This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/hYxTxK4AHKTY1TwSA43oGaIbwvI.roa File: hYxTxK4AHKTY1TwSA43oGaIbwvI.roa (raw, json) Hash identifier: pXMygWt3Q3zIvm4RuMnURnfNgvmTHNGm+Wsjn0P2p18= Subject key identifier: 85:8C:53:C4:AE:00:1C:A4:D8:D5:3C:12:03:8D:E8:19:A2:1B:C2:F2 Certificate issuer: /CN=940a10a256728f11a4bbaadc3204b7f0a35a5000 Certificate serial: 019B7F8592BA919151C22732ED8FC811AFBD Authority key identifier: 94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/hYxTxK4AHKTY1TwSA43oGaIbwvI.roa Signing time: Fri 02 Jan 2026 16:23:38 +0000 ROA not before: Fri 02 Jan 2026 16:23:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8860 IP address blocks: 77.78.145.0/24 maxlen: 24 77.78.147.0/24 maxlen: 24 77.78.150.0/24 maxlen: 24 79.98.104.0/21 maxlen: 24 185.52.204.0/22 maxlen: 24 185.55.228.0/22 maxlen: 24 185.199.37.0/24 maxlen: 24 185.199.38.0/24 maxlen: 24 185.228.24.0/22 maxlen: 24 185.239.124.0/24 maxlen: 24 185.239.126.0/24 maxlen: 24 185.239.127.0/24 maxlen: 24 194.145.63.0/24 maxlen: 24 195.189.80.0/22 maxlen: 24 2a01:b6a0::/32 maxlen: 32 2a02:80e0::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.mft rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:92:ba:91:91:51:c2:27:32:ed:8f:c8:11:af:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=940a10a256728f11a4bbaadc3204b7f0a35a5000 Validity Not Before: Jan 2 16:23:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=858c53c4ae001ca4d8d53c12038de819a21bc2f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:36:a8:3f:ad:9e:77:20:85:4e:49:da:43:5d: cb:4b:5c:4f:13:21:58:43:b1:56:fb:b2:6c:8d:d7: b5:cd:b8:c1:af:32:bd:2d:eb:ae:b3:d9:91:31:af: 84:9c:08:dc:5a:a4:8d:29:bf:78:71:68:04:88:1f: c3:73:d9:b3:d7:11:42:bc:42:4a:f4:24:a9:65:66: f9:ae:56:f1:6f:17:23:fb:01:1f:ab:b9:7c:4b:2e: 09:64:bf:73:1b:a6:26:93:55:10:2e:79:15:51:60: 3c:cb:e1:df:cf:0f:a9:d6:43:f5:af:73:19:51:f0: 78:d4:ad:5a:88:9f:24:5b:ec:fe:a2:fd:d0:d4:14: da:b4:40:24:5d:67:d3:ce:d6:28:16:13:5a:e8:2c: 60:c4:ba:30:af:83:4c:92:09:94:2f:16:ff:3b:da: bb:67:5d:49:8e:53:8d:f1:4f:78:ee:e5:ab:50:68: 4d:85:08:84:4f:8f:75:4f:2a:e7:a9:fb:48:76:9f: 1e:77:63:19:e5:f0:5a:a9:1b:d1:78:18:2c:54:44: 6b:fa:1f:5e:47:3d:52:56:43:7d:c5:de:52:49:23: a2:6a:f4:9d:2a:36:eb:4a:de:6f:0e:be:78:c2:80: 9d:cd:cb:cc:50:1b:79:49:4d:c2:dc:80:c8:a8:ea: 76:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:8C:53:C4:AE:00:1C:A4:D8:D5:3C:12:03:8D:E8:19:A2:1B:C2:F2 X509v3 Authority Key Identifier: keyid:94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/hYxTxK4AHKTY1TwSA43oGaIbwvI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.78.145.0/24 77.78.147.0/24 77.78.150.0/24 79.98.104.0/21 