This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/kuAD5Ak5tICpfFdRaA3UxwlGKQY.roa File: kuAD5Ak5tICpfFdRaA3UxwlGKQY.roa (raw, json) Hash identifier: LrGV/66Vber5csiZnP6rnRq7f8Ux68WVAZ/WZeDwWRw= Subject key identifier: 92:E0:03:E4:09:39:B4:80:A9:7C:57:51:68:0D:D4:C7:09:46:29:06 Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79 Certificate serial: 019B7AC77D6194DE5E2B07F2132114404D74 Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/kuAD5Ak5tICpfFdRaA3UxwlGKQY.roa Signing time: Thu 01 Jan 2026 18:17:32 +0000 ROA not before: Thu 01 Jan 2026 18:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62002 IP address blocks: 185.49.196.0/22 maxlen: 22 2a01:a520::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:7d:61:94:de:5e:2b:07:f2:13:21:14:40:4d:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79 Validity Not Before: Jan 1 18:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=92e003e40939b480a97c5751680dd4c709462906 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2b:ea:b0:d0:f2:f5:0b:cd:d2:d6:a7:48:7f: 13:30:f8:92:cc:d6:34:24:5c:3a:a3:b5:c9:f1:51: 8b:b6:35:73:58:2b:b7:1d:66:2c:ca:dd:ad:ef:aa: 6d:91:02:03:91:d1:8f:a3:d0:9f:7f:b8:db:68:ca: fa:ff:0d:c2:d1:24:50:85:68:49:e1:7d:94:73:bd: 92:98:e0:da:84:f1:8f:f4:0b:b8:d4:d4:63:ae:bf: 12:aa:be:31:f1:9e:c0:d6:f7:0c:a9:b6:f6:72:37: 01:21:77:ae:e7:f2:0d:37:6e:ff:65:51:ea:48:8a: 4c:72:38:86:12:f3:f8:19:1b:f9:f0:46:a7:5b:87: 26:4f:cc:a6:b4:91:9a:83:9b:99:61:1f:8b:d4:de: af:23:53:c7:59:18:95:b5:c6:8b:64:e3:d2:21:61: 14:7e:c6:8e:62:4c:c7:5e:b0:fc:c7:8f:2c:ca:f4: 35:94:37:49:e5:38:c6:d5:2d:a3:5e:a1:c3:1a:d5: e4:61:c0:20:73:3d:04:cf:dd:19:8d:b5:7b:dc:8c: 1e:52:9b:ea:1d:75:23:22:b1:a1:56:f5:5b:c4:5e: 69:b8:e6:7d:9b:c6:b2:01:db:63:8f:a5:ef:74:ff: 42:62:44:51:6c:1d:df:15:18:8c:fc:ab:b5:43:87: c1:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:E0:03:E4:09:39:B4:80:A9:7C:57:51:68:0D:D4:C7:09:46:29:06 X509v3 Authority Key Identifier: keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/kuAD5Ak5tICpfFdRaA3UxwlGKQY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.49.196.0/22 IPv6: 2a01:a520::/32 Signature Algorithm: sha256WithRSAEncryption 8d:3a:58:1a:09:43:8d:7a:e2:74:98:6a:6e:e0:9c:fe:d7:a3: 90:43:dd:d7:6b:24:a4:7b:1e:68:e2:06:85:92:fe:7d:ed:da: 0b:1b:cd:71:91:19:f1:a2:5c:14:85:53:40:25:da:8f:70:35: 9f:c4:94:2c:bd:1e:c6:98:40:70:68:42:82:87:26:25:01:95: 18:44:4d:06:78:7f:58:12:c4:dc:96:a8:e2:49:18:0b:71:71: 41:9d:b4:16:d2:eb:bb:e5:78:38:b3:63:c3:b0:2d:b1:af:e2: 1b:82:16:a2:16:9d:f0:0a:df:fd:c7:98:7d:57:c2:70:21:62: 66:d2:22:71:c6:e4:92:8c:c9:34:ed:da:7d:21:70:bf:d8:b4: 43:40:51:9e:b7:5e:e0:b1:94:0c:30:69:86:d3:32:36:0e:d6: f7:07:5a:34:53:c9:09:d4:02:91:8c:3f:c2:60:11:e7:a6:a8: cb:4b:e0:f5:96:ed:1c:ef:7f:5f:be:1a:81:9c:c2:aa:50:bb: a9:0f:e5:55:56:53:f2:52:57:e9:05:ad:34:b1:83:f2:8b:ba: 0d:d8:5f:04:63:40:d0:84:ed:23:89:1c:08:2b:50:1f:45:a9: 52:12:fa:3c:9e:8b:16:1c:ad:c8:56:a0:87:7e:9a:4a:c3:fb: 3c:00:b6:a7 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6x31hlN5eKwfyEyEUQE10MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh NWNiNzkwHhcNMjYwMTAxMTgxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MmUwMDNlNDA5MzliNDgwYTk3YzU3NTE2ODBkZDRjNzA5NDYyOTA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvivqsNDy9QvN0tanSH8TMPiSzNY0 JFw6o7XJ8VGLtjVzWCu3HWYsyt2t76ptkQIDkdGPo9Cff7jbaMr6/w3C0SRQhWhJ 4X2Uc72SmODahPGP9Au41NRjrr8Sqr4x8Z7A1vcMqbb2cjcBIXeu5/INN27/ZVHq SIpMcjiGEvP4GRv58EanW4cmT8ymtJGag5uZYR+L1N6vI1PHWRiVtcaLZOPSIWEU fsaOYkzHXrD8x48syvQ1lDdJ5TjG1S2jXqHDGtXkYcAgcz0Ez90ZjbV73IweUpvq HXUjIrGhVvVbxF5puOZ9m8ayAdtjj6XvdP9CYkRRbB3fFRiM/Ku1Q4fBawIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJLgA+QJObSAqXxXUWgN1McJRikGMB8GA1UdIwQY MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt ZjRkNjBlY2RmMmIyLzEva3VBRDVBazV0SUNwZkZkUmFBM1V4d2xHS1FZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTHEMA0E AgACMAcDBQAqAaUgMA0GCSqGSIb3DQEBCwUAA4IBAQCNOlgaCUONeuJ0mGpu4Jz+ 16OQQ93XaySkex5o4gaFkv597doLG81xkRnxolwUhVNAJdqPcDWfxJQsvR7GmEBw aEKChyYlAZUYRE0GeH9YEsTclqjiSRgLcXFBnbQW0uu75Xg4s2PDsC2xr+Ibghai Fp3wCt/9x5h9V8JwIWJm0iJxxuSSjMk07dp9IXC/2LRDQFGet17gsZQMMGmG0zI2 Dtb3B1o0U8kJ1AKRjD/CYBHnpqjLS+D1lu0c739fvhqBnMKqULupD+VVVlPyUlfp Ba00sYPyi7oN2F8EY0DQhO0jiRwIK1AfRalSEvo8nosWHK3IVqCHfppKw/s8ALan -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:12 2026 by rpki-client