This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/aH1eGMjWggIIRvQf1C_d6hGW5Cc.roa File: aH1eGMjWggIIRvQf1C_d6hGW5Cc.roa (raw, json) Hash identifier: 1TZcaq+mkmyUC6mvt7R2hRgX0GyibfRjeSiU7Sq+SZU= Subject key identifier: 68:7D:5E:18:C8:D6:82:02:08:46:F4:1F:D4:2F:DD:EA:11:96:E4:27 Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8 Certificate serial: 019B7F853FBB415351B0998714B2CE982628 Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/aH1eGMjWggIIRvQf1C_d6hGW5Cc.roa Signing time: Fri 02 Jan 2026 16:23:17 +0000 ROA not before: Fri 02 Jan 2026 16:23:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198636 IP address blocks: 2.57.152.0/22 maxlen: 24 2.59.204.0/22 maxlen: 24 45.88.124.0/22 maxlen: 24 45.150.44.0/22 maxlen: 24 171.22.52.0/22 maxlen: 24 194.50.184.0/23 maxlen: 24 194.50.188.0/23 maxlen: 24 195.216.156.0/22 maxlen: 24 212.90.116.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:3f:bb:41:53:51:b0:99:87:14:b2:ce:98:26:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8 Validity Not Before: Jan 2 16:23:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=687d5e18c8d682020846f41fd42fddea1196e427 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:8d:63:f5:cd:71:86:99:d9:e3:9b:80:00:b1: 83:93:9e:22:fe:1b:2b:0d:19:8d:b7:cb:83:e5:35: ea:ae:f5:22:87:a1:62:54:28:2b:76:f3:86:a6:7a: a5:a6:64:26:11:d3:7d:c9:9d:0a:28:44:c7:7d:2e: 61:d4:6c:e1:ae:c7:65:62:bc:01:3b:6d:fd:d4:0e: d0:25:dd:d3:c5:57:68:27:41:c1:76:1b:5d:87:5f: ee:93:13:79:b7:91:e6:29:a5:04:36:d1:63:37:2f: 20:d0:4a:6b:7b:91:54:80:40:e7:3f:2f:76:60:e0: 98:95:00:30:28:d8:b7:62:b1:7c:04:b4:11:0e:4c: 44:cf:5e:0a:a1:10:8f:a3:c7:9c:38:b0:30:da:8c: c0:49:23:c5:bb:e2:7d:54:fd:09:6b:19:de:9c:2c: a1:31:b5:63:42:0a:1f:08:43:d1:dc:3d:fb:77:98: 93:ab:12:be:17:ca:d2:a8:6f:b2:81:12:46:8c:4f: 8d:28:ce:e9:0a:1d:46:a7:d0:d0:bd:fc:0f:10:97: e8:c1:a9:e8:de:c1:15:b6:6d:01:cf:98:76:3d:f4: 2d:08:0f:48:26:e4:7b:2e:33:f8:88:e6:dc:8d:b7: c1:50:a8:b2:fb:7f:06:e5:29:74:c9:f7:ac:f8:85: f4:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:7D:5E:18:C8:D6:82:02:08:46:F4:1F:D4:2F:DD:EA:11:96:E4:27 X509v3 Authority Key Identifier: keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/aH1eGMjWggIIRvQf1C_d6hGW5Cc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.57.152.0/22 2.59.204.0/22 45.88.124.0/22 45.150.44.0/22 171.22.52.0/22 194.50.184.0/23 