This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/1-kqNcEC470FL-8tMUqoOnQYiF9M.roa File: 1-kqNcEC470FL-8tMUqoOnQYiF9M.roa (raw, json) Hash identifier: EJlZOy6PuzNDvgY+mmcKZwX7cS9939GtFAUq2p+3aFQ= Subject key identifier: FA:4A:8D:70:40:B8:EF:41:4B:FB:CB:4C:52:AA:0E:9D:06:22:17:D3 Certificate issuer: /CN=10eedc33aa442907189f0b3c563836951fb185bb Certificate serial: 019B7A59C35767BF8024BD4E51705C0CCCC2 Authority key identifier: 10:EE:DC:33:AA:44:29:07:18:9F:0B:3C:56:38:36:95:1F:B1:85:BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EO7cM6pEKQcYnws8Vjg2lR-xhbs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/1-kqNcEC470FL-8tMUqoOnQYiF9M.roa Signing time: Thu 01 Jan 2026 16:17:41 +0000 ROA not before: Thu 01 Jan 2026 16:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207094 IP address blocks: 185.165.220.0/22 maxlen: 24 185.165.220.0/24 maxlen: 24 185.165.221.0/24 maxlen: 24 185.165.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/EO7cM6pEKQcYnws8Vjg2lR-xhbs.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/EO7cM6pEKQcYnws8Vjg2lR-xhbs.mft rsync://rpki.ripe.net/repository/DEFAULT/EO7cM6pEKQcYnws8Vjg2lR-xhbs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:59:c3:57:67:bf:80:24:bd:4e:51:70:5c:0c:cc:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10eedc33aa442907189f0b3c563836951fb185bb Validity Not Before: Jan 1 16:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fa4a8d7040b8ef414bfbcb4c52aa0e9d062217d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:76:e3:94:4f:b2:98:99:88:ac:f9:ab:f6:05: e0:37:8b:3c:b2:a2:af:8a:eb:19:f0:e4:83:8e:4c: 73:db:3d:ad:6a:0f:04:42:0a:bd:9c:15:7c:43:ef: 67:d5:f9:d4:0c:ab:ef:ec:1e:fa:cb:0d:3b:10:da: 39:bd:e8:53:0c:36:7f:20:e0:df:53:b9:b3:db:2f: e4:7d:7b:d3:b9:d9:9e:33:6d:74:db:49:91:36:6a: 3d:33:1d:fc:4a:bc:1c:fd:86:2c:4e:cb:0a:14:b5: 97:2b:4d:61:6d:9e:b5:19:b7:b4:e4:a7:3a:70:20: 33:31:75:a7:5c:5e:77:07:78:b3:b3:10:f2:05:11: 47:e4:40:ef:4b:14:2c:b7:fd:aa:f8:3c:23:68:ca: cb:32:89:df:7e:ee:60:2c:79:c6:3c:d4:47:19:8b: db:0f:6a:1b:d6:80:bd:98:0c:8f:fc:e1:69:1f:6b: 66:9e:82:db:2d:26:af:c5:ed:1a:b9:f3:a0:a5:bf: ce:f0:3e:2b:9d:fb:a2:65:b9:63:02:90:c7:ea:b4: ac:55:ae:f5:7c:a3:a5:a1:13:00:40:06:0d:5d:96: 1a:e1:92:78:13:62:c0:e1:a7:90:a5:4d:7f:66:0b: 8e:d0:e4:c6:a1:77:2b:84:b0:64:27:10:92:73:7d: 80:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:4A:8D:70:40:B8:EF:41:4B:FB:CB:4C:52:AA:0E:9D:06:22:17:D3 X509v3 Authority Key Identifier: keyid:10:EE:DC:33:AA:44:29:07:18:9F:0B:3C:56:38:36:95:1F:B1:85:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EO7cM6pEKQcYnws8Vjg2lR-xhbs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/1-kqNcEC470FL-8tMUqoOnQYiF9M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/EO7cM6pEKQcYnws8Vjg2lR-xhbs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.165.220.0/22 