raw, json) Hash identifier: DFd6jBuLZXEJn0Y04obFpmXz6rYUp0KbjFhguWyn34c= Subject key identifier: 5B:E1:C0:E6:6E:E1:7A:62:C3:5D:D1:DB:85:69:38:A5:29:26:5C:A4 Certificate issuer: /CN=36135f13abf02fa3fca505d568816afc59334916 Certificate serial: 019B9246C50C0E4E78E00F6D7A85E6EAE1CE Authority key identifier: 36:13:5F:13:AB:F0:2F:A3:FC:A5:05:D5:68:81:6A:FC:59:33:49:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NhNfE6vwL6P8pQXVaIFq_FkzSRY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/288330-0fe3-42aa-b264-9dfd795a5ada/1/W-HA5m7hemLDXdHbhWk4pSkmXKQ.roa Signing time: Tue 06 Jan 2026 07:47:50 +0000 ROA not before: Tue 06 Jan 2026 07:47:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13030 IP address blocks: 194.169.158.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/288330-0fe3-42aa-b264-9dfd795a5ada/1/NhNfE6vwL6P8pQXVaIFq_FkzSRY.crl rsync://rpki.ripe.net/repository/DEFAULT/98/288330-0fe3-42aa-b264-9dfd795a5ada/1/NhNfE6vwL6P8pQXVaIFq_FkzSRY.mft rsync://rpki.ripe.net/repository/DEFAULT/NhNfE6vwL6P8pQXVaIFq_FkzSRY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:92:46:c5:0c:0e:4e:78:e0:0f:6d:7a:85:e6:ea:e1:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36135f13abf02fa3fca505d568816afc59334916 Validity Not Before: Jan 6 07:47:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5be1c0e66ee17a62c35dd1db856938a529265ca4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:c0:03:e2:ea:8f:53:a6:9e:2c:fd:c7:c6:87: 6f:31:9e:d7:da:b1:30:3c:9c:ad:82:87:ce:e1:51: c7:b6:68:b3:cf:16:1e:c0:cb:d9:c7:1c:1b:dc:0a: af:2e:3d:4e:60:48:ef:8f:d1:b1:50:47:42:7a:f7: 95:81:de:a9:80:ed:7f:78:89:c4:de:8c:1a:ed:c2: 6e:33:6c:e3:3e:25:97:cd:6f:2d:4f:35:d9:ef:3c: 93:9e:42:10:27:a2:b8:5c:8b:4c:a6:3f:f5:ce:ef: f1:91:b9:d9:06:fd:b1:8c:ec:39:16:ca:43:4e:99: 58:ad:10:77:fb:34:e7:ef:20:81:54:2a:71:8f:fc: be:f1:d7:50:57:a2:71:ba:9f:9d:e1:01:20:c8:0c: a9:f7:2a:17:72:48:18:05:c2:31:6c:87:f1:1f:f7: cb:9d:8b:52:b5:b5:5c:93:fa:1d:e0:7f:9a:29:e1: dc:eb:24:9e:24:28:8d:fb:55:81:b1:e5:aa:8f:86: 2b:d0:6f:b4:15:db:0a:01:c6:50:4d:de:3f:d5:b7: eb:68:1e:58:fc:73:77:6c:59:28:b7:01:63:4d:ca: 5b:41:8b:09:67:61:5d:db:fc:62:b3:12:a3:54:2b: 69:5b:df:36:de:da:92:f5:b1:e6:54:0a:b0:e9:4a: 30:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:E1:C0:E6:6E:E1:7A:62:C3:5D:D1:DB:85:69:38:A5:29:26:5C:A4 X509v3 Authority Key Identifier: keyid:36:13:5F:13:AB:F0:2F:A3:FC:A5:05:D5:68:81:6A:FC:59:33:49:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NhNfE6vwL6P8pQXVaIFq_FkzSRY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/288330-0fe3-42aa-b264-9dfd795a5ada/1/W-HA5m7hemLDXdHbhWk4pSkmXKQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/288330-0fe3-42aa-b264-9dfd795a5ada/1/NhNfE6vwL6P8pQXVaIFq_FkzSRY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.169.158.0/24 