This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/5a2tVJSA7-aN0SRuVG0OxuxPaTI.roa File: 5a2tVJSA7-aN0SRuVG0OxuxPaTI.roa (raw, json) Hash identifier: ngRWxztuZ4gf4dqFuQH0sXxlseI1zKXXWW7i/sJRBxI= Subject key identifier: E5:AD:AD:54:94:80:EF:E6:8D:D1:24:6E:54:6D:0E:C6:EC:4F:69:32 Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47 Certificate serial: 019B76EAE7823B241743BEB1F3D456923046 Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/5a2tVJSA7-aN0SRuVG0OxuxPaTI.roa Signing time: Thu 01 Jan 2026 00:17:44 +0000 ROA not before: Thu 01 Jan 2026 00:17:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39143 IP address blocks: 89.188.162.0/24 maxlen: 24 185.211.240.0/22 maxlen: 23 185.211.241.0/24 maxlen: 24 2a03:8641::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.mft rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:e7:82:3b:24:17:43:be:b1:f3:d4:56:92:30:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47 Validity Not Before: Jan 1 00:17:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e5adad549480efe68dd1246e546d0ec6ec4f6932 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:11:ee:ec:08:04:4c:59:07:ff:0a:c8:55:dc: 12:2c:31:46:c4:bf:10:46:44:03:f2:31:cf:7e:dd: 16:ff:44:15:9b:6c:91:25:86:45:a3:3d:c9:c3:36: 23:82:cc:f4:2a:56:e0:76:34:94:2b:f5:4f:c1:f6: 20:d3:a4:94:12:5a:2a:76:b9:75:9b:08:e6:41:9f: d7:35:c2:a3:eb:36:a3:4c:79:7a:55:c9:09:cd:68: c0:12:bf:f3:03:f9:7c:f9:70:7e:07:1f:e0:84:ad: 28:f1:1a:52:d3:f9:e4:64:e4:20:bb:6d:04:9f:04: df:7a:bc:16:d8:67:85:28:c7:6f:db:2d:ce:9f:b1: d8:ed:db:3f:61:a8:af:54:bf:7b:70:f2:0c:73:4a: f3:71:ed:ea:76:c8:60:ab:17:19:c6:d0:b3:81:e3: 05:a5:30:ec:93:97:43:ef:14:03:da:01:33:9d:b0: f4:24:66:4e:e5:5b:93:7c:7e:72:07:5b:bc:c4:bf: d8:e1:35:e8:de:5e:72:64:32:71:2b:1a:5e:d8:84: 3b:10:37:fb:a4:82:fd:d6:67:a2:12:48:53:db:be: c4:89:14:ba:15:63:2c:ae:ba:9c:4d:85:d6:1e:22: 30:c4:94:20:1b:24:19:84:6f:bc:63:a6:0c:4f:6c: 4e:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:AD:AD:54:94:80:EF:E6:8D:D1:24:6E:54:6D:0E:C6:EC:4F:69:32 X509v3 Authority Key Identifier: keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/5a2tVJSA7-aN0SRuVG0OxuxPaTI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.188.162.0/24 185.211.240.0/22 IPv6: 2a03:8641::/32 Signature Algorithm: sha256WithRSAEncryption 6d:b5:8e:64:80:33:65:d2:d4:7a:44:3d:24:16:de:2d:fb:c3: 60:dc:0a:4c:92:1c:3e:f4:55:a1:57:b7:63:58:d2:6d:65:d0: 25:c3:62:15:2f:4e:f1:70:11:c8:46:e0:b6:9b:12:54:bf:0c: c4:cc:7f:96:a6:fd:57:bc:ec:8a:24:f1:a3:3d:e2:03:8b:df: b2:17:35:92:a9:08:22:2a:75:82:b5:44:c5:27:dd:36:83:bc: d6:85:12:85:a9:ed:cc:6d:18:d2:c1:e7:f2:22:cb:36:de:95: f5:ba:6d:9b:64:9b:23:ae:f3:a0:21:2d:e9:9b:10:29:a4:c7: b5:f5:5c:95:d0:62:bb:24:46:5f:b3:a2:db:a8:47:ff:4e:6c: f2:b8:9b:1a:1d:42:98:12:0c:d1:15:1b:2c:28:a7:e5:a7:a4: e7:1e:af:54:7d:19:64:1d:42:40:e1:0e:32:16:d0:2e:a2:6d: 2e:3d:0e:0f:36:75:b0:b5:43:31:39:01:a9:2f:54:b4:e1:d5: f8:29:25:9a:13:58:84:b4:69:54:62:dc:5d:34:e5:06:62:14: 2e:1e:a9:c2:b7:b1:ef:10:a4:db:d9:1f:57:7a:66:4b:eb:34: 7c:39:8d:02:d3:2c:e0:44:6b:8b:3c:d1:a8:92:b8:62:91:6c: 05:dd:99:ee -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt26ueCOyQXQ76x89RWkjBGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj YTBjNDcwHhcNMjYwMTAxMDAxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNWFkYWQ1NDk0ODBlZmU2OGRkMTI0NmU1NDZkMGVjNmVjNGY2OTMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBHu7AgETFkH/wrIVdwSLDFGxL8Q RkQD8jHPft0W/0QVm2yRJYZFoz3JwzYjgsz0KlbgdjSUK/VPwfYg06SUEloqdrl1 mwjmQZ/XNcKj6zajTHl6VckJzWjAEr/zA/l8+XB+Bx/ghK0o8RpS0/nkZOQgu20E nwTferwW2GeFKMdv2y3On7HY7ds/YaivVL97cPIMc0rzce3qdshgqxcZxtCzgeMF pTDsk5dD7xQD2gEznbD0JGZO5VuTfH5yB1u8xL/Y4TXo3l5yZDJxKxpe2IQ7EDf7 pIL91meiEkhT277EiRS6FWMsrrqcTYXWHiIwxJQgGyQZhG+8Y6YMT2xOwwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFOWtrVSUgO/mjdEkblRtDsbsT2kyMB8GA1UdIwQY MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt ZjFiZjBjMzNhOTA4LzEvNWEydFZKU0E3LWFOMFNSdVZHME94dXhQYVRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4 LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWbyiAwQC udPwMA0EAgACMAcDBQAqA4ZBMA0GCSqGSIb3DQEBCwUAA4IBAQBttY5kgDNl0tR6 RD0kFt4t+8Ng3ApMkhw+9FWhV7djWNJtZdAlw2IVL07xcBHIRuC2mxJUvwzEzH+W pv1XvOyKJPGjPeIDi9+yFzWSqQgiKnWCtUTFJ902g7zWhRKFqe3MbRjSwefyIss2 3pX1um2bZJsjrvOgIS3pmxAppMe19VyV0GK7JEZfs6LbqEf/TmzyuJsaHUKYEgzR FRssKKflp6TnHq9UfRlkHUJA4Q4yFtAuom0uPQ4PNnWwtUMxOQGpL1S04dX4KSWa E1iEtGlUYtxdNOUGYhQuHqnCt7HvEKTb2R9XemZL6zR8OY0C0yzgRGuLPNGokrhi kWwF3Znu -----END CERTIFICATE-----Generated at Mon Jan 26 05:39:19 2026 by rpki-client