This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/D8zt2B-zZXXGmbmFyYrVgX5VlhE.roa File: D8zt2B-zZXXGmbmFyYrVgX5VlhE.roa (raw, json) Hash identifier: 7mktpizMJp0UVGb90YuRIUsj5vrCk7DRcIeq+0Shwlw= Subject key identifier: 0F:CC:ED:D8:1F:B3:65:75:C6:99:B9:85:C9:8A:D5:81:7E:55:96:11 Certificate issuer: /CN=ab54fe831b6a719f42e6c8486fd03b550be761fb Certificate serial: 019B797E2B5FAEC5BFCE863EE961F5228C22 Authority key identifier: AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/D8zt2B-zZXXGmbmFyYrVgX5VlhE.roa Signing time: Thu 01 Jan 2026 12:17:50 +0000 ROA not before: Thu 01 Jan 2026 12:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212462 IP address blocks: 109.234.80.0/24 maxlen: 24 109.234.85.0/24 maxlen: 24 185.33.66.0/24 maxlen: 24 185.33.67.0/24 maxlen: 24 185.235.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.mft rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 07:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:2b:5f:ae:c5:bf:ce:86:3e:e9:61:f5:22:8c:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab54fe831b6a719f42e6c8486fd03b550be761fb Validity Not Before: Jan 1 12:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0fccedd81fb36575c699b985c98ad5817e559611 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:b7:78:eb:05:3c:a2:78:32:6f:d5:2e:a4:7e: a9:28:0f:8c:82:9e:8a:00:84:c6:44:fe:08:9e:40: 5f:57:81:f1:a3:ca:cd:47:c4:b5:de:86:5b:a7:6e: a4:4b:a9:a8:f4:f0:46:cf:95:25:92:e6:be:4d:4f: 79:e9:11:f5:57:0e:3c:5f:4f:c6:ba:43:c0:53:87: 26:86:78:c5:90:fc:9c:e6:d4:bc:26:d4:93:8b:42: df:98:fa:9a:f6:70:a0:52:c0:42:06:94:8d:2a:07: 27:8e:3e:67:ff:7b:8b:e1:f1:b1:b9:4e:55:7c:b9: b3:d5:8b:00:0c:9a:78:8a:0f:3f:21:0f:25:b7:70: 19:8d:25:e1:89:72:9b:54:54:45:dd:e7:dd:de:26: 8b:b1:7d:dc:8f:79:d5:90:fd:b6:42:24:43:82:ff: 31:f5:1d:15:af:97:cc:2e:3f:cc:5b:cb:2a:64:33: 51:17:d4:db:fd:96:a1:f7:c9:85:11:ba:2a:d3:84: ea:4e:81:b5:dc:09:88:75:8e:4e:2d:19:01:26:c1: 43:f0:61:ac:cd:02:9c:5e:62:d8:f6:a1:0a:e7:99: 5a:fb:b9:97:ce:6e:45:ba:11:93:42:20:9a:d4:fe: 89:6f:77:b5:23:75:b1:5d:23:6d:bc:a5:6a:96:87: e4:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:CC:ED:D8:1F:B3:65:75:C6:99:B9:85:C9:8A:D5:81:7E:55:96:11 X509v3 Authority Key Identifier: keyid:AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/D8zt2B-zZXXGmbmFyYrVgX5VlhE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.234.80.0/24 109.234.85.0/24 185.33.66.0/23 185.235.35.0/24 Signature Algorithm: sha256WithRSAEncryption 36:b6:97:54:8b:d5:23:ce:a4:f4:c4:0a:d0:22:00:dc:3d:fb: