This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4544e4-35db-4098-9040-539a0f26684d/1/nwKbwtoqpnT5gVqh1QUIgDFgOWQ.roa File: nwKbwtoqpnT5gVqh1QUIgDFgOWQ.roa (raw, json) Hash identifier: JOb72Ix/3IvyYR98c/TNjJBo/rc+TguIVe9HFGNgsGE= Subject key identifier: 9F:02:9B:C2:DA:2A:A6:74:F9:81:5A:A1:D5:05:08:80:31:60:39:64 Certificate issuer: /CN=1e9b8562615f5110d3551f8ec5dd056fb0a48aba Certificate serial: 019B7AC7ABDD5511C1479EE6EC8DB88B9BE5 Authority key identifier: 1E:9B:85:62:61:5F:51:10:D3:55:1F:8E:C5:DD:05:6F:B0:A4:8A:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpuFYmFfURDTVR-Oxd0Fb7Ckiro.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4544e4-35db-4098-9040-539a0f26684d/1/nwKbwtoqpnT5gVqh1QUIgDFgOWQ.roa Signing time: Thu 01 Jan 2026 18:17:44 +0000 ROA not before: Thu 01 Jan 2026 18:17:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59865 IP address blocks: 185.56.140.0/23 maxlen: 23 185.56.142.0/23 maxlen: 23 185.111.28.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/4544e4-35db-4098-9040-539a0f26684d/1/HpuFYmFfURDTVR-Oxd0Fb7Ckiro.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/4544e4-35db-4098-9040-539a0f26684d/1/HpuFYmFfURDTVR-Oxd0Fb7Ckiro.mft rsync://rpki.ripe.net/repository/DEFAULT/HpuFYmFfURDTVR-Oxd0Fb7Ckiro.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:ab:dd:55:11:c1:47:9e:e6:ec:8d:b8:8b:9b:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e9b8562615f5110d3551f8ec5dd056fb0a48aba Validity Not Before: Jan 1 18:17:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9f029bc2da2aa674f9815aa1d505088031603964 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:75:f9:e8:36:d4:66:d2:1a:7a:16:e7:7e:d3: ae:41:77:c4:7a:13:58:a8:43:31:58:02:be:4c:22: ed:55:f3:ba:c6:64:3d:c7:0b:48:bb:65:34:5f:45: 58:f7:c9:0c:dc:f1:44:d2:f9:34:e6:73:be:74:fa: f6:5b:82:9f:48:9f:e7:2b:ae:9a:ce:b6:42:ce:50: d2:26:f7:96:61:43:52:9f:00:59:ff:b5:81:22:62: 79:30:af:e7:3f:bc:0b:60:bf:a8:41:22:ff:b2:d6: 26:c8:ee:cf:71:7b:21:f8:7b:a8:07:cc:25:cf:82: 3b:ef:69:bc:1a:ff:89:81:f7:bf:3e:6a:c2:3f:dd: 58:fb:07:f3:83:82:36:87:4a:af:b5:ed:89:06:8e: a5:fb:b3:1b:58:23:a1:e5:5f:04:28:7c:6c:b0:f6: 1c:cc:29:16:8a:8d:de:83:29:77:9f:82:2b:6a:3e: 5e:c0:f1:2a:54:b9:f2:ac:f2:b2:89:2d:91:cf:3e: a7:52:d2:d2:b1:12:1d:49:ae:5a:de:54:31:1d:08: 0c:26:81:50:8e:fe:8f:37:a2:d6:93:bc:a4:8e:ad: 5c:3e:6a:08:bb:0c:f2:f4:ba:f0:0a:1d:b5:8b:fe: a4:5c:d5:8a:77:03:40:05:dd:d8:30:eb:90:77:1a: 96:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:02:9B:C2:DA:2A:A6:74:F9:81:5A:A1:D5:05:08:80:31:60:39:64 X509v3 Authority Key Identifier: keyid:1E:9B:85:62:61:5F:51:10:D3:55:1F:8E:C5:DD:05:6F:B0:A4:8A:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpuFYmFfURDTVR-Oxd0Fb7Ckiro.