This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/h3sE5dxGeAbRDxvt7OESDDknJfw.roa File: h3sE5dxGeAbRDxvt7OESDDknJfw.roa (raw, json) Hash identifier: o8FzyZkryMLyMcYf+Zp1JhuP+yJeZt+99zqw52fdpd8= Subject key identifier: 87:7B:04:E5:DC:46:78:06:D1:0F:1B:ED:EC:E1:12:0C:39:27:25:FC Certificate issuer: /CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7 Certificate serial: 019B7D5D13ECB303A00E9EE6487B8CB8C9B8 Authority key identifier: B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/h3sE5dxGeAbRDxvt7OESDDknJfw.roa Signing time: Fri 02 Jan 2026 06:20:10 +0000 ROA not before: Fri 02 Jan 2026 06:20:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39020 IP address blocks: 193.203.118.0/24 maxlen: 24 193.203.119.0/24 maxlen: 24 195.88.152.0/24 maxlen: 24 195.88.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:13:ec:b3:03:a0:0e:9e:e6:48:7b:8c:b8:c9:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7 Validity Not Before: Jan 2 06:20:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=877b04e5dc467806d10f1bedece1120c392725fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:19:dd:ed:e1:7f:79:fd:e0:5c:55:c0:be:d5: a7:57:e2:fc:9e:dc:d4:d3:85:55:9c:ad:d1:27:34: 18:49:6d:b0:5f:69:67:8d:35:d8:94:0c:50:02:68: b0:c0:65:9f:35:76:b3:1f:bb:5d:6c:df:8c:cf:1f: aa:06:3e:b6:75:31:82:e9:a4:59:4a:00:a7:1d:d5: 42:de:f3:6e:51:d2:ff:27:03:49:30:f5:55:95:f6: 23:30:b7:87:62:79:71:7d:a8:b4:fa:30:0d:f5:af: 09:02:d4:19:ab:e5:48:95:85:ae:93:a0:af:2e:91: 9c:3c:2e:5b:ea:13:44:ac:6f:bc:0a:f9:82:0b:0f: cd:4d:e0:c6:57:52:d4:81:68:81:dc:30:d8:34:b0: 95:52:89:8b:0b:23:26:a6:91:79:9d:88:21:db:3a: 00:b0:43:87:b7:e1:f6:f3:e4:fb:8b:b1:80:5c:50: d5:44:24:18:6d:9f:5b:04:63:4e:22:53:f3:43:b4: cd:d6:f3:a2:90:2c:f2:73:ca:68:b4:d1:aa:c9:5d: b7:ca:78:00:c9:b2:dc:f2:f2:17:a0:b5:1a:71:e4: a3:e9:44:4e:51:93:36:5c:aa:c2:ab:c9:cb:64:57: da:46:45:29:12:d8:43:dc:e4:62:ad:76:1f:6b:32: e7:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:7B:04:E5:DC:46:78:06:D1:0F:1B:ED:EC:E1:12:0C:39:27:25:FC X509v3 Authority Key Identifier: keyid:B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/h3sE5dxGeAbRDxvt7OESDDknJfw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.203.118.0/23 195.88.152.0/23 Signature Algorithm: sha256WithRSAEncryption 35:ed:d2:12:1e:64:29:b9:b6:72:1f:9f:c4:5b:a4:57:48:98: 1f:f4:ce:5b:05:1f:09:1f:5b:94:95:d0:14:f8:9b:20:c4:7c: b4:07:4d:8f:4d:db:85:19:bc:2d:e0:86:c5:44:01:6b:70:37: ec:fb:d3:94:ff:49:e9:4d:95:74:ea:ce:4c:71:f6:17:4a:29: 48:f1:c2:29:67:07:5f:f7:35:00:87:03:98:88:59:7d:48:83: 02:a5:d3:e0:3e:51:78:f5:6d:f0:8b:63:14:04:93:b3:77:95: 0b:41:be:ee:66:22:40:ce:22:2e:c8:ff:f9:42:40:02:83:bf: c6:43:68:da:c3:52:ac:87:dc:c3:38:15:0c:64:2e:e3:3b:95: 08:26:bf:37:e8:c4:44:01:d5:45:39:6e:dc:40:61:12:26:db: da:d0:5d:68:84:59:7f:39:f9:df:8a:82:d5:ae:3f:05:11:20: 84:cb:28:72:39:60:49:f7:7a:16:58:ce:6b:2b:f2:58:21:8b: 4d:75:6a:7a:a7:dd:2b:1e:ae:4f:d2:cc:11:bd:b6:5b:0b:26: d5:27:47:20:88:29:1a:e0:0a:c6:53:41:72:c4:a3:7b:c4:c2: 7b:27:64:a3:4f:a5:ad:5c:e8:6e:26:e3:d1:85:35:b7:b1:be: a8:bf:de:74 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XRPsswOgDp7mSHuMuMm4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwYWQyMjY0M2MyZDk3YmQ3MWY4YjYzNGZiOGQxZDRmOWYw MWY0YTcwHhcNMjYwMTAyMDYyMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NzdiMDRlNWRjNDY3ODA2ZDEwZjFiZWRlY2UxMTIwYzM5MjcyNWZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRnd7eF/ef3gXFXAvtWnV+L8ntzU 04VVnK3RJzQYSW2wX2lnjTXYlAxQAmiwwGWfNXazH7tdbN+Mzx+qBj62dTGC6aRZ SgCnHdVC3vNuUdL/JwNJMPVVlfYjMLeHYnlxfai0+jAN9a8JAtQZq+VIlYWuk6Cv LpGcPC5b6hNErG+8CvmCCw/NTeDGV1LUgWiB3DDYNLCVUomLCyMmppF5nYgh2zoA sEOHt+H28+T7i7GAXFDVRCQYbZ9bBGNOIlPzQ7TN1vOikCzyc8potNGqyV23yngA ybLc8vIXoLUaceSj6UROUZM2XKrCq8nLZFfaRkUpEthD3ORirXYfazLnJQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFId7BOXcRngG0Q8b7ezhEgw5JyX8MB8GA1UdIwQY MBaAFLCtImQ8LZe9cfi2NPuNHU+fAfSnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUt MDc0ZmZiNDIzYzEzLzEvaDNzRTVkeEdlQWJSRHh2dDdPRVNERGtuSmZ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUtMDc0ZmZiNDIzYzEz LzEvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwct2AwQB w1iYMA0GCSqGSIb3DQEBCwUAA4IBAQA17dISHmQpubZyH5/EW6RXSJgf9M5bBR8J H1uUldAU+JsgxHy0B02PTduFGbwt4IbFRAFrcDfs+9OU/0npTZV06s5McfYXSilI 8cIpZwdf9zUAhwOYiFl9SIMCpdPgPlF49W3wi2MUBJOzd5ULQb7uZiJAziIuyP/5 QkACg7/GQ2jaw1Ksh9zDOBUMZC7jO5UIJr836MREAdVFOW7cQGESJtva0F1ohFl/ OfnfioLVrj8FESCEyyhyOWBJ93oWWM5rK/JYIYtNdWp6p90rHq5P0swRvbZbCybV J0cgiCka4ArGU0FyxKN7xMJ7J2SjT6WtXOhuJuPRhTW3sb6ov950 -----END CERTIFICATE-----Generated at Sun Jan 25 18:06:24 2026 by rpki-client