This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/hMoYvytTC8MSE72GcaOmUQp55TM.roa File: hMoYvytTC8MSE72GcaOmUQp55TM.roa (raw, json) Hash identifier: QNj9222JszfBwsXWHLHqGbqHpk9emhsVOXPVoX1Flpc= Subject key identifier: 84:CA:18:BF:2B:53:0B:C3:12:13:BD:86:71:A3:A6:51:0A:79:E5:33 Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244 Certificate serial: 019B7AC7C740290F839C097D09844DFAF80D Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/hMoYvytTC8MSE72GcaOmUQp55TM.roa Signing time: Thu 01 Jan 2026 18:17:51 +0000 ROA not before: Thu 01 Jan 2026 18:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6134 IP address blocks: 45.128.146.0/24 maxlen: 24 45.128.147.0/24 maxlen: 24 45.131.179.0/24 maxlen: 24 45.132.238.0/23 maxlen: 24 45.133.238.0/23 maxlen: 24 45.134.82.0/23 maxlen: 24 45.135.118.0/23 maxlen: 24 45.137.10.0/23 maxlen: 24 45.140.90.0/23 maxlen: 24 45.153.128.0/24 maxlen: 24 91.238.203.0/24 maxlen: 24 91.238.207.0/24 maxlen: 24 185.106.176.0/22 maxlen: 24 193.200.130.0/24 maxlen: 24 193.200.134.0/24 maxlen: 24 193.200.149.0/24 maxlen: 24 193.200.152.0/24 maxlen: 24 193.227.103.0/24 maxlen: 24 193.227.109.0/24 maxlen: 24 193.227.114.0/24 maxlen: 24 2a06:5040:21::/48 maxlen: 48 2a06:5040:22::/48 maxlen: 48 2a06:5040:23::/48 maxlen: 48 2a06:5040:24::/48 maxlen: 48 2a06:5040:25::/48 maxlen: 48 2a06:5040:30::/45 maxlen: 45 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.mft rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:c7:40:29:0f:83:9c:09:7d:09:84:4d:fa:f8:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244 Validity Not Before: Jan 1 18:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=84ca18bf2b530bc31213bd8671a3a6510a79e533 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:fb:19:29:f3:46:5e:9b:34:9c:a5:dc:2f:15: c6:c3:22:f6:87:d6:4a:9a:66:c5:c2:91:63:8a:32: 0c:cc:23:39:b5:17:01:dd:6d:c1:42:73:60:06:48: 0c:85:c9:aa:8c:ae:0d:74:9d:a1:07:ff:f7:f3:ec: fe:d4:cf:dc:3d:09:d4:09:16:12:58:cc:e3:0f:10: 3e:92:ba:df:c1:94:6f:b1:88:4c:06:a3:c7:f8:c6: c1:10:93:ab:0f:f2:d6:f2:da:3c:3c:72:55:01:f7: 4d:58:1f:9f:5b:1d:6d:62:a9:39:46:7e:34:63:7f: 0d:2f:49:3c:a6:90:9d:ea:e2:cb:9e:7a:7c:82:8d: 46:2a:78:25:70:ab:e6:e6:e0:88:a7:37:69:0b:d3: 98:13:ba:8d:95:05:f2:c4:01:a9:5a:89:d2:74:bb: 15:bd:95:de:d2:8e:d5:94:f1:22:3a:0a:01:14:07: 54:b3:be:d9:1d:db:3e:07:bb:54:2e:ca:5e:35:6b: b6:6e:6d:4c:73:3c:ec:11:d0:3d:20:ea:c2:c1:89: 60:43:bc:fe:f4:46:54:ab:78:5a:3d:9a:49:3c:8d: 95:ad:2b:15:e6:42:cd:b4:ae:c2:01:cf:d4:9c:27: a3:de:fc:db:6c:29:4f:fa:f9:20:3f:50:2c:90:c7: 1c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:CA:18:BF:2B:53:0B:C3:12:13:BD:86:71:A3:A6:51:0A:79:E5:33 X509v3 Authority Key Identifier: keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/hMoYvytTC8MSE72GcaOmUQp55TM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.128.146.0/23 