This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/tK5-Dv8iwro9KpuF9BAaDBdiBYM.roa File: tK5-Dv8iwro9KpuF9BAaDBdiBYM.roa (raw, json) Hash identifier: Fktj1/eyN9kcCZ433bbPzTPhj9hwa3lqNIZHD7ao3Aw= Subject key identifier: B4:AE:7E:0E:FF:22:C2:BA:3D:2A:9B:85:F4:10:1A:0C:17:62:05:83 Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e Certificate serial: 019B791008EDF75E05566A41EABCCEA21132 Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/tK5-Dv8iwro9KpuF9BAaDBdiBYM.roa Signing time: Thu 01 Jan 2026 10:17:32 +0000 ROA not before: Thu 01 Jan 2026 10:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212271 IP address blocks: 152.89.170.0/24 maxlen: 24 152.89.171.0/24 maxlen: 24 185.57.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.mft rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:08:ed:f7:5e:05:56:6a:41:ea:bc:ce:a2:11:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e Validity Not Before: Jan 1 10:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b4ae7e0eff22c2ba3d2a9b85f4101a0c17620583 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:78:7b:73:99:00:11:c7:ef:db:95:da:2b:e8: b9:31:bb:d1:cd:18:55:e6:47:79:cb:8a:0a:58:53: 19:db:09:c2:31:88:29:d5:aa:1c:05:01:c7:b9:46: 02:6b:09:de:db:4b:37:de:06:f2:a9:b5:f3:b4:14: 55:e1:0c:08:a5:ea:25:2e:7e:fb:4d:ee:fe:57:43: d8:3d:ac:0c:eb:5e:6d:63:20:65:fb:97:9c:e6:7f: 8a:3c:fd:be:74:a3:43:05:fe:77:32:fa:ce:d3:69: 28:c4:94:d7:c3:5c:c7:8a:c3:8b:06:35:84:ca:46: 49:7d:22:0d:8e:2d:5b:dd:6f:a0:26:04:0a:6b:b3: 64:a8:e2:e9:ac:86:2e:2f:af:93:b3:7a:63:be:33: 61:f5:fa:b8:bf:89:f2:da:ef:1a:4c:34:3b:1f:24: 9c:46:2d:bf:06:71:28:54:64:c5:d7:06:f5:53:ad: cc:be:82:4e:ed:fd:d2:e5:cb:03:b1:3f:f2:f9:69: 80:9b:0d:f8:24:28:33:cd:b6:bc:12:76:b0:d4:8d: 2d:33:48:99:f6:4b:a7:9b:8a:54:91:98:3e:5b:6f: b1:e4:f6:ce:f9:1b:59:56:59:32:87:90:b4:15:e8: de:52:84:54:a1:33:df:cb:3f:50:57:28:3e:d1:8c: a6:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:AE:7E:0E:FF:22:C2:BA:3D:2A:9B:85:F4:10:1A:0C:17:62:05:83 X509v3 Authority Key Identifier: keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/tK5-Dv8iwro9KpuF9BAaDBdiBYM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.89.170.0/23 185.57.231.0/24 Signature Algorithm: sha256WithRSAEncryption a1:7d:a9:cc:58:f1:63:9c:8c:9f:3b:7d:ce:ed:d2:2d:b3:d2: 73:6d:62:fa:71:f9:49:47:82:3f:c4:af:92:f8:df:1b:d6:e2: bb:70:ab:fd:78:30:d0:b5:03:c5:3e:2e:fd:81:3a:9e:fa:d7: fb:dc:77:fc:ca:61:de:ba:4e:74:d6:31:c8:39:a0:18:84:c0: 82:5e:69:da:2d:b6:28:ce:c3:19:f3:c8:41:78:27:38:53:85: f4:1b:a7:37:42:98:f1:2e:0f:e7:b1:ad:b9:e7:8e:5a:d1:b7: ac:6c:e3:c4:0d:35:a1:ff:76:ed:f1:98:0e:5e:95:8c:ad:7d: cb:92:81:f5:b4:45:4a:a1:27:15:28:b3:36:3d:f5:37:bc:da: 1d:e3:d6:2e:a0:6c:9b:a3:32:f8:25:80:9d:2c:d3:e4:74:16: 0b:7a:3d:3e:34:b6:72:f3:bb:df:67:5b:fc:af:9d:0e:b8:24: 19:74:79:3c:e6:e0:92:5c:10:b4:37:53:ae:66:ac:59:c4:a4: 71:68:df:d0:fa:73:06:79:4b:1b:37:79:96:9c:77:d9:cb:7a: ca:61:26:3a:7d:37:f1:a6:20:2b:29:c5:8c:13:3e:20:f2:80: b5:52:26:7b:dd:4f:06:02:9d:3f:7f:76:b3:65:4e:bd:a0:a6: 9d:b5:40:91 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EAjt914FVmpB6rzOohEyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh ODBlOWUwHhcNMjYwMTAxMTAxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNGFlN2UwZWZmMjJjMmJhM2QyYTliODVmNDEwMWEwYzE3NjIwNTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonh7c5kAEcfv25XaK+i5MbvRzRhV 5kd5y4oKWFMZ2wnCMYgp1aocBQHHuUYCawne20s33gbyqbXztBRV4QwIpeolLn77 Te7+V0PYPawM615tYyBl+5ec5n+KPP2+dKNDBf53MvrO02koxJTXw1zHisOLBjWE ykZJfSINji1b3W+gJgQKa7NkqOLprIYuL6+Ts3pjvjNh9fq4v4ny2u8aTDQ7HySc Ri2/BnEoVGTF1wb1U63MvoJO7f3S5csDsT/y+WmAmw34JCgzzba8Enaw1I0tM0iZ 9kunm4pUkZg+W2+x5PbO+RtZVlkyh5C0FejeUoRUoTPfyz9QVyg+0YymnwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLSufg7/IsK6PSqbhfQQGgwXYgWDMB8GA1UdIwQY MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt OWU3MWRjMjRhNjgzLzEvdEs1LUR2OGl3cm85S3B1RjlCQWFEQmRpQllNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmFmqAwQA uTnnMA0GCSqGSIb3DQEBCwUAA4IBAQChfanMWPFjnIyfO33O7dIts9JzbWL6cflJ R4I/xK+S+N8b1uK7cKv9eDDQtQPFPi79gTqe+tf73Hf8ymHeuk501jHIOaAYhMCC XmnaLbYozsMZ88hBeCc4U4X0G6c3QpjxLg/nsa25545a0besbOPEDTWh/3bt8ZgO XpWMrX3LkoH1tEVKoScVKLM2PfU3vNod49YuoGybozL4JYCdLNPkdBYLej0+NLZy 87vfZ1v8r50OuCQZdHk85uCSXBC0N1OuZqxZxKRxaN/Q+nMGeUsbN3mWnHfZy3rK YSY6fTfxpiArKcWMEz4g8oC1UiZ73U8GAp0/f3azZU69oKadtUCR -----END CERTIFICATE-----Generated at Sun Jan 25 16:33:44 2026 by rpki-client