This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/RBXH0ektt1CQc3W3hp-LoPyoFDI.roa File: RBXH0ektt1CQc3W3hp-LoPyoFDI.roa (raw, json) Hash identifier: n7TnoGzFQ9ajRDTZ9C84X5KWHPVtB0cd7T1ju2YPzsI= Subject key identifier: 44:15:C7:D1:E9:2D:B7:50:90:73:75:B7:86:9F:8B:A0:FC:A8:14:32 Certificate issuer: /CN=4e0f39e2caae8e2cf14bcc41b23f3c86e1a720f8 Certificate serial: 019B7EA5A12317B6B0E66D30ECA7427E61C3 Authority key identifier: 4E:0F:39:E2:CA:AE:8E:2C:F1:4B:CC:41:B2:3F:3C:86:E1:A7:20:F8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tg854squjizxS8xBsj88huGnIPg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/RBXH0ektt1CQc3W3hp-LoPyoFDI.roa Signing time: Fri 02 Jan 2026 12:19:02 +0000 ROA not before: Fri 02 Jan 2026 12:19:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198203 IP address blocks: 185.157.208.0/24 maxlen: 24 185.157.209.0/24 maxlen: 24 185.157.210.0/24 maxlen: 24 185.157.211.0/24 maxlen: 24 2a03:afe1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/Tg854squjizxS8xBsj88huGnIPg.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/Tg854squjizxS8xBsj88huGnIPg.mft rsync://rpki.ripe.net/repository/DEFAULT/Tg854squjizxS8xBsj88huGnIPg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:a1:23:17:b6:b0:e6:6d:30:ec:a7:42:7e:61:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e0f39e2caae8e2cf14bcc41b23f3c86e1a720f8 Validity Not Before: Jan 2 12:19:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4415c7d1e92db750907375b7869f8ba0fca81432 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:30:4d:e1:f9:8c:97:37:c3:20:49:4d:f1:ee: c3:6a:d6:96:59:b9:02:4c:59:83:09:8e:df:a5:1d: ad:bd:0a:b2:7f:08:4d:60:fa:30:b1:45:3a:2e:db: de:26:1f:0a:8d:ab:7d:e5:f7:9d:10:d0:3c:32:e6: 0f:f8:bc:c8:4a:26:02:95:cc:87:48:24:5a:a1:dd: 40:20:46:27:20:73:41:df:2a:d6:8a:fa:85:34:fb: 9b:e4:25:1a:90:fa:02:17:01:14:ee:0e:65:47:47: cb:8b:29:d9:bf:35:f7:68:57:c9:9f:7f:76:a6:2a: 6b:90:48:09:a4:97:0c:d0:ef:f9:bc:51:d1:b6:e8: 52:91:18:61:37:c6:ab:77:af:aa:14:30:7e:9a:8c: 39:a1:61:94:8e:f9:38:af:18:ee:38:be:c6:2c:7b: 05:65:c8:0b:d4:60:55:4f:fb:dc:71:51:8a:30:e1: f3:b3:c6:50:38:ce:65:23:ce:26:7a:b3:0a:91:05: 8e:a4:2c:fd:c8:86:d9:74:c6:b9:96:cf:b9:db:1b: a8:7d:74:17:6c:34:e1:90:7a:06:90:a6:4c:38:af: 05:fc:07:56:f5:98:81:3c:5f:27:05:39:0b:7c:e7: c3:57:af:4c:c7:e9:b7:f5:ba:3e:0c:14:0a:ee:6f: 60:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:15:C7:D1:E9:2D:B7:50:90:73:75:B7:86:9F:8B:A0:FC:A8:14:32 X509v3 Authority Key Identifier: keyid:4E:0F:39:E2:CA:AE:8E:2C:F1:4B:CC:41:B2:3F:3C:86:E1:A7:20:F8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tg854squjizxS8xBsj88huGnIPg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/RBXH0ektt1CQc3W3hp-LoPyoFDI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/Tg854squjizxS8xBsj88huGnIPg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.157.208.0/22 