Signature Algorithm: sha256WithRSAEncryption 76:5e:9d:98:36:e1:05:19:99:e9:26:63:a5:d8:4b:35:7c:a9: ae:41:70:02:c9:cc:34:f3:f1:fb:ae:10:47:0b:21:6c:c8:1b: 17:82:87:df:e4:19:af:15:47:d5:73:fa:9b:ca:10:27:76:a1: 4c:16:a4:40:c0:c5:56:1c:bf:f8:34:10:03:56:99:a8:ff:fd: 58:60:97:fe:11:01:93:8b:45:28:bc:8c:05:22:e0:f9:e3:0b: e9:e8:9d:34:a9:2d:04:71:0c:ac:c2:ae:e0:36:4e:77:44:89: 45:b8:f3:a7:0c:e8:47:bb:32:8b:7e:52:27:ee:b9:f3:ff:6f: 97:0c:28:c8:94:1e:68:4d:1a:df:72:20:31:fd:7e:4b:eb:32: 32:97:cc:2a:dc:ac:ff:16:e7:a3:92:f1:11:13:89:81:fa:8c: 71:f9:42:35:a1:2d:ea:e0:11:fe:a2:27:01:9b:4b:4c:45:db: b5:50:1b:68:71:74:97:4d:49:3e:08:27:1b:43:66:43:c9:4b: 8e:cb:bd:b1:8a:05:c6:05:2d:a9:02:73:c7:a2:ad:2e:65:c1: a0:0d:a8:cc:9f:e9:48:1a:e7:a4:f1:53:01:4a:70:73:47:cc: 22:b3:ca:e5:88:2f:59:28:18:77:d8:20:cb:49:ba:54:6a:d2: a8:95:95:cf -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZuSRsUMDk544A9teoXm6uHOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MTM1ZjEzYWJmMDJmYTNmY2E1MDVkNTY4ODE2YWZjNTkz MzQ5MTYwHhcNMjYwMTA2MDc0NzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YmUxYzBlNjZlZTE3YTYyYzM1ZGQxZGI4NTY5MzhhNTI5MjY1Y2E0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MAD4uqPU6aeLP3HxodvMZ7X2rEw PJytgofO4VHHtmizzxYewMvZxxwb3AqvLj1OYEjvj9GxUEdCeveVgd6pgO1/eInE 3owa7cJuM2zjPiWXzW8tTzXZ7zyTnkIQJ6K4XItMpj/1zu/xkbnZBv2xjOw5FspD TplYrRB3+zTn7yCBVCpxj/y+8ddQV6Jxup+d4QEgyAyp9yoXckgYBcIxbIfxH/fL nYtStbVck/od4H+aKeHc6ySeJCiN+1WBseWqj4Yr0G+0FdsKAcZQTd4/1bfraB5Y /HN3bFkotwFjTcpbQYsJZ2Fd2/xisxKjVCtpW9823tqS9bHmVAqw6UowBwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFvhwOZu4Xpiw13R24VpOKUpJlykMB8GA1UdIwQY MBaAFDYTXxOr8C+j/KUF1WiBavxZM0kWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmhOZkU2dndMNlA4cFFYVmFJRnFfRmt6U1JZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yODgzMzAtMGZlMy00MmFhLWIyNjQt OWRmZDc5NWE1YWRhLzEvVy1IQTVtN2hlbUxEWGRIYmhXazRwU2ttWEtRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC8yODgzMzAtMGZlMy00MmFhLWIyNjQtOWRmZDc5NWE1YWRh LzEvTmhOZkU2dndMNlA4cFFYVmFJRnFfRmt6U1JZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqmeMA0G CSqGSIb3DQEBCwUAA4IBAQB2Xp2YNuEFGZnpJmOl2Es1fKmuQXACycw08/H7rhBH CyFsyBsXgoff5BmvFUfVc/qbyhAndqFMFqRAwMVWHL/4NBADVpmo//1YYJf+EQGT i0UovIwFIuD54wvp6J00qS0EcQyswq7gNk53RIlFuPOnDOhHuzKLflIn7rnz/2+X DCjIlB5oTRrfciAx/X5L6zIyl8wq3Kz/FuejkvERE4mB+oxx+UI1oS3q4BH+oicB m0tMRdu1UBtocXSXTUk+CCcbQ2ZDyUuOy72xigXGBS2pAnPHoq0uZcGgDajMn+lI Guek8VMBSnBzR8wis8rliC9ZKBh32CDLSbpUatKolZXP -----END CERTIFICATE-----Generated at Sun Jan 25 23:31:52 2026 by rpki-client