This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/JH9XT1NUV14_SKsiiCKlHziQ9DM.roa File: JH9XT1NUV14_SKsiiCKlHziQ9DM.roa (raw, json) Hash identifier: 04vIJ1yQ8bNTRGDpE43oQ18qFJ2VyqPCHwJQW+bmQgI= Subject key identifier: 24:7F:57:4F:53:54:57:5E:3F:48:AB:22:88:22:A5:1F:38:90:F4:33 Certificate issuer: /CN=bcaf8ba59f7a3c5d00fe0ad4564d80524df7fa90 Certificate serial: 019B7BA4B77012ACFDE453FEDBB919F08CCF Authority key identifier: BC:AF:8B:A5:9F:7A:3C:5D:00:FE:0A:D4:56:4D:80:52:4D:F7:FA:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vK-LpZ96PF0A_grUVk2AUk33-pA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/JH9XT1NUV14_SKsiiCKlHziQ9DM.roa Signing time: Thu 01 Jan 2026 22:19:10 +0000 ROA not before: Thu 01 Jan 2026 22:19:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31673 IP address blocks: 185.52.212.0/22 maxlen: 24 2a01:baa0::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/vK-LpZ96PF0A_grUVk2AUk33-pA.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/vK-LpZ96PF0A_grUVk2AUk33-pA.mft rsync://rpki.ripe.net/repository/DEFAULT/vK-LpZ96PF0A_grUVk2AUk33-pA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:b7:70:12:ac:fd:e4:53:fe:db:b9:19:f0:8c:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bcaf8ba59f7a3c5d00fe0ad4564d80524df7fa90 Validity Not Before: Jan 1 22:19:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=247f574f5354575e3f48ab228822a51f3890f433 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:64:64:d9:ae:fd:50:c5:6a:67:e9:e3:cc:80: b0:04:59:c6:f4:47:ff:8c:d8:19:b0:cd:ea:92:0f: e7:2c:38:2e:fc:5d:f8:f7:2e:5e:3b:be:22:16:eb: e8:11:55:79:01:56:12:a7:1d:9b:1e:a2:32:4b:bc: 88:e0:ff:e1:3f:21:6a:ec:2c:cc:79:5b:09:e7:c2: 5c:0f:62:fc:2e:fa:79:a1:e7:3e:3c:ca:c5:b6:1a: 3b:31:f3:91:20:ec:bd:66:f1:7a:85:7a:7e:00:d6: 4e:95:da:3a:a5:e1:bb:98:a7:e8:09:8a:cb:f7:95: 94:8d:89:f3:23:17:ba:b3:42:0e:cd:e6:72:85:34: 5b:8d:db:17:e4:30:9d:ca:33:14:cf:39:3c:47:df: 36:2b:40:43:5b:a6:f7:61:35:f7:26:3c:d5:c6:ea: cb:3f:6b:dc:ea:ba:9f:5c:22:14:c7:58:4d:19:93: 74:9e:0f:36:a7:97:a3:50:a5:c0:fd:3f:58:ba:b7: f9:c8:8e:01:cc:d0:b8:f4:68:0a:04:12:e5:2d:cc: 5a:ce:fa:db:c1:ff:f0:37:ee:2e:dc:85:50:8a:7c: 7e:09:ba:74:74:dc:24:ca:52:d6:7c:50:06:55:8a: 39:58:c9:dc:68:82:8f:be:9d:e9:a0:b5:b9:c7:92: 18:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:7F:57:4F:53:54:57:5E:3F:48:AB:22:88:22:A5:1F:38:90:F4:33 X509v3 Authority Key Identifier: keyid:BC:AF:8B:A5:9F:7A:3C:5D:00:FE:0A:D4:56:4D:80:52:4D:F7:FA:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vK-LpZ96PF0A_grUVk2AUk33-pA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/JH9XT1NUV14_SKsiiCKlHziQ9DM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/vK-LpZ96PF0A_grUVk2AUk33-pA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.52.212.0/22 