This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/C5XEOKd3fauF5wNLgFLgU_UqhDk.roa File: C5XEOKd3fauF5wNLgFLgU_UqhDk.roa (raw, json) Hash identifier: gq6WkJtrJKgQndCeB0nR0Q6T7/UN9Av/CBIcRy+j3B8= Subject key identifier: 0B:95:C4:38:A7:77:7D:AB:85:E7:03:4B:80:52:E0:53:F5:2A:84:39 Certificate issuer: /CN=1da97cae7de6b29e56f0259af53c95926034a502 Certificate serial: 019B7A5A95742D7964FB31FD4CBCB7A41232 Authority key identifier: 1D:A9:7C:AE:7D:E6:B2:9E:56:F0:25:9A:F5:3C:95:92:60:34:A5:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hal8rn3msp5W8CWa9TyVkmA0pQI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/C5XEOKd3fauF5wNLgFLgU_UqhDk.roa Signing time: Thu 01 Jan 2026 16:18:35 +0000 ROA not before: Thu 01 Jan 2026 16:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3399 IP address blocks: 45.141.108.0/22 maxlen: 22 178.132.72.0/21 maxlen: 21 185.86.104.0/22 maxlen: 22 185.147.236.0/22 maxlen: 22 185.242.228.0/22 maxlen: 22 195.128.240.0/23 maxlen: 23 195.128.254.0/23 maxlen: 23 2a03:8600::/32 maxlen: 32 2a07:5cc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/Hal8rn3msp5W8CWa9TyVkmA0pQI.crl rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/Hal8rn3msp5W8CWa9TyVkmA0pQI.mft rsync://rpki.ripe.net/repository/DEFAULT/Hal8rn3msp5W8CWa9TyVkmA0pQI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:95:74:2d:79:64:fb:31:fd:4c:bc:b7:a4:12:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1da97cae7de6b29e56f0259af53c95926034a502 Validity Not Before: Jan 1 16:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0b95c438a7777dab85e7034b8052e053f52a8439 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ed:6b:24:2e:3c:32:62:3b:cc:1e:38:2a:3d: ef:9a:0e:61:61:a6:df:a1:62:8f:9c:7e:3e:09:2c: ab:cf:be:a5:83:b5:d8:28:f4:71:32:14:7e:cf:e3: 8e:ac:6c:58:4a:8a:ba:6d:35:d5:5a:40:5a:ae:49: 81:d6:21:db:48:ba:80:e2:ff:82:d3:89:ad:58:1c: 31:f3:08:d4:ce:47:41:2c:9a:3c:6a:5f:35:e1:77: 0d:9a:0c:12:51:b1:5c:61:db:64:c1:0c:a0:e4:06: 7e:7c:8d:39:bf:c7:4c:3c:f0:47:a9:0c:dd:fd:09: c0:20:17:dd:2f:96:a6:75:01:5e:6d:3e:75:8f:b6: 7e:b9:4d:85:ee:bf:97:21:e8:19:9e:a3:fb:57:75: 76:d6:51:04:62:15:28:95:e2:3f:48:df:e2:95:f2: fd:05:ff:f8:f4:09:f7:08:4a:61:5b:c3:e6:0a:0e: af:7f:39:38:7e:32:e9:64:0f:f0:46:d3:31:cf:98: b5:b7:8f:0f:fe:ce:a8:09:aa:14:b7:94:86:ef:26: d1:9e:23:d6:7a:2b:1f:aa:53:ee:86:d2:a4:7d:52: 11:5f:ce:e7:11:98:61:02:04:57:0b:e5:cb:20:9d: ba:86:d7:d2:32:07:66:89:20:c7:4f:4e:a6:96:8a: d3:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:95:C4:38:A7:77:7D:AB:85:E7:03:4B:80:52:E0:53:F5:2A:84:39 X509v3 Authority Key Identifier: keyid:1D:A9:7C:AE:7D:E6:B2:9E:56:F0:25:9A:F5:3C:95:92:60:34:A5:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hal8rn3msp5W8CWa9TyVkmA0pQI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/C5XEOKd3fauF5wNLgFLgU_UqhDk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/Hal8rn3msp5W8CWa9TyVkmA0pQI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.141.108.0/22 