This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/WXDefoGzoUIZ3AxVVx77aC_MDc4.roa File: WXDefoGzoUIZ3AxVVx77aC_MDc4.roa (raw, json) Hash identifier: 0/oY/YwsoelOzPNcClAu/TuufBye/1HGrabd5S28VWg= Subject key identifier: 59:70:DE:7E:81:B3:A1:42:19:DC:0C:55:57:1E:FB:68:2F:CC:0D:CE Certificate issuer: /CN=aac223fb1942115e48a9754207292d00a082ecdf Certificate serial: 019B797EF616C8B4905F70917992C6C09023 Authority key identifier: AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/WXDefoGzoUIZ3AxVVx77aC_MDc4.roa Signing time: Thu 01 Jan 2026 12:18:42 +0000 ROA not before: Thu 01 Jan 2026 12:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199362 IP address blocks: 185.17.20.0/22 maxlen: 22 185.144.120.0/22 maxlen: 22 2a03:e640::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 11 Feb 2026 00:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:f6:16:c8:b4:90:5f:70:91:79:92:c6:c0:90:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aac223fb1942115e48a9754207292d00a082ecdf Validity Not Before: Jan 1 12:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5970de7e81b3a14219dc0c55571efb682fcc0dce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:97:a8:be:3f:1a:b9:69:61:3b:13:48:7c:4d: f8:5b:47:ac:df:70:16:7c:e2:94:d3:f1:ad:76:22: f5:eb:d6:cc:93:97:19:7a:5f:1c:b8:c1:d5:d1:2e: f4:f5:30:de:6f:54:4d:fa:04:6c:76:7b:82:26:1e: 4f:53:1c:60:61:8c:c6:4a:bc:7d:c2:23:59:ab:cc: 63:08:e0:c5:50:0d:41:30:fd:89:3d:20:b4:b2:4e: 31:63:cb:c7:8d:0d:4a:eb:19:f9:4c:17:d2:d9:9d: 08:cd:66:64:68:d4:b8:be:fa:c2:10:33:0e:1d:57: 15:99:a5:8b:43:20:fd:83:ba:06:b0:e5:0e:e6:0a: fd:21:12:2d:df:81:e4:ca:b6:84:91:98:b4:d2:3c: 51:3b:5e:80:e5:4e:2b:0f:18:34:f1:a6:35:8e:99: bd:cf:d7:10:e8:a2:7a:db:4d:b3:c9:3a:d9:18:d1: 43:b1:d6:db:bf:9b:59:58:8f:5f:17:75:a2:85:69: 73:71:1e:30:a3:f3:e8:6d:46:65:4d:44:90:b9:7e: e2:0e:3e:7e:7b:32:60:4c:5a:8c:59:ed:a4:d7:72: ae:2f:19:e2:1e:82:71:7b:12:e3:ba:45:f7:a8:63: 29:ff:98:83:8e:7a:8a:7a:70:55:e1:b7:19:e0:16: bf:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:70:DE:7E:81:B3:A1:42:19:DC:0C:55:57:1E:FB:68:2F:CC:0D:CE X509v3 Authority Key Identifier: keyid:AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/WXDefoGzoUIZ3AxVVx77aC_MDc4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.17.20.0/22 185.144.120.0/22 IPv6: 2a03:e640::/32 Signature Algorithm: sha256WithRSAEncryption 5d:a4:72:2e:23:b6:78:87:2e:80:c7:06:71:cc:83:cc:f7:ce: a4:42:e8:72:a7:0c:29:ba:6d:67:76:a8:12:a3:c4:6a:8f:12: 39:97:0e:e1:3e:17:7d:b1:fc:4e:26:d5:fd:1a:ec:99:84:74: 70:6f:4f:74:d7:84:7e:c9:92:29:29:b5:d5:00:17:14:24:3f: 10:47:6f:ca:19:b2:4e:3f:34:f5:e5:da:bb:97:85:f0:67:20: 93:a3:00:1c:ca:70:49:17:e4:c1:b4:f2:79:16:6d:d1:dc:e7: d0:2a:75:e9:93:c6:19:57:09:38:43:1d:23:3a:eb:77:ab:a6: 92:a0:f9:a8:40:7d:2e:af:86:4b:5c:d4:c8:b8:7e:56:9b:a0: 62:dd:68:34:3a:f2:ac:30:29:d2:be:fd:3b:10:6b:28:68:a6: 13:c7:6e:97:de:99:e5:49:80:5d:af:28:f9:39:90:98:c6:a9: e3:4e:31:88:a5:b8:90:99:4f:1f:00:b8:4e:2e:88:1c:e2:1f: 31:ad:05:22:40:a2:7f:d6:6f:5f:dc:94:96:39:ee:6b:35:cd: 80:3b:42:e9:c3:7b:7e:7d:43:16:ee:c6:62:c3:6f:bd:ef:1f: 01:e9:2e:3a:b3:83:85:a4:24:1d:ba:52:75:f6:12:dd:f9:94: cb:ce:82:25 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5fvYWyLSQX3CReZLGwJAjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhYzIyM2ZiMTk0MjExNWU0OGE5NzU0MjA3MjkyZDAwYTA4 MmVjZGYwHhcNMjYwMTAxMTIxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1OTcwZGU3ZTgxYjNhMTQyMTlkYzBjNTU1NzFlZmI2ODJmY2MwZGNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Jeovj8auWlhOxNIfE34W0es33AW fOKU0/GtdiL169bMk5cZel8cuMHV0S709TDeb1RN+gRsdnuCJh5PUxxgYYzGSrx9 wiNZq8xjCODFUA1BMP2JPSC0sk4xY8vHjQ1K6xn5TBfS2Z0IzWZkaNS4vvrCEDMO HVcVmaWLQyD9g7oGsOUO5gr9IRIt34HkyraEkZi00jxRO16A5U4rDxg08aY1jpm9 z9cQ6KJ6202zyTrZGNFDsdbbv5tZWI9fF3WihWlzcR4wo/PobUZlTUSQuX7iDj5+ ezJgTFqMWe2k13KuLxniHoJxexLjukX3qGMp/5iDjnqKenBV4bcZ4Ba/hQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFFlw3n6Bs6FCGdwMVVce+2gvzA3OMB8GA1UdIwQY MBaAFKrCI/sZQhFeSKl1QgcpLQCgguzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEt MWRhYTk1MWM3MWI3LzEvV1hEZWZvR3pvVUlaM0F4VlZ4NzdhQ19NRGM0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEtMWRhYTk1MWM3MWI3 LzEvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuREUAwQC uZB4MA0EAgACMAcDBQAqA+ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBdpHIuI7Z4hy6A xwZxzIPM986kQuhypwwpum1ndqgSo8RqjxI5lw7hPhd9sfxOJtX9GuyZhHRwb090 14R+yZIpKbXVABcUJD8QR2/KGbJOPzT15dq7l4XwZyCTowAcynBJF+TBtPJ5Fm3R 3OfQKnXpk8YZVwk4Qx0jOut3q6aSoPmoQH0ur4ZLXNTIuH5Wm6Bi3Wg0OvKsMCnS vv07EGsoaKYTx26X3pnlSYBdryj5OZCYxqnjTjGIpbiQmU8fALhOLogc4h8xrQUi QKJ/1m9f3JSWOe5rNc2AO0Lpw3t+fUMW7sZiw2+97x8B6S46s4OFpCQdulJ19hLd +ZTLzoIl -----END CERTIFICATE-----Generated at Tue Feb 10 08:37:19 2026 by rpki-client