This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/cK5cw8AbnJwJ192Oqw0smKvplRk.roa File: cK5cw8AbnJwJ192Oqw0smKvplRk.roa (raw, json) Hash identifier: RGVdGmoEXQFd5Wi4cvPlmLz7WQCbTvTX46jvgdnciCM= Subject key identifier: 70:AE:5C:C3:C0:1B:9C:9C:09:D7:DD:8E:AB:0D:2C:98:AB:E9:95:19 Certificate issuer: /CN=5d3bb84891651f2039cd81b0b60912f7c0e5cf96 Certificate serial: 019B79ED1892E0705DE39A8D5E55A39ADD31 Authority key identifier: 5D:3B:B8:48:91:65:1F:20:39:CD:81:B0:B6:09:12:F7:C0:E5:CF:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/cK5cw8AbnJwJ192Oqw0smKvplRk.roa Signing time: Thu 01 Jan 2026 14:19:00 +0000 ROA not before: Thu 01 Jan 2026 14:19:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207467 IP address blocks: 185.65.72.0/22 maxlen: 24 185.65.74.0/24 maxlen: 24 185.65.75.0/24 maxlen: 24 2a03:1a20::/48 maxlen: 48 2a03:1a20:10::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.mft rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:18:92:e0:70:5d:e3:9a:8d:5e:55:a3:9a:dd:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d3bb84891651f2039cd81b0b60912f7c0e5cf96 Validity Not Before: Jan 1 14:19:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=70ae5cc3c01b9c9c09d7dd8eab0d2c98abe99519 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:0e:70:e2:72:05:d6:9b:dc:7e:a9:09:7e:04: fb:a9:f8:99:20:24:71:12:90:08:0b:31:0d:1b:5c: 1d:14:80:f7:a5:c5:e7:41:75:56:1c:29:90:60:68: cf:47:1c:1e:8d:d4:4b:2d:26:59:03:9d:9a:ad:e1: 0e:d5:60:91:ea:58:b4:b6:62:a6:5d:fe:c5:60:85: 62:13:0c:33:20:72:22:e9:25:f5:cb:5b:88:07:dc: b0:ae:7b:05:26:76:f3:5f:b5:72:3a:e7:ca:1d:82: 36:13:f5:0e:1c:9f:a8:a1:cf:7e:cf:0f:48:95:9c: 27:5d:1b:e2:b4:32:c2:71:db:75:57:ee:4c:1e:44: 98:bd:ca:9c:9b:5f:21:52:69:c8:5d:88:4b:6f:8c: ea:3b:22:72:78:3a:8e:db:13:35:26:2b:c5:d7:49: 25:25:88:9a:40:45:ef:1b:f1:f5:e4:a5:d8:50:a9: c2:e5:9d:4c:b8:7a:41:6a:36:4f:3b:a9:89:3f:4d: 23:83:7b:e3:0a:3a:09:f9:51:d2:f0:d2:c4:31:1d: 77:bf:c8:75:f5:34:2d:91:ca:b1:60:96:32:6b:c6: d8:4e:a2:f7:64:aa:3c:02:a9:71:56:09:bd:b9:a4: 00:b8:b9:51:0f:47:21:3d:34:d3:43:6f:60:cf:33: 9b:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:AE:5C:C3:C0:1B:9C:9C:09:D7:DD:8E:AB:0D:2C:98:AB:E9:95:19 X509v3 Authority Key Identifier: keyid:5D:3B:B8:48:91:65:1F:20:39:CD:81:B0:B6:09:12:F7:C0:E5:CF:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/cK5cw8AbnJwJ192Oqw0smKvplRk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.65.72.0/22 IPv6: 2a03:1a20::/48 2a03:1a20:10::/48 Signature Algorithm: sha256WithRSAEncryption 