This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/_a5oTu8gmKTkulokRAA15ZrEXNM.roa File: _a5oTu8gmKTkulokRAA15ZrEXNM.roa (raw, json) Hash identifier: m1okP9QJB17W56hE2P8J+CdYw56KQB54uec3dsvEZRc= Subject key identifier: FD:AE:68:4E:EF:20:98:A4:E4:BA:5A:24:44:00:35:E5:9A:C4:5C:D3 Certificate issuer: /CN=485e3ee1c3258175f4ff6d9b559da54c83ec0b4f Certificate serial: 019B7C12500AD5A3911BF3F57B7AB71C5C55 Authority key identifier: 48:5E:3E:E1:C3:25:81:75:F4:FF:6D:9B:55:9D:A5:4C:83:EC:0B:4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SF4-4cMlgXX0_22bVZ2lTIPsC08.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/_a5oTu8gmKTkulokRAA15ZrEXNM.roa Signing time: Fri 02 Jan 2026 00:18:53 +0000 ROA not before: Fri 02 Jan 2026 00:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20546 IP address blocks: 91.223.186.0/24 maxlen: 24 185.253.204.0/22 maxlen: 24 193.16.220.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/SF4-4cMlgXX0_22bVZ2lTIPsC08.crl rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/SF4-4cMlgXX0_22bVZ2lTIPsC08.mft rsync://rpki.ripe.net/repository/DEFAULT/SF4-4cMlgXX0_22bVZ2lTIPsC08.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 21:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:50:0a:d5:a3:91:1b:f3:f5:7b:7a:b7:1c:5c:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=485e3ee1c3258175f4ff6d9b559da54c83ec0b4f Validity Not Before: Jan 2 00:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fdae684eef2098a4e4ba5a24440035e59ac45cd3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:e4:05:5e:4a:f8:f1:fc:3a:c2:65:17:d3:f2: b9:fb:1e:b3:af:4f:81:ce:14:d8:16:16:05:c1:53: 9b:80:c3:f8:14:26:ee:fc:7d:67:14:71:e7:f2:67: 50:5b:08:26:c5:0a:2a:e2:dd:9c:5e:c1:41:43:19: 22:cb:91:9f:d0:91:f2:15:02:37:0c:12:9d:aa:ce: 5b:16:6d:a1:dc:ae:84:5f:88:e0:0d:93:05:78:82: d1:a8:eb:8e:63:7b:be:61:b7:80:eb:73:4a:f3:91: 0f:99:1e:b8:8c:3d:2b:b8:11:50:dc:5c:56:6a:4d: 30:30:c0:e0:67:58:e0:73:fd:da:b2:2c:97:00:6e: 99:ab:21:ca:8c:2f:9e:38:25:89:56:2c:93:bb:0d: 60:ca:0b:7c:ee:8b:76:97:b8:e5:61:e5:cd:2c:ff: bf:a6:4e:7a:97:4d:8f:02:97:3b:63:8d:a3:97:cf: 33:5b:97:18:be:8d:83:4b:a3:2f:04:7b:c0:0a:97: 85:37:41:74:6b:f9:50:da:5e:cd:df:fe:c2:70:db: 07:77:41:d9:2a:d8:87:e7:47:4e:6d:bf:23:48:b2: d7:3e:d5:52:6c:60:14:29:59:3f:09:12:4c:8f:cb: 92:71:a7:73:dd:34:27:bc:51:b8:be:c1:7b:ee:c9: 14:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:AE:68:4E:EF:20:98:A4:E4:BA:5A:24:44:00:35:E5:9A:C4:5C:D3 X509v3 Authority Key Identifier: keyid:48:5E:3E:E1:C3:25:81:75:F4:FF:6D:9B:55:9D:A5:4C:83:EC:0B:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SF4-4cMlgXX0_22bVZ2lTIPsC08.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/_a5oTu8gmKTkulokRAA15ZrEXNM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/SF4-4cMlgXX0_22bVZ2lTIPsC08.