This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/8alVrjrWY968nNzLuKlTYJqWO5s.roa File: 8alVrjrWY968nNzLuKlTYJqWO5s.roa (raw, json) Hash identifier: n3cPQVf1JqZIIBHl4vdLfSmHsel7C5NhWsG2ov9U0fE= Subject key identifier: F1:A9:55:AE:3A:D6:63:DE:BC:9C:DC:CB:B8:A9:53:60:9A:96:3B:9B Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e Certificate serial: 019BA35E23D6B5DEBFB78F33FB55F5E79C48 Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/8alVrjrWY968nNzLuKlTYJqWO5s.roa Signing time: Fri 09 Jan 2026 15:26:54 +0000 ROA not before: Fri 09 Jan 2026 15:26:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210539 IP address blocks: 185.170.128.0/24 maxlen: 24 185.170.130.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.mft rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a3:5e:23:d6:b5:de:bf:b7:8f:33:fb:55:f5:e7:9c:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e Validity Not Before: Jan 9 15:26:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f1a955ae3ad663debc9cdccbb8a953609a963b9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:5a:fd:ac:f6:56:fc:64:10:bc:2a:e2:44:eb: 7b:53:f6:d6:b9:53:42:bc:95:56:38:a6:5a:42:2e: 75:a0:a5:2f:0b:c0:cb:f2:87:08:31:58:71:fc:32: 5f:0a:32:e9:ae:f2:2c:00:00:34:f0:2e:3f:73:63: c9:fd:6b:5d:ba:84:9b:f8:68:56:95:30:97:79:21: 6e:0b:53:42:40:ee:0b:28:d3:b1:9a:38:e5:87:f2: dc:37:80:eb:71:d7:b4:9c:c5:ab:99:fc:78:d4:a5: fc:e8:a6:39:34:57:10:fd:a8:83:80:6a:6e:d6:9a: 94:78:80:d0:f9:47:92:1c:01:a0:50:77:1d:7b:ea: 12:02:a8:0c:99:a1:ad:38:c6:9f:96:03:66:95:a4: 22:54:29:c8:fd:9d:ce:e5:3b:3b:6b:ee:a4:1b:ca: 4a:c6:f7:06:b4:07:13:67:0b:6d:81:29:ed:c1:fa: b2:d1:3a:c9:6a:00:39:d8:16:2c:5b:0a:76:cb:81: 5b:45:68:a3:41:de:1e:1d:7e:2b:18:eb:30:8b:06: fe:2e:3b:d7:f2:47:21:4a:29:a6:b3:93:44:eb:a5: d8:ab:76:8e:69:bf:ef:f3:e5:c8:42:64:0e:6f:5a: 2b:b8:52:f4:d9:a5:85:38:64:d7:39:e6:30:f4:58: 90:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:A9:55:AE:3A:D6:63:DE:BC:9C:DC:CB:B8:A9:53:60:9A:96:3B:9B X509v3 Authority Key Identifier: keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/8alVrjrWY968nNzLuKlTYJqWO5s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.170.128.0/24 185.170.130.0/24 Signature Algorithm: sha256WithRSAEncryption 1b:d0:16:9a:54:7a:55:ac:e5:cf:00:80:06:25:75:d4:8f:4c: 19:20:d6:07:db:c0:50:39:46:5c:d4:f9:27:77:18:01:48:0d: 07:3c:46:a1:9a:16:8c:99:7a:85:4d:17:a0:cd:fb:6e:10:14: 88:64:44:81:c4:2e:98:03:f7:a3:3c:53:a9:39:a0:b4:1a:25: f2:eb:8e:47:81:45:f6:eb:c3:36:56:7a:7e:14:7a:c7:d6:08: 7d:f0:46:ff:98:3a:ac:32:29:a9:84:a2:ad:ff:b2:72:a4:da: 8e:61:a0:8e:43:29:ad:a3:5c:7a:81:f4:e1:59:b2:a9:ec:bf: f3:0c:45:e7:fa:84:aa:48:14:21:cf:c4:29:2d:9a:83:3f:af: 66:08:c3:cf:77:38:dd:72:31:92:bc:65:65:5b:25:51:b2:7d: c9:39:47:82:f9:1e:aa:40:84:ad:da:1d:f0:62:48:b3:8c:68: d4:57:20:00:fc:66:85:59:80:9d:8d:63:eb:97:e0:16:d1:1b: 3e:8d:68:2d:50:57:91:86:81:a1:32:d9:74:94:59:eb:29:15: 83:39:94:f5:68:08:5c:06:5e:22:43:2a:86:68:da:09:86:9b: 2e:c4:cb:fd:63:a6:32:dc:b1:6e:e7:4a:37:e2:5a:8c:93:11: 77:7d:3a:aa -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZujXiPWtd6/t48z+1X155xIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj MDA0OGUwHhcNMjYwMTA5MTUyNjU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMWE5NTVhZTNhZDY2M2RlYmM5Y2RjY2JiOGE5NTM2MDlhOTYzYjliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlr9rPZW/GQQvCriROt7U/bWuVNC vJVWOKZaQi51oKUvC8DL8ocIMVhx/DJfCjLprvIsAAA08C4/c2PJ/WtduoSb+GhW lTCXeSFuC1NCQO4LKNOxmjjlh/LcN4Drcde0nMWrmfx41KX86KY5NFcQ/aiDgGpu 1pqUeIDQ+UeSHAGgUHcde+oSAqgMmaGtOMaflgNmlaQiVCnI/Z3O5Ts7a+6kG8pK xvcGtAcTZwttgSntwfqy0TrJagA52BYsWwp2y4FbRWijQd4eHX4rGOswiwb+LjvX 8kchSimms5NE66XYq3aOab/v8+XIQmQOb1oruFL02aWFOGTXOeYw9FiQnwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFPGpVa461mPevJzcy7ipU2CaljubMB8GA1UdIwQY MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt MTA5NTU0NGM2YzUwLzEvOGFsVnJqcldZOTY4bk56THVLbFRZSnFXTzVzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuaqAAwQA uaqCMA0GCSqGSIb3DQEBCwUAA4IBAQAb0BaaVHpVrOXPAIAGJXXUj0wZINYH28BQ OUZc1PkndxgBSA0HPEahmhaMmXqFTRegzftuEBSIZESBxC6YA/ejPFOpOaC0GiXy 645HgUX268M2Vnp+FHrH1gh98Eb/mDqsMimphKKt/7JypNqOYaCOQymto1x6gfTh WbKp7L/zDEXn+oSqSBQhz8QpLZqDP69mCMPPdzjdcjGSvGVlWyVRsn3JOUeC+R6q QISt2h3wYkizjGjUVyAA/GaFWYCdjWPrl+AW0Rs+jWgtUFeRhoGhMtl0lFnrKRWD OZT1aAhcBl4iQyqGaNoJhpsuxMv9Y6Yy3LFu50o34lqMkxF3fTqq -----END CERTIFICATE-----Generated at Fri Jan 23 09:24:40 2026 by rpki-client