This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/0dc200-8f9a-44d9-b53e-a75b962a7fca/1/WlMbZGmn7ELXlYYDe9GRZvGgMVU.roa File: WlMbZGmn7ELXlYYDe9GRZvGgMVU.roa (raw, json) Hash identifier: YxkhfO0kcIItDFF9reiDtyKSrNleRYkzff6/T+LQRME= Subject key identifier: 5A:53:1B:64:69:A7:EC:42:D7:95:86:03:7B:D1:91:66:F1:A0:31:55 Certificate issuer: /CN=a40bac66fbfecce5ee2ca8cd895668471086ed9c Certificate serial: 019B7BA531D01E3253C887F9CB489ABE7400 Authority key identifier: A4:0B:AC:66:FB:FE:CC:E5:EE:2C:A8:CD:89:56:68:47:10:86:ED:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAusZvv-zOXuLKjNiVZoRxCG7Zw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/0dc200-8f9a-44d9-b53e-a75b962a7fca/1/WlMbZGmn7ELXlYYDe9GRZvGgMVU.roa Signing time: Thu 01 Jan 2026 22:19:42 +0000 ROA not before: Thu 01 Jan 2026 22:19:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213394 IP address blocks: 91.208.207.0/24 maxlen: 24 185.133.116.0/22 maxlen: 22 2a0f:d0c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/0dc200-8f9a-44d9-b53e-a75b962a7fca/1/pAusZvv-zOXuLKjNiVZoRxCG7Zw.crl rsync://rpki.ripe.net/repository/DEFAULT/15/0dc200-8f9a-44d9-b53e-a75b962a7fca/1/pAusZvv-zOXuLKjNiVZoRxCG7Zw.mft rsync://rpki.ripe.net/repository/DEFAULT/pAusZvv-zOXuLKjNiVZoRxCG7Zw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:31:d0:1e:32:53:c8:87:f9:cb:48:9a:be:74:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a40bac66fbfecce5ee2ca8cd895668471086ed9c Validity Not Before: Jan 1 22:19:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5a531b6469a7ec42d79586037bd19166f1a03155 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:96:d8:7d:b5:2f:5b:8d:2b:55:94:68:a8:48: cb:d7:a8:f2:50:e1:7d:3e:28:ca:8a:ff:2f:dc:de: f5:54:c1:a2:c5:a0:58:7a:a5:6d:7a:b6:61:a8:01: 20:88:f5:cc:2c:58:92:b1:f2:14:92:a4:8d:01:8e: 46:86:19:a4:25:bd:96:13:04:f6:6b:22:ae:dc:6d: 96:71:d1:33:9a:bc:7f:a5:93:9b:2d:b4:11:69:6d: 3b:52:29:63:fb:0b:b5:4d:f8:b0:01:53:df:9c:89: 0b:ca:8d:dd:39:f6:ed:90:7d:ed:89:1d:71:0b:b2: 2b:b5:d7:ff:47:36:4a:cd:81:5e:9b:d8:d6:a2:03: 4c:ad:be:89:23:ab:88:04:19:e7:4d:8c:e7:18:c2: 99:22:75:eb:8d:50:f0:82:82:fe:77:6f:04:20:47: 6c:76:37:bc:00:03:0b:1f:9b:c6:0a:e8:4c:16:ff: 79:fe:d3:4e:95:73:b7:cd:8e:b3:30:14:72:20:b0: 45:8d:ea:37:80:41:68:61:29:2f:85:a2:45:45:5a: b9:4b:c4:6f:6b:5f:75:cd:f9:8d:8b:df:45:3f:30: 51:7b:94:2b:0d:20:c2:15:bd:45:7a:1a:66:ee:59: 04:8c:9a:7a:82:79:bc:eb:cd:ac:45:d5:18:4d:3e: 36:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:53:1B:64:69:A7:EC:42:D7:95:86:03:7B:D1:91:66:F1:A0:31:55 X509v3 Authority Key Identifier: keyid:A4:0B:AC:66:FB:FE:CC:E5:EE:2C:A8:CD:89:56:68:47:10:86:ED:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAusZvv-zOXuLKjNiVZoRxCG7Zw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0dc200-8f9a-44d9-b53e-a75b962a7fca/1/WlMbZGmn7ELXlYYDe9GRZvGgMVU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0dc200-8f9a-44d9-b53e-a75b962a7fca/1/pAusZvv-zOXuLKjNiVZoRxCG7Zw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.208.207.0/24 