This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/bec756-1dfe-4374-8607-9d8f0ef5c503/1/aEsAz-RDqEznuIbxt7y2qnbw6Wg.roa File: aEsAz-RDqEznuIbxt7y2qnbw6Wg.roa (raw, json) Hash identifier: MGY1l5IuLzWSoi1tizbmZg/Thwy4jCozOM2pGrkUxNc= Subject key identifier: 68:4B:00:CF:E4:43:A8:4C:E7:B8:86:F1:B7:BC:B6:AA:76:F0:E9:68 Certificate issuer: /CN=9d5ecce8c87c4f0a75ba21e5c84f624121e08e32 Certificate serial: 019B7758DBAC75ACAC8C04B87492DBF6F752 Authority key identifier: 9D:5E:CC:E8:C8:7C:4F:0A:75:BA:21:E5:C8:4F:62:41:21:E0:8E:32 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nV7M6Mh8Twp1uiHlyE9iQSHgjjI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/bec756-1dfe-4374-8607-9d8f0ef5c503/1/aEsAz-RDqEznuIbxt7y2qnbw6Wg.roa Signing time: Thu 01 Jan 2026 02:17:50 +0000 ROA not before: Thu 01 Jan 2026 02:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203925 IP address blocks: 185.118.192.0/24 maxlen: 24 185.118.193.0/24 maxlen: 24 185.118.194.0/24 maxlen: 24 185.118.195.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/bec756-1dfe-4374-8607-9d8f0ef5c503/1/nV7M6Mh8Twp1uiHlyE9iQSHgjjI.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/bec756-1dfe-4374-8607-9d8f0ef5c503/1/nV7M6Mh8Twp1uiHlyE9iQSHgjjI.mft rsync://rpki.ripe.net/repository/DEFAULT/nV7M6Mh8Twp1uiHlyE9iQSHgjjI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:db:ac:75:ac:ac:8c:04:b8:74:92:db:f6:f7:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d5ecce8c87c4f0a75ba21e5c84f624121e08e32 Validity Not Before: Jan 1 02:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=684b00cfe443a84ce7b886f1b7bcb6aa76f0e968 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a3:b0:35:f3:3f:f2:b8:25:f3:95:3d:0e:ef: 1c:02:fa:12:85:ec:64:a5:a1:c8:9c:5a:55:f8:96: 7b:d2:2d:9b:0f:52:57:03:45:bc:d6:3c:2e:86:bd: 97:13:8a:3f:04:9f:75:16:6f:39:88:e6:63:af:fc: 51:6c:8f:16:88:25:0f:07:57:73:0a:21:bc:84:e6: 5b:d3:8a:61:b8:ff:ac:12:84:42:58:a3:af:f9:ca: d9:e5:83:89:3f:0d:4e:ad:a1:17:b5:d7:c0:e1:0b: 8e:c7:7b:51:1a:ea:ef:d8:b5:15:05:f2:ec:9e:e0: d7:76:02:c8:2e:ae:9f:a2:eb:75:3c:86:66:6e:de: 59:da:32:fd:89:08:5e:01:f6:5b:70:39:16:a9:71: 66:8d:b2:6d:0c:35:78:56:1d:44:60:87:e6:46:b0: b4:85:23:58:4c:e8:ea:b5:06:24:5a:f6:50:04:1d: 35:7b:2d:d1:d4:16:d3:43:8a:77:54:26:eb:aa:4f: fe:9a:76:f2:d6:46:b4:4c:c2:3c:6e:d1:41:88:f2: cb:c5:42:c5:e8:7b:87:f9:f9:e7:10:e1:28:a7:04: 0a:96:f0:85:18:84:c6:d6:d8:14:94:ff:6b:bb:14: 8c:12:74:92:59:98:3b:ee:04:31:79:3d:9b:8f:32: 92:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:4B:00:CF:E4:43:A8:4C:E7:B8:86:F1:B7:BC:B6:AA:76:F0:E9:68 X509v3 Authority Key Identifier: