This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/AI2VigvphMcZP-OcGpsre_nyh04.roa File: AI2VigvphMcZP-OcGpsre_nyh04.roa (raw, json) Hash identifier: lcvkrQR2y5zMi6IdZzEmml6YUWX+B4DMmeO8ESMgD3Y= Subject key identifier: 00:8D:95:8A:0B:E9:84:C7:19:3F:E3:9C:1A:9B:2B:7B:F9:F2:87:4E Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467 Certificate serial: 019B7C132D5F0D9C11C5744228FBEE3A7A48 Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/AI2VigvphMcZP-OcGpsre_nyh04.roa Signing time: Fri 02 Jan 2026 00:19:50 +0000 ROA not before: Fri 02 Jan 2026 00:19:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204741 IP address blocks: 85.209.72.0/22 maxlen: 22 85.209.72.0/24 maxlen: 24 85.209.73.0/24 maxlen: 24 85.209.74.0/24 maxlen: 24 85.209.75.0/24 maxlen: 24 217.76.253.0/24 maxlen: 24 217.76.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 11:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:2d:5f:0d:9c:11:c5:74:42:28:fb:ee:3a:7a:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467 Validity Not Before: Jan 2 00:19:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=008d958a0be984c7193fe39c1a9b2b7bf9f2874e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:40:f4:6c:8a:e4:6f:f9:eb:04:8e:12:45:80: 97:af:80:a5:a0:c2:79:23:22:b9:cf:0b:98:91:40: e0:fc:88:eb:4f:d1:23:9e:b1:7f:22:93:2a:c2:32: 54:de:ed:ca:fb:af:45:54:64:63:ca:24:e7:cc:55: d3:cd:c5:12:6f:ef:42:14:d8:b1:3c:ce:28:e1:df: 70:f5:74:4e:33:35:21:20:6c:5f:05:75:90:2d:71: a6:14:90:f5:42:71:ca:36:4b:63:72:b7:d7:68:80: 36:b1:59:9d:d2:21:1e:b9:e5:d7:c9:c9:f9:86:91: 21:a3:b2:c4:9a:f1:84:fc:95:44:be:98:15:f0:17: 4f:f9:21:2b:4a:d7:75:8c:f5:99:fd:d5:2c:df:71: f0:fb:48:70:d4:50:9a:da:29:73:83:5b:18:ac:ab: d9:17:61:77:a9:16:d7:89:b1:42:b2:a9:5c:bb:89: 95:ad:1f:34:1f:70:4b:6e:d0:68:4b:95:69:1e:04: b1:89:63:f0:a4:d2:ea:49:7f:bd:a7:04:1f:28:0d: b6:f9:79:c4:f7:de:1f:b6:8a:81:52:3e:f9:dd:50: 5b:e5:b7:39:35:8d:24:96:f6:c3:2c:6b:9a:07:e0: 7a:e7:bd:37:91:c9:ad:89:6d:42:fb:b3:bd:14:9c: ad:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:8D:95:8A:0B:E9:84:C7:19:3F:E3:9C:1A:9B:2B:7B:F9:F2:87:4E X509v3 Authority Key Identifier: keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/AI2VigvphMcZP-OcGpsre_nyh04.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.209.72.0/22 217.76.253.0-217.76.254.255 Signature Algorithm: sha256WithRSAEncryption 00:11:00:78:70:39:5b:9a:2d:ac:e9:8c:15:0a:c0:5d:4d:e0: 13:95:65:8e:7c:d6:2a:8a:6a:0e:d4:e3:90:72:cf:37:ee:a6: 03:93:9f:38:88:c1:08:21:aa:46:95:32:bf:e4:32:7a:bc:58: 73:2c:1c:78:0b:77:48:28:62:0c:ea:6b:67:ca:7e:b1:c1:56: 84:2e:9d:26:84:2c:1c:f5:4c:e2:44:fc:b4:85:af:38:d0:2e: d9:13:9a:f7:bb:67:28:e6:6d:d5:fc:8e:f4:52:11:37:73:9f: 5c:23:6e:5e:a4:79:2c:29:0b:21:ae:27:2e:19:5a:06:0f:cd: e0:0c:79:f1:f3:7f:81:a1:9f:b5:ec:94:e8:6a:2e:b0:16:39: 24:e8:e5:ee:89:fe:53:aa:67:9e:cf:7a:9b:8f:96:76:f1:8b: 5c:a5:3d:11:a3:ed:bf:79:8c:42:74:67:a5:44:84:63:88:0c: ea:29:90:76:a6:b6:6b:f3:9e:76:0b:b2:ef:45:fd:e7:c8:05: 4e:93:5d:2c:0b:47:81:24:e5:33:c5:a5:f9:c5:ce:be:68:ea: 07:07:8f:1a:66:eb:69:c8:72:7e:e3:ca:c2:a3:bb:60:0f:cd: de:03:b3:5c:ff:71:a0:c3:64:7c:e5:2a:ab:56:04:4b:13:77: 07:a7:2d:84 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt8Ey1fDZwRxXRCKPvuOnpIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy N2E0NjcwHhcNMjYwMTAyMDAxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMDhkOTU4YTBiZTk4NGM3MTkzZmUzOWMxYTliMmI3YmY5ZjI4NzRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUD0bIrkb/nrBI4SRYCXr4CloMJ5 IyK5zwuYkUDg/IjrT9EjnrF/IpMqwjJU3u3K+69FVGRjyiTnzFXTzcUSb+9CFNix PM4o4d9w9XROMzUhIGxfBXWQLXGmFJD1QnHKNktjcrfXaIA2sVmd0iEeueXXycn5 hpEho7LEmvGE/JVEvpgV8BdP+SErStd1jPWZ/dUs33Hw+0hw1FCa2ilzg1sYrKvZ F2F3qRbXibFCsqlcu4mVrR80H3BLbtBoS5VpHgSxiWPwpNLqSX+9pwQfKA22+XnE 994ftoqBUj753VBb5bc5NY0klvbDLGuaB+B65703kcmtiW1C+7O9FJyt+wIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFACNlYoL6YTHGT/jnBqbK3v58odOMB8GA1UdIwQY MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt Y2Q3ZTA2Y2JiNTMxLzEvQUkyVmlndnBoTWNaUC1PY0dwc3JlX255aDA0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCVdFIMAwD BADZTP0DBADZTP4wDQYJKoZIhvcNAQELBQADggEBAAARAHhwOVuaLazpjBUKwF1N 4BOVZY581iqKag7U45ByzzfupgOTnziIwQghqkaVMr/kMnq8WHMsHHgLd0goYgzq a2fKfrHBVoQunSaELBz1TOJE/LSFrzjQLtkTmve7ZyjmbdX8jvRSETdzn1wjbl6k eSwpCyGuJy4ZWgYPzeAMefHzf4Ghn7XslOhqLrAWOSTo5e6J/lOqZ57PepuPlnbx i1ylPRGj7b95jEJ0Z6VEhGOIDOopkHamtmvznnYLsu9F/efIBU6TXSwLR4Ek5TPF pfnFzr5o6gcHjxpm62nIcn7jysKju2APzd4Ds1z/caDDZHzlKqtWBEsTdwenLYQ= -----END CERTIFICATE-----Generated at Fri Jan 23 21:36:23 2026 by rpki-client