This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/aZ2TcbNwaylOZgDoSe12Obbdwts.roa File: aZ2TcbNwaylOZgDoSe12Obbdwts.roa (raw, json) Hash identifier: RGUNbjUgv7q6fxRKJH6x2SAZxrih2NcUX8E0Ivt0oLE= Subject key identifier: 69:9D:93:71:B3:70:6B:29:4E:66:00:E8:49:ED:76:39:B6:DD:C2:DB Certificate issuer: /CN=3b0cd44ebbe3d0d6a072e75103f231606995f6ab Certificate serial: 019B7EA6957ECE53CB70526BD330699B3DE4 Authority key identifier: 3B:0C:D4:4E:BB:E3:D0:D6:A0:72:E7:51:03:F2:31:60:69:95:F6:AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwzUTrvj0NagcudRA_IxYGmV9qs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/aZ2TcbNwaylOZgDoSe12Obbdwts.roa Signing time: Fri 02 Jan 2026 12:20:05 +0000 ROA not before: Fri 02 Jan 2026 12:20:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206350 IP address blocks: 185.186.206.0/24 maxlen: 24 185.186.207.0/24 maxlen: 24 2a0b:d580::/32 maxlen: 32 2a0b:d580:0:16::/64 maxlen: 64 2a0b:d580:1::/48 maxlen: 48 2a0b:d580:2020::/44 maxlen: 44 2a0b:d580:2060::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/OwzUTrvj0NagcudRA_IxYGmV9qs.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/OwzUTrvj0NagcudRA_IxYGmV9qs.mft rsync://rpki.ripe.net/repository/DEFAULT/OwzUTrvj0NagcudRA_IxYGmV9qs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 18:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:95:7e:ce:53:cb:70:52:6b:d3:30:69:9b:3d:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b0cd44ebbe3d0d6a072e75103f231606995f6ab Validity Not Before: Jan 2 12:20:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=699d9371b3706b294e6600e849ed7639b6ddc2db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:45:d8:cd:72:d9:91:c1:f1:bf:2b:1c:5a:c2: e5:15:9e:14:92:a9:ef:29:71:c5:5c:dc:db:6a:ee: a2:e3:40:31:37:a6:bf:47:69:f4:ac:16:65:71:2d: 28:3f:9f:7f:7b:c1:fe:c1:65:d9:54:30:8e:69:70: c8:34:8a:76:2a:23:2b:e0:60:f0:36:17:53:21:b4: 81:4c:a0:d8:c9:4c:48:1b:0f:cd:25:33:6f:1b:77: f6:4a:6c:40:7b:d7:3c:2e:99:c9:ed:c8:aa:f6:bc: 29:99:d1:83:f3:7d:d2:85:6a:84:2f:66:b8:38:e4: 4f:2e:fd:e3:80:8b:b4:d3:9e:6b:11:73:18:bd:10: 4a:c2:8b:7c:69:87:57:29:31:d4:d0:99:05:91:94: ee:de:c0:f8:77:53:bb:f9:f7:34:b6:97:1e:58:7b: 30:82:13:1c:96:ac:a2:c7:17:a3:86:9a:d0:c3:c5: c7:72:b9:05:69:c7:a8:5f:0a:d0:d6:c8:92:21:a9: d9:83:c9:e9:83:2f:00:5d:ad:45:e2:4d:50:3c:45: 4b:a0:45:88:5c:2d:be:1f:06:0f:12:6f:6c:4a:5b: 18:ac:20:76:11:29:f4:82:6d:89:18:1c:e4:f8:a6: 87:9c:f1:9f:51:a2:92:83:6a:f7:7e:84:a2:99:64: 9a:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:9D:93:71:B3:70:6B:29:4E:66:00:E8:49:ED:76:39:B6:DD:C2:DB X509v3 Authority Key Identifier: keyid:3B:0C:D4:4E:BB:E3:D0:D6:A0:72:E7:51:03:F2:31:60:69:95:F6:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwzUTrvj0NagcudRA_IxYGmV9qs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/aZ2TcbNwaylOZgDoSe12Obbdwts.