This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/cK35oW3CRoDVTabPCj-bao3z8NI.roa File: cK35oW3CRoDVTabPCj-bao3z8NI.roa (raw, json) Hash identifier: Ebd+i8ctjoE4+ZV/syWp95hkz3ZcP0gcjB71tiszUJs= Subject key identifier: 70:AD:F9:A1:6D:C2:46:80:D5:4D:A6:CF:0A:3F:9B:6A:8D:F3:F0:D2 Certificate issuer: /CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5 Certificate serial: 019B7D5C05A2F4CD6CBDF01D28639F67294D Authority key identifier: BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/cK35oW3CRoDVTabPCj-bao3z8NI.roa Signing time: Fri 02 Jan 2026 06:19:01 +0000 ROA not before: Fri 02 Jan 2026 06:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58224 IP address blocks: 185.66.228.0/24 maxlen: 24 185.66.229.0/24 maxlen: 24 185.66.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.mft rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:05:a2:f4:cd:6c:bd:f0:1d:28:63:9f:67:29:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5 Validity Not Before: Jan 2 06:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=70adf9a16dc24680d54da6cf0a3f9b6a8df3f0d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:53:e3:6a:c6:b8:91:98:cb:f2:50:ab:d5:50: cd:0d:3e:51:6e:bc:72:8c:43:f6:6e:79:65:f0:c2: 3b:04:0f:b9:99:74:e7:c5:af:84:7e:77:fb:cb:fd: 89:11:22:d1:91:53:99:04:78:fa:47:98:44:37:f7: 30:03:c1:8a:1e:ff:de:3b:89:b6:12:c9:65:19:c4: 37:1e:8c:d9:28:4b:2f:a4:48:aa:22:22:47:f8:13: b2:38:cb:3b:df:f5:6c:40:d2:d1:f7:38:51:e9:5c: 10:71:08:72:97:f7:ec:ca:ea:4d:b9:28:de:64:a2: 35:d7:ef:60:3e:e4:b0:1d:87:db:4f:f5:9e:fd:df: da:f1:1a:cb:26:70:c1:4c:c3:54:d6:a8:52:b1:0c: 57:a6:ee:39:94:0c:87:3c:c6:16:d4:d7:d1:79:da: 0b:e7:28:5b:17:e4:85:0b:4d:d6:24:2f:cd:69:c5: 82:0f:11:56:d8:e5:5c:c7:15:a7:fb:1c:c3:84:db: 9f:44:13:85:82:bb:07:2d:6a:83:2b:f2:2b:89:7e: 72:7c:53:77:e1:e1:e3:68:5b:b3:d2:5f:bb:a2:10: a7:c2:bc:6c:a7:4f:3b:a0:5e:fd:b1:86:a8:c2:69: 24:41:8b:f3:e3:d7:d0:a1:40:d2:6c:2d:03:1e:b5: 79:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:AD:F9:A1:6D:C2:46:80:D5:4D:A6:CF:0A:3F:9B:6A:8D:F3:F0:D2 X509v3 Authority Key Identifier: keyid:BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/cK35oW3CRoDVTabPCj-bao3z8NI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.66.228.0/23 185.66.231.0/24 Signature Algorithm: sha256WithRSAEncryption 77:c0:37:3c:15:06:ae:fc:19:48:df:b9:8a:a1:5b:1f:61:0c: de:df:7f:b9:fa:bf:cb:6d:da:9d:35:74:ff:cf:56:7a:a1:bb: 10:df:53:2e:de:59:ab:48:1a:2b:ca:a6:5a:ea:d2:a7:56:7c: fc:47:55:cb:f7:d6:29:9b:9c:c9:c6:6c:b2:73:be:28:3d:f5: 12:80:ad:e4:ad:e1:1e:6c:51:0d:6a:7b:50:cd:fc:b4:b9:98: 26:9a:29:19:51:08:05:bc:4b:95:0b:03:fd:63:ea:2a:30:3f: 45:b9:b2:3d:e4:8e:1c:a3:d0:22:7c:c6:3a:c5:9c:7a:d8:eb: fa:ce:ce:12:04:25:a8:f5:43:de:49:45:da:47:3b:37:4c:1f: 16:09:33:82:f0:72:1f:54:1e:48:4e:3b:e0:6d:39:a2:31:d0: 21:d8:e3:96:a0:ca:fe:41:13:ac:a8:20:bf:f2:fe:d2:b2:5c: cf:3f:95:2b:97:01:dc:0b:21:2a:49:a8:71:7c:cd:73:8c:f3: 2c:46:13:10:a5:5b:5d:3f:93:e4:e6:49:b7:e4:f5:08:82:6c: 11:0a:10:c8:a4:51:7d:39:fc:ef:f9:60:6e:42:b0:c9:85:ef: 12:93:a0:6d:e1:05:df:a8:67:d6:45:03:59:bd:1f:77:96:c3: cd:5b:fe:40 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XAWi9M1svfAdKGOfZylNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmNWRiODExYjVkNWQwNWJlYzM3ZWU5ZDA5YTRlYzUyZWVl ZDFhZDUwHhcNMjYwMTAyMDYxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MGFkZjlhMTZkYzI0NjgwZDU0ZGE2Y2YwYTNmOWI2YThkZjNmMGQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1Pjasa4kZjL8lCr1VDNDT5Rbrxy jEP2bnll8MI7BA+5mXTnxa+Efnf7y/2JESLRkVOZBHj6R5hEN/cwA8GKHv/eO4m2 EsllGcQ3HozZKEsvpEiqIiJH+BOyOMs73/VsQNLR9zhR6VwQcQhyl/fsyupNuSje ZKI11+9gPuSwHYfbT/We/d/a8RrLJnDBTMNU1qhSsQxXpu45lAyHPMYW1NfRedoL 5yhbF+SFC03WJC/NacWCDxFW2OVcxxWn+xzDhNufRBOFgrsHLWqDK/IriX5yfFN3 4eHjaFuz0l+7ohCnwrxsp087oF79sYaowmkkQYvz49fQoUDSbC0DHrV56QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHCt+aFtwkaA1U2mzwo/m2qN8/DSMB8GA1UdIwQY MBaAFL9duBG11dBb7DfunQmk7FLu7RrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2Mt NzE1ZjA5ODE3MzQxLzEvY0szNW9XM0NSb0RWVGFiUENqLWJhbzN6OE5JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2MtNzE1ZjA5ODE3MzQx LzEvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuULkAwQA uULnMA0GCSqGSIb3DQEBCwUAA4IBAQB3wDc8FQau/BlI37mKoVsfYQze33+5+r/L bdqdNXT/z1Z6obsQ31Mu3lmrSBoryqZa6tKnVnz8R1XL99Ypm5zJxmyyc74oPfUS gK3kreEebFENantQzfy0uZgmmikZUQgFvEuVCwP9Y+oqMD9FubI95I4co9AifMY6 xZx62Ov6zs4SBCWo9UPeSUXaRzs3TB8WCTOC8HIfVB5ITjvgbTmiMdAh2OOWoMr+ QROsqCC/8v7SslzPP5UrlwHcCyEqSahxfM1zjPMsRhMQpVtdP5Pk5km35PUIgmwR ChDIpFF9Ofzv+WBuQrDJhe8Sk6Bt4QXfqGfWRQNZvR93lsPNW/5A -----END CERTIFICATE-----Generated at Sun Jan 25 22:15:25 2026 by rpki-client