This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/hSitky1wYRTLv14NEnwV-zxWb_o.roa File: hSitky1wYRTLv14NEnwV-zxWb_o.roa (raw, json) Hash identifier: PA0bbeChQyvoxmLwu2ifsRmhbm5WEw0zyVf1Uu/ZDBo= Subject key identifier: 85:28:AD:93:2D:70:61:14:CB:BF:5E:0D:12:7C:15:FB:3C:56:6F:FA Certificate issuer: /CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3 Certificate serial: 019B7E38F77D4E062AA37A095E9E0CBAA084 Authority key identifier: D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/hSitky1wYRTLv14NEnwV-zxWb_o.roa Signing time: Fri 02 Jan 2026 10:20:20 +0000 ROA not before: Fri 02 Jan 2026 10:20:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202005 IP address blocks: 185.216.252.0/22 maxlen: 22 185.216.252.0/24 maxlen: 24 185.216.253.0/24 maxlen: 24 185.216.254.0/24 maxlen: 24 185.216.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:f7:7d:4e:06:2a:a3:7a:09:5e:9e:0c:ba:a0:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3 Validity Not Before: Jan 2 10:20:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8528ad932d706114cbbf5e0d127c15fb3c566ffa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:8c:5b:ff:d8:3a:e2:fd:ee:17:1b:78:b9:63: 1a:94:c4:30:24:6d:c1:67:ea:c3:ef:2b:d0:a7:96: 6e:91:1b:9a:29:b2:da:42:06:08:88:d6:8f:47:3a: ea:2e:f4:e2:46:30:47:a0:57:a0:34:b4:49:77:13: 68:2b:2c:1e:a2:91:81:24:90:7a:24:5c:8d:5f:01: 25:6f:4d:5f:6e:64:9e:a5:9a:c5:90:af:b3:57:d0: 72:5c:d7:23:8f:ca:83:ea:5f:55:b7:f0:7c:ef:53: 3f:08:78:01:86:a6:19:d2:3f:a2:39:f8:b1:32:fe: e0:d8:07:13:da:c6:02:9b:b1:e2:cc:bd:fe:c2:49: 20:02:e6:ca:ec:66:79:45:83:09:13:ce:0d:3c:8e: 37:ac:f2:41:00:e2:8d:af:1e:46:23:9d:4a:1e:c6: 40:c4:7c:61:63:a6:11:95:37:fe:d6:e6:90:9d:7a: fc:5f:26:c5:b8:0a:04:b0:3c:16:c3:e8:4a:20:04: fc:19:77:3f:49:63:41:9b:6d:12:67:97:0e:b4:9e: c6:a6:cb:5b:18:ba:57:66:53:78:03:cf:0c:6d:8a: d7:7b:54:cc:97:c4:64:c1:ec:24:78:a8:4f:b5:fe: 78:8c:bc:c0:63:84:45:c5:b7:8e:16:cd:5f:8f:6b: 91:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:28:AD:93:2D:70:61:14:CB:BF:5E:0D:12:7C:15:FB:3C:56:6F:FA X509v3 Authority Key Identifier: keyid:D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/hSitky1wYRTLv14NEnwV-zxWb_o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.216.252.0/22 Signature Algorithm: sha256WithRSAEncryption 34:c9:5b:1f:e0:58:ca:e6:82:02:3d:d1:cc:8f:21:72:bf:1d: 24:3f:d7:6c:e0:3a:83:89:ea:d9:f7:71:fe:a3:82:98:1f:d9: 2d:a3:da:07:dd:26:b2:1f:1a:4b:6d:6e:05:50:72:75:8d:7e: 96:68:b3:64:61:c2:f2:9b:86:c8:82:c0:c0:2c:14:dd:91:dd: c5:a2:57:23:c3:22:a8:fa:71:5a:5c:db:55:40:7a:77:b0:41: 3c:99:94:3b:15:60:a0:64:d7:25:2a:ea:a3:1f:60:45:16:32: 8a:e5:17:36:c4:4e:64:1d:0d:77:24:98:4d:1a:77:fa:19:2e: df:e5:83:db:4f:4c:28:ba:42:03:41:47:e9:d3:f5:0a:2c:3e: 3c:92:ce:7f:2b:1e:88:28:a2:a6:57:0a:2e:b7:6a:c1:b0:c6: 61:4b:9a:af:7d:1c:7b:9c:2b:e6:6b:56:63:16:9a:e5:50:7b: e8:44:f2:d6:c0:01:a1:02:26:5a:6a:7a:e1:9a:25:79:4f:1c: e2:7e:48:83:73:ad:66:96:87:ae:43:d9:d5:4f:c7:4d:8b:b5: d1:12:0d:dc:bc:7f:47:16:86:f7:28:56:27:95:bb:e3:8f:49: ce:b4:9e:b8:f2:df:3d:4c:01:da:27:0f:3d:e8:ea:2c:30:08: ec:9c:4b:1b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OPd9TgYqo3oJXp4MuqCEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ZjVhNjZjZmQyMWE1Y2FkN2EyOWI4ZWI1Y2Q5MmFhNDYw MzIwYzMwHhcNMjYwMTAyMTAyMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTI4YWQ5MzJkNzA2MTE0Y2JiZjVlMGQxMjdjMTVmYjNjNTY2ZmZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoxb/9g64v3uFxt4uWMalMQwJG3B Z+rD7yvQp5ZukRuaKbLaQgYIiNaPRzrqLvTiRjBHoFegNLRJdxNoKyweopGBJJB6 JFyNXwElb01fbmSepZrFkK+zV9ByXNcjj8qD6l9Vt/B871M/CHgBhqYZ0j+iOfix Mv7g2AcT2sYCm7HizL3+wkkgAubK7GZ5RYMJE84NPI43rPJBAOKNrx5GI51KHsZA xHxhY6YRlTf+1uaQnXr8XybFuAoEsDwWw+hKIAT8GXc/SWNBm20SZ5cOtJ7Gpstb GLpXZlN4A88MbYrXe1TMl8RkwewkeKhPtf54jLzAY4RFxbeOFs1fj2uRbQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIUorZMtcGEUy79eDRJ8Ffs8Vm/6MB8GA1UdIwQY MBaAFNj1pmz9IaXK16KbjrXNkqpGAyDDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTct ODIxMGRiNzA0OWIxLzEvaFNpdGt5MXdZUlRMdjE0TkVud1YtenhXYl9vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTctODIxMGRiNzA0OWIx LzEvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudj8MA0G CSqGSIb3DQEBCwUAA4IBAQA0yVsf4FjK5oICPdHMjyFyvx0kP9ds4DqDierZ93H+ o4KYH9kto9oH3SayHxpLbW4FUHJ1jX6WaLNkYcLym4bIgsDALBTdkd3FolcjwyKo +nFaXNtVQHp3sEE8mZQ7FWCgZNclKuqjH2BFFjKK5Rc2xE5kHQ13JJhNGnf6GS7f 5YPbT0woukIDQUfp0/UKLD48ks5/Kx6IKKKmVwout2rBsMZhS5qvfRx7nCvma1Zj FprlUHvoRPLWwAGhAiZaanrhmiV5TxzifkiDc61mloeuQ9nVT8dNi7XREg3cvH9H Fob3KFYnlbvjj0nOtJ648t89TAHaJw896OosMAjsnEsb -----END CERTIFICATE-----Generated at Mon Jan 12 00:50:25 2026 by rpki-client