IPv6: 2a01:baa0::/32 Signature Algorithm: sha256WithRSAEncryption 38:32:cc:f6:2e:ed:1f:11:ee:d7:c5:fb:bb:05:d6:24:d0:e4: 32:41:9a:dc:8b:28:9f:e0:07:e4:dc:a9:e8:8e:ac:5c:12:d7: 26:a7:69:12:f5:44:06:25:46:3b:7a:f2:17:3b:3b:35:a0:38: 27:54:86:40:2d:1b:41:e8:83:c1:f8:ed:7e:1a:8e:83:c0:50: 6f:08:c6:99:e2:c2:9b:f4:b3:b7:fe:80:e8:f5:35:bb:51:45: f7:2d:9c:73:50:44:5c:48:d5:ab:bb:4d:49:14:f3:f3:94:94: e3:b5:dc:e9:d2:9e:6c:1e:ee:e3:6f:41:2e:df:e5:b0:6f:d3: 41:3f:99:8c:98:0a:e0:62:d0:03:ff:c9:b8:70:b6:f5:b8:4b: 7c:c3:92:cc:aa:3f:00:8e:6a:ed:c0:39:bc:86:cd:13:4f:ed: a9:fd:72:db:f4:61:e1:af:ab:00:9c:00:09:51:b6:bc:0b:4e: 5b:1d:54:fa:0a:c1:77:7d:a1:4d:20:00:d0:a1:28:82:cd:4c: d7:06:ff:d2:c8:85:59:77:e0:37:cd:53:c6:54:ec:7e:48:2b: e5:f8:7b:fb:7e:60:d4:8a:4c:92:22:3b:b9:84:56:d9:97:8e: 84:3f:b3:4c:17:15:59:2b:8c:19:7a:25:46:91:3e:a3:5f:4c: 4f:c7:c6:0a -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7pLdwEqz95FP+27kZ8IzPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjYWY4YmE1OWY3YTNjNWQwMGZlMGFkNDU2NGQ4MDUyNGRm N2ZhOTAwHhcNMjYwMTAxMjIxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNDdmNTc0ZjUzNTQ1NzVlM2Y0OGFiMjI4ODIyYTUxZjM4OTBmNDMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmRk2a79UMVqZ+njzICwBFnG9Ef/ jNgZsM3qkg/nLDgu/F349y5eO74iFuvoEVV5AVYSpx2bHqIyS7yI4P/hPyFq7CzM eVsJ58JcD2L8Lvp5oec+PMrFtho7MfORIOy9ZvF6hXp+ANZOldo6peG7mKfoCYrL 95WUjYnzIxe6s0IOzeZyhTRbjdsX5DCdyjMUzzk8R982K0BDW6b3YTX3JjzVxurL P2vc6rqfXCIUx1hNGZN0ng82p5ejUKXA/T9Yurf5yI4BzNC49GgKBBLlLcxazvrb wf/wN+4u3IVQinx+Cbp0dNwkylLWfFAGVYo5WMncaIKPvp3poLW5x5IYdwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCR/V09TVFdeP0irIogipR84kPQzMB8GA1UdIwQY MBaAFLyvi6WfejxdAP4K1FZNgFJN9/qQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdkstTHBaOTZQRjBBX2dyVVZrMkFVazMzLXBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kMDdlOWUtMTMyYS00OGUyLTk1Mzgt OTAyYWVjNDQwNDY0LzEvSkg5WFQxTlVWMTRfU0tzaWlDS2xIemlROURNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC9kMDdlOWUtMTMyYS00OGUyLTk1MzgtOTAyYWVjNDQwNDY0 LzEvdkstTHBaOTZQRjBBX2dyVVZrMkFVazMzLXBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTTUMA0E AgACMAcDBQAqAbqgMA0GCSqGSIb3DQEBCwUAA4IBAQA4Msz2Lu0fEe7Xxfu7BdYk 0OQyQZrciyif4Afk3KnojqxcEtcmp2kS9UQGJUY7evIXOzs1oDgnVIZALRtB6IPB +O1+Go6DwFBvCMaZ4sKb9LO3/oDo9TW7UUX3LZxzUERcSNWru01JFPPzlJTjtdzp 0p5sHu7jb0Eu3+Wwb9NBP5mMmArgYtAD/8m4cLb1uEt8w5LMqj8AjmrtwDm8hs0T T+2p/XLb9GHhr6sAnAAJUba8C05bHVT6CsF3faFNIADQoSiCzUzXBv/SyIVZd+A3 zVPGVOx+SCvl+Hv7fmDUikySIju5hFbZl46EP7NMFxVZK4wZeiVGkT6jX0xPx8YK -----END CERTIFICATE-----Generated at Mon Jan 26 04:39:34 2026 by rpki-client