a7:72:5a:05:67:f0:9f:ae:b7:b6:a8:4e:17:89:0e:09:fd:e4: 0b:44:ab:d4:43:58:e0:58:d8:4c:a5:6d:a9:fa:9f:f4:4b:2f: ec:11:44:22:10:44:09:c9:d2:0a:33:ed:59:2f:30:95:ca:3f: d8:35:f8:a2:09:62:96:ec:95:e3:2d:25:5d:26:44:1a:99:3f: fa:b1:67:3d:47:d5:b7:dd:26:01:d2:88:53:10:1d:af:88:f8: a6:21:ab:a4:76:0f:97:2b:fb:47:ae:fa:64:80:7a:65:81:f5: ea:f7:44:57:60:8f:53:c2:e1:e5:8b:08:d1:22:c6:07:40:f6: cb:e0:28:a6:0c:2f:c3:96:26:3c:06:47:2f:ce:00:10:8d:40: 18:ec:00:4a:fe:cb:12:42:30:15:c8:e2:78:b3:d8:bc:32:b9: 14:32:bf:2f:c7:65:5e:e0:c4:78:8f:d6:cf:0d:48:e3:08:29: 26:cd:d6:17:48:7a:9a:27:0d:9f:a6:fc:72:7d:e9:b3:d5:3a: 6d:ca:f4:a4:6a:16:31:76:59:1b:fb:5c:6d:dc:c6:94:fb:03: dc:40:82:26:96:fa:a9:2c:54:36:9a:08:71:f5:e2:46:c4:2b: ab:1d:b7:a7 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt5fitfrsW/zoY+6WH1IowiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiNTRmZTgzMWI2YTcxOWY0MmU2Yzg0ODZmZDAzYjU1MGJl NzYxZmIwHhcNMjYwMTAxMTIxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZmNjZWRkODFmYjM2NTc1YzY5OWI5ODVjOThhZDU4MTdlNTU5NjExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLd46wU8ongyb9UupH6pKA+Mgp6K AITGRP4InkBfV4Hxo8rNR8S13oZbp26kS6mo9PBGz5Ulkua+TU956RH1Vw48X0/G ukPAU4cmhnjFkPyc5tS8JtSTi0LfmPqa9nCgUsBCBpSNKgcnjj5n/3uL4fGxuU5V fLmz1YsADJp4ig8/IQ8lt3AZjSXhiXKbVFRF3efd3iaLsX3cj3nVkP22QiRDgv8x 9R0Vr5fMLj/MW8sqZDNRF9Tb/Zah98mFEboq04TqToG13AmIdY5OLRkBJsFD8GGs zQKcXmLY9qEK55la+7mXzm5FuhGTQiCa1P6Jb3e1I3WxXSNtvKVqlofk/QIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFA/M7dgfs2V1xpm5hcmK1YF+VZYRMB8GA1UdIwQY MBaAFKtU/oMbanGfQubISG/QO1UL52H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTFULWd4dHFjWjlDNXNoSWI5QTdWUXZuWWZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81ZWFhYTctMzEwNy00MjY4LWFhZDYt NmZkOTc4OTIwNWJhLzEvRDh6dDJCLXpaWFhHbWJtRnlZclZnWDVWbGhFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS81ZWFhYTctMzEwNy00MjY4LWFhZDYtNmZkOTc4OTIwNWJh LzEvcTFULWd4dHFjWjlDNXNoSWI5QTdWUXZuWWZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbepQAwQA bepVAwQBuSFCAwQAuesjMA0GCSqGSIb3DQEBCwUAA4IBAQA2tpdUi9UjzqT0xArQ IgDcPfuncloFZ/Cfrre2qE4XiQ4J/eQLRKvUQ1jgWNhMpW2p+p/0Sy/sEUQiEEQJ ydIKM+1ZLzCVyj/YNfiiCWKW7JXjLSVdJkQamT/6sWc9R9W33SYB0ohTEB2viPim Iaukdg+XK/tHrvpkgHplgfXq90RXYI9TwuHliwjRIsYHQPbL4CimDC/DliY8Bkcv zgAQjUAY7ABK/ssSQjAVyOJ4s9i8MrkUMr8vx2Ve4MR4j9bPDUjjCCkmzdYXSHqa Jw2fpvxyfemz1TptyvSkahYxdlkb+1xt3MaU+wPcQIImlvqpLFQ2mghx9eJGxCur Hben -----END CERTIFICATE-----Generated at Mon Jan 26 12:22:40 2026 by rpki-client