This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/CPo3voyKhNOsXHmXzF5o-hs-HPA.roa File: CPo3voyKhNOsXHmXzF5o-hs-HPA.roa (raw, json) Hash identifier: peJ83/Tl3vvRNS+T4a8JciT2OMJU95iOpg8lTZEv+U0= Subject key identifier: 08:FA:37:BE:8C:8A:84:D3:AC:5C:79:97:CC:5E:68:FA:1B:3E:1C:F0 Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986 Certificate serial: 019B7F810A94FDE24A5711458E1CE39A4667 Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/CPo3voyKhNOsXHmXzF5o-hs-HPA.roa Signing time: Fri 02 Jan 2026 16:18:41 +0000 ROA not before: Fri 02 Jan 2026 16:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 22773 IP address blocks: 45.139.68.0/23 maxlen: 24 45.150.80.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:81:0a:94:fd:e2:4a:57:11:45:8e:1c:e3:9a:46:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986 Validity Not Before: Jan 2 16:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08fa37be8c8a84d3ac5c7997cc5e68fa1b3e1cf0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:88:31:60:af:6b:a6:0c:dd:9b:f2:18:68:3a: 07:30:3a:a7:31:1d:44:01:ab:98:51:df:cf:41:b0: c3:db:60:99:94:70:92:82:1f:de:64:aa:83:35:1d: 36:f8:c9:ff:8d:af:97:32:17:fc:5c:59:dc:b4:88: 16:d6:89:be:aa:68:82:20:4a:aa:fe:08:96:0a:67: 03:43:d2:17:30:c5:bd:da:7c:3e:75:23:f2:3a:ce: c5:f5:82:38:55:38:6b:33:d1:1e:e1:1c:f2:ca:bd: 2b:2e:f5:1c:e1:26:73:fe:ee:ce:2f:ed:bb:17:44: c2:83:07:93:cf:6d:ac:b1:a3:27:6e:b3:fc:c2:66: 9f:e2:f5:47:74:18:8b:e3:88:56:9b:59:df:7b:7c: 08:85:d8:94:5e:88:2a:e4:4f:a7:60:ce:15:e1:9b: 81:dc:d4:99:f3:d8:78:ef:53:97:2e:68:73:5a:00: 1d:a0:79:89:54:25:f8:c2:b9:b5:68:c5:d2:47:99: 16:95:39:1d:71:5b:0a:d3:d2:7d:23:6f:cc:5e:88: b4:e8:c7:c0:c0:93:16:1c:21:26:e5:40:1c:70:77: 12:e0:d0:cf:30:83:65:ca:ef:0c:f5:27:36:e4:92: 2e:29:aa:58:91:a9:94:fa:c1:0d:1d:4f:49:ab:0d: 8a:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:FA:37:BE:8C:8A:84:D3:AC:5C:79:97:CC:5E:68:FA:1B:3E:1C:F0 X509v3 Authority Key Identifier: keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/CPo3voyKhNOsXHmXzF5o-hs-HPA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.139.68.0/23 45.150.80.0/23 Signature Algorithm: sha256WithRSAEncryption 7c:4f:44:50:38:e4:5b:2f:74:32:44:73:5b:ff:dd:98:ac:5a: 8f:41:63:d3:74:9f:40:21:a1:32:10:f5:dc:87:79:71:49:e5: fc:45:01:ac:a0:a0:c5:86:84:c9:19:a1:00:5c:ec:42:44:11: fa:4a:78:67:7e:8a:df:35:0b:0b:c8:42:9a:67:e0:2e:0f:4a: a7:63:aa:76:a2:6a:4a:fb:72:b8:4d:32:96:5f:90:31:b0:53: 06:ef:85:6c:43:a4:54:e1:fe:3f:fb:e2:44:f7:2a:03:3c:ce: a9:db:4d:e4:ae:69:39:fb:47:c8:b4:f4:96:ab:66:49:fe:b0: 36:e0:fb:ed:13:2b:78:b4:00:fc:e1:ba:5a:11:86:40:d9:53: 85:60:42:20:4f:2f:de:a0:4e:64:2d:25:75:7a:b1:c8:cc:79: 1c:9f:a0:86:1b:53:cf:36:a8:42:10:4e:c8:b8:34:2f:2e:64: 2d:de:8e:2c:9e:92:dc:4d:2a:9a:05:44:b8:12:ad:41:4d:cd: 02:bd:23:47:97:41:30:93:73:92:a2:fe:40:e9:9f:b5:cb:e3: 4d:a9:d5:4f:f4:d9:d8:51:84:23:98:09:2c:6a:65:e7:97:3f: be:35:ed:57:0d:eb:89:1a:67:2f:29:72:29:a9:34:75:75:9e: 28:b5:67:40 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/gQqU/eJKVxFFjhzjmkZnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw YmQ5ODYwHhcNMjYwMTAyMTYxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGZhMzdiZThjOGE4NGQzYWM1Yzc5OTdjYzVlNjhmYTFiM2UxY2YwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4gxYK9rpgzdm/IYaDoHMDqnMR1E AauYUd/PQbDD22CZlHCSgh/eZKqDNR02+Mn/ja+XMhf8XFnctIgW1om+qmiCIEqq /giWCmcDQ9IXMMW92nw+dSPyOs7F9YI4VThrM9Ee4Rzyyr0rLvUc4SZz/u7OL+27 F0TCgweTz22ssaMnbrP8wmaf4vVHdBiL44hWm1nfe3wIhdiUXogq5E+nYM4V4ZuB 3NSZ89h471OXLmhzWgAdoHmJVCX4wrm1aMXSR5kWlTkdcVsK09J9I2/MXoi06MfA wJMWHCEm5UAccHcS4NDPMINlyu8M9Sc25JIuKapYkamU+sENHU9Jqw2KHQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAj6N76MioTTrFx5l8xeaPobPhzwMB8GA1UdIwQY MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt ZjUyNTgxNjQwMmJkLzEvQ1BvM3ZveUtoTk9zWEhtWHpGNW8taHMtSFBBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYtEAwQB LZZQMA0GCSqGSIb3DQEBCwUAA4IBAQB8T0RQOORbL3QyRHNb/92YrFqPQWPTdJ9A IaEyEPXch3lxSeX8RQGsoKDFhoTJGaEAXOxCRBH6SnhnforfNQsLyEKaZ+AuD0qn Y6p2ompK+3K4TTKWX5AxsFMG74VsQ6RU4f4/++JE9yoDPM6p203krmk5+0fItPSW q2ZJ/rA24PvtEyt4tAD84bpaEYZA2VOFYEIgTy/eoE5kLSV1erHIzHkcn6CGG1PP NqhCEE7IuDQvLmQt3o4snpLcTSqaBUS4Eq1BTc0CvSNHl0Ewk3OSov5A6Z+1y+NN qdVP9NnYUYQjmAksamXnlz++Ne1XDeuJGmcvKXIpqTR1dZ4otWdA -----END CERTIFICATE-----Generated at Sun Jan 25 11:01:55 2026 by rpki-client