This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/H2Ow2vJleUpffVQJUaw-DrOP25Q.roa File: H2Ow2vJleUpffVQJUaw-DrOP25Q.roa (raw, json) Hash identifier: KI8QYq2nupDeoMFFlx5O6qkC1YhqNdHz/2qG81EcAxI= Subject key identifier: 1F:63:B0:DA:F2:65:79:4A:5F:7D:54:09:51:AC:3E:0E:B3:8F:DB:94 Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93 Certificate serial: 019B7EA6ED7DDA442B3A2DF96C20729C751D Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/H2Ow2vJleUpffVQJUaw-DrOP25Q.roa Signing time: Fri 02 Jan 2026 12:20:27 +0000 ROA not before: Fri 02 Jan 2026 12:20:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8561 IP address blocks: 185.95.96.0/23 maxlen: 24 185.95.98.0/23 maxlen: 24 2a00:1c3e:96::/47 maxlen: 48 2a00:1c3e:98::/47 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.mft rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:ed:7d:da:44:2b:3a:2d:f9:6c:20:72:9c:75:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93 Validity Not Before: Jan 2 12:20:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f63b0daf265794a5f7d540951ac3e0eb38fdb94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:49:66:ee:cc:28:79:5b:3a:4e:39:ba:4f:9d: fe:84:46:23:2b:d8:78:c8:05:d5:d0:f4:9b:22:73: f7:22:04:57:9f:c1:2f:b9:b6:f8:7a:24:54:95:e7: b3:9c:9f:c2:d0:2e:3b:94:36:a3:3d:d0:88:7d:bd: 72:8f:8c:c3:e1:52:b4:d1:bd:9b:08:65:73:6b:27: ad:4b:84:f2:c0:db:e7:d1:fc:43:bd:63:59:1d:d2: de:5c:a3:03:bb:b0:60:fc:38:3b:7a:f8:e8:85:d5: a0:e1:e0:92:3a:56:e6:68:3f:c7:35:d1:f5:44:b8: fc:4b:b8:0d:b0:3d:9a:6f:d0:4a:79:12:3d:de:ce: d3:7f:8f:88:c2:01:d3:f3:8a:24:1a:72:b0:f2:b8: b3:9c:6f:e6:36:9b:5d:28:1a:ec:f5:b8:27:a4:ba: c1:3a:5e:da:c1:90:60:f2:e1:62:a3:f7:de:5f:b0: 8f:2e:f9:a0:6b:14:ca:20:3e:18:3f:5a:f9:78:09: a9:fc:e9:39:69:36:aa:63:d9:d6:2e:9a:56:c9:21: f3:35:d1:15:3c:3d:69:a3:98:e8:c2:ee:72:c3:14: 7d:99:a4:b0:de:79:ae:7f:96:a6:9c:eb:3c:a4:0f: 42:7b:b5:29:6c:81:ee:eb:b0:15:01:15:ae:f9:be: e6:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:63:B0:DA:F2:65:79:4A:5F:7D:54:09:51:AC:3E:0E:B3:8F:DB:94 X509v3 Authority Key Identifier: keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/H2Ow2vJleUpffVQJUaw-DrOP25Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.95.96.0/22 IPv6: 2a00:1c3e:96::-2a00:1c3e:99:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 96:3d:0a:66:df:12:14:07:14:63:9c:46:a2:41:7b:1c:a5:56: 52:d0:b3:eb:6d:95:1b:33:a8:2e:78:d5:e7:8f:53:62:1b:ca: bb:0c:6d:43:08:2a:bd:29:7d:d3:8f:72:f6:0f:ec:de:50:16: c0:81:89:da:08:10:01:fd:6d:10:63:b6:7b:00:97:55:4c:94: ff:9a:1d:7b:e0:a8:6d:9c:75:5f:be:50:30:75:aa:c2:ae:d5: b2:dc:3e:6b:e5:19:05:8c:c4:43:4c:19:f0:48:80:e4:71:f4: 28:83:d2:cb:77:70:76:67:66:ed:0e:c5:09:41:8f:05:14:af: d4:2a:e5:9c:91:c4:09:51:f1:79:26:70:34:c3:44:fd:5d:58: 24:29:fe:e4:71:a0:7e:9a:4b:d0:7d:6f:fb:53:20:91:6b:06: 72:db:89:f2:be:0f:3b:60:8c:f8:fd:21:67:ab:37:cf:07:63: c0:03:7b:b2:92:0c:75:01:b7:75:27:8f:d8:0e:5b:73:04:ce: 7f:dd:5b:d6:9f:aa:79:17:3b:15:22:16:0d:17:16:01:5b:f4: ac:6b:d2:45:68:17:57:07:23:94:92:fe:bf:71:d1:3c:96:09: b6:dc:6f:bf:fb:b2:b2:51:13:ee:a7:e7:f1:6d:a2:9b:18:b3: 07:ff:5d:93 -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt+pu192kQrOi35bCBynHUdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIy ZWNmOTMwHhcNMjYwMTAyMTIyMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjYzYjBkYWYyNjU3OTRhNWY3ZDU0MDk1MWFjM2UwZWIzOGZkYjk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0lm7swoeVs6Tjm6T53+hEYjK9h4 yAXV0PSbInP3IgRXn8Evubb4eiRUleeznJ/C0C47lDajPdCIfb1yj4zD4VK00b2b CGVzayetS4TywNvn0fxDvWNZHdLeXKMDu7Bg/Dg7evjohdWg4eCSOlbmaD/HNdH1 RLj8S7gNsD2ab9BKeRI93s7Tf4+IwgHT84okGnKw8riznG/mNptdKBrs9bgnpLrB Ol7awZBg8uFio/feX7CPLvmgaxTKID4YP1r5eAmp/Ok5aTaqY9nWLppWySHzNdEV PD1po5jowu5ywxR9maSw3nmuf5amnOs8pA9Ce7UpbIHu67AVARWu+b7mJwIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFB9jsNryZXlKX31UCVGsPg6zj9uUMB8GA1UdIwQY MBaAFF7gBL76VT3bNVZPt3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjIt ZTIyOGFhYjQ1MDE0LzEvSDJPdzJ2SmxlVXBmZlZRSlVhdy1Eck9QMjVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0 LzEvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV9gMBoE AgACMBQwEgMHASoAHD4AlgMHASoAHD4AmDANBgkqhkiG9w0BAQsFAAOCAQEAlj0K Zt8SFAcUY5xGokF7HKVWUtCz622VGzOoLnjV549TYhvKuwxtQwgqvSl9049y9g/s 3lAWwIGJ2ggQAf1tEGO2ewCXVUyU/5ode+CobZx1X75QMHWqwq7Vstw+a+UZBYzE Q0wZ8EiA5HH0KIPSy3dwdmdm7Q7FCUGPBRSv1CrlnJHECVHxeSZwNMNE/V1YJCn+ 5HGgfppL0H1v+1MgkWsGctuJ8r4PO2CM+P0hZ6s3zwdjwAN7spIMdQG3dSeP2A5b cwTOf91b1p+qeRc7FSIWDRcWAVv0rGvSRWgXVwcjlJL+v3HRPJYJttxvv/uyslET 7qfn8W2imxizB/9dkw== -----END CERTIFICATE-----Generated at Sun Jan 25 19:18:22 2026 by rpki-client