This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/z8ohAxVQDEBUpQ8RPkLaMBNHEug.roa File: z8ohAxVQDEBUpQ8RPkLaMBNHEug.roa (raw, json) Hash identifier: pT90AwJRD9rVdUR8toxe1at3Xc13+2EF89ax44o0aWk= Subject key identifier: CF:CA:21:03:15:50:0C:40:54:A5:0F:11:3E:42:DA:30:13:47:12:E8 Certificate issuer: /CN=ad8e857fc00be14ed92b9e78cc3ca69b8adc2485 Certificate serial: 019B7A5AEA3552CA13B7F0FB6D0EF081B30D Authority key identifier: AD:8E:85:7F:C0:0B:E1:4E:D9:2B:9E:78:CC:3C:A6:9B:8A:DC:24:85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY6Ff8AL4U7ZK554zDymm4rcJIU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/z8ohAxVQDEBUpQ8RPkLaMBNHEug.roa Signing time: Thu 01 Jan 2026 16:18:56 +0000 ROA not before: Thu 01 Jan 2026 16:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59439 IP address blocks: 91.240.178.0/24 maxlen: 24 185.168.52.0/22 maxlen: 24 2a0d:c0c0:3e1::/48 maxlen: 48 2a0d:c0c0:3e1:18::/64 maxlen: 64 2a0d:c0c0:4e1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/rY6Ff8AL4U7ZK554zDymm4rcJIU.crl rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/rY6Ff8AL4U7ZK554zDymm4rcJIU.mft rsync://rpki.ripe.net/repository/DEFAULT/rY6Ff8AL4U7ZK554zDymm4rcJIU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:ea:35:52:ca:13:b7:f0:fb:6d:0e:f0:81:b3:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad8e857fc00be14ed92b9e78cc3ca69b8adc2485 Validity Not Before: Jan 1 16:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cfca210315500c4054a50f113e42da30134712e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:df:10:75:59:9c:5f:6e:a1:a8:f8:36:12:49: 34:a5:f5:8b:ca:a2:63:34:73:aa:22:90:17:40:80: 4c:0d:1b:74:8e:51:d8:91:61:1a:a2:74:81:93:9b: 64:3d:62:32:cd:67:c6:47:90:9f:1a:03:ea:28:98: 46:52:9e:db:ff:08:87:6d:5a:a1:0c:76:65:02:38: b3:d6:36:8b:6d:19:e9:0e:5b:b4:6e:6a:3d:b7:6d: 88:77:8d:51:a5:9b:ae:96:fa:74:b9:60:ea:a1:54: b5:1e:e7:67:2d:b9:75:05:94:b6:d0:7f:7f:5d:88: 0a:3a:0e:60:49:3b:5b:83:0b:79:cc:63:75:92:54: d9:18:a1:a4:a9:88:a8:35:63:58:6b:49:3d:02:f7: 6b:d8:88:d5:c7:c3:97:21:d2:ff:86:b0:28:83:c1: ab:0d:0d:3b:01:ea:b2:92:c5:93:5c:44:0f:40:5f: b6:07:e8:09:79:ec:7b:69:93:c3:13:9d:0c:e8:3e: 51:a6:d6:21:c4:12:c2:2a:07:ae:75:df:6e:78:b6: 39:d2:bc:a6:33:b3:38:ff:af:b0:21:80:bd:79:ad: bf:42:2f:58:7a:ce:06:11:6d:dc:f0:57:59:5f:3b: 34:8f:2d:65:67:32:fd:02:32:d7:7f:1b:7a:74:52: 92:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:CA:21:03:15:50:0C:40:54:A5:0F:11:3E:42:DA:30:13:47:12:E8 X509v3 Authority Key Identifier: keyid:AD:8E:85:7F:C0:0B:E1:4E:D9:2B:9E:78:CC:3C:A6:9B:8A:DC:24:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY6Ff8AL4U7ZK554zDymm4rcJIU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/z8ohAxVQDEBUpQ8RPkLaMBNHEug.