This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/PuWzaWDPZdUuUrxGCiIHTaSNw1I.roa File: PuWzaWDPZdUuUrxGCiIHTaSNw1I.roa (raw, json) Hash identifier: ZhpxPkZ5HeM7Cta+60eILIvsV0BXzirBM2q8c5C0MXo= Subject key identifier: 3E:E5:B3:69:60:CF:65:D5:2E:52:BC:46:0A:22:07:4D:A4:8D:C3:52 Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a Certificate serial: 019B77C6D6309DC2DA2F6B168B11347C6C78 Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/PuWzaWDPZdUuUrxGCiIHTaSNw1I.roa Signing time: Thu 01 Jan 2026 04:17:58 +0000 ROA not before: Thu 01 Jan 2026 04:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31643 IP address blocks: 85.28.0.0/20 maxlen: 20 85.28.0.0/21 maxlen: 21 85.28.8.0/21 maxlen: 21 85.28.16.0/20 maxlen: 20 85.28.16.0/21 maxlen: 21 85.28.24.0/21 maxlen: 21 85.28.32.0/20 maxlen: 20 217.151.16.0/20 maxlen: 20 217.151.16.0/21 maxlen: 21 217.151.24.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.mft rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:d6:30:9d:c2:da:2f:6b:16:8b:11:34:7c:6c:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a Validity Not Before: Jan 1 04:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3ee5b36960cf65d52e52bc460a22074da48dc352 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c2:9c:3d:5b:2c:41:4c:c6:50:71:9c:6b:2b: d6:14:67:5d:5b:de:b5:ce:9f:1f:b5:5d:db:48:12: 1c:2a:dd:d0:41:f9:38:ee:a7:06:7a:ef:0f:ca:c7: 2d:5f:89:5f:8f:b5:70:3d:7a:44:a9:8b:f4:64:28: 6e:d4:10:6a:6d:67:ae:50:75:0d:02:5a:23:46:ea: 2b:2d:d3:7e:30:02:f5:02:07:d9:65:89:02:4d:e3: b7:05:1b:89:40:3c:d2:00:e6:38:6a:3c:33:6b:82: 3b:bf:e5:66:55:7a:72:8d:12:1d:ba:5c:76:41:8c: f3:dd:47:10:f2:47:f2:05:7c:e4:bf:59:f2:39:81: 22:0a:f1:d2:32:b5:06:a1:0d:a0:33:34:b0:98:fd: d6:35:ba:6e:c3:c1:55:b7:c8:05:8b:8c:b9:d6:fb: b0:2c:ec:08:24:00:f1:05:7c:ba:43:4c:ff:c9:d5: f3:3d:14:0f:ab:56:27:96:92:4f:de:80:4e:4d:29: c2:a2:23:af:ea:68:43:8b:a8:af:55:16:71:29:5c: b3:c2:62:be:22:65:42:d5:00:9e:f3:d6:47:a9:f8: 3a:a2:39:87:eb:2c:86:6a:12:9e:91:3d:4d:76:3e: cf:cf:da:bc:b9:a2:7c:6a:f1:f4:86:1c:be:ba:59: 0f:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:E5:B3:69:60:CF:65:D5:2E:52:BC:46:0A:22:07:4D:A4:8D:C3:52 X509v3 Authority Key Identifier: keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/PuWzaWDPZdUuUrxGCiIHTaSNw1I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.28.0.0-85.28.47.255 217.151.16.0/20 Signature Algorithm: sha256WithRSAEncryption 9a:5c:99:5f:93:92:74:f7:4c:34:0b:10:7b:21:93:cf:c8:d5: b7:d5:cc:0a:e0:f4:e1:6d:0d:fb:55:04:2e:9e:04:48:8c:af: d4:90:63:c9:f7:67:25:61:45:dd:aa:9c:5e:94:bd:6f:84:4a: e3:44:63:fb:90:47:f6:1a:73:36:60:fb:ca:e8:6b:d0:5e:5a: 01:4d:8c:77:2e:03:d6:7e:39:a9:9d:7f:ff:b3:18:3a:3e:d4: c7:38:55:19:11:18:c8:8b:26:a1:2c:4b:05:7f:0c:f4:a3:7d: fe:3e:d1:60:de:a1:e8:e8:63:32:5e:00:a0:ca:d2:ea:0a:32: f3:47:a0:b2:e1:23:97:ba:84:44:fc:47:cc:45:04:f7:23:25: 60:e3:9e:4b:aa:a4:71:44:25:e1:34:47:a4:d1:43:e7:99:9b: 1c:f8:af:1f:87:ad:7c:10:55:8f:49:91:b9:e7:51:ae:c6:a0: 90:5f:bb:fa:45:24:be:1b:5e:91:a2:c9:e7:20:8e:5d:b2:a4: ec:a9:7c:df:ae:15:51:57:93:4e:bb:89:f8:21:b4:dd:51:90: e5:2f:da:22:30:ce:66:cf:6f:b5:12:f4:62:61:89:bd:da:6e: b4:51:76:43:b6:09:9a:1c:a9:eb:ce:32:23:93:e2:6b:67:22: bc:c6:ba:49 -----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgISAZt3xtYwncLaL2sWixE0fGx4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2 NTg4MWEwHhcNMjYwMTAxMDQxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZWU1YjM2OTYwY2Y2NWQ1MmU1MmJjNDYwYTIyMDc0ZGE0OGRjMzUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcKcPVssQUzGUHGcayvWFGddW961 zp8ftV3bSBIcKt3QQfk47qcGeu8PysctX4lfj7VwPXpEqYv0ZChu1BBqbWeuUHUN AlojRuorLdN+MAL1AgfZZYkCTeO3BRuJQDzSAOY4ajwza4I7v+VmVXpyjRIdulx2 QYzz3UcQ8kfyBXzkv1nyOYEiCvHSMrUGoQ2gMzSwmP3WNbpuw8FVt8gFi4y51vuw LOwIJADxBXy6Q0z/ydXzPRQPq1YnlpJP3oBOTSnCoiOv6mhDi6ivVRZxKVyzwmK+ ImVC1QCe89ZHqfg6ojmH6yyGahKekT1Ndj7Pz9q8uaJ8avH0hhy+ulkPOwIDAQAB o4ICFjCCAhIwHQYDVR0OBBYEFD7ls2lgz2XVLlK8RgoiB02kjcNSMB8GA1UdIwQY MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct ZmViYjY0YjVlMTY0LzEvUHVXemFXRFBaZFV1VXJ4R0NpSUhUYVNOdzFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0 LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwJVHAME BFUcIAMEBNmXEDANBgkqhkiG9w0BAQsFAAOCAQEAmlyZX5OSdPdMNAsQeyGTz8jV t9XMCuD04W0N+1UELp4ESIyv1JBjyfdnJWFF3aqcXpS9b4RK40Rj+5BH9hpzNmD7 yuhr0F5aAU2Mdy4D1n45qZ1//7MYOj7UxzhVGREYyIsmoSxLBX8M9KN9/j7RYN6h 6OhjMl4AoMrS6goy80egsuEjl7qERPxHzEUE9yMlYOOeS6qkcUQl4TRHpNFD55mb HPivH4etfBBVj0mRuedRrsagkF+7+kUkvhtekaLJ5yCOXbKk7Kl8364VUVeTTruJ +CG03VGQ5S/aIjDOZs9vtRL0YmGJvdputFF2Q7YJmhyp684yI5Pia2civMa6SQ== -----END CERTIFICATE-----Generated at Sun Jan 25 17:45:59 2026 by rpki-client