This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/0llklTGwRpo1D7HWMMbydisxDQ4.roa File: 0llklTGwRpo1D7HWMMbydisxDQ4.roa (raw, json) Hash identifier: 3z2IZ4s8AyOuNF65gLQqbep0m2rYxv6RvjyL7CQP75U= Subject key identifier: D2:59:64:95:31:B0:46:9A:35:0F:B1:D6:30:C6:F2:76:2B:31:0D:0E Certificate issuer: /CN=aff4242c10e438537e169ab002bf6be81fa2a5ed Certificate serial: 019B77588371E4280F5E8A2DA124B8F535D9 Authority key identifier: AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/0llklTGwRpo1D7HWMMbydisxDQ4.roa Signing time: Thu 01 Jan 2026 02:17:28 +0000 ROA not before: Thu 01 Jan 2026 02:17:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42910 IP address blocks: 185.135.220.0/24 maxlen: 24 185.135.221.0/24 maxlen: 24 185.135.222.0/24 maxlen: 24 185.135.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/r_QkLBDkOFN-FpqwAr9r6B-ipe0.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/r_QkLBDkOFN-FpqwAr9r6B-ipe0.mft rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:83:71:e4:28:0f:5e:8a:2d:a1:24:b8:f5:35:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aff4242c10e438537e169ab002bf6be81fa2a5ed Validity Not Before: Jan 1 02:17:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d259649531b0469a350fb1d630c6f2762b310d0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:4d:6b:b2:73:d1:c5:a1:1c:46:07:71:e3:fb: 79:3b:cf:7d:e6:a1:5d:a7:dc:35:18:8a:0e:43:06: 59:9e:b0:a8:04:f9:1c:4d:a6:5b:70:b6:fa:be:50: 6d:c6:37:60:4e:01:4d:ee:d8:c6:f4:69:e2:4f:fe: d2:3a:97:c4:3d:9f:40:00:46:9a:34:d3:92:da:62: 01:9f:30:97:b1:f4:8c:d1:ac:d2:4f:a1:da:ae:17: 6a:c6:83:72:07:ba:ea:c6:f9:ba:be:bd:d7:c3:bd: bd:06:2b:34:92:ae:68:a8:e3:b0:05:62:a5:cb:3d: 0e:19:30:24:9e:0f:ac:3c:14:11:17:25:4b:60:7a: 72:a6:aa:9d:35:f8:ca:3e:c5:0c:b9:98:b6:91:29: 69:ce:29:d1:8e:75:de:73:6f:bc:ca:c1:ab:01:34: 8c:67:bf:eb:d3:0e:04:5f:f3:f8:f8:9b:c4:cd:61: 77:63:08:38:fb:46:40:24:79:24:2b:12:6c:52:c1: 06:4c:a1:0d:db:bb:07:5b:75:38:ff:1b:61:7d:92: bc:1f:d2:90:70:93:ca:d2:7b:2d:a0:f2:6e:40:70: 72:76:6c:3f:50:9c:8e:bf:c2:b3:23:30:56:88:2a: c5:2e:f6:d0:22:01:56:8b:b4:e0:f6:5d:2e:e2:6d: be:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:59:64:95:31:B0:46:9A:35:0F:B1:D6:30:C6:F2:76:2B:31:0D:0E X509v3 Authority Key Identifier: keyid:AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/0llklTGwRpo1D7HWMMbydisxDQ4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/r_QkLBDkOFN-FpqwAr9r6B-ipe0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.135.220.0/22 Signature Algorithm: