This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/M7U-ppZwsd4Y0hqrg3uFvL3fNF0.roa File: M7U-ppZwsd4Y0hqrg3uFvL3fNF0.roa (raw, json) Hash identifier: V5ZqVNY/FzC23usoRi5oNuuG/BK57r9pMG9x1bcd1BQ= Subject key identifier: 33:B5:3E:A6:96:70:B1:DE:18:D2:1A:AB:83:7B:85:BC:BD:DF:34:5D Certificate issuer: /CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac Certificate serial: 019B7F857F9692919A96F0D4CB60DF98CA9B Authority key identifier: 22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/M7U-ppZwsd4Y0hqrg3uFvL3fNF0.roa Signing time: Fri 02 Jan 2026 16:23:33 +0000 ROA not before: Fri 02 Jan 2026 16:23:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47957 IP address blocks: 185.8.52.0/22 maxlen: 24 185.139.244.0/22 maxlen: 24 2a02:d940::/29 maxlen: 48 2a07:18c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.crl rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.mft rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:7f:96:92:91:9a:96:f0:d4:cb:60:df:98:ca:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac Validity Not Before: Jan 2 16:23:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=33b53ea69670b1de18d21aab837b85bcbddf345d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:dc:db:bc:ea:f2:1d:eb:d7:5b:1a:25:2f:a0: 26:9d:ad:a5:bc:ea:7c:0f:bb:00:33:d2:ba:d4:3a: 62:6f:dc:a0:e0:7e:27:4b:7c:0f:70:a4:3a:04:92: 27:50:6e:0b:bc:96:e0:46:45:e5:49:ba:1f:4a:f9: 24:4a:80:76:8c:6f:3c:eb:2c:8e:9c:3b:b9:fd:40: 5a:7f:ef:6a:c0:f1:2c:dc:75:7b:71:cc:65:88:e0: 5c:84:db:78:78:60:ca:f8:9b:0d:00:7c:e0:33:7e: d8:69:e5:1e:fd:57:7e:c1:24:f6:38:01:27:cc:af: 94:71:30:fe:c8:63:10:e8:38:96:54:eb:5e:e6:b8: 18:81:67:b4:d0:67:6b:64:c0:15:8c:87:eb:5f:b1: cb:fa:5b:08:e6:73:8e:36:91:d4:64:89:4a:bd:e7: 80:f4:1e:da:40:39:e4:37:3d:6e:e2:fd:94:b8:c4: cb:90:e6:96:3e:b0:ea:62:3b:14:b2:ca:1f:bf:1d: bd:20:ea:7a:99:53:4f:c5:1f:f2:1f:83:f4:c7:00: 35:df:06:e5:34:c5:fd:e1:48:b0:a0:b0:11:61:fc: 23:25:dc:74:bf:2c:f3:df:5a:96:d8:ce:5c:23:34: 04:c3:50:1c:01:6e:d7:76:0f:93:c8:71:86:a8:d9: ff:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:B5:3E:A6:96:70:B1:DE:18:D2:1A:AB:83:7B:85:BC:BD:DF:34:5D X509v3 Authority Key Identifier: keyid:22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/M7U-ppZwsd4Y0hqrg3uFvL3fNF0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.8.52.0/22 185.139.244.0/22 IPv6: 2a02:d940::/29 2a07:18c0::/48 Signature Algorithm: sha256WithRSAEncryption 82:64:2b:68:30:bc:ee:59:bb:e3:54:a2:e6:60:0f:11:61:c6: f5:ca:e1:34:d5:80:7a:ab:45:90:bb:ff:f0:a3:4d:22:cd:2e: e1:75:26:dd:f4:eb:49:93:1c:8f:00:e2:ea:a4:75:1f:97:76: a4:50:e6:20:9a:8c:58:38:4c:12:f3:03:7d:79:0b:ab:30:8c: 51:d3:57:4f:47:61:02:7c:db:35:66:dc:b6:69:13:85:25:54: ec:c2:e8:f9:c0:69:01:6d:69:fd:6a:2f:75:0d:c7:a8:95:f5: ab:e6:ff:b9:ae:28:e1:c9:a6:07:aa:61:cd:96:65:06:11:d3: 76:cc:7c:31:10:fd:92:26:22:a1:54:6b:b0:86:5c:01:c7:db: ea:36:79:63:a3:f8:b0:8b:93:67:a5:10:28:bf:b5:59:23:63: f7:98:7a:27:2b:c3:98:23:c1:19:75:41:20:13:f3:da:8f:1b: 11:ad:10:fb:f2:1a:5f:98:25:5c:aa:a1:80:1c:d2:da:34:37: fe:bd:d2:d9:b8:aa:d3:e8:ac:7f:fa:c6:2d:03:82:27:98:10: cc:d5:5c:b7:5a:ee:55:9f:04:3c:8b:55:6c:b2:61:26:eb:f9: 2c:9a:3d:78:fe:01:0e:a7:7b:5d:42:b7:8a:a1:b5:ff:09:95: 19:78:8b:5e -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt/hX+WkpGalvDUy2DfmMqbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyODM3MTFiZDdhYjEzZGEzZDExZjI1YmI1N2E0ZjQ4M2Mx Zjk5YWMwHhcNMjYwMTAyMTYyMzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzM2I1M2VhNjk2NzBiMWRlMThkMjFhYWI4MzdiODViY2JkZGYzNDVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9zbvOryHevXWxolL6Amna2lvOp8 D7sAM9K61Dpib9yg4H4nS3wPcKQ6BJInUG4LvJbgRkXlSbofSvkkSoB2jG886yyO nDu5/UBaf+9qwPEs3HV7ccxliOBchNt4eGDK+JsNAHzgM37YaeUe/Vd+wST2OAEn zK+UcTD+yGMQ6DiWVOte5rgYgWe00GdrZMAVjIfrX7HL+lsI5nOONpHUZIlKveeA 9B7aQDnkNz1u4v2UuMTLkOaWPrDqYjsUssofvx29IOp6mVNPxR/yH4P0xwA13wbl NMX94UiwoLARYfwjJdx0vyzz31qW2M5cIzQEw1AcAW7Xdg+TyHGGqNn/nwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFDO1PqaWcLHeGNIaq4N7hby93zRdMB8GA1UdIwQY MBaAFCKDcRvXqxPaPRHyW7V6T0g8H5msMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSW9OeEc5ZXJFOW85RWZKYnRYcFBTRHdmbWF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85Y2JlODgtM2U3NS00MmVmLWI4NzEt NWVlNzZmMGY2NGUyLzEvTTdVLXBwWndzZDRZMGhxcmczdUZ2TDNmTkYwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS85Y2JlODgtM2U3NS00MmVmLWI4NzEtNWVlNzZmMGY2NGUy LzEvSW9OeEc5ZXJFOW85RWZKYnRYcFBTRHdmbWF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuQg0AwQC uYv0MBYEAgACMBADBQMqAtlAAwcAKgcYwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCC ZCtoMLzuWbvjVKLmYA8RYcb1yuE01YB6q0WQu//wo00izS7hdSbd9OtJkxyPAOLq pHUfl3akUOYgmoxYOEwS8wN9eQurMIxR01dPR2ECfNs1Zty2aROFJVTswuj5wGkB bWn9ai91DceolfWr5v+5rijhyaYHqmHNlmUGEdN2zHwxEP2SJiKhVGuwhlwBx9vq Nnljo/iwi5NnpRAov7VZI2P3mHonK8OYI8EZdUEgE/PajxsRrRD78hpfmCVcqqGA HNLaNDf+vdLZuKrT6Kx/+sYtA4InmBDM1Vy3Wu5VnwQ8i1VssmEm6/ksmj14/gEO p3tdQreKobX/CZUZeIte -----END CERTIFICATE-----Generated at Sun Jan 25 19:37:03 2026 by rpki-client