This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/33ZsgU5AHkIb_3u_7p6IlSFFgCg.roa File: 33ZsgU5AHkIb_3u_7p6IlSFFgCg.roa (raw, json) Hash identifier: baStD7TfXhuGuW8n2xQfJJOjFkibkZZVuX/gIDwnSdY= Subject key identifier: DF:76:6C:81:4E:40:1E:42:1B:FF:7B:BF:EE:9E:88:95:21:45:80:28 Certificate issuer: /CN=8829792e3ff21fc35827f68a78c8050015c66a72 Certificate serial: 019C03CDE277DDC529DD7D59F613AA30D9F3 Authority key identifier: 88:29:79:2E:3F:F2:1F:C3:58:27:F6:8A:78:C8:05:00:15:C6:6A:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iCl5Lj_yH8NYJ_aKeMgFABXGanI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/33ZsgU5AHkIb_3u_7p6IlSFFgCg.roa Signing time: Wed 28 Jan 2026 08:52:30 +0000 ROA not before: Wed 28 Jan 2026 08:52:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13009 IP address blocks: 192.166.136.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/iCl5Lj_yH8NYJ_aKeMgFABXGanI.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/iCl5Lj_yH8NYJ_aKeMgFABXGanI.mft rsync://rpki.ripe.net/repository/DEFAULT/iCl5Lj_yH8NYJ_aKeMgFABXGanI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:03:cd:e2:77:dd:c5:29:dd:7d:59:f6:13:aa:30:d9:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8829792e3ff21fc35827f68a78c8050015c66a72 Validity Not Before: Jan 28 08:52:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=df766c814e401e421bff7bbfee9e889521458028 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:cd:db:05:2f:60:05:6e:e0:42:05:92:f5:b8: 37:1e:f8:8e:cf:01:6c:49:c2:55:1d:37:69:95:41: cd:89:37:b1:77:64:7b:f4:2a:05:4c:2b:31:de:26: 6b:14:39:ed:e6:d0:55:43:64:e8:2d:3c:8b:54:bd: 5e:57:7a:2e:f3:72:49:bf:52:98:51:fa:bd:5a:46: 11:ff:1b:22:7d:df:47:aa:70:ee:a5:7d:3e:b6:8a: b8:ce:45:a6:eb:a9:d8:63:ee:9f:da:fd:4f:50:ba: 0c:56:9a:98:99:d2:27:40:ad:19:53:5f:e3:c4:83: e7:2b:2c:dd:ea:19:12:34:c8:7e:8a:82:59:69:5a: ac:75:d6:9c:00:8e:6b:c9:b5:29:f0:ce:4d:3f:7b: c3:6b:e1:c0:f0:8a:bc:1c:31:61:b7:e8:c3:ce:3f: 6a:83:b4:32:b6:43:ba:cf:72:50:b9:0e:9b:e1:06: 0f:75:b2:03:8c:2c:05:b0:53:32:51:cc:26:6e:f7: 91:ef:53:cc:10:c1:7d:9a:a0:e9:67:ae:1d:c8:dd: 0a:25:72:40:57:66:81:c7:95:c6:97:7f:4a:f6:7e: 51:81:bf:6a:ee:25:82:07:44:74:e1:ef:72:7a:e9: 96:36:b7:d9:25:66:55:03:c1:d2:c9:be:f8:2b:0c: 98:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:76:6C:81:4E:40:1E:42:1B:FF:7B:BF:EE:9E:88:95:21:45:80:28 X509v3 Authority Key Identifier: keyid:88:29:79:2E:3F:F2:1F:C3:58:27:F6:8A:78:C8:05:00:15:C6:6A:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iCl5Lj_yH8NYJ_aKeMgFABXGanI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/33ZsgU5AHkIb_3u_7p6IlSFFgCg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/iCl5Lj_yH8NYJ_aKeMgFABXGanI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.166.136.0/24 