This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/dee833-fe5b-4c10-bbec-f0125d02e262/1/bWD35slaNU4G8WoJ3kljEx_CXmQ.roa File: bWD35slaNU4G8WoJ3kljEx_CXmQ.roa (raw, json) Hash identifier: CiE8YvQDdxY0SzfoYEi10FyebaWkuSk6ub1WO85b5Q8= Subject key identifier: 6D:60:F7:E6:C9:5A:35:4E:06:F1:6A:09:DE:49:63:13:1F:C2:5E:64 Certificate issuer: /CN=af782dae3d40caf2223262541c4054e62945d933 Certificate serial: 019B7B3628D1D65D031515F210236D8D4E61 Authority key identifier: AF:78:2D:AE:3D:40:CA:F2:22:32:62:54:1C:40:54:E6:29:45:D9:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gtrj1AyvIiMmJUHEBU5ilF2TM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/dee833-fe5b-4c10-bbec-f0125d02e262/1/bWD35slaNU4G8WoJ3kljEx_CXmQ.roa Signing time: Thu 01 Jan 2026 20:18:25 +0000 ROA not before: Thu 01 Jan 2026 20:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61347 IP address blocks: 185.9.220.0/24 maxlen: 24 185.9.221.0/24 maxlen: 24 185.9.222.0/24 maxlen: 24 185.9.223.0/24 maxlen: 24 2a02:df40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/dee833-fe5b-4c10-bbec-f0125d02e262/1/r3gtrj1AyvIiMmJUHEBU5ilF2TM.crl rsync://rpki.ripe.net/repository/DEFAULT/26/dee833-fe5b-4c10-bbec-f0125d02e262/1/r3gtrj1AyvIiMmJUHEBU5ilF2TM.mft rsync://rpki.ripe.net/repository/DEFAULT/r3gtrj1AyvIiMmJUHEBU5ilF2TM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:28:d1:d6:5d:03:15:15:f2:10:23:6d:8d:4e:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af782dae3d40caf2223262541c4054e62945d933 Validity Not Before: Jan 1 20:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6d60f7e6c95a354e06f16a09de4963131fc25e64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:2f:2c:e8:61:9b:65:52:7f:18:cb:b1:3b:60: b6:76:96:29:5e:cc:0d:11:84:a1:f3:e7:e3:67:94: 82:90:ba:5b:dd:f3:0d:9c:8b:14:21:84:31:78:97: 8e:77:06:1b:90:26:5d:3a:a1:cc:ed:c4:94:55:29: ff:be:cd:c3:9d:f8:d0:8a:71:a5:b7:78:86:ef:47: 8f:4e:33:f8:c6:b1:4e:5a:28:94:4f:98:74:1d:29: f6:da:9a:ca:40:f8:d6:dd:ec:a8:d2:96:30:7d:46: cc:46:fa:33:b8:df:89:39:1f:88:a7:90:e4:e9:34: 56:75:1e:1b:89:88:d2:df:21:2d:bd:df:93:3a:95: fe:3e:13:ec:51:23:92:6c:df:e5:ae:c0:4b:3e:f8: 0d:af:c0:f1:c8:87:75:01:7d:e2:36:7f:da:48:00: f9:8d:f2:ae:fd:87:9c:1e:8a:a4:76:54:da:31:9b: e5:4e:8b:af:ca:d1:b2:66:0a:bb:e4:8a:69:18:a8: 1c:27:dd:1d:9b:e6:cd:a2:68:3b:ea:ce:5d:f6:04: 46:11:00:6d:82:05:14:4d:c2:d7:94:07:e3:3a:8d: 00:71:08:04:bd:8e:06:76:f3:e6:08:5f:ba:38:47: 80:1d:5e:c8:f8:1d:5e:3e:08:23:03:fe:ff:1a:17: a2:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:60:F7:E6:C9:5A:35:4E:06:F1:6A:09:DE:49:63:13:1F:C2:5E:64 X509v3 Authority Key Identifier: keyid:AF:78:2D:AE:3D:40:CA:F2:22:32:62:54:1C:40:54:E6:29:45:D9:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gtrj1AyvIiMmJUHEBU5ilF2TM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/dee833-fe5b-4c10-bbec-f0125d02e262/1/bWD35slaNU4G8WoJ3kljEx_CXmQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/dee833-fe5b-4c10-bbec-f0125d02e262/1/r3gtrj1AyvIiMmJUHEBU5ilF2TM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.9.220.0/22 IPv6: 2a02:df40::/48 Signature Algorithm: sha256WithRSAEncryption b1:1f:6b:c8:8b:e8:92:61:f5:d1:9a:31:60:27:c6:8f:b6:82: de:fc:ca:f5:6d:a1:7c:99:7d:ad:a2:f5:89:b8:70:ec:f6:df: 5e:f9:f6:e8:b9:0f:72:3e:a0:40:0d:0d:5b:07:45:59:f8:11: e5:b6:2d:f0:8a:d8:8f:4b:05:60:a5:c3:5d:bc:74:6b:15:23: 5d:83:a2:a7:ad:83:b3:09:16:e9:12:20:82:d4:07:92:aa:7a: 27:76:e6:ce:55:dd:4a:d4:2a:79:d4:2e:9b:58:c2:b4:f8:89: 2b:15:d1:3a:17:1a:04:b0:2b:d1:7d:b2:f6:ef:8f:9a:9d:0b: 9f:10:01:5b:0a:1d:fd:4b:ce:df:79:a3:94:9b:95:c4:58:c7: 97:7a:0e:19:16:82:65:99:09:d1:3b:fc:ac:c3:5e:9d:1b:c4: 0a:44:63:38:37:13:2c:92:7c:e3:63:11:9b:c0:a1:ca:25:87: fb:de:3d:be:8d:f7:50:b8:eb:1e:e2:3e:a7:c4:0a:b3:68:e7: 71:d2:4c:83:4e:61:ac:66:11:c6:f2:15:c4:cc:f1:ea:e7:84: 14:c6:68:3b:10:64:b8:d6:c0:1a:9e:67:24:4b:7a:4b:16:89: b3:a3:8a:e3:1a:15:55:0e:43:fd:b4:cf:12:4e:fd:5f:89:15: d7:e1:63:63 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt7NijR1l0DFRXyECNtjU5hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmNzgyZGFlM2Q0MGNhZjIyMjMyNjI1NDFjNDA1NGU2Mjk0 NWQ5MzMwHhcNMjYwMTAxMjAxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZDYwZjdlNmM5NWEzNTRlMDZmMTZhMDlkZTQ5NjMxMzFmYzI1ZTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly8s6GGbZVJ/GMuxO2C2dpYpXswN EYSh8+fjZ5SCkLpb3fMNnIsUIYQxeJeOdwYbkCZdOqHM7cSUVSn/vs3DnfjQinGl t3iG70ePTjP4xrFOWiiUT5h0HSn22prKQPjW3eyo0pYwfUbMRvozuN+JOR+Ip5Dk 6TRWdR4biYjS3yEtvd+TOpX+PhPsUSOSbN/lrsBLPvgNr8DxyId1AX3iNn/aSAD5 jfKu/YecHoqkdlTaMZvlTouvytGyZgq75IppGKgcJ90dm+bNomg76s5d9gRGEQBt ggUUTcLXlAfjOo0AcQgEvY4GdvPmCF+6OEeAHV7I+B1ePggjA/7/GheiDQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFG1g9+bJWjVOBvFqCd5JYxMfwl5kMB8GA1UdIwQY MBaAFK94La49QMryIjJiVBxAVOYpRdkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjNndHJqMUF5dklpTW1KVUhFQlU1aWxGMlRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kZWU4MzMtZmU1Yi00YzEwLWJiZWMt ZjAxMjVkMDJlMjYyLzEvYldEMzVzbGFOVTRHOFdvSjNrbGpFeF9DWG1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi9kZWU4MzMtZmU1Yi00YzEwLWJiZWMtZjAxMjVkMDJlMjYy LzEvcjNndHJqMUF5dklpTW1KVUhFQlU1aWxGMlRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuQncMA8E AgACMAkDBwAqAt9AAAAwDQYJKoZIhvcNAQELBQADggEBALEfa8iL6JJh9dGaMWAn xo+2gt78yvVtoXyZfa2i9Ym4cOz231759ui5D3I+oEANDVsHRVn4EeW2LfCK2I9L BWClw128dGsVI12Doqetg7MJFukSIILUB5Kqeid25s5V3UrUKnnULptYwrT4iSsV 0ToXGgSwK9F9svbvj5qdC58QAVsKHf1Lzt95o5SblcRYx5d6DhkWgmWZCdE7/KzD Xp0bxApEYzg3EyySfONjEZvAocolh/vePb6N91C46x7iPqfECrNo53HSTINOYaxm EcbyFcTM8ernhBTGaDsQZLjWwBqeZyRLeksWibOjiuMaFVUOQ/20zxJO/V+JFdfh Y2M= -----END CERTIFICATE-----Generated at Mon Jan 26 05:30:39 2026 by rpki-client