This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/HsV1-It2Vhjq2cDbN1ymEmHr3mA.roa File: HsV1-It2Vhjq2cDbN1ymEmHr3mA.roa (raw, json) Hash identifier: ZVFHRFWMeJx4DHLQrAuB5vx15xZkiNisCuu65Cr1geI= Subject key identifier: 1E:C5:75:F8:8B:76:56:18:EA:D9:C0:DB:37:5C:A6:12:61:EB:DE:60 Certificate issuer: /CN=8ad47baa9aa6e0a20ad995a79c2a8de604f9aa37 Certificate serial: 019B7F83369F86CAB992F193A031159487EC Authority key identifier: 8A:D4:7B:AA:9A:A6:E0:A2:0A:D9:95:A7:9C:2A:8D:E6:04:F9:AA:37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itR7qpqm4KIK2ZWnnCqN5gT5qjc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/HsV1-It2Vhjq2cDbN1ymEmHr3mA.roa Signing time: Fri 02 Jan 2026 16:21:04 +0000 ROA not before: Fri 02 Jan 2026 16:21:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60609 IP address blocks: 5.158.221.0/24 maxlen: 24 5.158.222.0/24 maxlen: 24 5.158.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/itR7qpqm4KIK2ZWnnCqN5gT5qjc.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/itR7qpqm4KIK2ZWnnCqN5gT5qjc.mft rsync://rpki.ripe.net/repository/DEFAULT/itR7qpqm4KIK2ZWnnCqN5gT5qjc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:36:9f:86:ca:b9:92:f1:93:a0:31:15:94:87:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ad47baa9aa6e0a20ad995a79c2a8de604f9aa37 Validity Not Before: Jan 2 16:21:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1ec575f88b765618ead9c0db375ca61261ebde60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:dd:a0:b2:57:da:c6:1a:d4:1a:30:55:bf:e5: e5:62:88:95:03:bd:cc:54:99:c6:a1:58:da:28:48: ed:18:af:5f:54:57:a2:41:79:04:d5:d2:df:de:eb: bf:67:9d:91:64:95:66:1c:a2:4f:a8:7a:e2:a2:d7: b8:08:2f:39:f2:75:02:20:ac:7e:9f:b2:c1:de:55: a0:45:67:c5:46:15:37:b0:d7:6c:6e:f5:e1:20:a7: 15:4d:78:ab:0b:dd:d4:2d:32:f1:69:77:cc:4b:a8: 6e:da:eb:ea:b6:a8:f7:5e:c2:4b:da:6b:6e:c3:40: 73:7c:1e:e8:b6:1a:46:eb:00:9e:71:b1:31:7b:70: 0d:62:22:54:51:de:df:6f:2b:26:9c:cc:8e:f1:fd: 37:88:45:e6:fd:b4:61:7e:08:15:69:51:91:31:03: b9:b5:59:4b:ae:4d:ba:11:a2:e6:e6:d9:6a:d2:06: a1:9d:07:78:53:19:cd:2f:f1:e6:cd:70:7f:54:9f: da:c9:eb:ee:68:1d:4b:0f:fc:60:d8:81:b9:39:ca: 48:f9:63:fc:5c:12:1c:e5:fc:d4:6f:05:97:94:3c: 2a:ca:0b:41:46:ef:cd:45:63:11:86:53:ce:b7:a8: ef:7a:a5:7c:69:7e:46:f9:3d:a3:d3:41:f0:f5:e6: f3:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:C5:75:F8:8B:76:56:18:EA:D9:C0:DB:37:5C:A6:12:61:EB:DE:60 X509v3 Authority Key Identifier: keyid:8A:D4:7B:AA:9A:A6:E0:A2:0A:D9:95:A7:9C:2A:8D:E6:04:F9:AA:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itR7qpqm4KIK2ZWnnCqN5gT5qjc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/HsV1-It2Vhjq2cDbN1ymEmHr3mA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9355b9-73d4-4c4c-9601-f01a2f58ef88/1/itR7qpqm4KIK2ZWnnCqN5gT5qjc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.158.221.0-5.158.223.255 