This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Vr8UKQBR2K4aBwszRxtTMGpM3RU.roa File: Vr8UKQBR2K4aBwszRxtTMGpM3RU.roa (raw, json) Hash identifier: pBwjHOXlk8Xh2v3/m1xk7uIqqtM9MysBJJTXP9nTkqk= Subject key identifier: 56:BF:14:29:00:51:D8:AE:1A:07:0B:33:47:1B:53:30:6A:4C:DD:15 Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a Certificate serial: 019B7FF279A786B0F1A12D9EAFB3BB4AFA18 Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Vr8UKQBR2K4aBwszRxtTMGpM3RU.roa Signing time: Fri 02 Jan 2026 18:22:35 +0000 ROA not before: Fri 02 Jan 2026 18:22:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205343 IP address blocks: 89.252.206.0/24 maxlen: 24 89.252.207.0/24 maxlen: 24 89.252.242.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:79:a7:86:b0:f1:a1:2d:9e:af:b3:bb:4a:fa:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a Validity Not Before: Jan 2 18:22:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=56bf14290051d8ae1a070b33471b53306a4cdd15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:b5:3c:bc:4d:4f:8b:0e:52:84:4c:65:b5:04: 11:7c:32:63:15:87:8e:a0:9b:de:86:1d:fd:3a:ee: 29:37:38:00:53:b4:9a:e4:12:00:5b:21:0d:c2:57: 7e:22:b6:1e:f1:cd:98:3a:e0:ce:df:c7:c5:87:cd: de:e8:79:ac:ef:91:78:b0:a7:91:36:76:6c:05:21: 3e:e7:96:3a:35:84:c6:cc:c2:bd:4a:71:1f:e0:94: 15:5f:dc:ff:91:90:c3:9e:d5:b0:08:ee:b0:ae:e6: b7:56:7e:b7:f0:49:b7:23:24:b9:20:d0:62:55:18: 80:4f:47:0a:3e:fe:ad:39:54:86:50:3a:ce:7c:54: f0:1b:1f:1a:95:24:60:f8:d2:80:21:4e:9b:ea:33: 91:c0:f9:71:68:e8:21:c8:0f:05:a2:bb:77:b3:f5: ed:d9:86:8e:20:02:65:30:00:c5:f2:c5:c7:95:d5: 8a:45:83:74:d9:fd:92:a3:b6:ec:a5:9d:ee:94:7b: 10:21:66:22:5f:29:ba:ed:84:3c:41:46:a6:01:b9: 58:2d:0d:0a:b0:0b:8f:4e:a5:cc:58:c9:66:d1:db: ef:84:56:fe:5b:74:5c:a2:82:d2:1c:6b:d9:c1:3b: cf:74:9c:c1:29:a4:54:0c:8a:78:12:69:7d:67:9d: a9:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:BF:14:29:00:51:D8:AE:1A:07:0B:33:47:1B:53:30:6A:4C:DD:15 X509v3 Authority Key Identifier: keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Vr8UKQBR2K4aBwszRxtTMGpM3RU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.252.206.0/23 89.252.242.0/23 Signature Algorithm: sha256WithRSAEncryption 42:bc:ba:d4:da:c5:eb:d8:2e:39:d4:2c:34:e4:2f:7a:b0:79: e8:a1:6f:f2:22:36:c2:85:af:b3:8a:81:7e:e7:2c:14:bd:ad: 92:e5:c4:eb:57:af:69:41:c5:4b:08:01:63:dd:fc:2c:df:38: 70:5d:94:c9:4e:a3:22:99:a9:4b:53:a9:b4:c6:84:de:d0:c1: 2f:94:88:23:c1:8a:38:9c:e7:32:00:85:4e:03:c8:7d:61:0f: 5d:93:02:7b:9d:58:d5:3e:bd:88:4c:17:db:56:fd:9e:e3:4d: 23:8a:79:19:53:54:c0:3e:38:70:0c:f6:7e:fc:56:80:bd:93: 43:dd:a9:01:81:8c:46:9a:17:78:f7:b2:3d:ec:5d:ad:fe:ee: 00:ce:37:0f:8f:8c:53:5c:9b:32:42:37:99:01:bf:b2:a3:3c: bf:6a:00:92:f4:b9:08:02:7d:48:4c:ac:80:dc:ce:80:5a:f3: 92:83:ac:b8:00:ce:77:f9:77:aa:bc:06:de:7e:79:2e:63:9f: 63:99:da:f3:ed:1c:a0:8f:9d:bf:f6:54:c0:f5:7d:ac:f3:eb: 99:56:48:bc:10:18:ad:35:90:36:48:23:13:c9:ea:3c:16:49: 38:49:70:12:0d:d4:4d:a2:54:cd:d5:07:3b:bd:d5:4f:17:a7: e4:3d:3b:2e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/8nmnhrDxoS2er7O7SvoYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj M2YwMGEwHhcNMjYwMTAyMTgyMjM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NmJmMTQyOTAwNTFkOGFlMWEwNzBiMzM0NzFiNTMzMDZhNGNkZDE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbU8vE1Piw5ShExltQQRfDJjFYeO oJvehh39Ou4pNzgAU7Sa5BIAWyENwld+IrYe8c2YOuDO38fFh83e6Hms75F4sKeR NnZsBSE+55Y6NYTGzMK9SnEf4JQVX9z/kZDDntWwCO6wrua3Vn638Em3IyS5INBi VRiAT0cKPv6tOVSGUDrOfFTwGx8alSRg+NKAIU6b6jORwPlxaOghyA8Fort3s/Xt 2YaOIAJlMADF8sXHldWKRYN02f2So7bspZ3ulHsQIWYiXym67YQ8QUamAblYLQ0K sAuPTqXMWMlm0dvvhFb+W3RcooLSHGvZwTvPdJzBKaRUDIp4Eml9Z52pKwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFFa/FCkAUdiuGgcLM0cbUzBqTN0VMB8GA1UdIwQY MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt YjI3ZDZlMjc4ZTE4LzEvVnI4VUtRQlIySzRhQndzelJ4dFRNR3BNM1JVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4 LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWfzOAwQB WfzyMA0GCSqGSIb3DQEBCwUAA4IBAQBCvLrU2sXr2C451Cw05C96sHnooW/yIjbC ha+zioF+5ywUva2S5cTrV69pQcVLCAFj3fws3zhwXZTJTqMimalLU6m0xoTe0MEv lIgjwYo4nOcyAIVOA8h9YQ9dkwJ7nVjVPr2ITBfbVv2e400jinkZU1TAPjhwDPZ+ /FaAvZND3akBgYxGmhd497I97F2t/u4AzjcPj4xTXJsyQjeZAb+yozy/agCS9LkI An1ITKyA3M6AWvOSg6y4AM53+XeqvAbefnkuY59jmdrz7Rygj52/9lTA9X2s8+uZ Vki8EBitNZA2SCMTyeo8Fkk4SXASDdRNolTN1Qc7vdVPF6fkPTsu -----END CERTIFICATE-----Generated at Sun Jan 25 23:16:30 2026 by rpki-client