This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/AQSMuP-LPLRf4-kQcf3LGna9DKg.roa File: AQSMuP-LPLRf4-kQcf3LGna9DKg.roa (raw, json) Hash identifier: Ez0ofhVHMZrPOBeGOL6oBycjinxntsGtsf5bNE6JSd8= Subject key identifier: 01:04:8C:B8:FF:8B:3C:B4:5F:E3:E9:10:71:FD:CB:1A:76:BD:0C:A8 Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d Certificate serial: 019B7758B182879D344066D936B46907C3A1 Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/AQSMuP-LPLRf4-kQcf3LGna9DKg.roa Signing time: Thu 01 Jan 2026 02:17:39 +0000 ROA not before: Thu 01 Jan 2026 02:17:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60721 IP address blocks: 185.98.61.0/24 maxlen: 24 185.141.34.0/24 maxlen: 24 185.185.232.0/24 maxlen: 24 185.243.182.0/24 maxlen: 24 193.160.142.0/24 maxlen: 24 193.223.104.0/24 maxlen: 24 193.223.105.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:b1:82:87:9d:34:40:66:d9:36:b4:69:07:c3:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d Validity Not Before: Jan 1 02:17:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=01048cb8ff8b3cb45fe3e91071fdcb1a76bd0ca8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:a7:53:74:2d:be:68:a6:5e:6e:fb:e9:22:7e: d7:2a:bc:57:f7:58:0f:70:8e:8c:04:72:84:0f:40: 5f:ac:a9:d5:e4:a0:83:ed:42:aa:0d:45:43:0d:83: fc:a8:eb:73:2d:6c:4b:7d:51:20:cd:77:1e:80:9d: 2a:71:86:ec:5f:ab:85:69:c6:21:4f:1c:72:a7:ea: f2:cb:42:ee:3d:b2:16:dd:ef:9c:b3:e1:51:30:2c: db:2c:88:ec:33:ee:95:d8:e8:f8:c3:14:8e:1a:29: 2c:bf:b8:c7:d6:4b:e0:db:14:ca:0f:3b:60:9f:c0: 73:eb:bd:8d:04:c3:ae:d7:69:d3:dc:bc:0e:e3:d0: 1d:77:92:88:f4:c7:bb:80:a5:72:61:fb:b1:41:7d: 74:3e:5a:fb:ae:e4:5d:a2:60:bf:11:2d:24:0d:93: 0e:74:d5:79:7f:c5:a6:b1:30:ff:d9:c5:d7:5c:ae: b3:47:b5:7d:8b:b9:01:b1:a4:1e:14:3d:1a:a4:4e: c4:85:08:97:bf:f9:2f:93:2f:65:0c:ad:83:57:bf: eb:3a:ad:37:5c:6c:9c:4c:95:52:a7:5d:cc:d2:d3: c3:aa:9e:73:fc:96:4e:cb:96:e3:f0:05:24:24:5b: 73:08:e0:b9:e7:1e:9f:64:81:b6:17:3e:b7:fd:58: 4c:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:04:8C:B8:FF:8B:3C:B4:5F:E3:E9:10:71:FD:CB:1A:76:BD:0C:A8 X509v3 Authority Key Identifier: keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/AQSMuP-LPLRf4-kQcf3LGna9DKg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.98.61.0/24 185.141.34.0/24 185.185.232.0/24 185.243.182.0/24 193.160.142.0/24 193.223.104.0/23 Signature Algorithm: sha256WithRSAEncryption a4:f7:00:37:80:68:b6:2b:d1:12:54:89:72:ee:96:dc:c0:b3: 42:4d:4c:20:17:44:14:37:f1:66:20:f1:74:5f:c0:25:64:d3: 95:6d:0b:64:b8:36:68:a2:63:8b:6d:51:45:bf:2e:fb:ae:35: c1:7a:cd:e4:26:41:3c:17:55:5e:72:b8:b4:00:b2:aa:a1:19: 47:b1:32:6b:05:ac:21:65:98:22:da:6a:f0:63:9c:2c:c7:b4: f6:de:75:a5:cb:e4:bd:9f:26:c3:0d:21:e5:ba:dc:36:49:81: c5:04:c9:f4:4e:f6:ee:2b:3c:e0:8b:1b:60:e2:4c:2f:ea:3f: 13:d2:1f:44:b7:68:e7:32:4e:89:64:cb:35:18:f4:45:c3:28: 33:f4:2e:b9:5c:c8:17:00:1f:5a:15:50:27:4e:a7:65:19:65: d6:cb:65:bd:02:9f:c5:a3:61:28:fa:60:d8:0a:8b:96:a4:75: c9:e5:8d:ee:89:1a:0e:97:68:00:8d:55:7d:c9:b1:79:2f:56: 6a:f3:fe:f8:b1:3f:b3:e9:ca:27:6b:2a:e4:c8:20:09:e3:a9: fa:7f:82:eb:03:6f:15:66:d3:31:59:ad:1c:10:27:2b:eb:05: 01:d1:9b:25:2a:f7:ea:8d:00:bd:82:59:63:3c:cc:18:3f:19: e1:a6:f2:ae -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt3WLGCh500QGbZNrRpB8OhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw OTBlNGQwHhcNMjYwMTAxMDIxNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMTA0OGNiOGZmOGIzY2I0NWZlM2U5MTA3MWZkY2IxYTc2YmQwY2E4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKdTdC2+aKZebvvpIn7XKrxX91gP cI6MBHKED0BfrKnV5KCD7UKqDUVDDYP8qOtzLWxLfVEgzXcegJ0qcYbsX6uFacYh Txxyp+ryy0LuPbIW3e+cs+FRMCzbLIjsM+6V2Oj4wxSOGiksv7jH1kvg2xTKDztg n8Bz672NBMOu12nT3LwO49Add5KI9Me7gKVyYfuxQX10Plr7ruRdomC/ES0kDZMO dNV5f8WmsTD/2cXXXK6zR7V9i7kBsaQeFD0apE7EhQiXv/kvky9lDK2DV7/rOq03 XGycTJVSp13M0tPDqp5z/JZOy5bj8AUkJFtzCOC55x6fZIG2Fz63/VhMHQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFAEEjLj/izy0X+PpEHH9yxp2vQyoMB8GA1UdIwQY MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt MzlmZGI5ODZmMDU5LzEvQVFTTXVQLUxQTFJmNC1rUWNmM0xHbmE5REtnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5 LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuWI9AwQA uY0iAwQAubnoAwQAufO2AwQAwaCOAwQBwd9oMA0GCSqGSIb3DQEBCwUAA4IBAQCk 9wA3gGi2K9ESVIly7pbcwLNCTUwgF0QUN/FmIPF0X8AlZNOVbQtkuDZoomOLbVFF vy77rjXBes3kJkE8F1Vecri0ALKqoRlHsTJrBawhZZgi2mrwY5wsx7T23nWly+S9 nybDDSHlutw2SYHFBMn0TvbuKzzgixtg4kwv6j8T0h9Et2jnMk6JZMs1GPRFwygz 9C65XMgXAB9aFVAnTqdlGWXWy2W9Ap/Fo2Eo+mDYCouWpHXJ5Y3uiRoOl2gAjVV9 ybF5L1Zq8/74sT+z6conayrkyCAJ46n6f4LrA28VZtMxWa0cECcr6wUB0ZslKvfq jQC9glljPMwYPxnhpvKu -----END CERTIFICATE-----Generated at Fri Jan 2 09:05:54 2026 by rpki-client