IPv6: 2a03:afe1::/32 Signature Algorithm: sha256WithRSAEncryption 13:d6:c7:d2:54:ad:d6:86:a7:4a:94:8c:00:33:92:30:34:c6: 19:18:5a:97:0d:19:3c:93:77:32:f0:84:30:aa:e8:68:93:66: 5e:77:0e:c3:86:59:ca:b8:59:77:70:26:e0:f1:ba:36:4b:1f: d1:71:ac:29:89:8c:e4:d8:3a:c3:08:13:7b:a3:16:ad:4c:f0: c0:a1:15:09:16:0d:2d:0f:80:16:a7:fa:51:dc:7a:36:59:ab: 53:39:64:e2:d6:ca:de:f0:60:63:b0:18:7e:57:6b:37:92:78: 08:62:87:9c:bd:91:b4:a8:a0:da:ed:d1:9b:03:d1:98:f5:2e: 82:54:2a:d4:7e:99:11:3f:0b:04:ee:2d:b1:6e:6e:d8:f6:05: b2:b3:60:1c:93:5a:89:e8:62:6a:fa:a8:6a:ee:48:bd:8c:0f: fc:42:9f:56:54:d7:f7:91:3d:98:b2:6b:32:09:8f:48:45:78: 46:09:96:0d:3b:d5:74:c5:92:f8:f0:f3:50:99:ac:42:98:74: 32:e3:21:b7:be:06:ca:ce:e5:7a:4c:de:67:2b:aa:be:61:57: c8:4b:dc:0c:c3:40:87:d5:11:e3:e6:d7:69:d8:da:21:71:e6: 82:69:29:e9:25:89:31:d4:5e:93:03:ba:a4:ba:ad:64:71:5e: 17:c4:b2:0c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+paEjF7aw5m0w7KdCfmHDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlMGYzOWUyY2FhZThlMmNmMTRiY2M0MWIyM2YzYzg2ZTFh NzIwZjgwHhcNMjYwMTAyMTIxOTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NDE1YzdkMWU5MmRiNzUwOTA3Mzc1Yjc4NjlmOGJhMGZjYTgxNDMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zBN4fmMlzfDIElN8e7DataWWbkC TFmDCY7fpR2tvQqyfwhNYPowsUU6LtveJh8Kjat95fedENA8MuYP+LzISiYClcyH SCRaod1AIEYnIHNB3yrWivqFNPub5CUakPoCFwEU7g5lR0fLiynZvzX3aFfJn392 piprkEgJpJcM0O/5vFHRtuhSkRhhN8ard6+qFDB+mow5oWGUjvk4rxjuOL7GLHsF ZcgL1GBVT/vccVGKMOHzs8ZQOM5lI84merMKkQWOpCz9yIbZdMa5ls+52xuofXQX bDThkHoGkKZMOK8F/AdW9ZiBPF8nBTkLfOfDV69Mx+m39bo+DBQK7m9gAQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFEQVx9HpLbdQkHN1t4afi6D8qBQyMB8GA1UdIwQY MBaAFE4POeLKro4s8UvMQbI/PIbhpyD4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGc4NTRzcXVqaXp4Uzh4QnNqODhodUduSVBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kNWUzY2MtYzFjZC00ZDY4LWJlYzMt MWIwOGY3ZjUwMTVkLzEvUkJYSDBla3R0MUNRYzNXM2hwLUxvUHlvRkRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9kNWUzY2MtYzFjZC00ZDY4LWJlYzMtMWIwOGY3ZjUwMTVk LzEvVGc4NTRzcXVqaXp4Uzh4QnNqODhodUduSVBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ3QMA0E AgACMAcDBQAqA6/hMA0GCSqGSIb3DQEBCwUAA4IBAQAT1sfSVK3WhqdKlIwAM5Iw NMYZGFqXDRk8k3cy8IQwquhok2Zedw7DhlnKuFl3cCbg8bo2Sx/RcawpiYzk2DrD CBN7oxatTPDAoRUJFg0tD4AWp/pR3Ho2WatTOWTi1sre8GBjsBh+V2s3kngIYoec vZG0qKDa7dGbA9GY9S6CVCrUfpkRPwsE7i2xbm7Y9gWys2Ack1qJ6GJq+qhq7ki9 jA/8Qp9WVNf3kT2YsmsyCY9IRXhGCZYNO9V0xZL48PNQmaxCmHQy4yG3vgbKzuV6 TN5nK6q+YVfIS9wMw0CH1RHj5tdp2NohceaCaSnpJYkx1F6TA7qkuq1kcV4XxLIM -----END CERTIFICATE-----Generated at Mon Jan 26 14:16:41 2026 by rpki-client