This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/8irMhN6XI4UTd6CziWQze6aQaRU.roa File: 8irMhN6XI4UTd6CziWQze6aQaRU.roa (raw, json) Hash identifier: 4USQ1+WIpW+ALL4UR8+ywA+eZ3L7W74DTtNUv/veQUw= Subject key identifier: F2:2A:CC:84:DE:97:23:85:13:77:A0:B3:89:64:33:7B:A6:90:69:15 Certificate issuer: /CN=cd698f55b40959b178f7cecbc20c35e9c1379344 Certificate serial: 019B7F829F39314A2FD5C66634C265C7C207 Authority key identifier: CD:69:8F:55:B4:09:59:B1:78:F7:CE:CB:C2:0C:35:E9:C1:37:93:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWmPVbQJWbF4987Lwgw16cE3k0Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/8irMhN6XI4UTd6CziWQze6aQaRU.roa Signing time: Fri 02 Jan 2026 16:20:25 +0000 ROA not before: Fri 02 Jan 2026 16:20:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25540 IP address blocks: 185.26.88.0/22 maxlen: 22 2a00:88a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/zWmPVbQJWbF4987Lwgw16cE3k0Q.crl rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/zWmPVbQJWbF4987Lwgw16cE3k0Q.mft rsync://rpki.ripe.net/repository/DEFAULT/zWmPVbQJWbF4987Lwgw16cE3k0Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:9f:39:31:4a:2f:d5:c6:66:34:c2:65:c7:c2:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd698f55b40959b178f7cecbc20c35e9c1379344 Validity Not Before: Jan 2 16:20:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f22acc84de9723851377a0b38964337ba6906915 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:29:2c:f5:3a:92:2e:74:4b:58:ef:92:d2:83: 25:be:19:ac:ff:cc:0e:f1:7f:53:4c:4b:f9:a8:27: 99:e1:5b:c3:02:2f:e6:e7:d0:80:76:b7:de:bc:ad: 0c:7d:b8:e5:0f:19:4c:85:75:f5:c5:39:db:46:59: 00:07:c8:77:86:30:b1:5b:f0:aa:9c:65:8c:20:5f: 87:1b:da:0e:93:61:f3:cc:4f:d6:63:84:f3:4b:49: 78:e0:8a:2a:f6:82:83:a6:24:35:bb:46:7e:28:b2: fa:7a:37:ff:20:47:5f:1e:ce:80:59:04:5f:f3:26: 9f:ad:3d:54:e7:70:76:c8:9d:ff:24:dc:07:fa:bf: f6:56:16:74:bf:0a:66:37:b0:4f:0b:e2:6f:89:4e: cf:dc:82:22:b3:3b:38:7c:5e:2f:cf:e5:07:1f:0e: cf:c1:0a:cf:a0:7f:b6:f5:f8:e0:a1:e8:43:10:19: 03:04:1c:b2:4d:d3:d1:71:ea:6d:70:1d:d5:a8:91: 43:14:e1:90:b1:1f:43:4e:5d:43:2a:36:04:e2:19: 21:f8:f4:fa:07:88:92:95:ef:e9:71:6c:43:99:d1: 0a:e9:45:c4:06:12:1f:9f:ad:f2:13:37:ef:a0:ce: 66:66:9d:e3:e6:70:a3:dc:26:b2:6f:09:9e:fe:e3: 69:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:2A:CC:84:DE:97:23:85:13:77:A0:B3:89:64:33:7B:A6:90:69:15 X509v3 Authority Key Identifier: keyid:CD:69:8F:55:B4:09:59:B1:78:F7:CE:CB:C2:0C:35:E9:C1:37:93:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWmPVbQJWbF4987Lwgw16cE3k0Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/8irMhN6XI4UTd6CziWQze6aQaRU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/zWmPVbQJWbF4987Lwgw16cE3k0Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.26.88.0/22 