178.132.72.0/21 185.86.104.0/22 185.147.236.0/22 185.242.228.0/22 195.128.240.0/23 195.128.254.0/23 IPv6: 2a03:8600::/32 2a07:5cc0::/29 Signature Algorithm: sha256WithRSAEncryption 20:65:1f:b0:c5:b8:6d:6d:ee:3d:0f:f2:08:ee:18:6f:cd:d0: b6:7c:3e:ad:cb:03:9c:dd:41:4d:d8:35:42:02:24:71:54:c6: 3d:5e:41:44:ed:c1:2c:b3:7d:19:77:d7:91:a0:90:82:a8:bb: 35:8d:f5:3f:86:b8:4e:50:91:4d:83:a6:37:43:cc:ea:44:87: 5b:3e:8c:9c:d9:14:19:01:b6:3f:4f:a5:5e:a1:ba:6f:33:4e: c4:7d:11:e2:3b:ff:b6:50:5a:57:68:8e:30:41:ce:2a:1c:4b: b6:4c:67:f8:84:2c:9b:0f:cb:c9:54:08:2c:63:94:d2:ee:19: 98:a8:16:8c:04:5c:76:bd:cb:81:2a:7b:4c:8c:73:5c:bf:34: 83:a6:d1:f6:dd:66:31:68:3d:a0:1f:bd:34:69:e3:cc:12:31: 00:18:79:08:b6:8f:5a:4d:f1:c0:d6:f5:05:a9:65:a7:7f:28: 55:46:f4:0b:fd:32:b0:71:f8:df:bd:98:bc:6e:64:e3:da:32: 4d:2b:30:21:09:dc:0b:56:50:07:e2:90:d0:90:b5:4f:7f:ae: e5:d6:34:3d:1a:f4:d8:ec:e3:eb:97:bc:9c:1e:80:2f:d8:cc: d9:c3:02:99:df:6d:a8:d6:88:18:09:55:3f:a1:61:97:36:7b: a0:ed:7d:da -----BEGIN CERTIFICATE----- MIIFNzCCBB+gAwIBAgISAZt6WpV0LXlk+zH9TLy3pBIyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkYTk3Y2FlN2RlNmIyOWU1NmYwMjU5YWY1M2M5NTkyNjAz NGE1MDIwHhcNMjYwMTAxMTYxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYjk1YzQzOGE3Nzc3ZGFiODVlNzAzNGI4MDUyZTA1M2Y1MmE4NDM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxu1rJC48MmI7zB44Kj3vmg5hYabf oWKPnH4+CSyrz76lg7XYKPRxMhR+z+OOrGxYSoq6bTXVWkBarkmB1iHbSLqA4v+C 04mtWBwx8wjUzkdBLJo8al814XcNmgwSUbFcYdtkwQyg5AZ+fI05v8dMPPBHqQzd /QnAIBfdL5amdQFebT51j7Z+uU2F7r+XIegZnqP7V3V21lEEYhUoleI/SN/ilfL9 Bf/49An3CEphW8PmCg6vfzk4fjLpZA/wRtMxz5i1t48P/s6oCaoUt5SG7ybRniPW eisfqlPuhtKkfVIRX87nEZhhAgRXC+XLIJ26htfSMgdmiSDHT06mlorT2wIDAQAB o4ICQzCCAj8wHQYDVR0OBBYEFAuVxDind32rhecDS4BS4FP1KoQ5MB8GA1UdIwQY MBaAFB2pfK595rKeVvAlmvU8lZJgNKUCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGFsOHJuM21zcDVXOENXYTlUeVZrbUEwcFFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC84NWI2NzMtZjFhZC00M2UyLWJmZTct MGNkNzIzNmIyOWI2LzEvQzVYRU9LZDNmYXVGNXdOTGdGTGdVX1VxaERrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC84NWI2NzMtZjFhZC00M2UyLWJmZTctMGNkNzIzNmIyOWI2 LzEvSGFsOHJuM21zcDVXOENXYTlUeVZrbUEwcFFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCLY1sAwQD soRIAwQCuVZoAwQCuZPsAwQCufLkAwQBw4DwAwQBw4D+MBQEAgACMA4DBQAqA4YA AwUDKgdcwDANBgkqhkiG9w0BAQsFAAOCAQEAIGUfsMW4bW3uPQ/yCO4Yb83Qtnw+ rcsDnN1BTdg1QgIkcVTGPV5BRO3BLLN9GXfXkaCQgqi7NY31P4a4TlCRTYOmN0PM 6kSHWz6MnNkUGQG2P0+lXqG6bzNOxH0R4jv/tlBaV2iOMEHOKhxLtkxn+IQsmw/L yVQILGOU0u4ZmKgWjARcdr3LgSp7TIxzXL80g6bR9t1mMWg9oB+9NGnjzBIxABh5 CLaPWk3xwNb1Ballp38oVUb0C/0ysHH4372YvG5k49oyTSswIQncC1ZQB+KQ0JC1 T3+u5dY0PRr02Ozj65e8nB6AL9jM2cMCmd9tqNaIGAlVP6FhlzZ7oO192g== -----END CERTIFICATE-----Generated at Sun Jan 25 19:38:42 2026 by rpki-client