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/OwzUTrvj0NagcudRA_IxYGmV9qs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.186.206.0/23 IPv6: 2a0b:d580::/32 Signature Algorithm: sha256WithRSAEncryption 8f:f6:20:83:49:72:26:19:e3:41:be:f5:3f:3c:aa:11:a8:09: a1:00:81:c1:17:33:d7:80:a0:93:82:fe:0c:44:8f:89:28:30: ae:8e:d9:ed:f4:71:e5:c8:40:03:52:72:c9:9e:ae:19:9e:54: f9:3a:8e:b6:49:6a:88:2a:b2:e3:d8:1b:95:ae:fa:9b:12:9a: d5:e9:9e:a7:fd:06:6f:85:37:c3:69:2d:3c:c2:40:a2:0a:8b: a1:1e:e2:a2:b2:01:b0:02:0b:19:dc:09:57:b6:ac:f9:d0:70: 5a:ec:15:cb:32:d2:35:d3:27:c1:bf:df:c6:2b:13:60:d5:2e: 73:d3:01:75:fc:b9:b2:99:f6:47:31:60:03:61:42:5c:31:d4: 76:fe:ba:e7:38:8b:f2:36:07:76:17:e8:80:bc:fe:b2:c5:82: 3b:f1:e5:48:36:57:79:df:72:22:16:58:3c:25:7a:dd:0c:43: 00:b6:a9:ce:16:a9:f3:41:dd:66:57:77:8a:06:59:74:c2:63: 4f:d0:92:92:96:d5:bc:64:ff:d9:a8:6b:a4:e4:59:b3:05:e8: 35:03:15:f2:0f:7e:dc:a0:07:04:45:3b:09:53:ea:56:11:48: 78:16:38:52:c7:5e:60:35:fb:9d:fa:8e:44:dc:98:60:9b:b2: 7d:3c:f9:72 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+ppV+zlPLcFJr0zBpmz3kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiMGNkNDRlYmJlM2QwZDZhMDcyZTc1MTAzZjIzMTYwNjk5 NWY2YWIwHhcNMjYwMTAyMTIyMDA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OTlkOTM3MWIzNzA2YjI5NGU2NjAwZTg0OWVkNzYzOWI2ZGRjMmRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEXYzXLZkcHxvyscWsLlFZ4Ukqnv KXHFXNzbau6i40AxN6a/R2n0rBZlcS0oP59/e8H+wWXZVDCOaXDINIp2KiMr4GDw NhdTIbSBTKDYyUxIGw/NJTNvG3f2SmxAe9c8LpnJ7ciq9rwpmdGD833ShWqEL2a4 OORPLv3jgIu0055rEXMYvRBKwot8aYdXKTHU0JkFkZTu3sD4d1O7+fc0tpceWHsw ghMclqyixxejhprQw8XHcrkFaceoXwrQ1siSIanZg8npgy8AXa1F4k1QPEVLoEWI XC2+HwYPEm9sSlsYrCB2ESn0gm2JGBzk+KaHnPGfUaKSg2r3foSimWSaIQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGmdk3GzcGspTmYA6Entdjm23cLbMB8GA1UdIwQY MBaAFDsM1E6749DWoHLnUQPyMWBplfarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3d6VVRydmowTmFnY3VkUkFfSXhZR21WOXFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy85NzFmMDgtZTU3Yy00MDhhLWI3NzYt ZjdkYTNiODczMmJmLzEvYVoyVGNiTndheWxPWmdEb1NlMTJPYmJkd3RzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy85NzFmMDgtZTU3Yy00MDhhLWI3NzYtZjdkYTNiODczMmJm LzEvT3d6VVRydmowTmFnY3VkUkFfSXhZR21WOXFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBubrOMA0E AgACMAcDBQAqC9WAMA0GCSqGSIb3DQEBCwUAA4IBAQCP9iCDSXImGeNBvvU/PKoR qAmhAIHBFzPXgKCTgv4MRI+JKDCujtnt9HHlyEADUnLJnq4ZnlT5Oo62SWqIKrLj 2BuVrvqbEprV6Z6n/QZvhTfDaS08wkCiCouhHuKisgGwAgsZ3AlXtqz50HBa7BXL MtI10yfBv9/GKxNg1S5z0wF1/LmymfZHMWADYUJcMdR2/rrnOIvyNgd2F+iAvP6y xYI78eVINld533IiFlg8JXrdDEMAtqnOFqnzQd1mV3eKBll0wmNP0JKSltW8ZP/Z qGuk5FmzBeg1AxXyD37coAcERTsJU+pWEUh4FjhSx15gNfud+o5E3Jhgm7J9PPly -----END CERTIFICATE-----Generated at Mon Jan 26 03:56:34 2026 by rpki-client