45.131.179.0/24 45.132.238.0/23 45.133.238.0/23 45.134.82.0/23 45.135.118.0/23 45.137.10.0/23 45.140.90.0/23 45.153.128.0/24 91.238.203.0/24 91.238.207.0/24 185.106.176.0/22 193.200.130.0/24 193.200.134.0/24 193.200.149.0/24 193.200.152.0/24 193.227.103.0/24 193.227.109.0/24 193.227.114.0/24 IPv6: 2a06:5040:21::-2a06:5040:25:ffff:ffff:ffff:ffff:ffff 2a06:5040:30::/45 Signature Algorithm: sha256WithRSAEncryption 86:a0:63:2c:13:ed:6e:3a:f9:b6:4f:18:fb:68:6a:79:78:76: 4a:fd:3a:e3:df:be:20:cd:39:8f:84:b4:63:6b:e5:e6:1b:d4: ec:be:1d:7a:69:e4:b4:e9:9d:b5:59:69:b8:9a:6a:3e:f2:d6: 72:10:cc:9c:ae:3c:dd:33:a2:c9:11:55:06:6b:5e:ce:ce:c8: 29:8d:94:cc:85:bc:43:05:22:b3:d3:1f:2a:7b:b1:f5:1f:ba: 46:d1:46:7b:d6:ee:1d:2d:4d:a8:36:93:54:1d:ec:44:2c:0a: ae:71:c4:9c:f7:29:89:57:eb:65:01:9f:65:68:f1:ec:dd:67: 41:33:8a:2b:74:9f:88:61:69:44:cd:88:f9:d4:9b:2c:f1:58: a3:81:30:be:4e:be:e8:73:86:1a:f0:40:42:7f:5e:2b:1f:ec: 21:45:a2:fd:3a:24:fd:b6:63:45:84:2c:dd:84:b6:df:c5:10: 19:81:d1:f7:4c:61:33:33:ae:5a:22:31:4e:f0:54:bb:15:b8: a7:54:d7:d8:9b:b1:d8:4d:e5:3c:4c:99:d8:58:ba:69:14:47: ff:ee:55:b8:68:d6:75:a6:49:8d:64:d7:27:a7:e8:55:da:b3: a8:c8:5c:6f:59:70:f3:bd:3a:ba:4a:64:77:7a:04:d6:1c:82: cd:8e:9d:e2 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgISAZt6x8dAKQ+DnAl9CYRN+vgNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1 YTYyNDQwHhcNMjYwMTAxMTgxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NGNhMThiZjJiNTMwYmMzMTIxM2JkODY3MWEzYTY1MTBhNzllNTMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfsZKfNGXps0nKXcLxXGwyL2h9ZK mmbFwpFjijIMzCM5tRcB3W3BQnNgBkgMhcmqjK4NdJ2hB//38+z+1M/cPQnUCRYS WMzjDxA+krrfwZRvsYhMBqPH+MbBEJOrD/LW8to8PHJVAfdNWB+fWx1tYqk5Rn40 Y38NL0k8ppCd6uLLnnp8go1GKnglcKvm5uCIpzdpC9OYE7qNlQXyxAGpWonSdLsV vZXe0o7VlPEiOgoBFAdUs77ZHds+B7tULspeNWu2bm1MczzsEdA9IOrCwYlgQ7z+ 9EZUq3haPZpJPI2VrSsV5kLNtK7CAc/UnCej3vzbbClP+vkgP1AskMccKQIDAQAB o4ICnTCCApkwHQYDVR0OBBYEFITKGL8rUwvDEhO9hnGjplEKeeUzMB8GA1UdIwQY MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt MDg1MmNiMzUzMjkzLzEvaE1vWXZ5dFRDOE1TRTcyR2NhT21VUXA1NVRNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzB4BAIAATByAwQBLYCS AwQALYOzAwQBLYTuAwQBLYXuAwQBLYZSAwQBLYd2AwQBLYkKAwQBLYxaAwQALZmA AwQAW+7LAwQAW+7PAwQCuWqwAwQAwciCAwQAwciGAwQAwciVAwQAwciYAwQAweNn AwQAweNtAwQAweNyMCMEAgACMB0wEgMHACoGUEAAIQMHASoGUEAAJAMHAyoGUEAA MDANBgkqhkiG9w0BAQsFAAOCAQEAhqBjLBPtbjr5tk8Y+2hqeXh2Sv0649++IM05 j4S0Y2vl5hvU7L4demnktOmdtVlpuJpqPvLWchDMnK483TOiyRFVBmtezs7IKY2U zIW8QwUis9MfKnux9R+6RtFGe9buHS1NqDaTVB3sRCwKrnHEnPcpiVfrZQGfZWjx 7N1nQTOKK3SfiGFpRM2I+dSbLPFYo4Ewvk6+6HOGGvBAQn9eKx/sIUWi/Tok/bZj RYQs3YS238UQGYHR90xhMzOuWiIxTvBUuxW4p1TX2Jux2E3lPEyZ2Fi6aRRH/+5V uGjWdaZJjWTXJ6foVdqzqMhcb1lw8706ukpkd3oE1hyCzY6d4g== -----END CERTIFICATE-----Generated at Sun Jan 25 14:59:22 2026 by rpki-client