This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/aKt1IzaRyYfROpZHibRsZ71BdRE.roa File: aKt1IzaRyYfROpZHibRsZ71BdRE.roa (raw, json) Hash identifier: oXZivLJhewPC3l7955mcOzVeeerdPRVG1F9b3jjovao= Subject key identifier: 68:AB:75:23:36:91:C9:87:D1:3A:96:47:89:B4:6C:67:BD:41:75:11 Certificate issuer: /CN=1659eb6040193df0681350905e639d0e58d5f9df Certificate serial: 019B797F008715B51443F14C05EF141A1E37 Authority key identifier: 16:59:EB:60:40:19:3D:F0:68:13:50:90:5E:63:9D:0E:58:D5:F9:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FlnrYEAZPfBoE1CQXmOdDljV-d8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/aKt1IzaRyYfROpZHibRsZ71BdRE.roa Signing time: Thu 01 Jan 2026 12:18:44 +0000 ROA not before: Thu 01 Jan 2026 12:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14413 IP address blocks: 185.154.80.0/22 maxlen: 22 2a05:f500::/30 maxlen: 48 2a05:f504::/32 maxlen: 48 2a05:f505::/32 maxlen: 48 2a05:f506::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/FlnrYEAZPfBoE1CQXmOdDljV-d8.crl rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/FlnrYEAZPfBoE1CQXmOdDljV-d8.mft rsync://rpki.ripe.net/repository/DEFAULT/FlnrYEAZPfBoE1CQXmOdDljV-d8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:00:87:15:b5:14:43:f1:4c:05:ef:14:1a:1e:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1659eb6040193df0681350905e639d0e58d5f9df Validity Not Before: Jan 1 12:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=68ab75233691c987d13a964789b46c67bd417511 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:38:8f:e3:e9:23:92:0a:77:ae:1e:31:d5:93: c7:bd:b6:75:43:a2:46:8d:fc:cd:9f:59:2c:2c:45: 61:6e:6a:b2:42:e6:02:94:d3:49:2a:40:63:46:10: 7b:83:ca:db:3c:2b:ad:68:4c:33:91:16:aa:2b:4c: 49:50:01:89:b5:73:fa:02:9d:ba:32:87:1e:0d:1e: ca:0b:59:b0:d8:ec:4b:cf:f7:f2:41:5a:79:4a:dd: d6:00:b1:fb:31:f3:96:61:ef:0e:39:b9:20:a8:16: c2:52:9c:e6:ec:01:13:b2:52:e7:ad:63:ae:16:3e: 10:d5:04:36:9a:19:42:e8:ad:68:08:0b:7c:f8:30: bf:94:23:e8:5d:1b:92:de:45:64:5d:20:f5:5b:a9: 6f:18:b0:1d:1f:32:8a:60:30:55:92:f5:b5:f1:66: 2c:0c:e7:50:43:39:67:a0:8f:b1:73:d4:64:b3:a6: 60:26:3b:d4:a1:87:3c:02:53:d9:de:10:d9:7a:2d: 74:64:a6:70:80:2f:b4:d2:f7:28:71:76:6b:15:5f: d3:68:a5:ca:31:51:ab:eb:68:5a:4f:ac:12:0a:47: 7a:dd:39:15:84:08:7a:8b:a5:01:da:93:58:73:fa: bc:99:bc:d0:bd:e6:dc:17:e6:45:89:51:3a:4e:dc: 1c:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:AB:75:23:36:91:C9:87:D1:3A:96:47:89:B4:6C:67:BD:41:75:11 X509v3 Authority Key Identifier: keyid:16:59:EB:60:40:19:3D:F0:68:13:50:90:5E:63:9D:0E:58:D5:F9:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlnrYEAZPfBoE1CQXmOdDljV-d8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/aKt1IzaRyYfROpZHibRsZ71BdRE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ff5133-ca11-42db-b03d-544855cc4f57/1/FlnrYEAZPfBoE1CQXmOdDljV-d8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.154.80.0/22 