This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/B0kj7SdwSZWmEU9GKPX-vqJAVao.roa File: B0kj7SdwSZWmEU9GKPX-vqJAVao.roa (raw, json) Hash identifier: UN4l73RmEx8CBEkdPrS/+GtzsuSkIQeGfMIfQBPpbKI= Subject key identifier: 07:49:23:ED:27:70:49:95:A6:11:4F:46:28:F5:FE:BE:A2:40:55:AA Certificate issuer: /CN=671cd071dc960bdc829b0be7e34b6b61cf8b0b1e Certificate serial: 019C0B2661827746C48E8606FD1BD178BC7B Authority key identifier: 67:1C:D0:71:DC:96:0B:DC:82:9B:0B:E7:E3:4B:6B:61:CF:8B:0B:1E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZxzQcdyWC9yCmwvn40trYc-LCx4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/B0kj7SdwSZWmEU9GKPX-vqJAVao.roa Signing time: Thu 29 Jan 2026 19:06:30 +0000 ROA not before: Thu 29 Jan 2026 19:06:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13335 IP address blocks: 152.55.156.0/24 maxlen: 24 152.55.157.0/24 maxlen: 24 2a04:9ec7:440::/42 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/ZxzQcdyWC9yCmwvn40trYc-LCx4.crl rsync://rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/ZxzQcdyWC9yCmwvn40trYc-LCx4.mft rsync://rpki.ripe.net/repository/DEFAULT/ZxzQcdyWC9yCmwvn40trYc-LCx4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:0b:26:61:82:77:46:c4:8e:86:06:fd:1b:d1:78:bc:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=671cd071dc960bdc829b0be7e34b6b61cf8b0b1e Validity Not Before: Jan 29 19:06:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=074923ed27704995a6114f4628f5febea24055aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:7a:82:ba:e6:8c:16:f0:8e:d3:79:1d:06:cd: 4b:07:fc:f3:a5:7f:7d:84:d6:30:c2:3b:c1:85:c0: 9e:ce:1d:06:5d:41:10:df:79:b9:ee:68:e0:5d:8e: bd:ba:1a:dd:8f:4d:fb:12:ff:9a:0a:1d:79:9c:87: 30:41:6b:31:ef:00:da:0c:e2:2e:2d:dd:16:eb:3f: 32:16:7d:65:4e:f7:40:e3:ad:0e:19:df:1f:f0:29: 0c:1e:7f:86:84:da:0d:eb:d9:ca:64:39:da:d3:42: 4e:0b:0d:d5:6a:f0:63:e5:94:d6:d8:d3:e5:26:11: 32:92:ac:ca:5b:e7:8c:e5:49:6f:89:b8:10:97:81: 4e:3d:a9:20:39:a4:f2:62:99:88:ed:92:91:1f:19: 24:94:3b:85:24:d2:5d:bd:30:63:82:ec:8b:c6:7a: 49:74:01:db:16:63:46:2a:5d:a7:df:09:14:3b:a1: 7a:3e:9c:f0:b6:a6:f8:3a:7a:39:3e:ff:d7:f1:f4: 22:4e:da:92:79:64:d5:c3:be:26:05:a8:3a:35:64: a7:d1:36:26:f2:85:9b:b9:78:a8:82:70:6f:17:d0: ac:b5:b1:f9:56:1c:c4:d6:45:80:fb:42:8d:78:ec: 4a:d3:05:34:c4:0c:54:e2:25:cb:2c:5a:b1:4b:db: 32:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:49:23:ED:27:70:49:95:A6:11:4F:46:28:F5:FE:BE:A2:40:55:AA X509v3 Authority Key Identifier: keyid:67:1C:D0:71:DC:96:0B:DC:82:9B:0B:E7:E3:4B:6B:61:CF:8B:0B:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZxzQcdyWC9yCmwvn40trYc-LCx4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/B0kj7SdwSZWmEU9GKPX-vqJAVao.