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b8c3bd-16ef-4f2c-9400-db099e585e4b/1/rY6Ff8AL4U7ZK554zDymm4rcJIU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.240.178.0/24 185.168.52.0/22 IPv6: 2a0d:c0c0:3e1::/48 2a0d:c0c0:4e1::/48 Signature Algorithm: sha256WithRSAEncryption a9:13:bc:09:32:af:23:4a:91:c6:af:b5:1e:58:a5:14:31:24: b6:19:31:f4:3d:0d:e9:e5:81:51:6e:74:55:2c:6b:e9:0f:ca: a4:73:b2:ca:e1:80:f6:7f:bf:bf:39:a1:d3:91:7e:f1:99:13: af:99:dc:ea:ed:05:6b:16:8a:0a:32:05:a1:e1:ae:1e:ee:d4: df:28:81:ea:83:40:66:2e:62:fc:11:dd:d5:60:a2:e3:6d:9e: 2d:3c:31:94:d4:43:db:24:76:a5:a3:e0:87:80:71:7c:f8:8c: 0a:e0:9d:17:45:82:e3:a7:db:c9:33:01:c3:fd:d0:c8:65:25: 8e:cd:6d:4a:c1:33:63:41:a2:7e:37:7e:32:aa:ad:45:79:81: f8:03:a6:ec:8f:b5:f4:f5:79:63:14:03:22:cd:69:73:5f:f6: ae:97:85:ee:57:fa:09:53:0c:07:5d:43:8a:26:d9:4b:22:8a: dc:03:36:e6:07:ae:51:da:7f:e0:f2:c0:8c:ec:fa:31:67:41: 18:42:9c:e2:b9:b5:37:83:c1:2f:66:23:0c:ed:6d:0a:34:2f: fa:f1:43:2f:3d:6a:2d:24:62:60:d7:19:4d:1e:41:46:d6:ab: 24:df:36:98:90:79:f5:0d:0a:a2:53:91:07:0f:c7:64:0c:95: 15:8d:c4:82 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZt6Wuo1UsoTt/D7bQ7wgbMNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkOGU4NTdmYzAwYmUxNGVkOTJiOWU3OGNjM2NhNjliOGFk YzI0ODUwHhcNMjYwMTAxMTYxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZmNhMjEwMzE1NTAwYzQwNTRhNTBmMTEzZTQyZGEzMDEzNDcxMmU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt8QdVmcX26hqPg2Ekk0pfWLyqJj NHOqIpAXQIBMDRt0jlHYkWEaonSBk5tkPWIyzWfGR5CfGgPqKJhGUp7b/wiHbVqh DHZlAjiz1jaLbRnpDlu0bmo9t22Id41RpZuulvp0uWDqoVS1HudnLbl1BZS20H9/ XYgKOg5gSTtbgwt5zGN1klTZGKGkqYioNWNYa0k9Avdr2IjVx8OXIdL/hrAog8Gr DQ07AeqyksWTXEQPQF+2B+gJeex7aZPDE50M6D5RptYhxBLCKgeudd9ueLY50rym M7M4/6+wIYC9ea2/Qi9Yes4GEW3c8FdZXzs0jy1lZzL9AjLXfxt6dFKSKQIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFM/KIQMVUAxAVKUPET5C2jATRxLoMB8GA1UdIwQY MBaAFK2OhX/AC+FO2SueeMw8ppuK3CSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclk2RmY4QUw0VTdaSzU1NHpEeW1tNHJjSklVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iOGMzYmQtMTZlZi00ZjJjLTk0MDAt ZGIwOTllNTg1ZTRiLzEvejhvaEF4VlFERUJVcFE4UlBrTGFNQk5IRXVnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9iOGMzYmQtMTZlZi00ZjJjLTk0MDAtZGIwOTllNTg1ZTRi LzEvclk2RmY4QUw0VTdaSzU1NHpEeW1tNHJjSklVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAW/CyAwQC uag0MBgEAgACMBIDBwAqDcDAA+EDBwAqDcDABOEwDQYJKoZIhvcNAQELBQADggEB AKkTvAkyryNKkcavtR5YpRQxJLYZMfQ9DenlgVFudFUsa+kPyqRzssrhgPZ/v785 odORfvGZE6+Z3OrtBWsWigoyBaHhrh7u1N8ogeqDQGYuYvwR3dVgouNtni08MZTU Q9skdqWj4IeAcXz4jArgnRdFguOn28kzAcP90MhlJY7NbUrBM2NBon43fjKqrUV5 gfgDpuyPtfT1eWMUAyLNaXNf9q6Xhe5X+glTDAddQ4om2UsiitwDNuYHrlHaf+Dy wIzs+jFnQRhCnOK5tTeDwS9mIwztbQo0L/rxQy89ai0kYmDXGU0eQUbWqyTfNpiQ efUNCqJTkQcPx2QMlRWNxII= -----END CERTIFICATE-----Generated at Mon Feb 9 23:46:20 2026 by rpki-client