This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pAAezYzOcsVVYLak2fuvQQykMQU.roa File: pAAezYzOcsVVYLak2fuvQQykMQU.roa (raw, json) Hash identifier: lC9WkIcW0qzeOS+/+DkWf09+stuWxOIyUMebWrS+WNk= Subject key identifier: A4:00:1E:CD:8C:CE:72:C5:55:60:B6:A4:D9:FB:AF:41:0C:A4:31:05 Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a Certificate serial: 019B77C73508EB680A71B2A8970D74EC6860 Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pAAezYzOcsVVYLak2fuvQQykMQU.roa Signing time: Thu 01 Jan 2026 04:18:22 +0000 ROA not before: Thu 01 Jan 2026 04:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43832 IP address blocks: 193.232.160.0/24 maxlen: 24 193.232.177.0/24 maxlen: 24 2a0c:a9c7:160::/48 maxlen: 48 2a0c:a9c7:177::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:35:08:eb:68:0a:71:b2:a8:97:0d:74:ec:68:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a Validity Not Before: Jan 1 04:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a4001ecd8cce72c55560b6a4d9fbaf410ca43105 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:79:41:61:21:d6:9b:f2:71:db:26:50:41:12: 70:c7:a4:89:a1:f8:e0:26:f8:75:a8:12:b8:ef:92: 98:b2:00:fb:02:41:e9:a1:ba:5a:fd:7f:70:56:af: 65:9e:93:c3:a9:54:62:bb:d8:9a:39:cf:95:aa:11: 85:f0:88:3a:b9:2c:00:3c:47:1b:af:4b:4d:6f:92: 07:41:6a:61:52:2a:43:95:64:77:fc:aa:7e:61:7a: 6b:bb:88:e0:b8:85:e9:92:83:ad:95:02:a8:3a:95: a2:bf:73:9e:de:24:f0:44:a1:82:43:34:c6:9a:6c: b9:01:64:d1:92:d2:a8:fd:d4:a9:8e:2b:6c:c7:d3: 97:55:5f:f2:67:f6:de:0f:b2:d4:f9:2d:e9:29:a7: 49:ed:ee:98:ad:6a:9e:4a:66:1d:ff:67:8c:9e:9d: 3e:e8:69:61:19:f4:4c:23:8c:d9:09:c4:7a:30:f8: ee:ea:f4:b3:ff:f1:42:87:a5:66:e5:c7:9c:b9:e9: 3b:56:c8:b9:fc:d6:4d:d1:54:11:71:d6:99:77:37: c7:b6:8e:1e:85:31:08:28:ca:72:e6:63:27:07:d8: 57:7a:0f:c0:9e:aa:47:0c:2b:16:5a:79:be:47:41: 22:5c:2a:9b:27:08:a1:0e:ee:25:f5:3f:64:59:58: 9b:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:00:1E:CD:8C:CE:72:C5:55:60:B6:A4:D9:FB:AF:41:0C:A4:31:05 X509v3 Authority Key Identifier: keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pAAezYzOcsVVYLak2fuvQQykMQU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.232.160.0/24 193.232.177.0/24 IPv6: 2a0c:a9c7:160::/48 2a0c:a9c7:177::/48 Signature Algorithm: sha256WithRSAEncryption 9b:17:63:ff:86:55:88:f4:8d:8b:a4:59:66:c9:79:70:b0:e9: 37:10:c6:cc:da:18:f7:29:fd:5c:28:68:7d:5f:58:85:ef:b1: 10:8c:4f:c0:91:42:5f:bc:f3:20:5d:32:29:45:bd:e6:82:7c: 2d:95:6a:3e:96:5b:c5:7e:4d:50:f0:98:56:91:7b:a7:0a:7d: ab:e6:f0:8d:a4:d7:5f:ba:3d:de:86:7a:d5:e5:9d:83:b2:6a: 2a:82:e8:34:38:25:23:31:64:be:cc:1f:b6:f5:a4:67:51:29: ec:a8:df:bb:e6:55:46:c2:e0:c9:d1:f9:e3:1b:74:69:7d:17: bd:b3:44:35:a6:22:61:0d:b9:f9:14:be:cb:28:8d:e6:25:88: 76:f7:60:22:ad:3f:66:75:e4:2b:31:c5:ba:f2:e1:db:e9:41: a6:b2:ee:c8:75:34:5c:28:50:5b:79:17:ca:90:82:d6:40:c7: 5f:ff:70:d0:d9:d2:e7:30:13:c3:44:0a:b2:b1:46:0e:3f:e8: 73:45:5f:4b:44:a0:d1:19:bc:4a:2d:1d:39:da:22:54:61:68: 16:55:b0:a1:0b:be:49:eb:88:74:4d:42:ce:27:5f:f2:e0:92: 7e:71:e6:c0:ff:7b:25:14:53:cc:40:f8:45:cd:46:0c:66:94: ee:00:e3:58 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZt3xzUI62gKcbKolw107GhgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx NjQ2NGEwHhcNMjYwMTAxMDQxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNDAwMWVjZDhjY2U3MmM1NTU2MGI2YTRkOWZiYWY0MTBjYTQzMTA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXlBYSHWm/Jx2yZQQRJwx6SJofjg Jvh1qBK475KYsgD7AkHpobpa/X9wVq9lnpPDqVRiu9iaOc+VqhGF8Ig6uSwAPEcb r0tNb5IHQWphUipDlWR3/Kp+YXpru4jguIXpkoOtlQKoOpWiv3Oe3iTwRKGCQzTG mmy5AWTRktKo/dSpjitsx9OXVV/yZ/beD7LU+S3pKadJ7e6YrWqeSmYd/2eMnp0+ 6GlhGfRMI4zZCcR6MPju6vSz//FCh6Vm5cecuek7Vsi5/NZN0VQRcdaZdzfHto4e hTEIKMpy5mMnB9hXeg/AnqpHDCsWWnm+R0EiXCqbJwihDu4l9T9kWVibvQIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFKQAHs2MznLFVWC2pNn7r0EMpDEFMB8GA1UdIwQY MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt OWU5YTFlMDM3MzhlLzEvcEFBZXpZek9jc1ZWWUxhazJmdXZRUXlrTVFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAweigAwQA weixMBgEAgACMBIDBwAqDKnHAWADBwAqDKnHAXcwDQYJKoZIhvcNAQELBQADggEB AJsXY/+GVYj0jYukWWbJeXCw6TcQxszaGPcp/VwoaH1fWIXvsRCMT8CRQl+88yBd MilFveaCfC2Vaj6WW8V+TVDwmFaRe6cKfavm8I2k11+6Pd6GetXlnYOyaiqC6DQ4 JSMxZL7MH7b1pGdRKeyo37vmVUbC4MnR+eMbdGl9F72zRDWmImENufkUvssojeYl iHb3YCKtP2Z15Csxxbry4dvpQaay7sh1NFwoUFt5F8qQgtZAx1//cNDZ0ucwE8NE CrKxRg4/6HNFX0tEoNEZvEotHTnaIlRhaBZVsKELvknriHRNQs4nX/Lgkn5x5sD/ eyUUU8xA+EXNRgxmlO4A41g= -----END CERTIFICATE-----Generated at Sun Jan 25 14:40:09 2026 by rpki-client