This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/TVMwQ3POqUvlVpd6DIhGjA31OEo.roa File: TVMwQ3POqUvlVpd6DIhGjA31OEo.roa (raw, json) Hash identifier: Whcd9L1nk9Dj6hFZTyskGlKlxUc8A3COyWU8lK84zTI= Subject key identifier: 4D:53:30:43:73:CE:A9:4B:E5:56:97:7A:0C:88:46:8C:0D:F5:38:4A Certificate issuer: /CN=85492f2a6910433c5bcd8269c440e8c1c7800d6b Certificate serial: 019B7A5B0757BC712BCC66C507B610ACD9CE Authority key identifier: 85:49:2F:2A:69:10:43:3C:5B:CD:82:69:C4:40:E8:C1:C7:80:0D:6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUkvKmkQQzxbzYJpxEDowceADWs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/TVMwQ3POqUvlVpd6DIhGjA31OEo.roa Signing time: Thu 01 Jan 2026 16:19:04 +0000 ROA not before: Thu 01 Jan 2026 16:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3320 IP address blocks: 85.208.248.0/24 maxlen: 24 85.208.249.0/24 maxlen: 24 85.208.250.0/24 maxlen: 24 85.208.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/hUkvKmkQQzxbzYJpxEDowceADWs.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/hUkvKmkQQzxbzYJpxEDowceADWs.mft rsync://rpki.ripe.net/repository/DEFAULT/hUkvKmkQQzxbzYJpxEDowceADWs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 07:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:07:57:bc:71:2b:cc:66:c5:07:b6:10:ac:d9:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85492f2a6910433c5bcd8269c440e8c1c7800d6b Validity Not Before: Jan 1 16:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4d53304373cea94be556977a0c88468c0df5384a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:c5:a7:d0:69:5f:e7:84:a5:58:d3:86:bb:b6: 9d:c9:c8:be:4d:c4:b3:0c:c6:82:7a:aa:61:51:42: bd:b9:f4:87:fe:be:87:c8:3c:fa:af:58:ff:f0:d3: db:68:e1:fc:82:ea:97:12:5d:b7:03:e9:09:c3:c9: e4:77:a6:bd:6e:f6:88:a1:1c:df:ea:f3:c6:a0:20: 57:79:a0:da:f8:e5:bb:1e:19:b5:9c:48:b6:5d:fb: de:60:d7:28:e4:43:9a:97:bf:93:4d:65:53:96:ad: 66:f0:fb:f8:f2:02:9a:57:0d:90:2d:3c:57:d5:7a: 98:fb:78:ed:88:f5:dd:40:de:7e:bb:12:db:b5:4f: 76:94:b8:58:f9:de:8d:4e:e3:e3:10:0b:84:fe:70: b6:9a:1d:ae:65:51:5f:1f:cf:ac:74:68:2e:ca:42: 38:a3:28:2e:a6:b6:2b:bc:82:d4:54:41:25:57:f4: 03:3b:0c:70:b0:57:1f:b8:07:2c:56:55:1f:4e:c3: 6a:e5:8e:ff:38:2c:9a:f2:74:11:c9:58:0f:6a:fd: 1d:f0:03:a1:0f:31:35:c8:53:2e:50:85:5d:04:59: 0e:f6:44:02:2c:36:d2:e1:a4:f0:a8:83:b3:fc:1f: f5:e4:61:3e:df:4d:c5:65:c6:01:98:5b:b5:52:ed: a7:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:53:30:43:73:CE:A9:4B:E5:56:97:7A:0C:88:46:8C:0D:F5:38:4A X509v3 Authority Key Identifier: keyid:85:49:2F:2A:69:10:43:3C:5B:CD:82:69:C4:40:E8:C1:C7:80:0D:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUkvKmkQQzxbzYJpxEDowceADWs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/TVMwQ3POqUvlVpd6DIhGjA31OEo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/hUkvKmkQQzxbzYJpxEDowceADWs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.208.248.0/22 