This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/M2b0AyIxBEZE26l78yx_U6jH-HM.roa File: M2b0AyIxBEZE26l78yx_U6jH-HM.roa (raw, json) Hash identifier: qI3z2lgsBJDNei5CDronPrCJiOhj9yjVA1Waw1BZhZw= Subject key identifier: 33:66:F4:03:22:31:04:46:44:DB:A9:7B:F3:2C:7F:53:A8:C7:F8:73 Certificate issuer: /CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b Certificate serial: 019B7EA677B117937BFCBEE4E31D504DAD0B Authority key identifier: CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/M2b0AyIxBEZE26l78yx_U6jH-HM.roa Signing time: Fri 02 Jan 2026 12:19:57 +0000 ROA not before: Fri 02 Jan 2026 12:19:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212238 IP address blocks: 143.223.99.0/24 maxlen: 24 185.98.168.0/24 maxlen: 24 185.98.169.0/24 maxlen: 24 185.98.170.0/24 maxlen: 24 185.98.171.0/24 maxlen: 24 205.147.24.0/24 maxlen: 24 205.147.25.0/24 maxlen: 24 212.104.214.0/24 maxlen: 24 212.104.215.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.mft rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:77:b1:17:93:7b:fc:be:e4:e3:1d:50:4d:ad:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b Validity Not Before: Jan 2 12:19:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3366f4032231044644dba97bf32c7f53a8c7f873 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:a9:78:2f:11:45:d8:92:2d:b4:cd:d5:6a:ac: a4:46:5c:90:2b:68:e7:59:5e:ee:92:dd:42:ba:89: 7c:76:5d:c1:39:05:23:77:44:1f:d1:bc:3c:e2:6e: fc:9e:f2:7f:65:3f:7b:64:98:ad:9c:57:4a:37:4a: 86:f2:64:b8:b7:0e:1e:f6:78:5b:6a:35:ce:b3:95: 9e:86:1f:da:e6:83:bb:c7:14:e1:92:60:7f:41:72: 53:58:77:0c:6e:61:8d:2a:b5:ab:6e:5f:02:d8:43: a8:b1:3f:46:ee:ad:25:16:ab:5e:92:6c:bb:77:95: 66:5a:c0:ff:45:60:b7:18:95:1a:66:3c:49:19:08: d4:8e:d3:05:b9:c4:df:9b:81:e1:1e:9a:79:5d:a7: 61:70:a8:80:e0:0f:49:8a:e0:13:09:2b:c6:aa:db: d9:c0:2c:11:5f:7e:85:75:77:c1:3a:a4:72:dd:25: 54:4b:f6:0a:f7:08:b9:01:e8:1a:26:71:84:c6:06: 05:b2:2a:14:9f:e5:35:c8:30:4b:f3:9a:a0:0f:8f: 9d:fe:f5:c5:38:62:f1:38:bb:c4:58:8e:9b:ac:83: 7d:7b:07:3c:a9:87:26:b0:67:1e:0f:1e:c5:37:00: 3c:68:7b:ed:b2:d0:3c:a0:00:a6:7b:9c:1a:6f:13: 7a:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:66:F4:03:22:31:04:46:44:DB:A9:7B:F3:2C:7F:53:A8:C7:F8:73 X509v3 Authority Key Identifier: keyid:CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/M2b0AyIxBEZE26l78yx_U6jH-HM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.223.99.0/24 185.98.168.0/22 