IPv6: 2a05:f500::-2a05:f506:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption b2:cd:f9:71:ba:04:2a:53:93:57:bb:f8:df:23:4e:dd:98:1a: d7:a3:c6:00:5a:a5:07:be:6a:c3:bc:8f:ea:06:79:09:b3:2c: 8c:82:dc:d6:39:82:31:5d:c1:8b:4b:c7:0f:27:0d:73:f5:94: 85:02:27:41:4f:bd:e5:8a:8b:3d:a4:9f:7e:3d:89:48:d1:5c: b5:f8:12:47:9f:14:63:b5:3c:b5:4d:43:53:d0:5e:0c:43:dc: b8:03:63:1d:22:f5:60:d9:e2:17:fd:d1:c1:67:42:80:8e:b8: ca:95:25:a8:39:20:e9:ee:65:3d:63:04:37:10:b8:cc:b2:44: 21:17:25:4d:36:95:36:ba:4a:50:1d:6c:43:fa:61:ff:f0:40: d1:8c:40:42:b2:5d:b6:d8:2b:ea:07:4f:6e:13:f2:d8:99:31: 2c:35:3a:a8:ff:73:96:1c:4e:01:ed:3a:2c:4c:de:26:98:7f: 87:50:e5:01:74:34:3a:c1:35:b9:89:e1:a5:48:18:73:25:fc: b3:bf:0b:54:60:89:ff:e5:58:69:a4:3c:c2:7a:11:d4:68:1a: 08:72:63:7e:15:3b:4b:84:df:cc:62:67:71:4b:a1:21:71:e8: fd:72:e3:5b:9e:21:f9:80:4d:d7:43:50:a2:af:fa:86:24:5e: e6:5b:fb:fd -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt5fwCHFbUUQ/FMBe8UGh43MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE2NTllYjYwNDAxOTNkZjA2ODEzNTA5MDVlNjM5ZDBlNThk NWY5ZGYwHhcNMjYwMTAxMTIxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OGFiNzUyMzM2OTFjOTg3ZDEzYTk2NDc4OWI0NmM2N2JkNDE3NTExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTiP4+kjkgp3rh4x1ZPHvbZ1Q6JG jfzNn1ksLEVhbmqyQuYClNNJKkBjRhB7g8rbPCutaEwzkRaqK0xJUAGJtXP6Ap26 MoceDR7KC1mw2OxLz/fyQVp5St3WALH7MfOWYe8OObkgqBbCUpzm7AETslLnrWOu Fj4Q1QQ2mhlC6K1oCAt8+DC/lCPoXRuS3kVkXSD1W6lvGLAdHzKKYDBVkvW18WYs DOdQQzlnoI+xc9Rks6ZgJjvUoYc8AlPZ3hDZei10ZKZwgC+00vcocXZrFV/TaKXK MVGr62haT6wSCkd63TkVhAh6i6UB2pNYc/q8mbzQvebcF+ZFiVE6TtwcewIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFGirdSM2kcmH0TqWR4m0bGe9QXURMB8GA1UdIwQY MBaAFBZZ62BAGT3waBNQkF5jnQ5Y1fnfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRmxucllFQVpQZkJvRTFDUVhtT2REbGpWLWQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mZjUxMzMtY2ExMS00MmRiLWIwM2Qt NTQ0ODU1Y2M0ZjU3LzEvYUt0MUl6YVJ5WWZST3BaSGliUnNaNzFCZFJFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9mZjUxMzMtY2ExMS00MmRiLWIwM2QtNTQ0ODU1Y2M0ZjU3 LzEvRmxucllFQVpQZkJvRTFDUVhtT2REbGpWLWQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQCuZpQMBUE AgACMA8wDQMEACoF9QMFACoF9QYwDQYJKoZIhvcNAQELBQADggEBALLN+XG6BCpT k1e7+N8jTt2YGtejxgBapQe+asO8j+oGeQmzLIyC3NY5gjFdwYtLxw8nDXP1lIUC J0FPveWKiz2kn349iUjRXLX4EkefFGO1PLVNQ1PQXgxD3LgDYx0i9WDZ4hf90cFn QoCOuMqVJag5IOnuZT1jBDcQuMyyRCEXJU02lTa6SlAdbEP6Yf/wQNGMQEKyXbbY K+oHT24T8tiZMSw1Oqj/c5YcTgHtOixM3iaYf4dQ5QF0NDrBNbmJ4aVIGHMl/LO/ C1Rgif/lWGmkPMJ6EdRoGghyY34VO0uE38xiZ3FLoSFx6P1y41ueIfmATddDUKKv +oYkXuZb+/0= -----END CERTIFICATE-----Generated at Sun Jan 25 18:08:26 2026 by rpki-client