Signature Algorithm: sha256WithRSAEncryption 12:57:77:a8:49:2d:39:13:bb:b5:85:4f:a7:d5:80:02:88:96: 9c:50:03:c1:13:2d:18:51:13:76:5b:ba:61:d0:4b:de:a7:95: 90:bc:4d:6f:a6:06:9c:97:d4:70:24:69:f0:b0:d5:32:b1:74: cc:ff:d9:71:d0:54:2d:1f:7c:07:fc:65:9a:0b:51:0d:57:94: ee:e4:0d:88:d0:6c:1d:f7:31:6c:3b:d0:bb:d0:36:29:d4:58: 5d:3f:55:d8:0c:bd:d9:98:99:df:be:58:16:64:f0:78:2a:d1: 2c:67:e2:09:f9:cc:76:46:1c:e1:5e:a5:52:a1:7d:f6:3d:ac: 09:55:f7:3d:d6:00:22:29:ff:24:e0:6e:9b:15:7e:26:7c:d6: ae:89:b9:05:5c:c5:9d:9b:bb:c0:58:c2:34:d3:c5:ad:09:05: b1:b3:cd:76:bf:a4:32:87:74:df:f4:04:56:a0:49:49:8e:02: 49:fe:8e:a5:8f:ea:5a:2e:67:9b:40:31:7e:b9:b4:56:03:93: 24:a2:b6:db:1d:3d:7f:fb:29:e0:43:cd:9e:2c:db:ac:9b:e5: f0:11:a2:7e:3d:83:8a:6f:1f:85:78:ac:f1:d8:43:90:fb:cb: 18:62:3f:24:32:a1:6c:a9:78:f5:89:1a:36:fc:c5:b2:fb:55: b5:bb:a6:ef -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6WwdXvHErzGbFB7YQrNnOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1NDkyZjJhNjkxMDQzM2M1YmNkODI2OWM0NDBlOGMxYzc4 MDBkNmIwHhcNMjYwMTAxMTYxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZDUzMzA0MzczY2VhOTRiZTU1Njk3N2EwYzg4NDY4YzBkZjUzODRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsWn0Glf54SlWNOGu7adyci+TcSz DMaCeqphUUK9ufSH/r6HyDz6r1j/8NPbaOH8guqXEl23A+kJw8nkd6a9bvaIoRzf 6vPGoCBXeaDa+OW7Hhm1nEi2XfveYNco5EOal7+TTWVTlq1m8Pv48gKaVw2QLTxX 1XqY+3jtiPXdQN5+uxLbtU92lLhY+d6NTuPjEAuE/nC2mh2uZVFfH8+sdGguykI4 oyguprYrvILUVEElV/QDOwxwsFcfuAcsVlUfTsNq5Y7/OCya8nQRyVgPav0d8AOh DzE1yFMuUIVdBFkO9kQCLDbS4aTwqIOz/B/15GE+303FZcYBmFu1Uu2n3wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFE1TMENzzqlL5VaXegyIRowN9ThKMB8GA1UdIwQY MBaAFIVJLyppEEM8W82CacRA6MHHgA1rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFVrdktta1FRenhiellKcHhFRG93Y2VBRFdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iMzgyMjgtMDg3NS00OTFjLTlkNGYt ZDZhOWEyODI4NGNmLzEvVFZNd1EzUE9xVXZsVnBkNkRJaEdqQTMxT0VvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi9iMzgyMjgtMDg3NS00OTFjLTlkNGYtZDZhOWEyODI4NGNm LzEvaFVrdktta1FRenhiellKcHhFRG93Y2VBRFdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdD4MA0G CSqGSIb3DQEBCwUAA4IBAQASV3eoSS05E7u1hU+n1YACiJacUAPBEy0YURN2W7ph 0Evep5WQvE1vpgacl9RwJGnwsNUysXTM/9lx0FQtH3wH/GWaC1ENV5Tu5A2I0Gwd 9zFsO9C70DYp1FhdP1XYDL3ZmJnfvlgWZPB4KtEsZ+IJ+cx2RhzhXqVSoX32PawJ Vfc91gAiKf8k4G6bFX4mfNauibkFXMWdm7vAWMI008WtCQWxs812v6Qyh3Tf9ARW oElJjgJJ/o6lj+paLmebQDF+ubRWA5MkorbbHT1/+yngQ82eLNusm+XwEaJ+PYOK bx+FeKzx2EOQ+8sYYj8kMqFsqXj1iRo2/MWy+1W1u6bv -----END CERTIFICATE-----Generated at Mon Jan 19 11:50:34 2026 by rpki-client