Signature Algorithm: sha256WithRSAEncryption 05:d4:bd:b7:dc:24:30:35:a4:b7:86:dd:25:aa:c0:da:fb:52: 03:67:ed:0b:bb:8f:76:3c:2e:04:31:39:32:50:36:f8:c5:fa: 7e:5c:f5:e7:59:19:12:6c:e7:f9:62:79:c7:7c:21:cf:bc:7d: fc:ab:d3:15:49:18:2a:49:32:66:dc:59:20:2a:53:a7:bd:38: 08:0e:10:44:ed:c3:e6:3f:d2:fa:52:4d:d9:a9:35:ca:3a:9d: b3:3f:fa:c5:56:1f:7d:ce:8e:29:4d:80:7e:ae:3b:7d:2e:1f: ae:cf:88:bc:6a:62:6c:84:28:42:a2:99:1a:4d:dc:aa:10:0f: b8:3c:3b:47:09:39:35:f6:8f:cf:0f:26:ba:c3:24:22:e3:93: 7d:97:6c:ca:8f:c9:75:a6:af:ca:d3:7b:41:cd:ec:3e:60:b7: 32:21:40:8d:a8:9d:95:b7:ed:84:a0:4c:a0:93:2f:3a:98:9b: 85:fe:82:18:b4:b3:bb:e5:0d:a5:b5:73:4d:eb:12:5e:3e:ce: e7:77:0b:9e:0e:68:93:5a:10:d5:83:67:64:13:63:83:5d:94: 9c:c8:18:7b:85:40:16:77:89:fd:fb:4e:6f:fd:68:18:45:a3: ea:f8:b8:fd:ac:b0:99:fa:6c:95:02:29:d0:89:41:2c:b3:36: 65:52:09:88 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt6WcNXZ7+AJL1OUXBcDMzCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEwZWVkYzMzYWE0NDI5MDcxODlmMGIzYzU2MzgzNjk1MWZi MTg1YmIwHhcNMjYwMTAxMTYxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYTRhOGQ3MDQwYjhlZjQxNGJmYmNiNGM1MmFhMGU5ZDA2MjIxN2QzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nbjlE+ymJmIrPmr9gXgN4s8sqKv iusZ8OSDjkxz2z2tag8EQgq9nBV8Q+9n1fnUDKvv7B76yw07ENo5vehTDDZ/IODf U7mz2y/kfXvTudmeM21020mRNmo9Mx38Srwc/YYsTssKFLWXK01hbZ61Gbe05Kc6 cCAzMXWnXF53B3izsxDyBRFH5EDvSxQst/2q+DwjaMrLMonffu5gLHnGPNRHGYvb D2ob1oC9mAyP/OFpH2tmnoLbLSavxe0aufOgpb/O8D4rnfuiZbljApDH6rSsVa71 fKOloRMAQAYNXZYa4ZJ4E2LA4aeQpU1/ZguO0OTGoXcrhLBkJxCSc32AxQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFPpKjXBAuO9BS/vLTFKqDp0GIhfTMB8GA1UdIwQY MBaAFBDu3DOqRCkHGJ8LPFY4NpUfsYW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRU83Y002cEVLUWNZbndzOFZqZzJsUi14aGJzLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDZjN2UtZDg0MC00ZTU0LTkyMjMt NTM0ZWJlZWYzMzg5LzEvMS1rcU5jRUM0NzBGTC04dE1VcW9PblFZaUY5TS5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvZDMvNTQ2YzdlLWQ4NDAtNGU1NC05MjIzLTUzNGViZWVmMzM4 OS8xL0VPN2NNNnBFS1FjWW53czhWamcybFIteGhicy5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArml3DAN BgkqhkiG9w0BAQsFAAOCAQEABdS9t9wkMDWkt4bdJarA2vtSA2ftC7uPdjwuBDE5 MlA2+MX6flz151kZEmzn+WJ5x3whz7x9/KvTFUkYKkkyZtxZICpTp704CA4QRO3D 5j/S+lJN2ak1yjqdsz/6xVYffc6OKU2Afq47fS4frs+IvGpibIQoQqKZGk3cqhAP uDw7Rwk5NfaPzw8musMkIuOTfZdsyo/JdaavytN7Qc3sPmC3MiFAjaidlbfthKBM oJMvOpibhf6CGLSzu+UNpbVzTesSXj7O53cLng5ok1oQ1YNnZBNjg12UnMgYe4VA FneJ/ftOb/1oGEWj6vi4/aywmfpslQIp0IlBLLM2ZVIJiA== -----END CERTIFICATE-----Generated at Mon Jan 26 02:43:52 2026 by rpki-client