This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/r8K_aYEH4yQBoFIfHs8TuNjfWTs.roa File: r8K_aYEH4yQBoFIfHs8TuNjfWTs.roa (raw, json) Hash identifier: 7f8KKkVXMXppXKOni8U2Lgw3TNTx/F0QplvAHOQbXss= Subject key identifier: AF:C2:BF:69:81:07:E3:24:01:A0:52:1F:1E:CF:13:B8:D8:DF:59:3B Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Certificate serial: 019B78A36E111DFA163986FAA53751C568D9 Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/r8K_aYEH4yQBoFIfHs8TuNjfWTs.roa Signing time: Thu 01 Jan 2026 08:18:55 +0000 ROA not before: Thu 01 Jan 2026 08:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 28099 IP address blocks: 37.235.52.0/24 maxlen: 24 2a03:f80:56::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:6e:11:1d:fa:16:39:86:fa:a5:37:51:c5:68:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Validity Not Before: Jan 1 08:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=afc2bf698107e32401a0521f1ecf13b8d8df593b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:21:5b:9e:dd:5c:db:b7:9e:12:90:bd:3e:78: 87:c0:9f:be:40:6a:80:18:64:78:81:39:36:b6:91: 97:43:17:6f:b5:f9:6d:c9:24:d8:87:d9:09:b1:4c: a4:b1:31:3f:be:24:a3:70:25:d9:a9:0e:6f:45:d7: e9:fb:4c:68:d4:e5:f3:cb:93:96:4c:29:8d:d3:06: d6:26:fe:02:a7:61:6b:bf:dc:11:a9:f1:2b:fa:a0: f8:31:5c:91:f7:e1:9b:21:80:87:e1:61:db:b5:fb: 87:eb:b9:1f:56:7d:c6:e7:77:70:37:ad:df:0b:35: d2:ad:2e:af:25:74:0c:39:44:09:e1:4f:3b:58:47: 0a:de:00:41:8e:e5:6b:c8:7e:ab:6e:ce:16:95:07: a0:20:c1:b5:5c:89:e6:81:ca:12:19:d0:e7:2b:23: f6:6c:2c:db:95:da:6d:9f:4a:a9:93:f1:e5:16:32: 26:e8:31:1d:be:86:92:90:a4:e3:29:92:4d:9a:24: db:e0:6c:8f:ba:7f:09:2e:04:04:16:6c:1b:21:56: 50:60:20:c7:b2:9c:68:e2:4b:6c:b8:d6:7c:23:16: 89:90:05:7d:21:d0:85:66:18:5d:6b:12:3a:c9:b9: 20:ed:45:22:7c:d2:b7:00:6c:43:ee:8d:84:59:d4: e9:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:C2:BF:69:81:07:E3:24:01:A0:52:1F:1E:CF:13:B8:D8:DF:59:3B X509v3 Authority Key Identifier: keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/r8K_aYEH4yQBoFIfHs8TuNjfWTs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.235.52.0/24 IPv6: 2a03:f80:56::/48 Signature Algorithm: sha256WithRSAEncryption 93:f2:1b:06:e1:86:53:1f:9e:a3:1e:6a:de:51:08:f5:8b:5c: b4:25:ac:8a:bd:de:0c:c0:2a:a0:be:e4:76:f5:ba:57:24:9c: 62:d3:ca:1d:3f:9d:4d:61:1f:6d:b4:5f:d0:16:6b:15:d0:9e: bd:72:d6:44:6f:92:5c:a5:83:38:be:31:b1:b5:7f:11:67:9b: 32:31:2a:16:98:57:f4:a6:fb:72:1f:7d:65:76:e0:88:93:93: e9:86:59:a0:65:45:0f:4f:a3:f6:e8:d4:7a:7f:96:dd:85:fc: 25:c9:07:c8:67:3c:67:e5:e6:9c:12:54:f0:37:cd:bd:36:65: ab:34:8f:26:b4:62:cf:2d:d5:ee:8b:fe:8a:50:4a:20:0a:77: 69:97:5b:b0:39:25:bc:3d:cb:00:a1:3d:6a:43:e3:d0:b1:c2: 97:5f:d8:19:f6:a2:54:87:be:02:c8:85:d3:37:a4:c8:c9:0f: 87:a0:90:f0:e9:6d:d7:5e:d8:13:ab:c8:08:83:a8:d7:64:d5: a1:89:ae:1a:9c:e1:06:79:dd:ab:aa:e0:bb:6d:26:de:ac:ce: 80:a0:48:7e:cd:42:46:d7:d1:b4:80:5e:58:e2:fc:3b:6f:59: f6:1d:d4:d9:42:fc:9a:17:15:ad:bd:44:d9:8d:45:b9:7e:13: 68:33:35:56 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt4o24RHfoWOYb6pTdRxWjZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj MjhmNmEwHhcNMjYwMTAxMDgxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZmMyYmY2OTgxMDdlMzI0MDFhMDUyMWYxZWNmMTNiOGQ4ZGY1OTNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliFbnt1c27eeEpC9PniHwJ++QGqA GGR4gTk2tpGXQxdvtfltySTYh9kJsUyksTE/viSjcCXZqQ5vRdfp+0xo1OXzy5OW TCmN0wbWJv4Cp2Frv9wRqfEr+qD4MVyR9+GbIYCH4WHbtfuH67kfVn3G53dwN63f CzXSrS6vJXQMOUQJ4U87WEcK3gBBjuVryH6rbs4WlQegIMG1XInmgcoSGdDnKyP2 bCzbldptn0qpk/HlFjIm6DEdvoaSkKTjKZJNmiTb4GyPun8JLgQEFmwbIVZQYCDH spxo4ktsuNZ8IxaJkAV9IdCFZhhdaxI6ybkg7UUifNK3AGxD7o2EWdTpeQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFK/Cv2mBB+MkAaBSHx7PE7jY31k7MB8GA1UdIwQY MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt YjM4ZTI2NzdiM2RjLzEvcjhLX2FZRUg0eVFCb0ZJZkhzOFR1TmpmV1RzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAJes0MA8E AgACMAkDBwAqAw+AAFYwDQYJKoZIhvcNAQELBQADggEBAJPyGwbhhlMfnqMeat5R CPWLXLQlrIq93gzAKqC+5Hb1ulcknGLTyh0/nU1hH220X9AWaxXQnr1y1kRvklyl gzi+MbG1fxFnmzIxKhaYV/Sm+3IffWV24IiTk+mGWaBlRQ9Po/bo1Hp/lt2F/CXJ B8hnPGfl5pwSVPA3zb02Zas0jya0Ys8t1e6L/opQSiAKd2mXW7A5Jbw9ywChPWpD 49Cxwpdf2Bn2olSHvgLIhdM3pMjJD4egkPDpbdde2BOryAiDqNdk1aGJrhqc4QZ5 3auq4LttJt6szoCgSH7NQkbX0bSAXlji/DtvWfYd1NlC/JoXFa29RNmNRbl+E2gz NVY= -----END CERTIFICATE-----Generated at Sun Jan 25 15:01:11 2026 by rpki-client