185.52.204.0/22 185.55.228.0/22 185.199.37.0-185.199.38.255 185.228.24.0/22 185.239.124.0/24 185.239.126.0/23 194.145.63.0/24 195.189.80.0/22 IPv6: 2a01:b6a0::/32 2a02:80e0::/30 Signature Algorithm: sha256WithRSAEncryption b8:08:d4:44:7c:e6:e5:92:4b:01:1e:f8:82:59:51:2e:56:1f: 79:ac:96:23:39:e7:3d:f6:7b:a2:a5:a3:72:96:7b:06:ea:38: 73:19:c6:77:59:f0:e4:90:2a:91:0b:a3:56:c8:03:6f:20:82: 52:df:ff:d8:1e:47:96:9e:17:f5:9d:e0:1e:57:32:97:40:91: 83:cd:09:cb:e0:11:fe:1c:68:42:00:f5:1e:c5:ec:fe:ea:fb: 64:a3:48:64:88:2b:6f:8d:f1:d6:76:e4:32:59:a7:43:df:96: 12:43:22:0a:09:54:f7:78:78:f6:23:9c:e9:03:fc:86:00:df: e5:38:ad:94:9f:e6:7a:f9:69:52:ec:e6:e7:37:68:96:49:e9: 1d:5a:8c:4f:ef:0f:60:93:1f:4a:64:46:78:c1:95:d5:37:42: 11:0e:79:23:36:6d:f7:b4:3f:1c:07:0b:8d:79:74:79:b5:72: 31:6a:a0:d8:42:07:8d:e3:a3:72:a8:88:74:9a:30:cf:c9:dc: 61:86:c3:41:01:85:9c:04:e0:e4:e0:9d:f1:39:b4:8e:f3:3e: 29:83:72:52:17:83:01:f0:79:dc:e6:6d:04:55:4f:14:9b:db: c9:7e:b6:66:fb:28:3e:cb:1d:92:dd:e8:e2:04:07:fe:44:14: e9:8a:7c:2a -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgISAZt/hZK6kZFRwicy7Y/IEa+9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0MGExMGEyNTY3MjhmMTFhNGJiYWFkYzMyMDRiN2YwYTM1 YTUwMDAwHhcNMjYwMTAyMTYyMzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NThjNTNjNGFlMDAxY2E0ZDhkNTNjMTIwMzhkZTgxOWEyMWJjMmYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzaoP62edyCFTknaQ13LS1xPEyFY Q7FW+7Jsjde1zbjBrzK9Leuus9mRMa+EnAjcWqSNKb94cWgEiB/Dc9mz1xFCvEJK 9CSpZWb5rlbxbxcj+wEfq7l8Sy4JZL9zG6Ymk1UQLnkVUWA8y+Hfzw+p1kP1r3MZ UfB41K1aiJ8kW+z+ov3Q1BTatEAkXWfTztYoFhNa6CxgxLowr4NMkgmULxb/O9q7 Z11JjlON8U947uWrUGhNhQiET491TyrnqftIdp8ed2MZ5fBaqRvReBgsVERr+h9e Rz1SVkN9xd5SSSOiavSdKjbrSt5vDr54woCdzcvMUBt5SU3C3IDIqOp2NwIDAQAB o4ICaTCCAmUwHQYDVR0OBBYEFIWMU8SuAByk2NU8EgON6BmiG8LyMB8GA1UdIwQY MBaAFJQKEKJWco8RpLuq3DIEt/CjWlAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYt ZGNlNmQ2OTA5MjQ3LzEvaFl4VHhLNEFIS1RZMVR3U0E0M29HYUlid3ZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYtZGNlNmQ2OTA5MjQ3 LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQATU6RAwQA TU6TAwQATU6WAwQDT2JoAwQCuTTMAwQCuTfkMAwDBAC5xyUDBAC5xyYDBAK55BgD BAC573wDBAG5734DBADCkT8DBALDvVAwFAQCAAIwDgMFACoBtqADBQIqAoDgMA0G CSqGSIb3DQEBCwUAA4IBAQC4CNREfOblkksBHviCWVEuVh95rJYjOec99nuipaNy lnsG6jhzGcZ3WfDkkCqRC6NWyANvIIJS3//YHkeWnhf1neAeVzKXQJGDzQnL4BH+ HGhCAPUexez+6vtko0hkiCtvjfHWduQyWadD35YSQyIKCVT3eHj2I5zpA/yGAN/l OK2Un+Z6+WlS7ObnN2iWSekdWoxP7w9gkx9KZEZ4wZXVN0IRDnkjNm33tD8cBwuN eXR5tXIxaqDYQgeN46NyqIh0mjDPydxhhsNBAYWcBODk4J3xObSO8z4pg3JSF4MB 8Hnc5m0EVU8Um9vJfrZm+yg+yx2S3ejiBAf+RBTpinwq -----END CERTIFICATE-----Generated at Sun Jan 25 19:43:08 2026 by rpki-client