This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/aHohvmZrJOOZrpMAIOpcUZD835k.roa File: aHohvmZrJOOZrpMAIOpcUZD835k.roa (raw, json) Hash identifier: Lfp+q62MRXSn7ts6IZsilj9kYQPjsgFts0IvrL3U2wc= Subject key identifier: 68:7A:21:BE:66:6B:24:E3:99:AE:93:00:20:EA:5C:51:90:FC:DF:99 Certificate issuer: /CN=a674015d509b5d4f396ea363369e9d74ffad7593 Certificate serial: 019B7F15F7772CF9009AF3F3B64B2A91FA5A Authority key identifier: A6:74:01:5D:50:9B:5D:4F:39:6E:A3:63:36:9E:9D:74:FF:AD:75:93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/aHohvmZrJOOZrpMAIOpcUZD835k.roa Signing time: Fri 02 Jan 2026 14:21:44 +0000 ROA not before: Fri 02 Jan 2026 14:21:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200804 IP address blocks: 185.94.112.0/23 maxlen: 23 185.94.114.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.crl rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:f7:77:2c:f9:00:9a:f3:f3:b6:4b:2a:91:fa:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a674015d509b5d4f396ea363369e9d74ffad7593 Validity Not Before: Jan 2 14:21:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=687a21be666b24e399ae930020ea5c5190fcdf99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:42:ce:33:7d:d4:ba:ee:55:6d:f0:3e:6c:83: c7:af:32:cf:ea:1a:8c:1a:5a:3e:7c:a0:a2:bf:7c: eb:60:85:a1:8e:86:81:a9:1f:0a:2d:ea:ce:52:8a: a9:9a:9e:dc:80:a0:e2:ce:34:f7:d6:6e:fd:9a:3f: 96:91:8c:58:f7:67:15:8d:0e:92:81:7b:a3:f9:16: a5:d3:56:d7:9f:21:7b:0f:eb:84:cd:ce:bf:ea:2e: 5b:68:e7:9d:d1:59:28:fb:45:64:e5:29:1e:48:00: 9b:6a:1b:00:8e:0f:2e:fd:2c:74:e4:95:3d:87:e1: dd:86:14:87:1c:14:ad:19:ca:48:02:38:d0:09:a7: 89:1e:00:36:37:4c:89:8b:59:27:9a:51:a1:62:1e: 2a:10:0b:a2:99:2d:b8:16:40:44:8c:1f:10:e7:60: b2:a2:eb:50:1e:01:f3:8f:51:58:57:48:9b:7b:7c: ec:d9:61:67:fb:0e:fc:57:93:63:ff:34:97:7b:70: 2a:c5:55:93:2b:d4:ca:7e:5c:2d:39:24:83:79:46: 5b:01:23:83:bc:2e:f8:16:75:8e:4a:07:67:2b:a7: 89:5f:eb:5e:d0:3d:99:ca:63:e8:6d:4f:cd:86:5b: e2:77:cd:a9:91:1a:7f:07:36:51:d9:5f:49:ee:34: 55:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:7A:21:BE:66:6B:24:E3:99:AE:93:00:20:EA:5C:51:90:FC:DF:99 X509v3 Authority Key Identifier: keyid:A6:74:01:5D:50:9B:5D:4F:39:6E:A3:63:36:9E:9D:74:FF:AD:75:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/aHohvmZrJOOZrpMAIOpcUZD835k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.94.112.0/22 Signature Algorithm: sha256WithRSAEncryption 9b:03:96:6d:8d:42:f4:61:b3:ab:60:ad:82:89:9e:85:06:59: 