This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d498e3-0ea9-4314-9849-00233ae50b52/1/NPoJ48rOlMylXSV9suu4vTiIJd8.roa File: NPoJ48rOlMylXSV9suu4vTiIJd8.roa (raw, json) Hash identifier: aQKCUY2SNtZbLIRkM+mjutTaN8ryl5E8Zuu6G5SpnXw= Subject key identifier: 34:FA:09:E3:CA:CE:94:CC:A5:5D:25:7D:B2:EB:B8:BD:38:88:25:DF Certificate issuer: /CN=e57455b8a8b0576d6f94f7e014f6b34d5aa6c4d7 Certificate serial: 019B7D5CD627E53E964440B27F9300FF7C20 Authority key identifier: E5:74:55:B8:A8:B0:57:6D:6F:94:F7:E0:14:F6:B3:4D:5A:A6:C4:D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5XRVuKiwV21vlPfgFPazTVqmxNc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d498e3-0ea9-4314-9849-00233ae50b52/1/NPoJ48rOlMylXSV9suu4vTiIJd8.roa Signing time: Fri 02 Jan 2026 06:19:54 +0000 ROA not before: Fri 02 Jan 2026 06:19:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201719 IP address blocks: 185.65.120.0/22 maxlen: 22 185.65.120.0/24 maxlen: 24 185.65.121.0/24 maxlen: 24 185.65.122.0/24 maxlen: 24 185.65.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/d498e3-0ea9-4314-9849-00233ae50b52/1/5XRVuKiwV21vlPfgFPazTVqmxNc.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/d498e3-0ea9-4314-9849-00233ae50b52/1/5XRVuKiwV21vlPfgFPazTVqmxNc.mft rsync://rpki.ripe.net/repository/DEFAULT/5XRVuKiwV21vlPfgFPazTVqmxNc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:d6:27:e5:3e:96:44:40:b2:7f:93:00:ff:7c:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e57455b8a8b0576d6f94f7e014f6b34d5aa6c4d7 Validity Not Before: Jan 2 06:19:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=34fa09e3cace94cca55d257db2ebb8bd388825df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:4f:ef:4e:79:85:6c:cf:be:17:ef:ac:c7:ef: 7d:e6:d1:46:bf:d9:5c:13:45:0a:82:fb:ce:a5:4d: 8b:42:4c:e6:e7:ef:80:2e:02:e3:11:f2:17:80:4e: e1:30:b1:24:8b:9b:54:4d:ac:ac:0f:21:61:ea:9c: 4d:4d:e4:68:22:de:83:79:a4:75:6d:38:04:f6:9e: 51:61:f6:f7:35:d1:f8:91:03:d7:29:bd:95:7f:2b: d1:ed:43:26:ed:e9:b7:af:da:6a:ba:00:28:eb:2a: d2:34:ff:c8:57:82:fa:67:fb:40:d7:9b:cc:5f:eb: 79:ff:cd:3c:0a:c0:92:3c:fd:da:91:23:c2:12:0a: ec:f1:b1:08:60:10:4a:d4:e9:0f:92:16:42:f1:5b: f2:61:58:72:3b:1a:f1:df:08:41:ae:d8:33:fa:c7: 24:9d:ff:c1:4e:22:92:45:8f:ad:c3:ef:6c:ac:5c: 63:4d:7d:f9:11:dd:6b:ac:dc:f7:8f:69:70:c8:f8: a7:50:8f:12:af:77:93:b6:60:6e:a0:66:02:c7:c8: 1d:7a:2c:63:5e:69:f6:68:36:10:54:cf:95:1e:f9: 91:42:c4:86:7e:68:91:1a:80:c4:e1:03:c6:3f:f6: 45:e4:46:47:af:63:af:89:38:0a:2a:5d:46:88:4e: 94:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:FA:09:E3:CA:CE:94:CC:A5:5D:25:7D:B2:EB:B8:BD:38:88:25:DF X509v3 Authority Key Identifier: keyid:E5:74:55:B8:A8:B0:57:6D:6F:94:F7:E0:14:F6:B3:4D:5A:A6:C4:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5XRVuKiwV21vlPfgFPazTVqmxNc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d498e3-0ea9-4314-9849-00233ae50b52/1/NPoJ48rOlMylXSV9suu4vTiIJd8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d498e3-0ea9-4314-9849-00233ae50b52/1/5XRVuKiwV21vlPfgFPazTVqmxNc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.65.120.0/22 Signature Algorithm: sha256WithRSAEncryption 86:c4:17:a1:35:83:7e:33:f2:8f:50:85:ee:e6:0f:69:b1:88: 0f:e2:45:2e:5e:84:79:52:67:85:a4:13:2e:3d:77:b9:0c:86: 31:5d:ce:00:8a:c2:fe:bc:80:b1:1f:27:10:49:cd:c2:9c:fc: 4b:94:30:dd:79:9b:bd:84:b8:db:87:3c:f6:01:89:bd:7f:ba: 8e:f1:8d:12:79:ec:6b:34:11:0f:33:3f:ee:83:02:fc:80:1b: 34:4c:16:38:d8:d0:98:c5:03:9f:c7:5f:c3:aa:81:a6:ec:60: 88:31:47:6a:a9:82:5e:b1:22:dd:e0:c8:96:eb:1e:56:dd:eb: 54:09:4c:7c:d4:42:7e:a0:8a:46:79:1e:dc:e3:ad:93:e1:41: e6:4f:97:84:d8:58:e0:9c:e6:90:47:08:56:1f:5d:b5:ef:88: a7:ad:50:c7:26:fb:02:1b:5a:c1:47:84:67:06:c0:c0:01:33: 07:c6:0b:23:22:cc:db:a8:53:2e:a7:60:84:2e:9d:90:b7:8d: 69:a3:2f:fd:b4:44:ad:a2:58:0f:fe:02:e8:2f:82:16:e0:34: ff:12:6e:d4:ca:80:27:e7:af:fc:aa:5d:4f:62:94:01:70:74: 9c:eb:c5:e9:ec:03:f5:d3:7d:ec:5b:7d:ad:2d:90:39:82:14: 77:a0:56:ac -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9XNYn5T6WRECyf5MA/3wgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1NzQ1NWI4YThiMDU3NmQ2Zjk0ZjdlMDE0ZjZiMzRkNWFh NmM0ZDcwHhcNMjYwMTAyMDYxOTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNGZhMDllM2NhY2U5NGNjYTU1ZDI1N2RiMmViYjhiZDM4ODgyNWRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE/vTnmFbM++F++sx+995tFGv9lc E0UKgvvOpU2LQkzm5++ALgLjEfIXgE7hMLEki5tUTaysDyFh6pxNTeRoIt6DeaR1 bTgE9p5RYfb3NdH4kQPXKb2VfyvR7UMm7em3r9pqugAo6yrSNP/IV4L6Z/tA15vM X+t5/808CsCSPP3akSPCEgrs8bEIYBBK1OkPkhZC8VvyYVhyOxrx3whBrtgz+sck nf/BTiKSRY+tw+9srFxjTX35Ed1rrNz3j2lwyPinUI8Sr3eTtmBuoGYCx8gdeixj Xmn2aDYQVM+VHvmRQsSGfmiRGoDE4QPGP/ZF5EZHr2OviTgKKl1GiE6U0wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDT6CePKzpTMpV0lfbLruL04iCXfMB8GA1UdIwQY MBaAFOV0VbiosFdtb5T34BT2s01apsTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNVhSVnVLaXdWMjF2bFBmZ0ZQYXpUVnFteE5jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kNDk4ZTMtMGVhOS00MzE0LTk4NDkt MDAyMzNhZTUwYjUyLzEvTlBvSjQ4ck9sTXlsWFNWOXN1dTR2VGlJSmQ4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS9kNDk4ZTMtMGVhOS00MzE0LTk4NDktMDAyMzNhZTUwYjUy LzEvNVhSVnVLaXdWMjF2bFBmZ0ZQYXpUVnFteE5jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUF4MA0G CSqGSIb3DQEBCwUAA4IBAQCGxBehNYN+M/KPUIXu5g9psYgP4kUuXoR5UmeFpBMu PXe5DIYxXc4AisL+vICxHycQSc3CnPxLlDDdeZu9hLjbhzz2AYm9f7qO8Y0Seexr NBEPMz/ugwL8gBs0TBY42NCYxQOfx1/DqoGm7GCIMUdqqYJesSLd4MiW6x5W3etU CUx81EJ+oIpGeR7c462T4UHmT5eE2FjgnOaQRwhWH12174inrVDHJvsCG1rBR4Rn BsDAATMHxgsjIszbqFMup2CELp2Qt41poy/9tEStolgP/gLoL4IW4DT/Em7UyoAn 56/8ql1PYpQBcHSc68Xp7AP1033sW32tLZA5ghR3oFas -----END CERTIFICATE-----Generated at Mon Feb 9 20:10:22 2026 by rpki-client