This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/aYuTn-9yQTAQTYpNQto8rHBvH-k.roa File: aYuTn-9yQTAQTYpNQto8rHBvH-k.roa (raw, json) Hash identifier: nykKhsVthOtSK2vkaElBeNHj+3rLVcnRvVm79PIvOeg= Subject key identifier: 69:8B:93:9F:EF:72:41:30:10:4D:8A:4D:42:DA:3C:AC:70:6F:1F:E9 Certificate issuer: /CN=9301ea05963c9756f28ee2e98b8f3cc479dc9f58 Certificate serial: 019B7E384342821963986F0A3F0CBC1C41BD Authority key identifier: 93:01:EA:05:96:3C:97:56:F2:8E:E2:E9:8B:8F:3C:C4:79:DC:9F:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kwHqBZY8l1byjuLpi488xHncn1g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/aYuTn-9yQTAQTYpNQto8rHBvH-k.roa Signing time: Fri 02 Jan 2026 10:19:34 +0000 ROA not before: Fri 02 Jan 2026 10:19:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 185.176.100.0/24 maxlen: 24 185.176.101.0/24 maxlen: 24 185.176.102.0/24 maxlen: 24 185.176.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/kwHqBZY8l1byjuLpi488xHncn1g.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/kwHqBZY8l1byjuLpi488xHncn1g.mft rsync://rpki.ripe.net/repository/DEFAULT/kwHqBZY8l1byjuLpi488xHncn1g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 01:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:43:42:82:19:63:98:6f:0a:3f:0c:bc:1c:41:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9301ea05963c9756f28ee2e98b8f3cc479dc9f58 Validity Not Before: Jan 2 10:19:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=698b939fef724130104d8a4d42da3cac706f1fe9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d8:ce:6e:7d:d9:64:b6:25:60:4f:2b:8b:5f: e7:b1:49:4b:ba:ff:1f:e9:a5:14:2d:03:61:58:d0: de:37:b6:f8:07:80:1b:27:dd:99:6b:e0:e7:6b:dd: e1:4a:2c:60:0f:bf:dc:52:86:bc:c4:50:eb:2a:24: 34:3f:bd:d2:0e:59:c9:23:e1:0d:89:d8:01:ef:53: 4c:a3:26:95:7f:88:98:52:df:72:bb:c8:ee:35:a9: 27:7f:9c:b6:32:94:b4:cb:f8:a0:cd:3c:c3:61:44: 1c:ca:4a:42:25:70:04:f3:af:93:e4:ff:b2:46:d4: 6d:a5:50:a0:61:94:1b:8f:48:13:32:ae:9a:24:ae: 92:6b:9b:66:5a:39:42:f7:7e:e4:c0:c9:72:6a:66: 93:ca:95:66:69:80:8d:ae:c4:60:62:45:b3:aa:6d: 52:56:a5:2e:9c:49:55:dd:3b:99:58:26:14:24:4c: 8e:5c:e1:3d:fd:b3:51:a8:1a:7d:25:d1:ef:6d:04: 48:f8:ad:9b:c5:5c:e0:08:2f:c7:5f:14:06:6b:59: 51:a3:c9:fa:2f:43:98:c0:94:29:2a:eb:df:96:19: 8e:b8:60:29:97:96:74:5f:e0:18:5b:ba:d9:7f:56: f9:56:84:51:45:14:bd:5f:3b:fb:5e:db:34:d0:0f: 2e:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:8B:93:9F:EF:72:41:30:10:4D:8A:4D:42:DA:3C:AC:70:6F:1F:E9 X509v3 Authority Key Identifier: keyid:93:01:EA:05:96:3C:97:56:F2:8E:E2:E9:8B:8F:3C:C4:79:DC:9F:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwHqBZY8l1byjuLpi488xHncn1g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/aYuTn-9yQTAQTYpNQto8rHBvH-k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/kwHqBZY8l1byjuLpi488xHncn1g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.176.100.0/22 