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4544e4-35db-4098-9040-539a0f26684d/1/nwKbwtoqpnT5gVqh1QUIgDFgOWQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4544e4-35db-4098-9040-539a0f26684d/1/HpuFYmFfURDTVR-Oxd0Fb7Ckiro.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.56.140.0/22 185.111.28.0/22 Signature Algorithm: sha256WithRSAEncryption 08:2a:37:fa:0d:6d:19:b4:e9:da:fb:ea:2c:6d:f5:54:10:1a: 38:00:aa:2c:80:ab:f7:5e:27:51:80:66:55:09:c1:10:dd:52: f3:a3:9b:3a:a1:bd:b7:79:a4:ea:d5:ef:90:ed:8b:ba:bd:c8: 1c:a6:c8:94:bb:12:5a:96:2c:9e:b8:dd:09:c8:92:b3:50:af: 72:35:44:a6:b1:8f:80:da:31:3d:45:bb:f2:96:fd:8e:48:24: ce:10:f5:85:70:16:d8:9e:a5:90:f8:41:45:2e:3d:5c:03:98: e3:38:74:2a:f6:1f:41:67:66:3f:e6:a2:e8:01:6c:b7:08:16: 9a:a8:bc:c2:a8:65:c8:bc:84:93:c5:5e:98:1d:df:87:cf:c6: cc:00:b8:49:d4:ff:d1:6b:be:31:c5:c9:6a:ba:12:a9:71:cb: 6a:c5:d9:23:b2:22:d6:3e:f6:a9:b6:98:e7:f8:a7:28:68:25: af:7e:86:42:56:20:ed:c6:ef:72:db:c6:60:ee:c0:00:87:91: 5c:86:a5:6c:63:0b:8c:a3:49:da:b5:bb:20:0f:7d:31:c5:19: ec:3b:ae:8d:48:42:2a:2f:2e:bc:4a:0b:6f:b9:60:ca:68:9e: 9f:11:12:2d:6e:5d:d4:ff:ba:4d:0e:67:02:3b:2c:53:66:38: 0b:ba:b8:2d -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6x6vdVRHBR57m7I24i5vlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlOWI4NTYyNjE1ZjUxMTBkMzU1MWY4ZWM1ZGQwNTZmYjBh NDhhYmEwHhcNMjYwMTAxMTgxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZjAyOWJjMmRhMmFhNjc0Zjk4MTVhYTFkNTA1MDg4MDMxNjAzOTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXX56DbUZtIaehbnftOuQXfEehNY qEMxWAK+TCLtVfO6xmQ9xwtIu2U0X0VY98kM3PFE0vk05nO+dPr2W4KfSJ/nK66a zrZCzlDSJveWYUNSnwBZ/7WBImJ5MK/nP7wLYL+oQSL/stYmyO7PcXsh+HuoB8wl z4I772m8Gv+Jgfe/PmrCP91Y+wfzg4I2h0qvte2JBo6l+7MbWCOh5V8EKHxssPYc zCkWio3egyl3n4Iraj5ewPEqVLnyrPKyiS2Rzz6nUtLSsRIdSa5a3lQxHQgMJoFQ jv6PN6LWk7ykjq1cPmoIuwzy9LrwCh21i/6kXNWKdwNABd3YMOuQdxqWJQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJ8Cm8LaKqZ0+YFaodUFCIAxYDlkMB8GA1UdIwQY MBaAFB6bhWJhX1EQ01UfjsXdBW+wpIq6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHB1RlltRmZVUkRUVlItT3hkMEZiN0NraXJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80NTQ0ZTQtMzVkYi00MDk4LTkwNDAt NTM5YTBmMjY2ODRkLzEvbndLYnd0b3FwblQ1Z1ZxaDFRVUlnREZnT1dRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS80NTQ0ZTQtMzVkYi00MDk4LTkwNDAtNTM5YTBmMjY2ODRk LzEvSHB1RlltRmZVUkRUVlItT3hkMEZiN0NraXJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuTiMAwQC uW8cMA0GCSqGSIb3DQEBCwUAA4IBAQAIKjf6DW0ZtOna++osbfVUEBo4AKosgKv3 XidRgGZVCcEQ3VLzo5s6ob23eaTq1e+Q7Yu6vcgcpsiUuxJaliyeuN0JyJKzUK9y NUSmsY+A2jE9Rbvylv2OSCTOEPWFcBbYnqWQ+EFFLj1cA5jjOHQq9h9BZ2Y/5qLo AWy3CBaaqLzCqGXIvISTxV6YHd+Hz8bMALhJ1P/Ra74xxclquhKpcctqxdkjsiLW Pvaptpjn+KcoaCWvfoZCViDtxu9y28Zg7sAAh5FchqVsYwuMo0natbsgD30xxRns O66NSEIqLy68SgtvuWDKaJ6fERItbl3U/7pNDmcCOyxTZjgLurgt -----END CERTIFICATE-----Generated at Sun Jan 25 21:06:12 2026 by rpki-client