This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/Po5Z-3veMvoIAK-aDVEx1e-ce5U.roa File: Po5Z-3veMvoIAK-aDVEx1e-ce5U.roa (raw, json) Hash identifier: AD5FiCgalWTH4X8YjTKjmnDvWNssEsjzxmI0GCJAqfo= Subject key identifier: 3E:8E:59:FB:7B:DE:32:FA:08:00:AF:9A:0D:51:31:D5:EF:9C:7B:95 Certificate issuer: /CN=006b06b5d0ff1000e10c4276eea0880af209d7a2 Certificate serial: 019B7B35FA0D69753DEFBC538D541B100C47 Authority key identifier: 00:6B:06:B5:D0:FF:10:00:E1:0C:42:76:EE:A0:88:0A:F2:09:D7:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AGsGtdD_EADhDEJ27qCICvIJ16I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/Po5Z-3veMvoIAK-aDVEx1e-ce5U.roa Signing time: Thu 01 Jan 2026 20:18:13 +0000 ROA not before: Thu 01 Jan 2026 20:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49477 IP address blocks: 185.22.116.0/22 maxlen: 22 193.169.66.0/23 maxlen: 23 2a04:1f40::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/AGsGtdD_EADhDEJ27qCICvIJ16I.crl rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/AGsGtdD_EADhDEJ27qCICvIJ16I.mft rsync://rpki.ripe.net/repository/DEFAULT/AGsGtdD_EADhDEJ27qCICvIJ16I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 02:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:fa:0d:69:75:3d:ef:bc:53:8d:54:1b:10:0c:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=006b06b5d0ff1000e10c4276eea0880af209d7a2 Validity Not Before: Jan 1 20:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3e8e59fb7bde32fa0800af9a0d5131d5ef9c7b95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:7a:63:59:6c:5b:d5:23:c0:b9:db:43:93:ed: 04:da:fd:a1:9c:13:66:bc:2b:9f:05:5b:7b:77:e3: 90:ae:25:c3:52:93:a1:d6:a7:e2:ed:8f:ca:1f:5c: 64:2a:bd:e3:9a:6c:bd:f5:08:cb:74:bc:85:e7:d9: 09:98:19:36:a0:94:a0:90:b7:99:a4:07:9c:6e:d2: df:95:f4:7a:83:ed:d0:75:d2:2e:18:fb:70:82:51: b1:af:71:ea:9e:f4:5f:1c:01:31:e9:c4:ac:d2:c9: 09:57:73:d2:54:00:18:67:b6:7f:74:9f:a2:92:dd: b5:09:bf:52:d1:6c:2e:90:88:0c:e4:2e:a5:aa:f3: 2f:3e:0e:b0:f5:51:0f:31:35:7d:8f:6a:c7:df:a6: 4b:bd:14:42:d9:74:88:0f:f6:b1:13:be:67:0b:dc: 78:7e:a8:11:d6:09:3c:9c:b2:66:6e:55:0b:0a:99: 0f:ff:20:61:23:d4:b1:a1:68:17:60:df:96:51:02: 3e:67:8a:7b:d0:bf:3b:c5:ce:37:9b:60:8c:33:42: 5f:0d:61:52:ef:c4:61:1f:5d:01:b2:7f:41:69:c3: 15:ad:52:cc:7f:df:7b:af:26:cd:9f:d9:df:9f:6b: 84:a3:05:8a:78:a5:a7:72:89:f1:ae:b0:65:67:f3: 10:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:8E:59:FB:7B:DE:32:FA:08:00:AF:9A:0D:51:31:D5:EF:9C:7B:95 X509v3 Authority Key Identifier: keyid:00:6B:06:B5:D0:FF:10:00:E1:0C:42:76:EE:A0:88:0A:F2:09:D7:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGsGtdD_EADhDEJ27qCICvIJ16I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/Po5Z-3veMvoIAK-aDVEx1e-ce5U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/AGsGtdD_EADhDEJ27qCICvIJ16I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.22.116.0/22 