This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/WzRet8BPQE7hHPbXacLmO7SiZQY.roa File: WzRet8BPQE7hHPbXacLmO7SiZQY.roa (raw, json) Hash identifier: 8OW+tZB8QSJAXoc3gAJHryL1S+WtKxchs/UGWCOw1wk= Subject key identifier: 5B:34:5E:B7:C0:4F:40:4E:E1:1C:F6:D7:69:C2:E6:3B:B4:A2:65:06 Certificate issuer: /CN=494d0eaf80250ab8248989be71a4039718d6935a Certificate serial: 019B7DC9A7DC91CBD40819E6D9D227FC0296 Authority key identifier: 49:4D:0E:AF:80:25:0A:B8:24:89:89:BE:71:A4:03:97:18:D6:93:5A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SU0Or4AlCrgkiYm-caQDlxjWk1o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/WzRet8BPQE7hHPbXacLmO7SiZQY.roa Signing time: Fri 02 Jan 2026 08:18:46 +0000 ROA not before: Fri 02 Jan 2026 08:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42275 IP address blocks: 85.208.68.0/22 maxlen: 24 2a09:8340::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/SU0Or4AlCrgkiYm-caQDlxjWk1o.crl rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/SU0Or4AlCrgkiYm-caQDlxjWk1o.mft rsync://rpki.ripe.net/repository/DEFAULT/SU0Or4AlCrgkiYm-caQDlxjWk1o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:a7:dc:91:cb:d4:08:19:e6:d9:d2:27:fc:02:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=494d0eaf80250ab8248989be71a4039718d6935a Validity Not Before: Jan 2 08:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5b345eb7c04f404ee11cf6d769c2e63bb4a26506 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:27:71:57:12:2f:68:09:cb:36:fe:0b:52:bd: 63:db:69:ce:a6:22:5f:e7:83:14:5f:9e:c0:f0:d2: a3:b0:f7:61:88:a7:6b:af:d0:4b:a6:3c:86:40:fd: 00:1e:a7:9c:9f:61:be:30:7d:98:0e:ee:c6:b4:06: 62:b9:9c:3c:93:63:d1:dc:9d:41:69:36:7d:8c:c8: 92:c5:49:41:f9:4d:b1:c1:46:f0:ba:62:ce:b2:38: ce:f8:df:ec:19:2a:6b:0b:83:75:84:aa:51:48:91: 47:ff:4a:7a:23:16:15:a0:75:8f:27:be:99:79:64: 7b:17:d5:7b:31:68:de:57:64:16:b7:45:d2:92:9e: 48:bf:aa:81:a8:00:f5:2f:8e:ea:70:2e:a9:8f:9c: cf:ea:e8:88:82:3d:ef:cb:13:ce:dc:28:46:05:e7: 03:cb:8b:75:95:06:8f:2c:32:03:0d:41:20:e7:76: db:bf:b1:43:c5:6d:8c:c0:d6:f9:bd:1a:96:2f:ec: d6:d3:fe:19:05:24:87:84:56:d8:69:ff:74:b7:c5: 4f:8a:c2:0e:de:63:41:a6:93:ab:f9:98:10:15:f0: 91:ab:e8:50:0c:29:91:37:a2:9e:ce:a0:d8:f1:d7: 64:d3:60:50:cd:18:61:7b:cb:5c:32:05:32:6e:6b: fa:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:34:5E:B7:C0:4F:40:4E:E1:1C:F6:D7:69:C2:E6:3B:B4:A2:65:06 X509v3 Authority Key Identifier: keyid:49:4D:0E:AF:80:25:0A:B8:24:89:89:BE:71:A4:03:97:18:D6:93:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SU0Or4AlCrgkiYm-caQDlxjWk1o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/WzRet8BPQE7hHPbXacLmO7SiZQY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/SU0Or4AlCrgkiYm-caQDlxjWk1o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.208.68.0/22 