Signature Algorithm: sha256WithRSAEncryption 36:7f:4b:9a:95:41:48:c8:97:d0:20:e6:2c:87:c9:be:3a:5a: 26:27:00:fe:48:a0:30:00:ec:7a:5b:ba:2a:6d:0f:98:0a:2c: f4:3a:b5:bd:23:29:4a:2a:1b:6c:7b:d1:12:92:05:e7:2e:1a: b5:76:56:cc:00:1c:4d:9d:2f:5e:8a:28:49:22:94:f6:d0:cc: 32:94:e8:76:f6:a4:07:59:2b:9e:41:ed:fe:dc:65:b3:9c:f2: 2c:e4:08:fa:2d:cf:f7:1a:ad:55:74:41:11:2a:6a:14:6d:76: fc:1a:7b:db:1e:3f:f6:f1:59:98:16:32:e2:40:fd:09:20:10: d4:1f:e5:59:ff:57:84:68:66:59:48:d9:a9:49:92:1d:49:e8: a4:d9:ca:a0:2d:bb:17:77:fc:b3:b9:5a:94:79:ab:ec:e4:6e: e4:c2:d9:5a:e3:86:ce:ad:c9:8b:0a:5d:eb:45:f7:a3:b5:1b: 6b:f5:45:da:70:bd:44:04:12:d6:59:cd:3f:ed:06:4b:86:5d: a1:01:50:59:a8:3e:21:2b:88:c3:01:0e:ba:f5:b1:19:18:6b: 6f:90:d8:58:18:08:e5:09:e7:d8:1d:16:17:5d:76:7f:27:b5: b1:c4:f9:90:a5:87:b4:26:4b:c4:30:5b:15:37:ba:95:48:b7: 00:dd:06:94 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt/gzafhsq5kvGToDEVlIfsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhZDQ3YmFhOWFhNmUwYTIwYWQ5OTVhNzljMmE4ZGU2MDRm OWFhMzcwHhcNMjYwMTAyMTYyMTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZWM1NzVmODhiNzY1NjE4ZWFkOWMwZGIzNzVjYTYxMjYxZWJkZTYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod2gslfaxhrUGjBVv+XlYoiVA73M VJnGoVjaKEjtGK9fVFeiQXkE1dLf3uu/Z52RZJVmHKJPqHriote4CC858nUCIKx+ n7LB3lWgRWfFRhU3sNdsbvXhIKcVTXirC93ULTLxaXfMS6hu2uvqtqj3XsJL2mtu w0BzfB7othpG6wCecbExe3ANYiJUUd7fbysmnMyO8f03iEXm/bRhfggVaVGRMQO5 tVlLrk26EaLm5tlq0gahnQd4UxnNL/HmzXB/VJ/ayevuaB1LD/xg2IG5OcpI+WP8 XBIc5fzUbwWXlDwqygtBRu/NRWMRhlPOt6jveqV8aX5G+T2j00Hw9ebzOQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFB7FdfiLdlYY6tnA2zdcphJh695gMB8GA1UdIwQY MBaAFIrUe6qapuCiCtmVp5wqjeYE+ao3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXRSN3FwcW00S0lLMlpXbm5DcU41Z1Q1cWpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MzU1YjktNzNkNC00YzRjLTk2MDEt ZjAxYTJmNThlZjg4LzEvSHNWMS1JdDJWaGpxMmNEYk4xeW1FbUhyM21BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS85MzU1YjktNzNkNC00YzRjLTk2MDEtZjAxYTJmNThlZjg4 LzEvaXRSN3FwcW00S0lLMlpXbm5DcU41Z1Q1cWpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAFnt0D BAUFnsAwDQYJKoZIhvcNAQELBQADggEBADZ/S5qVQUjIl9Ag5iyHyb46WiYnAP5I oDAA7HpbuiptD5gKLPQ6tb0jKUoqG2x70RKSBecuGrV2VswAHE2dL16KKEkilPbQ zDKU6Hb2pAdZK55B7f7cZbOc8izkCPotz/carVV0QREqahRtdvwae9seP/bxWZgW MuJA/QkgENQf5Vn/V4RoZllI2alJkh1J6KTZyqAtuxd3/LO5WpR5q+zkbuTC2Vrj hs6tyYsKXetF96O1G2v1RdpwvUQEEtZZzT/tBkuGXaEBUFmoPiEriMMBDrr1sRkY a2+Q2FgYCOUJ59gdFhdddn8ntbHE+ZClh7QmS8QwWxU3upVItwDdBpQ= -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:09 2026 by rpki-client