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.223.186.0/24 185.253.204.0/22 193.16.220.0/24 Signature Algorithm: sha256WithRSAEncryption 90:4e:ff:ac:6a:42:b0:ff:90:21:7d:a0:37:e4:6a:98:b6:05: 16:5d:74:f7:4f:07:84:57:33:aa:b3:45:24:0c:c8:8f:f3:5d: b1:b5:ba:01:ad:fa:c7:66:ce:fc:69:09:a5:e0:67:e1:bb:c6: c9:81:81:6e:44:6c:60:9e:79:d9:08:af:64:8a:fd:9d:f7:3f: 6d:8e:4d:c9:f2:0f:75:e5:c2:5a:6d:d9:09:21:33:28:ba:6e: bb:76:42:5b:07:14:fe:a4:49:f6:62:f3:73:5a:83:6e:95:b1: 3f:62:49:9b:a8:af:19:4a:03:a2:d9:00:06:b8:21:62:ba:9c: ae:62:be:4f:9e:62:40:80:0e:09:97:a1:4f:de:c2:9d:d0:1c: 56:e6:76:4e:e1:9f:ff:f2:9a:8f:8e:de:bb:e4:85:2c:33:08: 8e:aa:d5:46:e5:bf:1a:bf:aa:12:12:ef:3a:a5:35:0b:34:45: d2:c7:cd:81:98:00:06:46:4d:90:0f:87:9a:d5:18:11:c3:a6: 3c:a6:f6:73:88:66:a6:6e:7a:f6:3a:90:72:e9:4c:aa:9e:39: d7:8c:6e:42:fa:65:5c:80:93:a4:f3:46:41:03:b4:07:f6:73: 5d:f2:d5:1e:c4:7c:47:df:c2:ea:16:c2:0f:e4:5f:c4:8b:be: c8:35:c9:f7 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt8ElAK1aORG/P1e3q3HFxVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ4NWUzZWUxYzMyNTgxNzVmNGZmNmQ5YjU1OWRhNTRjODNl YzBiNGYwHhcNMjYwMTAyMDAxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZGFlNjg0ZWVmMjA5OGE0ZTRiYTVhMjQ0NDAwMzVlNTlhYzQ1Y2QzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOQFXkr48fw6wmUX0/K5+x6zr0+B zhTYFhYFwVObgMP4FCbu/H1nFHHn8mdQWwgmxQoq4t2cXsFBQxkiy5Gf0JHyFQI3 DBKdqs5bFm2h3K6EX4jgDZMFeILRqOuOY3u+YbeA63NK85EPmR64jD0ruBFQ3FxW ak0wMMDgZ1jgc/3asiyXAG6ZqyHKjC+eOCWJViyTuw1gygt87ot2l7jlYeXNLP+/ pk56l02PApc7Y42jl88zW5cYvo2DS6MvBHvACpeFN0F0a/lQ2l7N3/7CcNsHd0HZ KtiH50dObb8jSLLXPtVSbGAUKVk/CRJMj8uScadz3TQnvFG4vsF77skU3wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFP2uaE7vIJik5LpaJEQANeWaxFzTMB8GA1UdIwQY MBaAFEhePuHDJYF19P9tm1WdpUyD7AtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU0Y0LTRjTWxnWFgwXzIyYlZaMmxUSVBzQzA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85NmQwMjItZWUwMi00NDdjLWEzNDkt OWM5MzNjY2QxNmM3LzEvX2E1b1R1OGdtS1RrdWxva1JBQTE1WnJFWE5NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC85NmQwMjItZWUwMi00NDdjLWEzNDktOWM5MzNjY2QxNmM3 LzEvU0Y0LTRjTWxnWFgwXzIyYlZaMmxUSVBzQzA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9+6AwQC uf3MAwQAwRDcMA0GCSqGSIb3DQEBCwUAA4IBAQCQTv+sakKw/5AhfaA35GqYtgUW XXT3TweEVzOqs0UkDMiP812xtboBrfrHZs78aQml4Gfhu8bJgYFuRGxgnnnZCK9k iv2d9z9tjk3J8g915cJabdkJITMoum67dkJbBxT+pEn2YvNzWoNulbE/YkmbqK8Z SgOi2QAGuCFiupyuYr5PnmJAgA4Jl6FP3sKd0BxW5nZO4Z//8pqPjt675IUsMwiO qtVG5b8av6oSEu86pTULNEXSx82BmAAGRk2QD4ea1RgRw6Y8pvZziGambnr2OpBy 6UyqnjnXjG5C+mVcgJOk80ZBA7QH9nNd8tUexHxH38LqFsIP5F/Ei77INcn3 -----END CERTIFICATE-----Generated at Sun Jan 25 09:04:27 2026 by rpki-client