This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/02rcOu2oVgYvFKogVTUuhoAU_Z8.roa File: 02rcOu2oVgYvFKogVTUuhoAU_Z8.roa (raw, json) Hash identifier: t1BzKV6mreRxe6P7rrGXRTjA+HpmupGRMNWHhpbny/Y= Subject key identifier: D3:6A:DC:3A:ED:A8:56:06:2F:14:AA:20:55:35:2E:86:80:14:FD:9F Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02 Certificate serial: 019B7DC960202C9ED61B654EE0E0463C5FEC Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/02rcOu2oVgYvFKogVTUuhoAU_Z8.roa Signing time: Fri 02 Jan 2026 08:18:27 +0000 ROA not before: Fri 02 Jan 2026 08:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208006 IP address blocks: 37.32.3.0/24 maxlen: 24 185.97.116.0/22 maxlen: 22 185.143.232.0/22 maxlen: 24 193.176.240.0/22 maxlen: 24 2a0c:a7c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.mft rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:60:20:2c:9e:d6:1b:65:4e:e0:e0:46:3c:5f:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02 Validity Not Before: Jan 2 08:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d36adc3aeda856062f14aa2055352e868014fd9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:1c:2e:12:1c:2d:3a:28:b0:d1:b0:cd:bc:93: 5c:17:0c:af:54:ef:fc:98:c1:6c:69:9b:06:46:36: 5d:73:49:1e:63:9b:f2:47:a9:2f:81:1b:05:68:ef: d2:ed:ad:0e:e4:aa:a3:20:ca:11:d6:95:b6:dc:3d: 08:31:02:1a:55:e8:0c:46:18:5f:b1:ca:66:10:a2: fb:4f:91:f2:5d:03:04:ae:16:ad:28:b7:36:1e:8a: 78:92:bb:9e:b1:50:5e:e6:7c:53:8a:dc:16:d1:ea: 06:9d:b7:6e:89:8c:db:86:58:16:58:e2:49:01:62: ed:ee:85:bc:70:9d:3e:95:61:e3:c8:82:b0:58:70: 68:7a:64:16:e2:e2:ce:5a:78:be:8f:2d:14:89:3d: b3:fc:89:11:7c:22:a8:9d:ab:9f:30:f8:8b:02:a8: 00:67:3c:53:29:21:38:bc:26:df:30:4a:c3:28:d8: d7:f9:60:4e:7f:8e:6f:63:80:f1:60:51:9a:f5:c6: cc:90:5c:06:bb:da:e0:93:12:ad:d0:af:58:a4:93: c0:e7:d2:6f:07:1b:30:ef:85:4c:2c:3f:eb:4d:12: 3c:8c:1b:7f:78:21:67:4c:a7:6b:07:95:43:89:6d: 33:fd:56:9b:f5:06:8d:ea:ee:e3:66:c8:11:f4:c8: e6:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:6A:DC:3A:ED:A8:56:06:2F:14:AA:20:55:35:2E:86:80:14:FD:9F X509v3 Authority Key Identifier: keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/02rcOu2oVgYvFKogVTUuhoAU_Z8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.32.3.0/24 185.97.116.0/22 185.143.232.0/22 193.176.240.0/22 IPv6: 2a0c:a7c0::/29 Signature Algorithm: sha256WithRSAEncryption 0c:46:10:1b:d1:27:97:da:62:74:08:b4:de:d0:3d:f1:4e:d4: 8c:e3:3d:52:cb:92:8b:c6:2b:4e:e8:68:78:59:94:6d:6d:ef: 07:19:1f:51:14:51:1c:4e:a9:9f:c0:35:cc:ac:1a:e1:b5:40: 1d:a9:ff:6d:6c:21:ee:d1:a3:9a:0b:35:c5:aa:30:f7:63:5e: 5d:3f:ff:1a:9f:4b:0c:98:f7:4f:bc:27:f7:cc:0a:a9:61:30: 9b:5b:f9:78:76:34:99:b6:70:8e:21:e8:1e:82:32:32:4c:c2: 47:00:a8:4d:75:ad:1e:43:70:2a:96:b9:37:f0:73:8a:ab:66: 91:fd:59:02:99:09:bc:83:23:7a:ac:e5:c2:f3:33:1c:42:67: 23:a5:57:a5:04:33:2a:6a:d8:c6:4c:20:36:33:e5:9d:22:3c: 9d:e0:d3:6e:ae:e7:02:b0:72:43:5c:29:92:cd:ac:26:15:6c: 82:a8:7a:5e:17:eb:22:b9:c2:1f:fe:5a:fd:81:d7:7b:7e:ff: 79:5a:2c:5c:71:58:29:5e:93:39:5c:e5:5f:0b:67:40:c1:a1: 43:55:4d:ef:c2:ee:28:91:5d:4b:f2:33:54:d8:e4:8c:ec:76: 0c:80:12:0f:bb:53:81:7f:cc:3f:ef:09:a0:f9:56:e7:2a:c4: 61:71:fd:db -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt9yWAgLJ7WG2VO4OBGPF/sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw N2VjMDIwHhcNMjYwMTAyMDgxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMzZhZGMzYWVkYTg1NjA2MmYxNGFhMjA1NTM1MmU4NjgwMTRmZDlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BwuEhwtOiiw0bDNvJNcFwyvVO/8 mMFsaZsGRjZdc0keY5vyR6kvgRsFaO/S7a0O5KqjIMoR1pW23D0IMQIaVegMRhhf scpmEKL7T5HyXQMErhatKLc2Hop4kruesVBe5nxTitwW0eoGnbduiYzbhlgWWOJJ AWLt7oW8cJ0+lWHjyIKwWHBoemQW4uLOWni+jy0UiT2z/IkRfCKonaufMPiLAqgA ZzxTKSE4vCbfMErDKNjX+WBOf45vY4DxYFGa9cbMkFwGu9rgkxKt0K9YpJPA59Jv Bxsw74VMLD/rTRI8jBt/eCFnTKdrB5VDiW0z/Vab9QaN6u7jZsgR9MjmCQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFNNq3DrtqFYGLxSqIFU1LoaAFP2fMB8GA1UdIwQY MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt MWJiMTdhOGIyNmZlLzEvMDJyY091Mm9WZ1l2RktvZ1ZUVXVob0FVX1o4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAJSADAwQC uWF0AwQCuY/oAwQCwbDwMA0EAgACMAcDBQMqDKfAMA0GCSqGSIb3DQEBCwUAA4IB AQAMRhAb0SeX2mJ0CLTe0D3xTtSM4z1Sy5KLxitO6Gh4WZRtbe8HGR9RFFEcTqmf wDXMrBrhtUAdqf9tbCHu0aOaCzXFqjD3Y15dP/8an0sMmPdPvCf3zAqpYTCbW/l4 djSZtnCOIegegjIyTMJHAKhNda0eQ3Aqlrk38HOKq2aR/VkCmQm8gyN6rOXC8zMc QmcjpVelBDMqatjGTCA2M+WdIjyd4NNurucCsHJDXCmSzawmFWyCqHpeF+siucIf /lr9gdd7fv95WixccVgpXpM5XOVfC2dAwaFDVU3vwu4okV1L8jNU2OSM7HYMgBIP u1OBf8w/7wmg+VbnKsRhcf3b -----END CERTIFICATE-----Generated at Mon Jan 26 08:37:40 2026 by rpki-client