Signature Algorithm: sha256WithRSAEncryption 47:fc:09:56:9d:1a:0d:c0:4c:82:02:11:fa:d5:b8:63:09:cd: 9e:df:f2:83:ed:3a:ec:ed:0b:48:81:47:91:4b:fb:14:97:4d: 18:bd:ac:49:64:f4:e3:61:28:37:ee:e6:23:79:bd:06:01:6c: d0:5f:a2:1e:3f:8c:c8:63:8e:96:06:22:8e:07:f1:ef:65:d5: af:5f:79:b2:0e:9d:a0:4f:b7:f0:9c:fc:ae:70:48:dc:d5:dc: 19:22:51:63:24:9f:ff:95:36:2d:d4:88:73:04:88:17:dc:40: 06:86:bc:05:12:ff:e2:ff:64:11:25:dc:5a:7b:3b:3a:54:e8: 17:5c:3c:a0:4b:5a:66:e7:85:4f:ab:3f:7c:58:55:7c:04:d2: 4a:89:39:71:32:f4:33:b6:c5:91:33:0d:6d:7d:94:06:e7:c1: ea:ed:c7:16:a6:d9:ee:e5:c2:21:16:80:77:48:8b:8b:66:b1: 00:15:f6:55:73:db:27:e5:75:5e:6e:11:05:76:ee:9c:b4:3d: d0:7b:7b:37:77:72:e1:67:45:e6:bf:4e:df:0f:57:8e:37:ad: 1f:e1:02:4f:2b:00:f7:35:a4:70:3e:e9:f9:13:29:b8:1a:f3: 8d:ec:44:0a:5b:b0:ce:2e:6a:79:54:80:9b:e9:be:69:b7:47: 93:5d:76:b8 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OENCghljmG8KPwy8HEG9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzMDFlYTA1OTYzYzk3NTZmMjhlZTJlOThiOGYzY2M0Nzlk YzlmNTgwHhcNMjYwMTAyMTAxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OThiOTM5ZmVmNzI0MTMwMTA0ZDhhNGQ0MmRhM2NhYzcwNmYxZmU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNjObn3ZZLYlYE8ri1/nsUlLuv8f 6aUULQNhWNDeN7b4B4AbJ92Za+Dna93hSixgD7/cUoa8xFDrKiQ0P73SDlnJI+EN idgB71NMoyaVf4iYUt9yu8juNaknf5y2MpS0y/igzTzDYUQcykpCJXAE86+T5P+y RtRtpVCgYZQbj0gTMq6aJK6Sa5tmWjlC937kwMlyamaTypVmaYCNrsRgYkWzqm1S VqUunElV3TuZWCYUJEyOXOE9/bNRqBp9JdHvbQRI+K2bxVzgCC/HXxQGa1lRo8n6 L0OYwJQpKuvflhmOuGApl5Z0X+AYW7rZf1b5VoRRRRS9Xzv7Xts00A8u2QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGmLk5/vckEwEE2KTULaPKxwbx/pMB8GA1UdIwQY MBaAFJMB6gWWPJdW8o7i6YuPPMR53J9YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3dIcUJaWThsMWJ5anVMcGk0ODh4SG5jbjFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9lYmY2Y2ItYTc3OS00NjRmLThiZWUt OGYwOGUwMjcyZGY4LzEvYVl1VG4tOXlRVEFRVFlwTlF0bzhySEJ2SC1rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC9lYmY2Y2ItYTc3OS00NjRmLThiZWUtOGYwOGUwMjcyZGY4 LzEva3dIcUJaWThsMWJ5anVMcGk0ODh4SG5jbjFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubBkMA0G CSqGSIb3DQEBCwUAA4IBAQBH/AlWnRoNwEyCAhH61bhjCc2e3/KD7Trs7QtIgUeR S/sUl00YvaxJZPTjYSg37uYjeb0GAWzQX6IeP4zIY46WBiKOB/HvZdWvX3myDp2g T7fwnPyucEjc1dwZIlFjJJ//lTYt1IhzBIgX3EAGhrwFEv/i/2QRJdxaezs6VOgX XDygS1pm54VPqz98WFV8BNJKiTlxMvQztsWRMw1tfZQG58Hq7ccWptnu5cIhFoB3 SIuLZrEAFfZVc9sn5XVebhEFdu6ctD3Qe3s3d3LhZ0Xmv07fD1eON60f4QJPKwD3 NaRwPun5Eym4GvON7EQKW7DOLmp5VICb6b5pt0eTXXa4 -----END CERTIFICATE-----Generated at Sat Jan 17 06:46:22 2026 by rpki-client