This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/AySsPboe2PxrB1Gyq1W06Px76LY.roa File: AySsPboe2PxrB1Gyq1W06Px76LY.roa (raw, json) Hash identifier: YaBT4lmGzSO4QjZLhswASZb2ScD2t8fau691sPdnGM4= Subject key identifier: 03:24:AC:3D:BA:1E:D8:FC:6B:07:51:B2:AB:55:B4:E8:FC:7B:E8:B6 Certificate issuer: /CN=8f375bc6c8110f1ad733df77acfbb1d6ec465cb8 Certificate serial: 019B77587C190A4CB228317F1F11F4FF07E0 Authority key identifier: 8F:37:5B:C6:C8:11:0F:1A:D7:33:DF:77:AC:FB:B1:D6:EC:46:5C:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzdbxsgRDxrXM993rPux1uxGXLg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/AySsPboe2PxrB1Gyq1W06Px76LY.roa Signing time: Thu 01 Jan 2026 02:17:26 +0000 ROA not before: Thu 01 Jan 2026 02:17:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201590 IP address blocks: 185.68.32.0/22 maxlen: 22 185.68.32.0/23 maxlen: 23 185.68.34.0/23 maxlen: 23 2a03:2960::/32 maxlen: 32 2a03:2960::/40 maxlen: 40 2a03:2960:100::/40 maxlen: 40 2a03:2960:fffe::/48 maxlen: 48 2a03:2960:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/jzdbxsgRDxrXM993rPux1uxGXLg.crl rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/jzdbxsgRDxrXM993rPux1uxGXLg.mft rsync://rpki.ripe.net/repository/DEFAULT/jzdbxsgRDxrXM993rPux1uxGXLg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:7c:19:0a:4c:b2:28:31:7f:1f:11:f4:ff:07:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8f375bc6c8110f1ad733df77acfbb1d6ec465cb8 Validity Not Before: Jan 1 02:17:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0324ac3dba1ed8fc6b0751b2ab55b4e8fc7be8b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e1:ad:12:92:7a:a8:1e:63:a0:6c:6e:fd:41: d7:7c:e3:b8:66:23:6a:58:88:8c:12:82:49:9a:c2: e9:8c:fa:54:a6:44:ca:4c:11:8d:4e:38:cc:48:ca: fc:67:29:0b:61:3f:1a:54:1c:c3:e0:94:f8:d8:29: 77:15:d2:6d:1e:22:7d:af:64:02:32:f0:ff:82:0c: b7:44:7b:47:b9:9b:cf:b5:14:90:5e:23:6a:52:77: c4:26:8d:d9:93:e6:84:91:10:f8:d2:d8:39:30:f5: ef:e0:81:72:b4:c0:2f:da:7c:02:f0:67:6d:87:fe: 35:3e:6a:b4:52:13:10:59:d8:aa:97:dc:27:fc:8b: 89:17:09:39:b1:ab:c1:12:fc:e0:5e:7b:ee:e6:51: eb:d1:58:b7:29:94:16:f9:0e:4d:df:43:19:5d:f5: 50:dd:97:40:df:a8:22:09:ce:d9:b4:43:84:39:e5: bb:08:d1:bf:b0:88:63:51:93:04:dc:fa:f7:59:4e: 86:0c:db:63:63:f6:e2:29:09:e7:11:d6:5e:7f:6e: d0:90:48:ce:df:0d:d4:c4:37:0d:da:08:4f:9f:5c: 9d:97:16:a0:1c:08:2a:68:17:4a:f8:03:de:7e:40: 20:f1:66:f4:5f:f0:28:4b:63:67:3e:f9:6b:cf:6a: ce:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:24:AC:3D:BA:1E:D8:FC:6B:07:51:B2:AB:55:B4:E8:FC:7B:E8:B6 X509v3 Authority Key Identifier: keyid:8F:37:5B:C6:C8:11:0F:1A:D7:33:DF:77:AC:FB:B1:D6:EC:46:5C:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzdbxsgRDxrXM993rPux1uxGXLg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/AySsPboe2PxrB1Gyq1W06Px76LY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/jzdbxsgRDxrXM993rPux1uxGXLg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.68.32.0/22 