This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/RknQfllmaIIL42mzCcQ7LpFZAOc.roa File: RknQfllmaIIL42mzCcQ7LpFZAOc.roa (raw, json) Hash identifier: i+k0oXjivyUtbFbn5JtuJaO6nJh6Arlq9rqF2q7x/d8= Subject key identifier: 46:49:D0:7E:59:66:68:82:0B:E3:69:B3:09:C4:3B:2E:91:59:00:E7 Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685 Certificate serial: 019B7E390F130B7CFB52D1CF2AB00FB06DB6 Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/RknQfllmaIIL42mzCcQ7LpFZAOc.roa Signing time: Fri 02 Jan 2026 10:20:27 +0000 ROA not before: Fri 02 Jan 2026 10:20:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62240 IP address blocks: 85.142.184.0/21 maxlen: 24 85.142.248.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:0f:13:0b:7c:fb:52:d1:cf:2a:b0:0f:b0:6d:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685 Validity Not Before: Jan 2 10:20:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4649d07e596668820be369b309c43b2e915900e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:5c:bf:16:bd:22:e1:9c:80:8b:3f:87:2c:91: 98:b0:14:b1:7e:8a:3d:19:f1:ee:30:9e:c9:98:72: 49:b8:15:c4:49:36:3d:77:d6:a8:5b:94:69:b3:c7: 52:5a:e8:58:97:41:0d:9a:72:9a:47:09:eb:58:62: 25:94:ad:af:55:ee:42:c2:71:dc:2f:5b:15:f2:08: c9:54:ca:ee:20:e1:c7:b3:1e:49:db:ff:07:c1:3d: 77:9b:3e:a2:1b:ad:eb:35:c8:a4:df:14:e3:1a:ec: e7:3c:1f:5f:95:86:85:54:95:82:e6:44:b9:f7:6e: 8a:52:b7:6b:93:79:61:16:0d:2a:7d:de:ef:a0:31: 07:86:55:01:99:7b:8e:69:df:90:e3:f9:89:fd:10: 80:5a:aa:7b:d8:c6:ef:bf:eb:45:cc:a4:e1:7b:c7: a2:91:64:03:1c:b3:ed:1c:54:c6:71:d8:84:15:ca: 5b:21:37:b4:5d:4c:b2:d2:b3:23:c5:f9:71:97:ab: a5:7e:21:85:d0:56:9d:91:eb:f9:8d:9d:bc:f9:77: ca:71:cf:ce:4d:eb:3f:35:f5:84:b9:91:44:80:d9: 9a:9c:2b:be:4f:79:50:73:59:68:51:7c:7f:ed:56: 50:51:a8:2d:89:6f:5f:0c:ad:75:de:28:4e:96:91: f3:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:49:D0:7E:59:66:68:82:0B:E3:69:B3:09:C4:3B:2E:91:59:00:E7 X509v3 Authority Key Identifier: keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/RknQfllmaIIL42mzCcQ7LpFZAOc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.142.184.0/21 85.142.248.0/23 Signature Algorithm: sha256WithRSAEncryption 7d:d7:e1:53:b3:f9:b3:77:73:e9:1f:f4:ae:43:06:e4:98:c1: 83:d7:79:51:e3:a6:2e:b5:12:1a:2e:9f:5c:b0:17:5f:4f:52: 3a:fe:e4:03:d5:b2:4e:7a:ef:06:aa:7d:64:1b:cb:b7:a2:8d: ff:02:bb:fa:d4:d1:8d:4e:6d:19:c9:c4:3a:33:39:fa:c4:cf: cb:d5:ba:a1:77:af:25:56:68:18:6a:05:22:98:31:ca:9d:14: 81:cb:8e:34:e8:e6:c2:ca:c2:0b:8f:84:91:85:69:4c:1b:8b: 2d:e9:81:da:15:38:37:ac:4f:24:f4:7a:7f:88:a9:5b:11:c6: 5a:a4:de:3e:29:b7:1a:5a:f4:63:12:7c:22:36:37:10:c5:4a: 48:e0:87:2a:fc:47:ba:7c:d7:f4:e5:ce:40:f6:3d:9f:a6:51: 3d:2f:78:42:1a:cb:d5:ac:48:6c:d3:35:c7:3a:10:e3:fd:f2: bf:53:68:2f:2a:97:a4:46:1c:d7:9d:f9:21:a3:61:e8:7f:99: 9b:6a:1b:88:49:57:6c:c8:ab:da:3b:22:ed:22:ad:38:a8:b5: ce:da:20:cf:3f:5e:2a:9b:ca:96:b5:a9:ae:6c:a5:a6:01:c1: b4:66:0f:4c:a5:b8:5b:9a:c0:cf:03:e3:49:51:20:fa:f5:3c: 1f:ce:24:77 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+OQ8TC3z7UtHPKrAPsG22MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl MmM2ODUwHhcNMjYwMTAyMTAyMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NjQ5ZDA3ZTU5NjY2ODgyMGJlMzY5YjMwOWM0M2IyZTkxNTkwMGU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11y/Fr0i4ZyAiz+HLJGYsBSxfoo9 GfHuMJ7JmHJJuBXESTY9d9aoW5Rps8dSWuhYl0ENmnKaRwnrWGIllK2vVe5CwnHc L1sV8gjJVMruIOHHsx5J2/8HwT13mz6iG63rNcik3xTjGuznPB9flYaFVJWC5kS5 926KUrdrk3lhFg0qfd7voDEHhlUBmXuOad+Q4/mJ/RCAWqp72Mbvv+tFzKThe8ei kWQDHLPtHFTGcdiEFcpbITe0XUyy0rMjxflxl6ulfiGF0Fadkev5jZ28+XfKcc/O Tes/NfWEuZFEgNmanCu+T3lQc1loUXx/7VZQUagtiW9fDK113ihOlpHzmwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFEZJ0H5ZZmiCC+NpswnEOy6RWQDnMB8GA1UdIwQY MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt NDBkOTViZDMzZmNiLzEvUmtuUWZsbG1hSUlMNDJtekNjUTdMcEZaQU9jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVY64AwQB VY74MA0GCSqGSIb3DQEBCwUAA4IBAQB91+FTs/mzd3PpH/SuQwbkmMGD13lR46Yu tRIaLp9csBdfT1I6/uQD1bJOeu8Gqn1kG8u3oo3/Arv61NGNTm0ZycQ6Mzn6xM/L 1bqhd68lVmgYagUimDHKnRSBy4406ObCysILj4SRhWlMG4st6YHaFTg3rE8k9Hp/ iKlbEcZapN4+KbcaWvRjEnwiNjcQxUpI4Icq/Ee6fNf05c5A9j2fplE9L3hCGsvV rEhs0zXHOhDj/fK/U2gvKpekRhzXnfkho2Hof5mbahuISVdsyKvaOyLtIq04qLXO 2iDPP14qm8qWtamubKWmAcG0Zg9MpbhbmsDPA+NJUSD69TwfziR3 -----END CERTIFICATE-----Generated at Sun Jan 25 17:33:06 2026 by rpki-client