Signature Algorithm: sha256WithRSAEncryption 25:6d:77:3c:19:bc:26:d9:7b:18:32:e2:98:9c:89:7a:08:80: 34:31:cc:7d:2e:25:11:5a:9d:f1:2c:15:d2:f1:a5:9f:f5:cc: 44:96:ab:d1:df:97:a4:33:90:b6:37:d1:30:7f:7c:14:3f:82: ba:26:cf:6b:eb:14:b6:c7:05:2e:7e:44:d3:46:ba:db:b4:80: d1:2d:85:cf:2e:8b:32:57:c2:6f:d4:47:7b:f9:7a:e7:14:52: 30:f6:36:87:ec:08:75:8f:fa:d4:83:f9:64:04:51:22:4f:73: cf:7f:0f:4c:50:35:c8:04:42:21:5f:7c:1b:96:23:d2:93:38: b7:71:bf:e2:e7:50:22:a6:16:70:40:28:5e:04:b3:f8:cb:9e: f4:19:6a:a9:06:33:80:f1:b0:04:3d:45:3d:7d:41:70:d0:e8: d3:1d:81:fe:4f:8c:42:44:65:f8:af:b4:47:74:1c:d6:5a:4e: c7:4d:0e:96:e8:24:ae:c3:e2:08:8a:62:c2:c0:19:59:58:34: e9:8c:ca:e4:98:f9:90:be:b5:74:e4:f4:ad:22:8d:4e:a6:00: b1:fc:b7:7c:1f:96:89:f2:63:da:16:da:17:0c:e9:0f:68:8a: f2:3b:87:ea:b6:17:33:79:0c:07:af:a6:11:87:cd:a3:b1:1b: c3:e9:d1:12 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZwDzeJ33cUp3X1Z9hOqMNnzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4Mjk3OTJlM2ZmMjFmYzM1ODI3ZjY4YTc4YzgwNTAwMTVj NjZhNzIwHhcNMjYwMTI4MDg1MjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZjc2NmM4MTRlNDAxZTQyMWJmZjdiYmZlZTllODg5NTIxNDU4MDI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps3bBS9gBW7gQgWS9bg3HviOzwFs ScJVHTdplUHNiTexd2R79CoFTCsx3iZrFDnt5tBVQ2ToLTyLVL1eV3ou83JJv1KY Ufq9WkYR/xsifd9HqnDupX0+toq4zkWm66nYY+6f2v1PULoMVpqYmdInQK0ZU1/j xIPnKyzd6hkSNMh+ioJZaVqsddacAI5rybUp8M5NP3vDa+HA8Iq8HDFht+jDzj9q g7QytkO6z3JQuQ6b4QYPdbIDjCwFsFMyUcwmbveR71PMEMF9mqDpZ64dyN0KJXJA V2aBx5XGl39K9n5Rgb9q7iWCB0R04e9yeumWNrfZJWZVA8HSyb74KwyY6QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFN92bIFOQB5CG/97v+6eiJUhRYAoMB8GA1UdIwQY MBaAFIgpeS4/8h/DWCf2injIBQAVxmpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUNsNUxqX3lIOE5ZSl9hS2VNZ0ZBQlhHYW5JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC82ZjM4NWUtN2ZlMS00OWFkLTgxZmIt MTg4MmY0YzI3NmNkLzEvMzNac2dVNUFIa0liXzN1XzdwNklsU0ZGZ0NnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC82ZjM4NWUtN2ZlMS00OWFkLTgxZmItMTg4MmY0YzI3NmNk LzEvaUNsNUxqX3lIOE5ZSl9hS2VNZ0ZBQlhHYW5JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKaIMA0G CSqGSIb3DQEBCwUAA4IBAQAlbXc8Gbwm2XsYMuKYnIl6CIA0Mcx9LiURWp3xLBXS 8aWf9cxElqvR35ekM5C2N9Ewf3wUP4K6Js9r6xS2xwUufkTTRrrbtIDRLYXPLosy V8Jv1Ed7+XrnFFIw9jaH7Ah1j/rUg/lkBFEiT3PPfw9MUDXIBEIhX3wbliPSkzi3 cb/i51AiphZwQCheBLP4y570GWqpBjOA8bAEPUU9fUFw0OjTHYH+T4xCRGX4r7RH dBzWWk7HTQ6W6CSuw+IIimLCwBlZWDTpjMrkmPmQvrV05PStIo1OpgCx/Ld8H5aJ 8mPaFtoXDOkPaIryO4fqthczeQwHr6YRh82jsRvD6dES -----END CERTIFICATE-----Generated at Tue Feb 10 07:11:19 2026 by rpki-client