IPv6: 2a03:2960::/32 Signature Algorithm: sha256WithRSAEncryption 93:ec:29:fa:5b:c3:88:70:f0:17:95:97:89:e5:98:89:a4:ad: 60:e5:8a:22:6c:8e:0b:79:37:e3:32:20:2d:6d:46:43:67:57: 50:e8:a9:8e:83:cf:02:0d:47:b1:50:ba:51:88:bb:84:0f:4a: 8a:c1:f8:4a:60:6f:98:d1:3d:41:09:b0:eb:ec:f1:f3:36:83: 88:54:18:5c:22:6c:cd:98:db:f3:9b:d5:55:96:b0:b6:38:67: ee:3d:34:43:89:87:16:56:95:8a:7f:c2:af:b6:77:e2:c7:dc: 45:2f:82:c8:dc:f6:62:7b:21:13:a5:90:78:32:15:cc:65:ee: bf:1f:0f:62:bc:97:97:71:ea:c7:84:cc:6b:ab:8f:4b:dd:73: 23:50:8d:a7:a7:52:05:18:d9:a4:99:5f:0a:ea:c8:ed:1f:c7: 4b:86:9d:01:1d:e5:02:7a:f6:d2:e7:5a:7a:1b:01:dc:0a:49: b8:3c:d7:e6:17:8a:6d:07:91:ef:e3:5d:82:62:a8:ce:52:fc: 00:47:ca:91:67:fd:f1:d8:60:da:13:0c:83:ac:be:08:83:bc: 33:13:c4:39:32:bf:33:9d:bf:ed:47:47:f5:e4:90:f4:47:5c: 68:3c:23:44:e0:43:dd:65:08:eb:fd:89:c4:42:68:dc:85:ba: 8b:4a:0b:54 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3WHwZCkyyKDF/HxH0/wfgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhmMzc1YmM2YzgxMTBmMWFkNzMzZGY3N2FjZmJiMWQ2ZWM0 NjVjYjgwHhcNMjYwMTAxMDIxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMzI0YWMzZGJhMWVkOGZjNmIwNzUxYjJhYjU1YjRlOGZjN2JlOGI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuGtEpJ6qB5joGxu/UHXfOO4ZiNq WIiMEoJJmsLpjPpUpkTKTBGNTjjMSMr8ZykLYT8aVBzD4JT42Cl3FdJtHiJ9r2QC MvD/ggy3RHtHuZvPtRSQXiNqUnfEJo3Zk+aEkRD40tg5MPXv4IFytMAv2nwC8Gdt h/41Pmq0UhMQWdiql9wn/IuJFwk5savBEvzgXnvu5lHr0Vi3KZQW+Q5N30MZXfVQ 3ZdA36giCc7ZtEOEOeW7CNG/sIhjUZME3Pr3WU6GDNtjY/biKQnnEdZef27QkEjO 3w3UxDcN2ghPn1ydlxagHAgqaBdK+APefkAg8Wb0X/AoS2NnPvlrz2rOrQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAMkrD26Htj8awdRsqtVtOj8e+i2MB8GA1UdIwQY MBaAFI83W8bIEQ8a1zPfd6z7sdbsRly4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvanpkYnhzZ1JEeHJYTTk5M3JQdXgxdXhHWExnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My83ODY4YTUtZDUwMC00YWUxLWIzYjct ODA5ODUxYTA2YjZhLzEvQXlTc1Bib2UyUHhyQjFHeXExVzA2UHg3NkxZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My83ODY4YTUtZDUwMC00YWUxLWIzYjctODA5ODUxYTA2YjZh LzEvanpkYnhzZ1JEeHJYTTk5M3JQdXgxdXhHWExnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUQgMA0E AgACMAcDBQAqAylgMA0GCSqGSIb3DQEBCwUAA4IBAQCT7Cn6W8OIcPAXlZeJ5ZiJ pK1g5YoibI4LeTfjMiAtbUZDZ1dQ6KmOg88CDUexULpRiLuED0qKwfhKYG+Y0T1B CbDr7PHzNoOIVBhcImzNmNvzm9VVlrC2OGfuPTRDiYcWVpWKf8Kvtnfix9xFL4LI 3PZieyETpZB4MhXMZe6/Hw9ivJeXcerHhMxrq49L3XMjUI2np1IFGNmkmV8K6sjt H8dLhp0BHeUCevbS51p6GwHcCkm4PNfmF4ptB5Hv412CYqjOUvwAR8qRZ/3x2GDa EwyDrL4Ig7wzE8Q5Mr8znb/tR0f15JD0R1xoPCNE4EPdZQjr/YnEQmjchbqLSgtU -----END CERTIFICATE-----Generated at Mon Feb 9 18:43:58 2026 by rpki-client