This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/hTfKaocG3Hu8jZISH8wxDZSDFQU.roa File: hTfKaocG3Hu8jZISH8wxDZSDFQU.roa (raw, json) Hash identifier: SPxEv0NQloEq4rpI+CK4+O5Rga0a1/KsmAnYz63xRLM= Subject key identifier: 85:37:CA:6A:87:06:DC:7B:BC:8D:92:12:1F:CC:31:0D:94:83:15:05 Certificate issuer: /CN=d82b2846f093bc9416041be68a2c783161eb04df Certificate serial: 019A81B1156BE0B5E5AC6F811E325B248DE2 Authority key identifier: D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/hTfKaocG3Hu8jZISH8wxDZSDFQU.roa Signing time: Fri 14 Nov 2025 09:27:37 +0000 ROA not before: Fri 14 Nov 2025 09:27:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 21111 IP address blocks: 158.66.0.0/16 maxlen: 16 158.66.1.0/24 maxlen: 24 158.66.2.0/24 maxlen: 24 158.66.3.0/24 maxlen: 24 158.66.4.0/24 maxlen: 24 158.66.5.0/24 maxlen: 24 158.66.6.0/24 maxlen: 24 158.66.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.mft rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:81:b1:15:6b:e0:b5:e5:ac:6f:81:1e:32:5b:24:8d:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d82b2846f093bc9416041be68a2c783161eb04df Validity Not Before: Nov 14 09:27:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=8537ca6a8706dc7bbc8d92121fcc310d94831505 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:eb:5a:7f:24:e9:a7:5d:9b:86:de:5a:5b:31: d8:2d:dc:0a:36:bf:2c:26:24:e5:d9:c4:42:be:0b: 6d:46:fe:32:99:a8:22:76:3d:ae:cc:ea:da:e3:e0: f5:37:7e:dd:57:13:03:0f:5e:ca:a2:55:f5:a9:c5: 5b:b6:65:a2:6f:71:0d:c3:10:15:7a:8b:38:e1:7e: ff:a0:6a:b3:d4:91:70:ba:02:54:11:45:17:a5:aa: ff:56:4d:c2:72:d7:22:8e:68:78:9a:d6:45:16:90: 88:48:36:3f:07:45:64:5f:d0:d9:af:5a:4b:8e:dd: 52:80:6c:ce:60:9a:c2:44:c8:ad:90:69:12:49:21: 00:c6:b8:c6:74:15:ab:70:bc:2b:d8:38:63:b4:c9: 4e:91:16:6f:e8:33:60:8e:2e:0c:b5:dc:77:10:31: fc:f0:98:6c:80:73:04:38:cd:c5:0b:5f:a4:8d:20: 61:fa:21:67:4b:8a:ed:1a:0c:bd:32:7c:21:8e:4a: c2:40:59:fa:91:07:0d:99:fc:75:09:c2:51:74:5b: 40:55:f2:2d:84:21:32:fd:be:c2:c4:28:31:13:57: fa:83:33:53:5a:2b:a4:0a:3e:a9:4d:fe:9f:c9:e4: 0e:b5:f7:6d:b6:c4:75:a6:d4:4e:05:da:d9:7e:d9: f4:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:37:CA:6A:87:06:DC:7B:BC:8D:92:12:1F:CC:31:0D:94:83:15:05 X509v3 Authority Key Identifier: keyid:D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/hTfKaocG3Hu8jZISH8wxDZSDFQU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.66.0.0/16 