This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/aihBYA5xplYmWfW8AOuewemRnFY.roa File: aihBYA5xplYmWfW8AOuewemRnFY.roa (raw, json) Hash identifier: wUPGbJwm1otYE0/5qPkx6y5JVuMAsf3lCIi1krAa/d8= Subject key identifier: 6A:28:41:60:0E:71:A6:56:26:59:F5:BC:00:EB:9E:C1:E9:91:9C:56 Certificate issuer: /CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07 Certificate serial: 019B77C685FF7B119E1CE98C9E7E28C8DA6E Authority key identifier: 02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/aihBYA5xplYmWfW8AOuewemRnFY.roa Signing time: Thu 01 Jan 2026 04:17:37 +0000 ROA not before: Thu 01 Jan 2026 04:17:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56402 IP address blocks: 185.120.168.0/23 maxlen: 23 185.120.168.0/24 maxlen: 24 185.120.169.0/24 maxlen: 24 2a02:16c0::/29 maxlen: 29 2a02:16c0::/30 maxlen: 30 2a02:16c4::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.mft rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:85:ff:7b:11:9e:1c:e9:8c:9e:7e:28:c8:da:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07 Validity Not Before: Jan 1 04:17:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a2841600e71a6562659f5bc00eb9ec1e9919c56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:45:8e:8f:56:72:16:74:32:28:8d:f9:bb:3a: 9f:23:3a:68:99:97:fd:c7:db:ea:8e:a4:41:d6:57: 13:f8:51:6f:25:ca:69:0b:59:2c:3d:6e:e6:41:c3: 60:56:fa:2d:ee:22:d4:7f:07:fd:c5:8a:59:e4:0e: e6:39:ad:66:78:a4:6c:5f:fb:12:34:73:d5:47:b9: cb:56:af:17:91:23:49:4e:c1:c1:78:44:30:a5:2a: 95:d9:68:d9:63:71:87:7b:b1:26:27:7a:8c:b7:99: bd:39:44:5c:0f:5d:00:72:ac:a8:fc:6b:5e:0c:de: 86:45:1e:f6:5d:ac:44:87:82:95:71:cc:1b:a8:5c: 3a:26:6a:78:e3:f1:a6:88:24:b3:bd:30:60:4f:83: e8:3b:6e:4a:c3:fe:d0:29:38:33:0d:d0:67:17:c0: 37:49:ca:e1:c0:11:fe:45:d5:3e:61:56:e4:c9:8e: ea:be:cb:b4:e7:12:a9:31:b7:40:87:8a:9e:e6:c6: c3:c7:19:e4:ed:d7:ea:1e:03:46:66:22:ab:5c:1e: ca:c5:41:43:30:89:23:32:b0:44:cd:10:73:19:ae: 27:b4:ce:d3:22:69:9c:12:28:29:75:1d:2d:05:10: 1e:5e:d6:fc:bf:f6:18:32:89:0c:22:66:07:08:29: 4d:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:28:41:60:0E:71:A6:56:26:59:F5:BC:00:EB:9E:C1:E9:91:9C:56 X509v3 Authority Key Identifier: keyid:02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/aihBYA5xplYmWfW8AOuewemRnFY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.120.168.0/23 IPv6: 2a02:16c0::/29 Signature Algorithm: sha256WithRSAEncryption 2a:c7:90:af:03:07:53:83:8f:de:a6:d9:a3:aa:c2:bd:1d:08: 