This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/COifVGWEFcRhTaZrSeru91euzgs.roa File: COifVGWEFcRhTaZrSeru91euzgs.roa (raw, json) Hash identifier: SkxWqr0s6K7O+f3IrnOYEXDaEsYzawyt1T+GjoB55B8= Subject key identifier: 08:E8:9F:54:65:84:15:C4:61:4D:A6:6B:49:EA:EE:F7:57:AE:CE:0B Certificate issuer: /CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35 Certificate serial: 019B7D5BC911907E329BD314830ED5BC662F Authority key identifier: 1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/COifVGWEFcRhTaZrSeru91euzgs.roa Signing time: Fri 02 Jan 2026 06:18:45 +0000 ROA not before: Fri 02 Jan 2026 06:18:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59882 IP address blocks: 185.153.208.0/22 maxlen: 22 185.153.208.0/24 maxlen: 24 185.153.209.0/24 maxlen: 24 185.153.210.0/24 maxlen: 24 185.153.211.0/24 maxlen: 24 2a07:88c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/H4ls09jRoGmdpSEFXftY3Abd3zU.crl rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/H4ls09jRoGmdpSEFXftY3Abd3zU.mft rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 21:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:c9:11:90:7e:32:9b:d3:14:83:0e:d5:bc:66:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35 Validity Not Before: Jan 2 06:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08e89f54658415c4614da66b49eaeef757aece0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:51:b4:65:7d:de:ca:45:5b:20:75:65:0f:25: af:9e:92:54:d0:e7:71:5e:9f:02:cf:ff:5d:ee:8c: 98:78:90:74:11:93:6f:7b:1f:b3:5e:c8:50:46:66: c5:94:14:37:89:fb:ef:87:90:74:56:eb:f5:64:6d: 55:92:54:6d:98:60:5e:90:b4:07:33:da:40:fa:09: 49:50:2c:c7:40:08:9b:63:82:23:eb:4f:bc:a8:da: 79:7e:a0:70:af:bd:a6:24:61:3f:a5:d4:08:54:26: 92:e0:fd:37:b5:7e:04:44:ff:00:b5:a2:11:11:4a: f4:f9:ab:61:2c:30:a9:26:84:fc:85:c2:4a:d2:06: 95:9b:cf:d0:a9:87:3f:05:73:79:81:55:2d:1f:e7: 48:63:40:25:08:80:df:62:cf:67:f6:35:d9:54:cd: 02:5f:ec:bf:0a:c1:e6:76:75:2b:4c:e9:43:37:a1: 98:7e:b3:57:b8:f2:58:63:4d:07:82:4b:09:d3:d6: cb:3f:61:2a:73:07:dc:f9:1e:94:4b:3b:1a:d7:24: 0b:5a:87:47:64:a3:1d:85:e3:c9:d1:78:e1:36:bf: 5e:1e:78:3b:bd:39:80:86:a8:8c:25:1b:e6:b5:84: d5:3e:67:1b:75:53:09:d4:61:1a:b6:73:3c:65:5e: 41:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:E8:9F:54:65:84:15:C4:61:4D:A6:6B:49:EA:EE:F7:57:AE:CE:0B X509v3 Authority Key Identifier: keyid:1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/COifVGWEFcRhTaZrSeru91euzgs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/H4ls09jRoGmdpSEFXftY3Abd3zU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.153.208.0/22 IPv6: 