This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/aoIheKr9cfwdkfPnA8io2rwnzUU.roa File: aoIheKr9cfwdkfPnA8io2rwnzUU.roa (raw, json) Hash identifier: bd8EK0ErpEEUoneRY3CDUEglnwrfEtlsUHg/CzYtrqs= Subject key identifier: 6A:82:21:78:AA:FD:71:FC:1D:91:F3:E7:03:C8:A8:DA:BC:27:CD:45 Certificate issuer: /CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156 Certificate serial: 019B7A5AF4281FE08C61700339701EEDF966 Authority key identifier: D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/aoIheKr9cfwdkfPnA8io2rwnzUU.roa Signing time: Thu 01 Jan 2026 16:18:59 +0000 ROA not before: Thu 01 Jan 2026 16:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 185.1.86.0/24 maxlen: 32 2001:7f8:af::/48 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.mft rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:f4:28:1f:e0:8c:61:70:03:39:70:1e:ed:f9:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156 Validity Not Before: Jan 1 16:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a822178aafd71fc1d91f3e703c8a8dabc27cd45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:1f:00:e3:cb:1b:a1:3c:4c:be:b0:6f:68:a4: 07:58:e3:cc:fe:e5:34:7b:af:41:c6:ad:af:4d:ce: 29:e1:bb:4a:4c:90:e4:94:3c:14:88:3b:c6:cc:1f: ae:86:f8:94:2a:68:06:38:10:92:ca:d0:fa:50:60: e0:26:f5:47:37:49:cf:6b:bc:d9:80:e7:8b:d5:83: 02:93:04:c8:0c:96:fd:5e:02:5e:c0:8c:12:68:53: 71:34:2f:d4:1e:fc:2a:9d:6c:32:59:e8:36:12:0d: b3:5b:fc:50:09:61:2d:cc:a8:a6:66:38:b3:de:97: d0:c0:5a:f8:1c:3b:d8:92:cc:1c:da:0d:00:93:a7: ad:8a:e3:57:ad:40:e3:4d:c4:09:d1:67:e9:ee:1e: ee:7e:bd:dc:5b:18:c0:22:f7:30:33:bd:09:0c:38: f4:8c:79:9c:f0:79:97:14:eb:36:cc:1d:04:91:15: 24:62:c1:8e:de:a3:aa:51:f3:63:94:b3:e6:ca:f0: 35:f8:a1:29:cf:34:08:fe:ac:e9:0a:b5:52:25:42: 58:fd:9f:2d:6f:e8:32:15:7b:87:3e:7b:3c:b2:e4: cd:55:17:6b:50:9c:c3:0d:80:7d:60:65:ab:c2:ad: a6:c8:67:31:19:89:d1:57:6b:cb:9a:46:f9:6f:d1: 64:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:82:21:78:AA:FD:71:FC:1D:91:F3:E7:03:C8:A8:DA:BC:27:CD:45 X509v3 Authority Key Identifier: keyid:D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/aoIheKr9cfwdkfPnA8io2rwnzUU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.1.86.0/24 IPv6: 2001:7f8:af::/48 Signature Algorithm: sha256WithRSAEncryption 6f:ae:76:8a:4e:a7:84:f7:d2:12:d5:4c:4f:d7:ad:5d:10:d8: 68:1f:80:f1:d1:53:bf:81:99:8f:a0:aa:bb:ba:9d:3d:1e:c7: 11:af:e0:05:fb:bc:b9:26:47:23:d6:48:96:4a:bf:4f:74:44: 8d:ff:22:e5:fa:b6:fe:6e:a5:bb:4f:77:c6:f7:c8:b8:b5:8e: 49:01:e7:d0:d0:14:f9:ca:65:fa:87:5b:90:40:40:76:1d:e2: 04:e1:6a:bf:90:ad:d8:28:84:2a:81:82:9a:72:ab:e5:32:73: 8f:a3:f0:ff:98:6b:34:0d:a1:6f:80:2f:86:e3:25:e8:ed:b2: 52:66:f8:23:da:df:cc:80:ea:66:25:9b:aa:20:89:24:c3:e2: d2:fc:4b:f8:00:02:3c:ad:13:77:c6:54:a3:22:ce:20:ee:dd: 91:cd:c1:3d:26:96:67:50:d2:fe:f4:d6:41:bd:bc:97:ea:5b: 0f:bc:94:11:7c:29:0b:a8:87:45:05:cc:9f:1b:1d:34:92:ed: 7d:da:99:b9:1e:db:31:e9:05:e9:c0:a4:cc:47:44:25:c4:72: 79:30:46:fa:14:04:fd:59:77:80:3e:97:bc:f4:c8:20:f5:0c: 59:6e:f1:65:99:81:6c:e2:5d:0b:71:35:00:7c:b8:26:8a:4c: ed:41:8f:56 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt6WvQoH+CMYXADOXAe7flmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxMGQ1YjMwYjQ2YzdiOTdiMmRiYzQ1ODljZWEzNjIyYWQ3 NTYxNTYwHhcNMjYwMTAxMTYxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YTgyMjE3OGFhZmQ3MWZjMWQ5MWYzZTcwM2M4YThkYWJjMjdjZDQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjx8A48sboTxMvrBvaKQHWOPM/uU0 e69Bxq2vTc4p4btKTJDklDwUiDvGzB+uhviUKmgGOBCSytD6UGDgJvVHN0nPa7zZ gOeL1YMCkwTIDJb9XgJewIwSaFNxNC/UHvwqnWwyWeg2Eg2zW/xQCWEtzKimZjiz 3pfQwFr4HDvYkswc2g0Ak6etiuNXrUDjTcQJ0Wfp7h7ufr3cWxjAIvcwM70JDDj0 jHmc8HmXFOs2zB0EkRUkYsGO3qOqUfNjlLPmyvA1+KEpzzQI/qzpCrVSJUJY/Z8t b+gyFXuHPns8suTNVRdrUJzDDYB9YGWrwq2myGcxGYnRV2vLmkb5b9FkSQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFGqCIXiq/XH8HZHz5wPIqNq8J81FMB8GA1UdIwQY MBaAFNENWzC0bHuXstvEWJzqNiKtdWFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUt M2U0MGQwMTc0MGIyLzEvYW9JaGVLcjljZndka2ZQbkE4aW8ycnduelVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUtM2U0MGQwMTc0MGIy LzEvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQFWMA8E AgACMAkDBwAgAQf4AK8wDQYJKoZIhvcNAQELBQADggEBAG+udopOp4T30hLVTE/X rV0Q2GgfgPHRU7+BmY+gqru6nT0exxGv4AX7vLkmRyPWSJZKv090RI3/IuX6tv5u pbtPd8b3yLi1jkkB59DQFPnKZfqHW5BAQHYd4gThar+QrdgohCqBgppyq+Uyc4+j 8P+YazQNoW+AL4bjJejtslJm+CPa38yA6mYlm6ogiSTD4tL8S/gAAjytE3fGVKMi ziDu3ZHNwT0mlmdQ0v701kG9vJfqWw+8lBF8KQuoh0UFzJ8bHTSS7X3ambke2zHp BenApMxHRCXEcnkwRvoUBP1Zd4A+l7z0yCD1DFlu8WWZgWziXQtxNQB8uCaKTO1B j1Y= -----END CERTIFICATE-----Generated at Fri Jan 9 17:06:03 2026 by rpki-client