sha256WithRSAEncryption 7a:cc:10:2c:64:90:42:3a:f9:4b:3f:5a:60:6c:90:50:ce:9e: 87:8f:96:6b:8d:4d:c6:f0:40:e2:f6:bc:58:2e:6b:4f:d8:a4: 62:90:d0:85:f4:f1:75:84:c4:ed:1e:4c:cb:98:91:eb:86:8f: 24:b9:e9:55:97:01:d7:aa:e4:84:ed:41:e7:37:2d:42:b6:61: 8d:0b:69:7d:03:47:94:3f:f4:4e:9d:ee:b1:dc:51:a1:3c:a7: f1:27:d9:43:92:00:93:06:c2:89:ec:22:aa:d2:11:e3:d5:cb: 3e:25:b7:31:fc:29:d0:9c:db:59:97:c0:b2:e3:8a:ec:05:4d: 1a:99:75:4e:92:c9:5d:e4:12:df:9c:d1:29:ed:ba:71:b6:f4: 5d:16:73:f4:d5:30:59:d9:c8:63:42:75:ab:08:43:33:00:ce: 2a:15:89:d1:a7:94:ea:46:92:e8:9f:b9:ca:2a:fc:e3:8e:9c: 2b:27:70:d1:e2:49:0d:77:96:d7:27:ed:61:2e:39:e4:ac:2c: 79:b5:33:5f:94:94:7d:59:7b:71:7f:62:60:56:c2:bc:18:4f: 00:22:3b:b7:79:27:ee:5a:fe:32:16:ed:4a:dc:63:e8:16:2e: c0:97:91:3c:4d:c7:47:c1:1e:84:ea:c6:7c:f4:38:a5:33:e8: 3e:a5:17:1c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WINx5CgPXootoSS49TXZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmZjQyNDJjMTBlNDM4NTM3ZTE2OWFiMDAyYmY2YmU4MWZh MmE1ZWQwHhcNMjYwMTAxMDIxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMjU5NjQ5NTMxYjA0NjlhMzUwZmIxZDYzMGM2ZjI3NjJiMzEwZDBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE1rsnPRxaEcRgdx4/t5O8995qFd p9w1GIoOQwZZnrCoBPkcTaZbcLb6vlBtxjdgTgFN7tjG9GniT/7SOpfEPZ9AAEaa NNOS2mIBnzCXsfSM0azST6HarhdqxoNyB7rqxvm6vr3Xw729Bis0kq5oqOOwBWKl yz0OGTAkng+sPBQRFyVLYHpypqqdNfjKPsUMuZi2kSlpzinRjnXec2+8ysGrATSM Z7/r0w4EX/P4+JvEzWF3Ywg4+0ZAJHkkKxJsUsEGTKEN27sHW3U4/xthfZK8H9KQ cJPK0nstoPJuQHBydmw/UJyOv8KzIzBWiCrFLvbQIgFWi7Tg9l0u4m2+CQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNJZZJUxsEaaNQ+x1jDG8nYrMQ0OMB8GA1UdIwQY MBaAFK/0JCwQ5DhTfhaasAK/a+gfoqXtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcl9Ra0xCRGtPRk4tRnBxd0FyOXI2Qi1pcGUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iOWEyODMtNWM4ZC00NjI4LTgwYmMt ZWU3YmEwZTlmN2NhLzEvMGxsa2xUR3dScG8xRDdIV01NYnlkaXN4RFE0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC9iOWEyODMtNWM4ZC00NjI4LTgwYmMtZWU3YmEwZTlmN2Nh LzEvcl9Ra0xCRGtPRk4tRnBxd0FyOXI2Qi1pcGUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYfcMA0G CSqGSIb3DQEBCwUAA4IBAQB6zBAsZJBCOvlLP1pgbJBQzp6Hj5ZrjU3G8EDi9rxY LmtP2KRikNCF9PF1hMTtHkzLmJHrho8kuelVlwHXquSE7UHnNy1CtmGNC2l9A0eU P/ROne6x3FGhPKfxJ9lDkgCTBsKJ7CKq0hHj1cs+Jbcx/CnQnNtZl8Cy44rsBU0a mXVOksld5BLfnNEp7bpxtvRdFnP01TBZ2chjQnWrCEMzAM4qFYnRp5TqRpLon7nK KvzjjpwrJ3DR4kkNd5bXJ+1hLjnkrCx5tTNflJR9WXtxf2JgVsK8GE8AIju3eSfu Wv4yFu1K3GPoFi7Al5E8TcdHwR6E6sZ89DilM+g+pRcc -----END CERTIFICATE-----Generated at Sun Jan 25 23:50:15 2026 by rpki-client