185.133.116.0/22 IPv6: 2a0f:d0c0::/29 Signature Algorithm: sha256WithRSAEncryption 08:67:4a:3b:cb:2f:af:d0:cb:55:46:3b:15:c0:b0:ff:20:1c: b0:39:2c:b2:23:f2:ae:41:94:1d:b8:70:bf:c0:ed:eb:46:53: 73:35:76:bf:0f:4a:fd:35:31:5c:2e:59:d8:08:31:85:0c:83: c4:c2:82:cd:5a:ff:54:76:43:ba:94:88:fa:9d:df:04:53:ca: f9:24:ba:1c:77:19:0f:79:6a:0a:c8:b2:9b:7a:72:8d:59:ed: 50:c3:ea:10:d7:89:14:38:35:22:b8:13:ff:ac:2d:d1:4d:fc: 17:db:bc:3b:58:5a:26:81:e0:bb:46:f6:9a:fe:bc:6a:b9:09: b5:42:d1:a0:d7:eb:df:49:50:ac:67:08:d0:97:e6:f1:a9:bc: 0d:57:6d:bd:2b:ff:43:a4:5b:7f:f8:29:1f:20:ac:19:1f:60: 41:0f:4a:b5:f8:ba:28:b0:9c:13:65:df:ae:bc:4f:a3:ff:8c: ff:73:3f:9b:93:cd:df:72:dc:bc:c1:10:66:3f:c4:ec:bd:fe: 36:e4:d6:26:a8:0b:d1:23:c0:17:50:14:ff:57:25:d3:f4:8b: ec:52:e2:ae:d7:dd:d7:b5:5f:2c:33:a1:11:a3:71:ee:14:3b: ea:f3:82:89:88:03:86:dd:b9:3c:aa:23:1f:5e:f3:f4:f7:3f: 56:44:83:9c -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7pTHQHjJTyIf5y0iavnQAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0MGJhYzY2ZmJmZWNjZTVlZTJjYThjZDg5NTY2ODQ3MTA4 NmVkOWMwHhcNMjYwMTAxMjIxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YTUzMWI2NDY5YTdlYzQyZDc5NTg2MDM3YmQxOTE2NmYxYTAzMTU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZbYfbUvW40rVZRoqEjL16jyUOF9 PijKiv8v3N71VMGixaBYeqVterZhqAEgiPXMLFiSsfIUkqSNAY5GhhmkJb2WEwT2 ayKu3G2WcdEzmrx/pZObLbQRaW07Uilj+wu1TfiwAVPfnIkLyo3dOfbtkH3tiR1x C7Irtdf/RzZKzYFem9jWogNMrb6JI6uIBBnnTYznGMKZInXrjVDwgoL+d28EIEds dje8AAMLH5vGCuhMFv95/tNOlXO3zY6zMBRyILBFjeo3gEFoYSkvhaJFRVq5S8Rv a191zfmNi99FPzBRe5QrDSDCFb1Fehpm7lkEjJp6gnm8682sRdUYTT427wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFFpTG2Rpp+xC15WGA3vRkWbxoDFVMB8GA1UdIwQY MBaAFKQLrGb7/szl7iyozYlWaEcQhu2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEF1c1p2di16T1h1TEtqTmlWWm9SeENHN1p3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wZGMyMDAtOGY5YS00NGQ5LWI1M2Ut YTc1Yjk2MmE3ZmNhLzEvV2xNYlpHbW43RUxYbFlZRGU5R1JadkdnTVZVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS8wZGMyMDAtOGY5YS00NGQ5LWI1M2UtYTc1Yjk2MmE3ZmNh LzEvcEF1c1p2di16T1h1TEtqTmlWWm9SeENHN1p3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9DPAwQC uYV0MA0EAgACMAcDBQMqD9DAMA0GCSqGSIb3DQEBCwUAA4IBAQAIZ0o7yy+v0MtV RjsVwLD/IBywOSyyI/KuQZQduHC/wO3rRlNzNXa/D0r9NTFcLlnYCDGFDIPEwoLN Wv9UdkO6lIj6nd8EU8r5JLocdxkPeWoKyLKbenKNWe1Qw+oQ14kUODUiuBP/rC3R TfwX27w7WFomgeC7Rvaa/rxquQm1QtGg1+vfSVCsZwjQl+bxqbwNV229K/9DpFt/ +CkfIKwZH2BBD0q1+LoosJwTZd+uvE+j/4z/cz+bk83fcty8wRBmP8Tsvf425NYm qAvRI8AXUBT/VyXT9IvsUuKu193XtV8sM6ERo3HuFDvq84KJiAOG3bk8qiMfXvP0 9z9WRIOc -----END CERTIFICATE-----Generated at Mon Feb 9 19:40:13 2026 by rpki-client