Signature Algorithm: sha256WithRSAEncryption 0e:81:64:fe:3d:29:33:ab:ac:66:6a:39:ac:f7:86:54:9a:80: 1e:d5:67:54:3e:dd:df:0b:2a:99:fa:00:92:f6:06:8e:6e:18: b8:af:97:14:08:10:f2:d0:20:d6:52:7a:00:44:7e:3a:26:c1: dc:44:a3:92:d5:ba:74:c3:6e:c5:0e:3a:85:d6:a4:f0:6d:d9: 4a:2f:63:86:61:52:66:7e:1d:da:87:e2:f2:ca:2b:49:d0:e3: 47:7a:27:70:d7:28:cb:1e:a4:b3:35:25:22:1f:e1:7a:a2:a8: 06:e7:27:b3:41:29:4d:ce:39:59:ef:8e:2c:d8:2e:f2:ed:8b: c4:93:cd:05:7c:b2:f0:3a:1f:67:d5:a0:53:9b:13:4a:ec:43: f9:6e:0a:09:d1:69:7b:fd:78:b0:10:eb:21:56:34:50:2e:7b: e1:79:d6:bc:d9:c1:09:57:5b:00:08:bd:fc:c4:b0:3d:8f:ce: fd:fa:40:5f:90:2d:df:b7:88:b6:0e:c3:8a:9c:36:0c:fa:41: e1:10:2e:b1:b9:7c:c9:5e:d9:e5:49:18:e1:04:bc:13:10:14: 87:45:e0:1d:cf:c6:18:df:69:c4:0a:c6:d0:cd:01:a9:5d:d0: 73:26:96:d9:d7:1b:f8:e1:7f:65:ab:e6:48:89:30:17:7d:91: ff:5d:61:7d -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISAZqBsRVr4LXlrG+BHjJbJI3iMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MmIyODQ2ZjA5M2JjOTQxNjA0MWJlNjhhMmM3ODMxNjFl YjA0ZGYwHhcNMjUxMTE0MDkyNzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTM3Y2E2YTg3MDZkYzdiYmM4ZDkyMTIxZmNjMzEwZDk0ODMxNTA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOtafyTpp12bht5aWzHYLdwKNr8s JiTl2cRCvgttRv4ymagidj2uzOra4+D1N37dVxMDD17KolX1qcVbtmWib3ENwxAV eos44X7/oGqz1JFwugJUEUUXpar/Vk3Cctcijmh4mtZFFpCISDY/B0VkX9DZr1pL jt1SgGzOYJrCRMitkGkSSSEAxrjGdBWrcLwr2DhjtMlOkRZv6DNgji4Mtdx3EDH8 8JhsgHMEOM3FC1+kjSBh+iFnS4rtGgy9MnwhjkrCQFn6kQcNmfx1CcJRdFtAVfIt hCEy/b7CxCgxE1f6gzNTWiukCj6pTf6fyeQOtfdttsR1ptROBdrZftn0YQIDAQAB o4ICCDCCAgQwHQYDVR0OBBYEFIU3ymqHBtx7vI2SEh/MMQ2UgxUFMB8GA1UdIwQY MBaAFNgrKEbwk7yUFgQb5ooseDFh6wTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgt NTQ3M2VlMWRhYTliLzEvaFRmS2FvY0czSHU4alpJU0g4d3hEWlNERlFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgtNTQ3M2VlMWRhYTli LzEvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnkIwDQYJ KoZIhvcNAQELBQADggEBAA6BZP49KTOrrGZqOaz3hlSagB7VZ1Q+3d8LKpn6AJL2 Bo5uGLivlxQIEPLQINZSegBEfjomwdxEo5LVunTDbsUOOoXWpPBt2UovY4ZhUmZ+ HdqH4vLKK0nQ40d6J3DXKMsepLM1JSIf4XqiqAbnJ7NBKU3OOVnvjizYLvLti8ST zQV8svA6H2fVoFObE0rsQ/luCgnRaXv9eLAQ6yFWNFAue+F51rzZwQlXWwAIvfzE sD2Pzv36QF+QLd+3iLYOw4qcNgz6QeEQLrG5fMle2eVJGOEEvBMQFIdF4B3Pxhjf acQKxtDNAald0HMmltnXG/jhf2Wr5kiJMBd9kf9dYX0= -----END CERTIFICATE-----Generated at Sat Dec 6 18:23:09 2025 by rpki-client