IPv6: 2a09:8340::/29 Signature Algorithm: sha256WithRSAEncryption 44:83:91:fe:b2:62:b7:8d:54:95:d5:7d:f9:77:07:79:58:15: 56:4b:99:57:ab:13:1c:22:d5:b6:c8:03:20:18:b3:3d:1c:c7: 74:a3:e6:0d:7d:82:35:01:77:4a:8d:61:6c:cc:73:bb:70:f8: 8e:4d:69:7d:58:91:f6:43:81:8d:db:9b:34:c9:0e:33:2f:42: dc:45:bc:97:67:1e:73:05:09:a4:af:b6:d1:a8:3c:a7:cd:dc: df:17:79:66:c3:2a:6c:d1:3a:83:83:fb:b3:99:1d:37:e6:84: be:bf:23:40:94:78:05:cc:10:c4:a2:bb:df:54:6b:d5:ad:67: 95:0f:db:46:fa:91:de:d7:20:b5:57:21:75:f9:f8:dd:54:f6: 88:f8:8d:1a:dc:44:52:fb:28:ab:50:42:1f:d3:4f:46:92:23: 5d:49:d1:60:75:54:2c:60:c8:3a:06:34:9d:1f:2c:6a:5c:99: 40:ab:69:38:a0:bf:a4:a4:50:f0:4f:62:fb:65:85:cd:76:90: 5f:1a:19:93:74:c3:b9:16:e2:35:c8:5e:5d:7d:e2:c8:2c:0d: 60:0b:9e:d1:66:12:48:d0:da:8e:b0:9f:ab:47:31:ed:5e:bf: 5b:a9:4c:f2:4b:b5:d6:03:74:29:61:14:04:74:39:b2:94:c5: 19:0c:04:54 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9yafckcvUCBnm2dIn/AKWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5NGQwZWFmODAyNTBhYjgyNDg5ODliZTcxYTQwMzk3MThk NjkzNWEwHhcNMjYwMTAyMDgxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YjM0NWViN2MwNGY0MDRlZTExY2Y2ZDc2OWMyZTYzYmI0YTI2NTA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzidxVxIvaAnLNv4LUr1j22nOpiJf 54MUX57A8NKjsPdhiKdrr9BLpjyGQP0AHqecn2G+MH2YDu7GtAZiuZw8k2PR3J1B aTZ9jMiSxUlB+U2xwUbwumLOsjjO+N/sGSprC4N1hKpRSJFH/0p6IxYVoHWPJ76Z eWR7F9V7MWjeV2QWt0XSkp5Iv6qBqAD1L47qcC6pj5zP6uiIgj3vyxPO3ChGBecD y4t1lQaPLDIDDUEg53bbv7FDxW2MwNb5vRqWL+zW0/4ZBSSHhFbYaf90t8VPisIO 3mNBppOr+ZgQFfCRq+hQDCmRN6KezqDY8ddk02BQzRhhe8tcMgUybmv6pQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFFs0XrfAT0BO4Rz212nC5ju0omUGMB8GA1UdIwQY MBaAFElNDq+AJQq4JImJvnGkA5cY1pNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1UwT3I0QWxDcmdraVltLWNhUURseGpXazFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jODg1NTUtYWJiNy00YjEwLWFiNjQt MTljNTQyN2U0MTZmLzEvV3pSZXQ4QlBRRTdoSFBiWGFjTG1PN1NpWlFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZS9jODg1NTUtYWJiNy00YjEwLWFiNjQtMTljNTQyN2U0MTZm LzEvU1UwT3I0QWxDcmdraVltLWNhUURseGpXazFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdBEMA0E AgACMAcDBQMqCYNAMA0GCSqGSIb3DQEBCwUAA4IBAQBEg5H+smK3jVSV1X35dwd5 WBVWS5lXqxMcItW2yAMgGLM9HMd0o+YNfYI1AXdKjWFszHO7cPiOTWl9WJH2Q4GN 25s0yQ4zL0LcRbyXZx5zBQmkr7bRqDynzdzfF3lmwyps0TqDg/uzmR035oS+vyNA lHgFzBDEorvfVGvVrWeVD9tG+pHe1yC1VyF1+fjdVPaI+I0a3ERS+yirUEIf009G kiNdSdFgdVQsYMg6BjSdHyxqXJlAq2k4oL+kpFDwT2L7ZYXNdpBfGhmTdMO5FuI1 yF5dfeLILA1gC57RZhJI0NqOsJ+rRzHtXr9bqUzyS7XWA3QpYRQEdDmylMUZDARU -----END CERTIFICATE-----Generated at Mon Feb 9 21:25:12 2026 by rpki-client