This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b4b01a-0746-45ff-af41-15e288b4a57d/1/vBMtviwzR2kVgzmNNYo_Vafp9LM.roa File: vBMtviwzR2kVgzmNNYo_Vafp9LM.roa (raw, json) Hash identifier: lNCNgMYzNrricpFi/DIzZBh14EOt1NtDvwmLx+z5MvQ= Subject key identifier: BC:13:2D:BE:2C:33:47:69:15:83:39:8D:35:8A:3F:55:A7:E9:F4:B3 Certificate issuer: /CN=5baeeb4c3a6985141255fd5f6ae1884067348f41 Certificate serial: 019B7E38773935361638B5A40CD7F91BFC2D Authority key identifier: 5B:AE:EB:4C:3A:69:85:14:12:55:FD:5F:6A:E1:88:40:67:34:8F:41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W67rTDpphRQSVf1fauGIQGc0j0E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/b4b01a-0746-45ff-af41-15e288b4a57d/1/vBMtviwzR2kVgzmNNYo_Vafp9LM.roa Signing time: Fri 02 Jan 2026 10:19:48 +0000 ROA not before: Fri 02 Jan 2026 10:19:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43684 IP address blocks: 185.85.160.0/22 maxlen: 22 185.85.160.0/24 maxlen: 24 185.85.161.0/24 maxlen: 24 185.85.162.0/24 maxlen: 24 185.85.163.0/24 maxlen: 24 2a0b:1380::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/b4b01a-0746-45ff-af41-15e288b4a57d/1/W67rTDpphRQSVf1fauGIQGc0j0E.crl rsync://rpki.ripe.net/repository/DEFAULT/33/b4b01a-0746-45ff-af41-15e288b4a57d/1/W67rTDpphRQSVf1fauGIQGc0j0E.mft rsync://rpki.ripe.net/repository/DEFAULT/W67rTDpphRQSVf1fauGIQGc0j0E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:77:39:35:36:16:38:b5:a4:0c:d7:f9:1b:fc:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5baeeb4c3a6985141255fd5f6ae1884067348f41 Validity Not Before: Jan 2 10:19:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bc132dbe2c3347691583398d358a3f55a7e9f4b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:a3:eb:65:c3:96:b5:30:3b:74:0d:63:46:65: a6:d7:66:cc:5e:40:4e:d4:41:0a:27:cb:8d:65:18: dc:2f:f9:97:59:3e:43:ba:e2:68:00:4e:a6:b0:23: 1a:5d:bd:e3:ba:4f:e3:3e:e3:8b:07:5c:8c:aa:89: db:7c:cb:0a:e1:c8:05:bd:88:b1:d9:7a:e4:91:e7: 58:95:34:93:4b:7c:e3:ae:ee:16:ec:2b:56:71:aa: 09:e2:0a:13:f4:22:15:97:81:c4:88:ae:ac:6b:a7: d4:21:bf:c0:be:f9:be:13:47:83:5c:38:87:c6:1d: 92:ae:7c:6f:d0:c3:25:26:80:da:3c:42:4a:c8:15: a0:dc:48:3d:cb:63:7b:d9:e7:c9:d9:a2:16:76:a2: 3e:ac:17:fa:3b:f3:c9:ce:42:6f:72:59:19:04:c0: ad:c9:5e:c0:02:a5:4a:fb:c3:df:a3:97:46:b2:30: 01:02:8a:1b:0c:dd:a9:86:0f:0c:50:38:9b:08:ab: db:c0:4d:69:0e:ce:eb:7b:3c:a4:bd:b0:ad:ce:7f: f2:cf:4e:e1:ec:c4:05:8d:fe:c2:2b:ec:e2:d4:b5: 88:50:54:54:da:fc:ea:fe:9d:e1:30:15:57:4a:1c: 6e:52:bf:5c:80:e9:34:c7:3f:dd:db:22:24:c3:62: 16:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:13:2D:BE:2C:33:47:69:15:83:39:8D:35:8A:3F:55:A7:E9:F4:B3 X509v3 Authority Key Identifier: keyid:5B:AE:EB:4C:3A:69:85:14:12:55:FD:5F:6A:E1:88:40:67:34:8F:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W67rTDpphRQSVf1fauGIQGc0j0E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b4b01a-0746-45ff-af41-15e288b4a57d/1/vBMtviwzR2kVgzmNNYo_Vafp9LM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b4b01a-0746-45ff-af41-15e288b4a57d/1/W67rTDpphRQSVf1fauGIQGc0j0E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.85.160.0/22 IPv6: 2a0b:1380::/29 Signature Algorithm: sha256WithRSAEncryption 87:c0:80:16:f3:ee:30:39:a4:f8:fd:14:72:e2:62:1b:cb:ad: b6:25:51:90:b8:d4:dd:25:19:08:ae:6e:2c:05:a5:62:77:57: 79:2c:63:14:6c:8b:34:5f:fe:6d:a2:91:6b:5d:01:53:ea:46: e6:fa:fb:7f:7e:57:e8:28:18:1d:b4:c0:9e:02:a6:5b:4d:8e: 5d:5d:9d:e2:d0:1c:8f:d1:af:9a:56:a1:03:29:55:cd:8b:bb: dc:1c:b0:da:d1:52:7d:34:c1:8d:00:09:00:0d:ab:ce:5b:6a: 5d:cf:28:a4:53:e7:5c:f3:73:cd:de:cc:11:9c:b0:d9:7f:3e: 93:cf:39:eb:12:f9:66:f1:31:ee:87:fb:6c:7b:28:64:a5:ba: 1a:0d:d7:b8:fd:53:98:83:fb:4b:07:57:37:d3:c7:c9:12:ec: 32:b3:88:06:7e:b8:d1:95:69:2b:b9:60:f9:bc:ff:97:3e:fc: f6:d2:8e:91:c0:99:23:fd:24:55:f8:79:8e:f1:44:12:e1:dc: 04:a1:1e:f8:ab:9b:76:ae:27:6b:8d:63:ac:9e:e8:20:f6:61: 20:03:3a:5b:23:42:db:b8:d4:d6:d4:58:d7:7e:5c:c4:a5:91: ef:8f:13:29:c8:22:98:71:c6:46:e9:1a:cc:a8:14:f7:68:67: 16:93:e3:b2 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OHc5NTYWOLWkDNf5G/wtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDViYWVlYjRjM2E2OTg1MTQxMjU1ZmQ1ZjZhZTE4ODQwNjcz NDhmNDEwHhcNMjYwMTAyMTAxOTQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYzEzMmRiZTJjMzM0NzY5MTU4MzM5OGQzNThhM2Y1NWE3ZTlmNGIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKPrZcOWtTA7dA1jRmWm12bMXkBO 1EEKJ8uNZRjcL/mXWT5DuuJoAE6msCMaXb3juk/jPuOLB1yMqonbfMsK4cgFvYix 2XrkkedYlTSTS3zjru4W7CtWcaoJ4goT9CIVl4HEiK6sa6fUIb/Avvm+E0eDXDiH xh2Srnxv0MMlJoDaPEJKyBWg3Eg9y2N72efJ2aIWdqI+rBf6O/PJzkJvclkZBMCt yV7AAqVK+8Pfo5dGsjABAoobDN2phg8MUDibCKvbwE1pDs7rezykvbCtzn/yz07h 7MQFjf7CK+zi1LWIUFRU2vzq/p3hMBVXShxuUr9cgOk0xz/d2yIkw2IWqwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLwTLb4sM0dpFYM5jTWKP1Wn6fSzMB8GA1UdIwQY MBaAFFuu60w6aYUUElX9X2rhiEBnNI9BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVzY3clREcHBoUlFTVmYxZmF1R0lRR2MwajBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iNGIwMWEtMDc0Ni00NWZmLWFmNDEt MTVlMjg4YjRhNTdkLzEvdkJNdHZpd3pSMmtWZ3ptTk5Zb19WYWZwOUxNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9iNGIwMWEtMDc0Ni00NWZmLWFmNDEtMTVlMjg4YjRhNTdk LzEvVzY3clREcHBoUlFTVmYxZmF1R0lRR2MwajBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVWgMA0E AgACMAcDBQMqCxOAMA0GCSqGSIb3DQEBCwUAA4IBAQCHwIAW8+4wOaT4/RRy4mIb y622JVGQuNTdJRkIrm4sBaVid1d5LGMUbIs0X/5topFrXQFT6kbm+vt/flfoKBgd tMCeAqZbTY5dXZ3i0ByP0a+aVqEDKVXNi7vcHLDa0VJ9NMGNAAkADavOW2pdzyik U+dc83PN3swRnLDZfz6TzznrEvlm8THuh/tseyhkpboaDde4/VOYg/tLB1c308fJ Euwys4gGfrjRlWkruWD5vP+XPvz20o6RwJkj/SRV+HmO8UQS4dwEoR74q5t2ridr jWOsnugg9mEgAzpbI0LbuNTW1FjXflzEpZHvjxMpyCKYccZG6RrMqBT3aGcWk+Oy -----END CERTIFICATE-----Generated at Tue Feb 10 00:03:27 2026 by rpki-client