194.50.188.0/23 195.216.156.0/22 212.90.116.0/22 Signature Algorithm: sha256WithRSAEncryption 46:0a:e4:1f:d7:7c:07:ce:db:9a:7a:4b:36:7e:77:2c:ba:6f: 56:62:72:cc:f8:1a:89:ea:d2:23:14:11:fb:c9:ed:78:bd:4c: c3:de:f3:2f:88:16:c2:45:d7:fc:70:16:4c:29:ab:8c:d4:f6: 99:ca:9f:93:1d:c9:6b:39:a6:4b:b8:3d:90:5c:dc:c8:6e:3e: 2e:1c:20:a1:d8:a0:f0:14:f6:f3:9e:5f:8c:ac:88:27:b4:97: 42:0d:da:3a:13:7b:29:81:b2:0c:b7:76:e7:a9:d0:0d:f8:ab: 27:69:5b:cb:92:4d:3b:9d:89:ca:70:8c:db:ce:39:05:54:24: 5d:b8:f9:3a:b8:5b:a7:36:4d:f6:ce:93:b0:29:ad:64:17:eb: 4c:b9:93:6c:44:25:ed:e9:51:a4:2f:58:fe:4e:b9:0f:08:5d: 11:50:4a:a5:f0:99:53:d4:c5:89:c9:36:49:d9:04:de:eb:24: 20:78:fe:67:2f:51:49:35:d9:8a:be:49:81:8f:91:4a:2e:63: 3e:2a:7d:37:17:af:89:e1:9a:ca:87:61:0b:bf:6d:90:c3:7c: 8f:1a:bf:80:7e:3c:35:da:ca:8d:97:1e:b4:ad:ff:4b:1c:96: 23:44:8a:09:ec:50:88:de:4f:c9:36:f3:71:1a:5f:08:85:81: 05:a7:f5:b8 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgISAZt/hT+7QVNRsJmHFLLOmCYoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3 MWE5YTgwHhcNMjYwMTAyMTYyMzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODdkNWUxOGM4ZDY4MjAyMDg0NmY0MWZkNDJmZGRlYTExOTZlNDI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq41j9c1xhpnZ45uAALGDk54i/hsr DRmNt8uD5TXqrvUih6FiVCgrdvOGpnqlpmQmEdN9yZ0KKETHfS5h1GzhrsdlYrwB O2391A7QJd3TxVdoJ0HBdhtdh1/ukxN5t5HmKaUENtFjNy8g0Epre5FUgEDnPy92 YOCYlQAwKNi3YrF8BLQRDkxEz14KoRCPo8ecOLAw2ozASSPFu+J9VP0JaxnenCyh MbVjQgofCEPR3D37d5iTqxK+F8rSqG+ygRJGjE+NKM7pCh1Gp9DQvfwPEJfowano 3sEVtm0Bz5h2PfQtCA9IJuR7LjP4iObcjbfBUKiy+38G5Sl0yfes+IX0GwIDAQAB o4ICOTCCAjUwHQYDVR0OBBYEFGh9XhjI1oICCEb0H9Qv3eoRluQnMB8GA1UdIwQY MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt M2FjOWU1NmMzMDg5LzEvYUgxZUdNaldnZ0lJUnZRZjFDX2Q2aEdXNUNjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5 LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCAjmYAwQC AjvMAwQCLVh8AwQCLZYsAwQCqxY0AwQBwjK4AwQBwjK8AwQCw9icAwQC1Fp0MA0G CSqGSIb3DQEBCwUAA4IBAQBGCuQf13wHztuaeks2fncsum9WYnLM+BqJ6tIjFBH7 ye14vUzD3vMviBbCRdf8cBZMKauM1PaZyp+THclrOaZLuD2QXNzIbj4uHCCh2KDw FPbznl+MrIgntJdCDdo6E3spgbIMt3bnqdAN+KsnaVvLkk07nYnKcIzbzjkFVCRd uPk6uFunNk32zpOwKa1kF+tMuZNsRCXt6VGkL1j+TrkPCF0RUEql8JlT1MWJyTZJ 2QTe6yQgeP5nL1FJNdmKvkmBj5FKLmM+Kn03F6+J4ZrKh2ELv22Qw3yPGr+Afjw1 2sqNlx60rf9LHJYjRIoJ7FCI3k/JNvNxGl8IhYEFp/W4 -----END CERTIFICATE-----Generated at Sun Jan 25 22:30:20 2026 by rpki-client