3f:2e:c8:ac:6b:79:cf:1c:2a:18:cf:67:37:a6:c2:12:6c:15: 03:7f:5f:57:68:9a:16:42:8d:77:54:5e:9d:6e:84:7b:87:14: 2a:ef:b8:20:76:78:43:24:55:90:1e:9f:3b:86:5e:af:b1:7a: a0:06:13:53:4a:54:ba:69:f3:e7:c5:8e:4c:63:e1:2a:28:cc: f5:83:81:a2:ae:8a:d2:c1:8c:65:c4:1f:47:90:0f:86:8e:2b: 32:a9:d5:b0:cb:54:85:b0:f1:a2:09:51:30:f1:08:1b:08:c4: b8:fe:f9:e6:4d:e5:8d:61:e0:52:df:bf:71:e7:87:10:80:37: e6:a1:58:2d:b3:ae:08:19:bb:ef:d5:31:6c:a0:ff:b5:33:6c: ba:a4:b0:23:6e:64:fd:25:6e:65:ca:f7:ec:b4:5e:6f:9a:0c: 41:80:87:83:19:50:7e:80:79:35:46:95:7b:8b:b0:14:52:4b: e1:78:e2:2e:6f:e1:b2:6a:88:7a:19:c6:d3:98:cd:4d:70:26: fc:17:d4:31:a2:ed:48:ba:0c:b3:71:f7:ee:73:bb:14:4d:89: 66:80:b6:65:e2:ce:11:f0:26:c7:7c:09:a5:a2:b7:ef:1c:92: 98:9f:21:08:ec:a5:43:5b:20:5d:49:83:b0:a8:e5:09:e6:da: 8c:9d:0e:dd -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt57RiS4HBd45qNXlWjmt0xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkM2JiODQ4OTE2NTFmMjAzOWNkODFiMGI2MDkxMmY3YzBl NWNmOTYwHhcNMjYwMTAxMTQxOTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MGFlNWNjM2MwMWI5YzljMDlkN2RkOGVhYjBkMmM5OGFiZTk5NTE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0g5w4nIF1pvcfqkJfgT7qfiZICRx EpAICzENG1wdFID3pcXnQXVWHCmQYGjPRxwejdRLLSZZA52areEO1WCR6li0tmKm Xf7FYIViEwwzIHIi6SX1y1uIB9ywrnsFJnbzX7VyOufKHYI2E/UOHJ+ooc9+zw9I lZwnXRvitDLCcdt1V+5MHkSYvcqcm18hUmnIXYhLb4zqOyJyeDqO2xM1JivF10kl JYiaQEXvG/H15KXYUKnC5Z1MuHpBajZPO6mJP00jg3vjCjoJ+VHS8NLEMR13v8h1 9TQtkcqxYJYya8bYTqL3ZKo8AqlxVgm9uaQAuLlRD0chPTTTQ29gzzObJQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFHCuXMPAG5ycCdfdjqsNLJir6ZUZMB8GA1UdIwQY MBaAFF07uEiRZR8gOc2BsLYJEvfA5c+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFR1NFNKRmxIeUE1ellHd3Rna1M5OERsejVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81ODdmN2UtNjBjYy00MWEwLTg4Njkt NGY4YzYzOGE3MmUxLzEvY0s1Y3c4QWJuSndKMTkyT3F3MHNtS3ZwbFJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS81ODdmN2UtNjBjYy00MWEwLTg4NjktNGY4YzYzOGE3MmUx LzEvWFR1NFNKRmxIeUE1ellHd3Rna1M5OERsejVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuUFIMBgE AgACMBIDBwAqAxogAAADBwAqAxogABAwDQYJKoZIhvcNAQELBQADggEBAD8uyKxr ec8cKhjPZzemwhJsFQN/X1domhZCjXdUXp1uhHuHFCrvuCB2eEMkVZAenzuGXq+x eqAGE1NKVLpp8+fFjkxj4SoozPWDgaKuitLBjGXEH0eQD4aOKzKp1bDLVIWw8aIJ UTDxCBsIxLj++eZN5Y1h4FLfv3HnhxCAN+ahWC2zrggZu+/VMWyg/7UzbLqksCNu ZP0lbmXK9+y0Xm+aDEGAh4MZUH6AeTVGlXuLsBRSS+F44i5v4bJqiHoZxtOYzU1w JvwX1DGi7Ui6DLNx9+5zuxRNiWaAtmXizhHwJsd8CaWit+8ckpifIQjspUNbIF1J g7Co5Qnm2oydDt0= -----END CERTIFICATE-----Generated at Sun Jan 25 19:20:06 2026 by rpki-client