205.147.24.0/23 212.104.214.0/23 Signature Algorithm: sha256WithRSAEncryption 10:05:83:73:c4:4c:88:9a:a1:eb:a3:fa:c8:17:55:2c:f6:59: d1:51:e6:2a:d5:7b:83:4a:7a:e8:ee:2f:58:8f:f6:6f:c7:3c: e9:1a:08:e8:b3:5e:01:67:a3:24:bf:31:56:36:3a:50:fd:c9: 73:cb:fe:68:6e:71:cc:a1:bb:96:87:32:fd:7e:ac:a2:d7:f0: 65:77:34:02:88:2f:8f:85:06:e6:c4:40:52:c9:31:7b:9f:bd: 74:81:82:2a:63:64:c4:8a:55:29:40:1f:8e:ad:49:a6:be:45: df:82:4c:88:57:ba:b7:77:68:d0:ef:a1:cb:12:2a:b1:a2:81: ed:f8:fe:de:cd:32:61:f7:5d:a2:4f:4b:fd:da:37:9d:8b:4b: 9a:73:bb:44:12:f8:38:f0:ac:36:87:7d:00:5a:57:67:ec:d6: 07:12:e5:d7:02:36:14:84:1c:1a:55:fc:95:9c:f2:c8:9f:19: dd:b8:08:d4:56:f6:cb:57:bd:9b:4f:33:e1:99:e7:49:ce:e5: 9f:56:23:7e:bb:1b:d7:b6:8f:0b:ea:51:9f:3d:d8:3b:72:8a: 56:4c:fe:79:99:ba:ac:78:63:7d:34:44:19:8e:1e:1f:d3:0d: ea:1a:19:96:9d:c5:c0:46:f3:0b:51:3d:4e:7f:35:fe:8a:ab: 8a:c7:88:5a -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt+pnexF5N7/L7k4x1QTa0LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNTc2ZDg3NmUxN2U2N2FhM2IxZjFjMTBkYWIzOWRiMjkz NWUyMmIwHhcNMjYwMTAyMTIxOTU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMzY2ZjQwMzIyMzEwNDQ2NDRkYmE5N2JmMzJjN2Y1M2E4YzdmODczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6l4LxFF2JIttM3VaqykRlyQK2jn WV7ukt1Cuol8dl3BOQUjd0Qf0bw84m78nvJ/ZT97ZJitnFdKN0qG8mS4tw4e9nhb ajXOs5Wehh/a5oO7xxThkmB/QXJTWHcMbmGNKrWrbl8C2EOosT9G7q0lFqtekmy7 d5VmWsD/RWC3GJUaZjxJGQjUjtMFucTfm4HhHpp5XadhcKiA4A9JiuATCSvGqtvZ wCwRX36FdXfBOqRy3SVUS/YK9wi5AegaJnGExgYFsioUn+U1yDBL85qgD4+d/vXF OGLxOLvEWI6brIN9ewc8qYcmsGceDx7FNwA8aHvtstA8oACme5wabxN6sQIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFDNm9AMiMQRGRNupe/Msf1Oox/hzMB8GA1UdIwQY MBaAFM1XbYduF+Z6o7HxwQ2rOdspNeIrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMt MWE4MGEyZjdkN2VhLzEvTTJiMEF5SXhCRVpFMjZsNzh5eF9VNmpILUhNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMtMWE4MGEyZjdkN2Vh LzEvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAj99jAwQC uWKoAwQBzZMYAwQB1GjWMA0GCSqGSIb3DQEBCwUAA4IBAQAQBYNzxEyImqHro/rI F1Us9lnRUeYq1XuDSnro7i9Yj/ZvxzzpGgjos14BZ6MkvzFWNjpQ/clzy/5obnHM obuWhzL9fqyi1/BldzQCiC+PhQbmxEBSyTF7n710gYIqY2TEilUpQB+OrUmmvkXf gkyIV7q3d2jQ76HLEiqxooHt+P7ezTJh912iT0v92jedi0uac7tEEvg48Kw2h30A Wldn7NYHEuXXAjYUhBwaVfyVnPLInxnduAjUVvbLV72bTzPhmedJzuWfViN+uxvX to8L6lGfPdg7copWTP55mbqseGN9NEQZjh4f0w3qGhmWncXARvMLUT1OfzX+iquK x4ha -----END CERTIFICATE-----Generated at Sun Jan 25 15:12:47 2026 by rpki-client