This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/q0a8yaRXZHqDgW6t40wuVuwZGqY.roa File: q0a8yaRXZHqDgW6t40wuVuwZGqY.roa (raw, json) Hash identifier: yQdCTPHRdYGgRQtv3qZWl01v8W1TNo2W0QOatwpBfUU= Subject key identifier: AB:46:BC:C9:A4:57:64:7A:83:81:6E:AD:E3:4C:2E:56:EC:19:1A:A6 Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02 Certificate serial: 019B7DC95F7B75CC6DEFC87EA52C1D2F3921 Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/q0a8yaRXZHqDgW6t40wuVuwZGqY.roa Signing time: Fri 02 Jan 2026 08:18:27 +0000 ROA not before: Fri 02 Jan 2026 08:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205585 IP address blocks: 185.143.232.0/22 maxlen: 24 185.220.226.0/24 maxlen: 24 2a0c:a7c0::/29 maxlen: 48 2a0c:a7c6::/36 maxlen: 48 2a0c:a7c6:17::/48 maxlen: 48 2a0c:a7c7::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.mft rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:5f:7b:75:cc:6d:ef:c8:7e:a5:2c:1d:2f:39:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02 Validity Not Before: Jan 2 08:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ab46bcc9a457647a83816eade34c2e56ec191aa6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:f0:6d:bd:67:6a:17:54:37:92:58:b1:24:57: 32:2f:29:45:f0:40:cc:12:fa:35:73:ea:bd:b3:21: 5e:4e:08:de:e7:11:cf:6e:82:43:c9:3d:1d:74:78: 99:b6:d9:b7:c5:d4:f8:aa:7b:72:54:4f:5f:12:91: 45:33:44:8b:40:95:59:b9:4e:19:f0:a8:f3:ff:46: a5:63:67:29:97:9d:0a:d9:0f:17:da:2c:ae:08:13: f2:44:1b:ad:ee:79:cb:92:71:4f:4c:63:29:11:e3: 8f:e5:da:0b:6c:95:57:80:ce:1b:cd:e3:41:f7:1c: 41:6c:b2:ca:95:1f:d6:20:80:c1:92:10:e6:10:e4: 2b:c2:bd:2a:8f:1c:ad:4d:be:cb:50:5c:38:6e:57: 36:a9:5f:a4:f6:80:35:0d:c3:7a:5d:ee:27:a3:43: 71:fd:08:14:45:1c:aa:3a:47:64:43:97:cd:87:76: 47:d2:1c:ed:f9:99:36:fc:62:12:20:0d:60:3a:07: 64:21:03:69:b6:62:95:55:ff:70:6a:c9:e0:3f:44: 74:6e:5d:52:d4:66:cd:95:9d:f3:16:f6:d2:cf:77: f0:87:06:20:aa:8e:18:9c:a9:c0:a0:e4:b1:bc:0d: b0:66:4e:2c:53:e6:02:cd:ab:4c:9b:aa:f8:a3:d6: 06:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:46:BC:C9:A4:57:64:7A:83:81:6E:AD:E3:4C:2E:56:EC:19:1A:A6 X509v3 Authority Key Identifier: keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/q0a8yaRXZHqDgW6t40wuVuwZGqY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.143.232.0/22 185.220.226.0/24 IPv6: 2a0c:a7c0::/29 Signature Algorithm: sha256WithRSAEncryption 3b:44:3f:7f:81:5b:b2:ba:74:fe:25:d6:b5:ad:e2:c9:98:07: ee:36:b6:0b:28:61:ce:0f:9d:54:4e:6f:54:f5:1e:7c:fd:ad: eb:ed:a1:80:d3:bf:95:8d:bf:8b:de:53:e5:c2:ba:10:c0:40: f6:79:6f:bd:4a:e4:6a:77:d1:e6:92:c2:19:71:b3:32:47:f5: ca:c6:81:1e:60:28:00:a7:c8:ae:de:27:75:d8:8c:00:f2:21: fd:90:00:62:59:09:44:4b:f3:12:90:da:ef:25:d2:5b:4d:d7: 2b:17:93:d4:b4:00:97:13:72:ac:5b:84:81:10:c3:0f:b0:cf: b1:66:0a:ea:bd:5d:b0:47:a2:4a:38:2c:cb:bf:46:36:fd:f5: fb:37:a9:fe:29:03:c4:09:40:0b:4e:e7:fb:f7:48:ec:d4:7d: 3c:d6:be:1d:a3:82:e9:40:66:e7:47:06:28:7d:1c:0e:e4:0f: 80:9a:c6:1f:0a:62:98:2e:d3:90:39:d4:c8:08:16:2d:60:2c: d2:de:24:64:1a:29:32:62:b4:e5:83:2a:34:01:5c:4a:47:1d: 0b:1e:5b:e7:85:f6:d9:ff:45:81:7e:51:06:25:a0:ef:00:00: c9:9e:26:dc:14:3a:f5:7b:a9:4e:aa:1e:65:7a:56:9f:82:81: 34:8e:be:62 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt9yV97dcxt78h+pSwdLzkhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw N2VjMDIwHhcNMjYwMTAyMDgxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYjQ2YmNjOWE0NTc2NDdhODM4MTZlYWRlMzRjMmU1NmVjMTkxYWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfBtvWdqF1Q3klixJFcyLylF8EDM Evo1c+q9syFeTgje5xHPboJDyT0ddHiZttm3xdT4qntyVE9fEpFFM0SLQJVZuU4Z 8Kjz/0alY2cpl50K2Q8X2iyuCBPyRBut7nnLknFPTGMpEeOP5doLbJVXgM4bzeNB 9xxBbLLKlR/WIIDBkhDmEOQrwr0qjxytTb7LUFw4blc2qV+k9oA1DcN6Xe4no0Nx /QgURRyqOkdkQ5fNh3ZH0hzt+Zk2/GISIA1gOgdkIQNptmKVVf9wasngP0R0bl1S 1GbNlZ3zFvbSz3fwhwYgqo4YnKnAoOSxvA2wZk4sU+YCzatMm6r4o9YGqQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFKtGvMmkV2R6g4FureNMLlbsGRqmMB8GA1UdIwQY MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt MWJiMTdhOGIyNmZlLzEvcTBhOHlhUlhaSHFEZ1c2dDQwd3VWdXdaR3FZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuY/oAwQA udziMA0EAgACMAcDBQMqDKfAMA0GCSqGSIb3DQEBCwUAA4IBAQA7RD9/gVuyunT+ Jda1reLJmAfuNrYLKGHOD51UTm9U9R58/a3r7aGA07+Vjb+L3lPlwroQwED2eW+9 SuRqd9HmksIZcbMyR/XKxoEeYCgAp8iu3id12IwA8iH9kABiWQlES/MSkNrvJdJb TdcrF5PUtACXE3KsW4SBEMMPsM+xZgrqvV2wR6JKOCzLv0Y2/fX7N6n+KQPECUAL Tuf790js1H081r4do4LpQGbnRwYofRwO5A+AmsYfCmKYLtOQOdTICBYtYCzS3iRk GikyYrTlgyo0AVxKRx0LHlvnhfbZ/0WBflEGJaDvAADJnibcFDr1e6lOqh5lelaf goE0jr5i -----END CERTIFICATE-----Generated at Mon Jan 26 08:39:13 2026 by rpki-client