This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/z8lBi3aAEOzIA4rjFoQW2NBYnGI.roa File: z8lBi3aAEOzIA4rjFoQW2NBYnGI.roa (raw, json) Hash identifier: WkLdmUjUmDG0OM0nogJaG3cgrVGCp28qMqMnj28ytDQ= Subject key identifier: CF:C9:41:8B:76:80:10:EC:C8:03:8A:E3:16:84:16:D8:D0:58:9C:62 Certificate issuer: /CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9 Certificate serial: 019B76EAD9CE67C31971F354DBD0DC99E509 Authority key identifier: FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/z8lBi3aAEOzIA4rjFoQW2NBYnGI.roa Signing time: Thu 01 Jan 2026 00:17:41 +0000 ROA not before: Thu 01 Jan 2026 00:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47352 IP address blocks: 185.1.236.0/24 maxlen: 24 2001:7f8:126::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.mft rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:d9:ce:67:c3:19:71:f3:54:db:d0:dc:99:e5:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9 Validity Not Before: Jan 1 00:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cfc9418b768010ecc8038ae3168416d8d0589c62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:48:63:62:ae:fe:4e:f5:e4:9a:bf:b1:04:c8: c3:24:33:e1:a8:85:86:25:c5:f5:22:b2:f5:9d:27: c7:76:9b:3d:52:92:50:45:78:19:06:67:4b:bb:67: bd:4c:f0:f9:1b:61:9c:20:98:33:94:f5:6a:b8:83: 28:55:6a:ec:1a:d8:25:0c:97:7d:a6:d1:5f:d5:83: 58:e3:d3:1e:4b:a8:44:cb:c0:90:b7:db:f5:05:48: b2:e1:1f:62:74:6c:69:f2:7a:d8:50:0a:4e:e3:54: 14:87:e9:3c:cc:4b:b5:8d:03:a9:d3:48:36:4d:a7: c6:a0:ce:23:fc:2e:00:75:f7:93:e6:20:c0:04:1b: 73:bd:91:31:84:b6:ed:73:87:16:3b:87:71:cf:9e: 6f:ba:e7:ae:39:45:c5:39:3e:8f:84:88:78:a0:2a: 97:06:55:d4:64:e0:c7:1d:50:76:94:3b:e9:09:d6: fa:d7:66:5b:13:84:a4:14:3a:bf:b2:6a:62:c6:b2: 95:c0:33:95:e5:de:db:9e:f5:05:ce:ae:32:6f:44: 9c:fa:c5:38:b8:28:60:d3:99:16:c6:2b:10:88:06: 22:db:23:e4:81:4e:c0:44:18:f8:07:b5:25:75:01: 85:17:bd:ee:f4:cb:b6:7e:31:ea:74:43:f0:cc:bb: 27:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:C9:41:8B:76:80:10:EC:C8:03:8A:E3:16:84:16:D8:D0:58:9C:62 X509v3 Authority Key Identifier: keyid:FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/z8lBi3aAEOzIA4rjFoQW2NBYnGI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.1.236.0/24 IPv6: 2001:7f8:126::/48 Signature Algorithm: sha256WithRSAEncryption a8:1f:06:4c:4e:f1:8c:cb:ea:36:09:ad:36:20:81:d1:69:2e: a2:32:82:5b:f0:14:2a:2a:0c:dc:a6:b6:4c:37:7e:dd:2e:a1: b1:7c:12:dd:af:99:8c:15:da:15:24:c9:e5:89:4e:ad:f1:de: 0a:b4:7e:7a:21:99:44:e1:e7:5d:1d:d6:cd:3b:c6:7d:91:d8: 04:33:78:d2:b3:4c:22:c2:43:ff:7d:56:00:f2:53:89:1a:f5: ad:11:e4:38:08:52:27:c8:ef:95:ce:61:b2:52:a6:7a:24:4b: a0:9c:b4:24:ce:01:0a:98:30:15:07:57:1d:ed:93:fe:64:c5: 77:27:23:64:f9:d4:32:3d:98:4b:d8:43:63:d2:43:b6:5a:b7: 02:5c:42:18:c2:d2:51:3e:62:13:c6:df:94:cf:3f:8c:b8:3f: 04:4f:cd:8c:db:3b:d3:ad:74:18:e7:38:e2:66:bb:2b:d1:a9: 8a:83:9a:71:27:25:90:dd:26:6b:11:fe:ab:ef:db:d8:ba:4c: 71:e8:64:27:c3:35:3d:5a:73:01:64:be:7a:8f:ec:d0:c1:43: e8:8b:cc:fe:59:ef:98:39:7c:5b:08:d9:f5:95:53:16:af:aa: 89:2c:66:19:e0:ce:98:d9:94:a2:11:0a:73:15:ee:40:0e:37: 64:e0:61:32 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt26tnOZ8MZcfNU29DcmeUJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmNjk4ZWViMmU0OWZjYjVmOWM2NWE5OTg1N2FmMjljZTA2 NjQxZDkwHhcNMjYwMTAxMDAxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZmM5NDE4Yjc2ODAxMGVjYzgwMzhhZTMxNjg0MTZkOGQwNTg5YzYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0hjYq7+TvXkmr+xBMjDJDPhqIWG JcX1IrL1nSfHdps9UpJQRXgZBmdLu2e9TPD5G2GcIJgzlPVquIMoVWrsGtglDJd9 ptFf1YNY49MeS6hEy8CQt9v1BUiy4R9idGxp8nrYUApO41QUh+k8zEu1jQOp00g2 TafGoM4j/C4AdfeT5iDABBtzvZExhLbtc4cWO4dxz55vuueuOUXFOT6PhIh4oCqX BlXUZODHHVB2lDvpCdb612ZbE4SkFDq/smpixrKVwDOV5d7bnvUFzq4yb0Sc+sU4 uChg05kWxisQiAYi2yPkgU7ARBj4B7UldQGFF73u9Mu2fjHqdEPwzLsnPQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFM/JQYt2gBDsyAOK4xaEFtjQWJxiMB8GA1UdIwQY MBaAFP9pjusuSfy1+cZamYV68pzgZkHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4Mzkt NTdjZDY4ZDljYjRlLzEvejhsQmkzYUFFT3pJQTRyakZvUVcyTkJZbkdJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4MzktNTdjZDY4ZDljYjRl LzEvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQHsMA8E AgACMAkDBwAgAQf4ASYwDQYJKoZIhvcNAQELBQADggEBAKgfBkxO8YzL6jYJrTYg gdFpLqIyglvwFCoqDNymtkw3ft0uobF8Et2vmYwV2hUkyeWJTq3x3gq0fnohmUTh 510d1s07xn2R2AQzeNKzTCLCQ/99VgDyU4ka9a0R5DgIUifI75XOYbJSpnokS6Cc tCTOAQqYMBUHVx3tk/5kxXcnI2T51DI9mEvYQ2PSQ7ZatwJcQhjC0lE+YhPG35TP P4y4PwRPzYzbO9OtdBjnOOJmuyvRqYqDmnEnJZDdJmsR/qvv29i6THHoZCfDNT1a cwFkvnqP7NDBQ+iLzP5Z75g5fFsI2fWVUxavqoksZhngzpjZlKIRCnMV7kAON2Tg YTI= -----END CERTIFICATE-----Generated at Tue Jan 27 09:55:34 2026 by rpki-client