IPv6: 2a00:88a0::/32 Signature Algorithm: sha256WithRSAEncryption 78:a6:92:2f:6e:fa:2c:7a:f2:ea:aa:47:06:ef:1f:41:31:90: e6:1c:b7:dd:46:a4:f3:26:f5:8f:eb:cf:76:e6:bf:c4:24:3d: f7:93:ec:02:74:55:db:48:e7:2c:4e:01:97:f0:e8:42:e7:fd: 4e:71:31:0a:29:28:65:08:32:b5:45:1e:e5:da:fd:79:b7:5c: 7f:38:13:80:6f:ea:e6:a4:7d:36:fb:a2:0f:50:71:85:82:70: ad:fa:51:c1:af:98:29:52:b8:b7:87:e4:b1:f4:62:b9:29:49: dd:bf:a3:12:17:63:82:80:6f:6f:4f:a9:d5:61:35:c3:81:37: 99:a3:0c:ab:53:0e:39:2c:c7:4a:e7:c1:c0:3d:dc:c6:f0:47: 4f:f1:fd:1a:01:41:3a:28:ba:94:0b:ff:22:f8:c3:d7:64:b2: 0f:88:43:7e:69:df:8a:83:e9:88:62:27:0d:d4:7d:75:9b:c8: 40:10:6e:c8:de:66:cb:97:23:d7:b2:ce:a3:0c:d2:22:64:27: 95:28:b0:5e:6f:74:cf:ea:5f:31:58:c5:b1:79:ed:e8:14:b6: ac:cf:d2:ae:5f:3c:7b:71:a5:40:71:7f:7d:09:3b:8c:eb:78: 50:c8:e4:e4:56:de:b9:da:a0:92:14:31:bd:de:17:18:02:e5: 2d:65:56:da -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/gp85MUov1cZmNMJlx8IHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNjk4ZjU1YjQwOTU5YjE3OGY3Y2VjYmMyMGMzNWU5YzEz NzkzNDQwHhcNMjYwMTAyMTYyMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMjJhY2M4NGRlOTcyMzg1MTM3N2EwYjM4OTY0MzM3YmE2OTA2OTE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yks9TqSLnRLWO+S0oMlvhms/8wO 8X9TTEv5qCeZ4VvDAi/m59CAdrfevK0MfbjlDxlMhXX1xTnbRlkAB8h3hjCxW/Cq nGWMIF+HG9oOk2HzzE/WY4TzS0l44Ioq9oKDpiQ1u0Z+KLL6ejf/IEdfHs6AWQRf 8yafrT1U53B2yJ3/JNwH+r/2VhZ0vwpmN7BPC+JviU7P3IIiszs4fF4vz+UHHw7P wQrPoH+29fjgoehDEBkDBByyTdPRceptcB3VqJFDFOGQsR9DTl1DKjYE4hkh+PT6 B4iSle/pcWxDmdEK6UXEBhIfn63yEzfvoM5mZp3j5nCj3Caybwme/uNpBQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFPIqzITelyOFE3egs4lkM3umkGkVMB8GA1UdIwQY MBaAFM1pj1W0CVmxePfOy8IMNenBN5NEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveldtUFZiUUpXYkY0OTg3THdndzE2Y0UzazBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9hMTQ0OWUtMmFkYi00YjFhLWIyM2Mt YmQ2ZDhiYWRjZGMwLzEvOGlyTWhONlhJNFVUZDZDemlXUXplNmFRYVJVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMC9hMTQ0OWUtMmFkYi00YjFhLWIyM2MtYmQ2ZDhiYWRjZGMw LzEveldtUFZiUUpXYkY0OTg3THdndzE2Y0UzazBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRpYMA0E AgACMAcDBQAqAIigMA0GCSqGSIb3DQEBCwUAA4IBAQB4ppIvbvosevLqqkcG7x9B MZDmHLfdRqTzJvWP68925r/EJD33k+wCdFXbSOcsTgGX8OhC5/1OcTEKKShlCDK1 RR7l2v15t1x/OBOAb+rmpH02+6IPUHGFgnCt+lHBr5gpUri3h+Sx9GK5KUndv6MS F2OCgG9vT6nVYTXDgTeZowyrUw45LMdK58HAPdzG8EdP8f0aAUE6KLqUC/8i+MPX ZLIPiEN+ad+Kg+mIYicN1H11m8hAEG7I3mbLlyPXss6jDNIiZCeVKLBeb3TP6l8x WMWxee3oFLasz9KuXzx7caVAcX99CTuM63hQyOTkVt652qCSFDG93hcYAuUtZVba -----END CERTIFICATE-----Generated at Mon Jan 26 06:17:48 2026 by rpki-client