08:f1:47:d5:56:59:b3:51:76:40:7c:ac:a9:bf:ca:03:e5:fb: cf:34:1e:f0:86:5e:00:db:d7:20:19:b1:2b:84:92:40:b7:9f: a5:12:56:f1:d9:fb:55:e8:d1:a7:74:56:21:97:bf:d2:ae:c2: b6:0b:de:ab:7d:df:30:51:48:41:b3:b3:e1:b8:4b:87:91:b7: 2c:7a:7a:55:25:d8:80:ae:3c:c0:b7:5a:68:e2:39:7d:4e:1c: be:af:28:8c:be:64:e0:7f:dd:d1:8f:ab:22:1e:e8:0c:dc:03: ae:ac:b2:d9:7c:f0:05:37:fe:87:42:ba:ee:ca:48:5a:d4:c5: ca:9a:ca:dd:d6:f4:91:05:2e:92:d8:cb:ba:1d:d1:4e:d3:82: fe:25:73:2a:69:7d:b8:66:3a:d5:5b:84:09:03:47:cb:8d:c7: f6:8e:6f:5e:80:1e:85:f2:de:b2:53:0c:99:cb:8c:cb:4e:27: 31:49:b4:c1:bf:a5:16:6a:02:e1:74:19:26:76:88:f9:a7:5d: ba:4a:9f:23:08:de:46:a8:b5:75:64:5b:24:a7:cd:af:75:6c: b1:e7:90:bd:3d:3f:fe:04:44:a4:50:b7:7e:79:03:b6:6f:07: 03:0a:8b:06 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3xoX/exGeHOmMnn4oyNpuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyODNhOGM2OWEyNjMwY2Q4ZjZmYTcwYWYyYTUzZmUwMTlm MmNjMDcwHhcNMjYwMTAxMDQxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YTI4NDE2MDBlNzFhNjU2MjY1OWY1YmMwMGViOWVjMWU5OTE5YzU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUWOj1ZyFnQyKI35uzqfIzpomZf9 x9vqjqRB1lcT+FFvJcppC1ksPW7mQcNgVvot7iLUfwf9xYpZ5A7mOa1meKRsX/sS NHPVR7nLVq8XkSNJTsHBeEQwpSqV2WjZY3GHe7EmJ3qMt5m9OURcD10Acqyo/Gte DN6GRR72XaxEh4KVccwbqFw6Jmp44/GmiCSzvTBgT4PoO25Kw/7QKTgzDdBnF8A3 ScrhwBH+RdU+YVbkyY7qvsu05xKpMbdAh4qe5sbDxxnk7dfqHgNGZiKrXB7KxUFD MIkjMrBEzRBzGa4ntM7TImmcEigpdR0tBRAeXtb8v/YYMokMImYHCClNHwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGooQWAOcaZWJln1vADrnsHpkZxWMB8GA1UdIwQY MBaAFAKDqMaaJjDNj2+nCvKlP+AZ8swHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQW9Pb3hwb21NTTJQYjZjSzhxVV80Qm55ekFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8xYzI0YWQtMjRiNC00Yzk4LWE2NTkt NTkyYzBkY2RhZjc5LzEvYWloQllBNXhwbFltV2ZXOEFPdWV3ZW1SbkZZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi8xYzI0YWQtMjRiNC00Yzk4LWE2NTktNTkyYzBkY2RhZjc5 LzEvQW9Pb3hwb21NTTJQYjZjSzhxVV80Qm55ekFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuXioMA0E AgACMAcDBQMqAhbAMA0GCSqGSIb3DQEBCwUAA4IBAQAqx5CvAwdTg4/eptmjqsK9 HQgI8UfVVlmzUXZAfKypv8oD5fvPNB7whl4A29cgGbErhJJAt5+lElbx2ftV6NGn dFYhl7/SrsK2C96rfd8wUUhBs7PhuEuHkbcsenpVJdiArjzAt1po4jl9Thy+ryiM vmTgf93Rj6siHugM3AOurLLZfPAFN/6HQrruykha1MXKmsrd1vSRBS6S2Mu6HdFO 04L+JXMqaX24ZjrVW4QJA0fLjcf2jm9egB6F8t6yUwyZy4zLTicxSbTBv6UWagLh dBkmdoj5p126Sp8jCN5GqLV1ZFskp82vdWyx55C9PT/+BESkULd+eQO2bwcDCosG -----END CERTIFICATE-----Generated at Mon Jan 26 19:35:43 2026 by rpki-client