2a07:88c0::/29 Signature Algorithm: sha256WithRSAEncryption 9f:2f:9d:f1:58:28:9b:13:f5:2a:a5:d7:11:2a:1f:59:13:84: ac:dc:32:21:37:59:b7:8a:b8:76:fc:6b:83:92:65:c5:45:c3: 67:b5:77:2e:ad:04:e7:48:7f:5d:13:62:60:2f:15:9d:59:1b: 10:ca:96:78:b6:25:bb:82:4a:12:73:d9:96:4e:8a:12:27:b4: a4:b5:41:ee:e0:2d:ea:ad:91:e6:0e:e5:89:41:f8:41:be:8b: de:bc:d7:28:cf:ed:35:6f:84:ca:5b:89:c8:e0:e6:66:25:26: d9:ed:7c:04:dd:38:e6:99:b7:17:ab:2c:f6:32:e2:69:0f:59: 41:c0:74:e0:ec:aa:30:56:22:1e:ce:4e:ae:e3:37:35:6f:54: f5:1d:dc:8f:32:a2:28:de:eb:a6:0a:10:43:cc:73:8c:e6:c0: 69:f6:72:18:8d:59:38:b5:46:1c:20:15:51:9b:f9:db:81:be: bc:27:77:61:45:aa:19:fb:1f:70:df:90:c5:db:a9:89:e7:5a: 18:82:ae:d1:7e:b9:fe:05:d7:71:b5:39:72:88:90:d6:a4:5f: 28:1c:af:c6:13:50:b3:76:3b:35:69:a6:fe:59:c7:3a:4b:91: 04:a5:0c:92:df:0b:34:f0:b7:fa:e7:ac:de:d6:d4:ca:96:b3: 6b:cf:6f:a2 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9W8kRkH4ym9MUgw7VvGYvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmODk2Y2QzZDhkMWEwNjk5ZGE1MjEwNTVkZmI1OGRjMDZk ZGRmMzUwHhcNMjYwMTAyMDYxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGU4OWY1NDY1ODQxNWM0NjE0ZGE2NmI0OWVhZWVmNzU3YWVjZTBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFG0ZX3eykVbIHVlDyWvnpJU0Odx Xp8Cz/9d7oyYeJB0EZNvex+zXshQRmbFlBQ3ifvvh5B0Vuv1ZG1VklRtmGBekLQH M9pA+glJUCzHQAibY4Ij60+8qNp5fqBwr72mJGE/pdQIVCaS4P03tX4ERP8AtaIR EUr0+athLDCpJoT8hcJK0gaVm8/QqYc/BXN5gVUtH+dIY0AlCIDfYs9n9jXZVM0C X+y/CsHmdnUrTOlDN6GYfrNXuPJYY00HgksJ09bLP2Eqcwfc+R6USzsa1yQLWodH ZKMdhePJ0XjhNr9eHng7vTmAhqiMJRvmtYTVPmcbdVMJ1GEatnM8ZV5BFQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAjon1RlhBXEYU2ma0nq7vdXrs4LMB8GA1UdIwQY MBaAFB+JbNPY0aBpnaUhBV37WNwG3d81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDRsczA5alJvR21kcFNFRlhmdFkzQWJkM3pVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mYWI0OWEtOTFmNC00NjBjLTgyN2It YzMzMjc4MjJhMTM4LzEvQ09pZlZHV0VGY1JoVGFaclNlcnU5MWV1emdzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9mYWI0OWEtOTFmNC00NjBjLTgyN2ItYzMzMjc4MjJhMTM4 LzEvSDRsczA5alJvR21kcFNFRlhmdFkzQWJkM3pVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZnQMA0E AgACMAcDBQMqB4jAMA0GCSqGSIb3DQEBCwUAA4IBAQCfL53xWCibE/UqpdcRKh9Z E4Ss3DIhN1m3irh2/GuDkmXFRcNntXcurQTnSH9dE2JgLxWdWRsQypZ4tiW7gkoS c9mWTooSJ7SktUHu4C3qrZHmDuWJQfhBvovevNcoz+01b4TKW4nI4OZmJSbZ7XwE 3TjmmbcXqyz2MuJpD1lBwHTg7KowViIezk6u4zc1b1T1HdyPMqIo3uumChBDzHOM 5sBp9nIYjVk4tUYcIBVRm/nbgb68J3dhRaoZ+x9w35DF26mJ51oYgq7Rfrn+Bddx tTlyiJDWpF8oHK/GE1Czdjs1aab+Wcc6S5EEpQyS3ws08Lf656ze1tTKlrNrz2+i -----END CERTIFICATE-----Generated at Mon Jan 26 04:22:30 2026 by rpki-client