keyid:9D:5E:CC:E8:C8:7C:4F:0A:75:BA:21:E5:C8:4F:62:41:21:E0:8E:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nV7M6Mh8Twp1uiHlyE9iQSHgjjI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/bec756-1dfe-4374-8607-9d8f0ef5c503/1/aEsAz-RDqEznuIbxt7y2qnbw6Wg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/bec756-1dfe-4374-8607-9d8f0ef5c503/1/nV7M6Mh8Twp1uiHlyE9iQSHgjjI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.118.192.0/22 Signature Algorithm: sha256WithRSAEncryption 0b:9e:8f:01:d8:58:d4:54:58:ec:76:12:ff:b2:bd:94:81:0c: e7:7e:d8:80:95:61:15:28:c3:84:da:1f:09:6d:7d:eb:31:ac: 52:1e:fb:80:95:7e:cb:32:3d:48:88:4e:2a:c2:98:32:2f:25: 49:5d:e2:76:9b:ef:e4:c6:e6:c2:cc:d3:84:a8:33:ab:92:73: b9:4f:df:b1:8d:01:f8:8d:8b:dc:90:7b:0c:7d:68:5c:ed:72: fc:ad:c7:70:18:07:c8:93:cf:93:0c:69:05:c2:5a:c0:fb:2b: 18:c3:bb:4b:63:ef:7a:c1:3a:d0:5e:8d:81:76:8f:f0:55:6c: 49:8d:27:ff:7b:5a:55:82:c8:52:66:5c:c3:28:e9:c7:f3:9d: 5f:6a:4c:fb:5b:99:69:e8:9d:0f:e7:c6:fc:dc:e0:21:2a:60: 4c:aa:3b:d7:9f:16:e5:1d:cd:d5:3f:d9:a8:2a:fe:a1:fc:87: 34:58:41:92:fb:9d:8b:da:22:97:ed:46:c8:f7:3f:66:8a:27: 1f:db:b7:ba:73:b8:d8:bc:3f:d5:4f:59:4b:76:1f:c0:92:14: 9b:65:72:3a:c7:af:b9:ae:d6:b1:26:62:cb:fc:1e:57:b9:7c: ff:1e:dd:6b:ad:88:57:be:22:32:a4:10:8b:8a:6b:d6:02:af: 42:91:6b:63 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WNusdaysjAS4dJLb9vdSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkNWVjY2U4Yzg3YzRmMGE3NWJhMjFlNWM4NGY2MjQxMjFl MDhlMzIwHhcNMjYwMTAxMDIxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODRiMDBjZmU0NDNhODRjZTdiODg2ZjFiN2JjYjZhYTc2ZjBlOTY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqOwNfM/8rgl85U9Du8cAvoShexk paHInFpV+JZ70i2bD1JXA0W81jwuhr2XE4o/BJ91Fm85iOZjr/xRbI8WiCUPB1dz CiG8hOZb04phuP+sEoRCWKOv+crZ5YOJPw1OraEXtdfA4QuOx3tRGurv2LUVBfLs nuDXdgLILq6fout1PIZmbt5Z2jL9iQheAfZbcDkWqXFmjbJtDDV4Vh1EYIfmRrC0 hSNYTOjqtQYkWvZQBB01ey3R1BbTQ4p3VCbrqk/+mnby1ka0TMI8btFBiPLLxULF 6HuH+fnnEOEopwQKlvCFGITG1tgUlP9ruxSMEnSSWZg77gQxeT2bjzKSkwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGhLAM/kQ6hM57iG8be8tqp28OloMB8GA1UdIwQY MBaAFJ1ezOjIfE8Kdboh5chPYkEh4I4yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblY3TTZNaDhUd3AxdWlIbHlFOWlRU0hnampJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iZWM3NTYtMWRmZS00Mzc0LTg2MDct OWQ4ZjBlZjVjNTAzLzEvYUVzQXotUkRxRXpudUlieHQ3eTJxbmJ3NldnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS9iZWM3NTYtMWRmZS00Mzc0LTg2MDctOWQ4ZjBlZjVjNTAz LzEvblY3TTZNaDhUd3AxdWlIbHlFOWlRU0hnampJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXbAMA0G CSqGSIb3DQEBCwUAA4IBAQALno8B2FjUVFjsdhL/sr2UgQznftiAlWEVKMOE2h8J bX3rMaxSHvuAlX7LMj1IiE4qwpgyLyVJXeJ2m+/kxubCzNOEqDOrknO5T9+xjQH4 jYvckHsMfWhc7XL8rcdwGAfIk8+TDGkFwlrA+ysYw7tLY+96wTrQXo2Bdo/wVWxJ jSf/e1pVgshSZlzDKOnH851fakz7W5lp6J0P58b83OAhKmBMqjvXnxblHc3VP9mo Kv6h/Ic0WEGS+52L2iKX7UbI9z9miicf27e6c7jYvD/VT1lLdh/AkhSbZXI6x6+5 rtaxJmLL/B5XuXz/Ht1rrYhXviIypBCLimvWAq9CkWtj -----END CERTIFICATE-----Generated at Mon Jan 26 05:54:10 2026 by rpki-client