193.169.66.0/23 IPv6: 2a04:1f40::/29 Signature Algorithm: sha256WithRSAEncryption b5:8e:48:bb:77:aa:0b:38:f5:3e:61:58:e5:c9:42:dc:7f:28: 4e:9f:50:77:9f:41:c6:d2:a1:a6:90:26:82:8c:97:2f:2d:99: 4d:49:bb:e9:c9:0d:b1:3c:07:f3:c1:34:9d:d9:25:6c:e0:db: 13:16:2b:42:57:e8:80:27:8c:a0:1e:fd:9e:6d:f0:f5:a4:15: 02:86:35:3e:76:5b:62:23:5e:17:13:17:6f:46:3f:f7:0a:6a: 3d:ac:b3:66:89:75:ef:c6:ca:66:1c:38:08:74:1a:8d:15:85: 4e:ca:39:22:cd:32:8b:1e:fa:4e:81:a5:fe:ee:42:23:00:3d: 03:f0:6f:cb:04:78:03:12:d2:45:97:46:4e:f7:7a:3f:9c:2f: ef:7b:c2:d1:c4:b5:57:47:a2:85:8f:e1:5e:0d:50:4f:26:89: 1a:eb:f5:48:93:7b:4d:ee:3c:6f:55:92:c8:71:35:37:bb:34: 8a:24:d7:8f:bb:b5:73:d1:6b:95:2e:d8:81:6c:4e:3c:90:03: 0d:5a:a2:03:59:09:0b:43:8c:a4:c4:52:e9:ea:e3:dc:39:84: eb:23:e4:54:dd:30:d3:79:47:da:7d:4d:01:ac:8c:a2:52:a3: e3:b5:4e:6b:60:5f:79:21:9b:0d:c8:4c:99:4b:04:ac:5f:dc: da:3f:77:be -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7NfoNaXU977xTjVQbEAxHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwNmIwNmI1ZDBmZjEwMDBlMTBjNDI3NmVlYTA4ODBhZjIw OWQ3YTIwHhcNMjYwMTAxMjAxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZThlNTlmYjdiZGUzMmZhMDgwMGFmOWEwZDUxMzFkNWVmOWM3Yjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHpjWWxb1SPAudtDk+0E2v2hnBNm vCufBVt7d+OQriXDUpOh1qfi7Y/KH1xkKr3jmmy99QjLdLyF59kJmBk2oJSgkLeZ pAecbtLflfR6g+3QddIuGPtwglGxr3HqnvRfHAEx6cSs0skJV3PSVAAYZ7Z/dJ+i kt21Cb9S0WwukIgM5C6lqvMvPg6w9VEPMTV9j2rH36ZLvRRC2XSID/axE75nC9x4 fqgR1gk8nLJmblULCpkP/yBhI9SxoWgXYN+WUQI+Z4p70L87xc43m2CMM0JfDWFS 78RhH10Bsn9BacMVrVLMf997rybNn9nfn2uEowWKeKWnconxrrBlZ/MQ5wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFD6OWft73jL6CACvmg1RMdXvnHuVMB8GA1UdIwQY MBaAFABrBrXQ/xAA4QxCdu6giAryCdeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUdzR3RkRF9FQURoREVKMjdxQ0lDdklKMTZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80NzM3YzktZTI2My00NGU3LThmZWQt NTdjOTU1YzljODVkLzEvUG81Wi0zdmVNdm9JQUstYURWRXgxZS1jZTVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi80NzM3YzktZTI2My00NGU3LThmZWQtNTdjOTU1YzljODVk LzEvQUdzR3RkRF9FQURoREVKMjdxQ0lDdklKMTZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRZ0AwQB walCMA0EAgACMAcDBQMqBB9AMA0GCSqGSIb3DQEBCwUAA4IBAQC1jki7d6oLOPU+ YVjlyULcfyhOn1B3n0HG0qGmkCaCjJcvLZlNSbvpyQ2xPAfzwTSd2SVs4NsTFitC V+iAJ4ygHv2ebfD1pBUChjU+dltiI14XExdvRj/3Cmo9rLNmiXXvxspmHDgIdBqN FYVOyjkizTKLHvpOgaX+7kIjAD0D8G/LBHgDEtJFl0ZO93o/nC/ve8LRxLVXR6KF j+FeDVBPJoka6/VIk3tN7jxvVZLIcTU3uzSKJNePu7Vz0WuVLtiBbE48kAMNWqID WQkLQ4ykxFLp6uPcOYTrI+RU3TDTeUfafU0BrIyiUqPjtU5rYF95IZsNyEyZSwSs X9zaP3e+ -----END CERTIFICATE-----Generated at Sun Jan 25 12:18:04 2026 by rpki-client