66:e9:63:75:16:b6:62:c0:43:92:9b:67:a2:a8:72:2e:0e:10: cd:5a:46:c0:e1:2a:f8:08:27:46:c7:54:c3:77:c4:07:25:d9: 13:76:fb:89:f5:78:fc:3a:2c:3b:69:be:09:bf:b8:16:21:2e: f7:66:94:89:49:29:69:84:41:5f:db:5e:d6:0a:20:1a:5f:95: c3:a2:4c:6e:a7:f9:45:3d:97:a0:01:b7:20:bb:e0:2d:7c:69: 18:f9:a4:92:7e:f1:91:c5:0d:91:45:f6:01:0b:39:db:c0:20: ee:f7:33:8e:09:25:80:c2:61:d8:b4:2f:df:45:ca:17:62:51: 8b:b3:3e:6d:5f:63:bd:3b:26:1c:6d:9a:85:92:b1:59:b5:47: 2a:49:c7:66:e8:86:a8:78:ba:a3:8a:56:08:a0:d4:51:ab:66: e6:2b:2f:3e:49:f3:a3:ef:c4:fa:0e:8d:de:29:bc:2f:67:77: 96:df:17:8f:ad:0f:0d:9c:91:09:b8:9a:a5:c0:fd:00:7c:93: 6f:b0:21:85:8d:65:0c:b8:3d:97:86:fb:dd:68:b8:35:69:78: ba:c9:0e:15:d5:15:68:37:b4:12:ca:70:eb:92:5d:8a:06:ce: 11:35:ba:0d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/Ffd3LPkAmvPztksqkfpaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2NzQwMTVkNTA5YjVkNGYzOTZlYTM2MzM2OWU5ZDc0ZmZh ZDc1OTMwHhcNMjYwMTAyMTQyMTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODdhMjFiZTY2NmIyNGUzOTlhZTkzMDAyMGVhNWM1MTkwZmNkZjk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqULOM33Uuu5VbfA+bIPHrzLP6hqM Glo+fKCiv3zrYIWhjoaBqR8KLerOUoqpmp7cgKDizjT31m79mj+WkYxY92cVjQ6S gXuj+Ral01bXnyF7D+uEzc6/6i5baOed0Vko+0Vk5SkeSACbahsAjg8u/Sx05JU9 h+HdhhSHHBStGcpIAjjQCaeJHgA2N0yJi1knmlGhYh4qEAuimS24FkBEjB8Q52Cy outQHgHzj1FYV0ibe3zs2WFn+w78V5Nj/zSXe3AqxVWTK9TKflwtOSSDeUZbASOD vC74FnWOSgdnK6eJX+te0D2ZymPobU/Nhlvid82pkRp/BzZR2V9J7jRV0QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGh6Ib5mayTjma6TACDqXFGQ/N+ZMB8GA1UdIwQY MBaAFKZ0AV1Qm11POW6jYzaenXT/rXWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG5RQlhWQ2JYVTg1YnFOak5wNmRkUC10ZFpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82ODllNzAtZTM4ZC00ZmYxLWE5NzIt NDExM2Q2ODZkZDY2LzEvYUhvaHZtWnJKT09acnBNQUlPcGNVWkQ4MzVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC82ODllNzAtZTM4ZC00ZmYxLWE5NzItNDExM2Q2ODZkZDY2 LzEvcG5RQlhWQ2JYVTg1YnFOak5wNmRkUC10ZFpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV5wMA0G CSqGSIb3DQEBCwUAA4IBAQCbA5ZtjUL0YbOrYK2CiZ6FBllm6WN1FrZiwEOSm2ei qHIuDhDNWkbA4Sr4CCdGx1TDd8QHJdkTdvuJ9Xj8Oiw7ab4Jv7gWIS73ZpSJSSlp hEFf217WCiAaX5XDokxup/lFPZegAbcgu+AtfGkY+aSSfvGRxQ2RRfYBCznbwCDu 9zOOCSWAwmHYtC/fRcoXYlGLsz5tX2O9OyYcbZqFkrFZtUcqScdm6IaoeLqjilYI oNRRq2bmKy8+SfOj78T6Do3eKbwvZ3eW3xePrQ8NnJEJuJqlwP0AfJNvsCGFjWUM uD2XhvvdaLg1aXi6yQ4V1RVoN7QSynDrkl2KBs4RNboN -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:05 2026 by rpki-client