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/35a9a6-60cd-4f24-8ef0-7dc69430d352/1/ZxzQcdyWC9yCmwvn40trYc-LCx4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.55.156.0/23 IPv6: 2a04:9ec7:440::/42 Signature Algorithm: sha256WithRSAEncryption a0:22:79:8a:74:42:c9:d7:34:b9:bd:76:86:d3:4e:e0:96:44: 0f:89:ed:ae:0c:e3:2c:16:7f:0c:94:ec:1d:cc:6f:43:5a:52: a3:93:1f:f2:a1:5f:51:24:27:b1:0b:02:7f:ef:b1:5d:35:89: f2:ce:bb:69:00:5b:37:56:06:e5:d4:fb:31:94:0e:a1:16:0e: 00:fc:be:f0:14:eb:3a:ea:0d:b8:a4:96:66:d6:bb:4f:70:df: cf:9c:a9:9e:e1:14:ad:04:fe:90:b8:b1:d4:6e:61:23:d3:5d: cd:9f:8c:af:ed:fa:f3:67:35:ad:7b:af:40:fd:2d:48:9f:51: 71:75:f2:a1:d8:70:85:ec:bd:b6:5d:e2:6e:cb:5b:ef:fd:9b: 1f:66:08:30:1f:b1:74:a5:f0:d2:3d:67:4d:14:24:8f:57:9a: 68:a8:6f:96:a4:9a:de:25:8c:09:ba:33:11:c2:ad:ad:bc:12: 6b:87:a0:5b:e4:73:71:54:35:5c:00:f0:35:65:3d:ff:08:a6: bd:ba:8b:ec:e9:3d:d8:cb:6b:1a:f2:7e:35:f1:58:5f:ea:cb: 3a:5a:fb:4f:94:3d:4e:88:9d:36:a6:64:78:89:20:18:ea:a4: 45:79:35:9d:16:2b:28:9c:f8:50:6b:20:f5:bb:b6:34:02:57: c0:6e:b8:cd -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZwLJmGCd0bEjoYG/RvReLx7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3MWNkMDcxZGM5NjBiZGM4MjliMGJlN2UzNGI2YjYxY2Y4 YjBiMWUwHhcNMjYwMTI5MTkwNjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNzQ5MjNlZDI3NzA0OTk1YTYxMTRmNDYyOGY1ZmViZWEyNDA1NWFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33qCuuaMFvCO03kdBs1LB/zzpX99 hNYwwjvBhcCezh0GXUEQ33m57mjgXY69uhrdj037Ev+aCh15nIcwQWsx7wDaDOIu Ld0W6z8yFn1lTvdA460OGd8f8CkMHn+GhNoN69nKZDna00JOCw3VavBj5ZTW2NPl JhEykqzKW+eM5UlvibgQl4FOPakgOaTyYpmI7ZKRHxkklDuFJNJdvTBjguyLxnpJ dAHbFmNGKl2n3wkUO6F6Ppzwtqb4Ono5Pv/X8fQiTtqSeWTVw74mBag6NWSn0TYm 8oWbuXiognBvF9CstbH5VhzE1kWA+0KNeOxK0wU0xAxU4iXLLFqxS9syZwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFAdJI+0ncEmVphFPRij1/r6iQFWqMB8GA1UdIwQY MBaAFGcc0HHclgvcgpsL5+NLa2HPiwseMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnh6UWNkeVdDOXlDbXd2bjQwdHJZYy1MQ3g0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zNWE5YTYtNjBjZC00ZjI0LThlZjAt N2RjNjk0MzBkMzUyLzEvQjBrajdTZHdTWldtRVU5R0tQWC12cUpBVmFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS8zNWE5YTYtNjBjZC00ZjI0LThlZjAtN2RjNjk0MzBkMzUy LzEvWnh6UWNkeVdDOXlDbXd2bjQwdHJZYy1MQ3g0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBmDecMA8E AgACMAkDBwYqBJ7HBEAwDQYJKoZIhvcNAQELBQADggEBAKAieYp0QsnXNLm9dobT TuCWRA+J7a4M4ywWfwyU7B3Mb0NaUqOTH/KhX1EkJ7ELAn/vsV01ifLOu2kAWzdW BuXU+zGUDqEWDgD8vvAU6zrqDbiklmbWu09w38+cqZ7hFK0E/pC4sdRuYSPTXc2f jK/t+vNnNa17r0D9LUifUXF18qHYcIXsvbZd4m7LW+/9mx9mCDAfsXSl8NI9Z00U JI9Xmmiob5akmt4ljAm6MxHCra28EmuHoFvkc3FUNVwA8DVlPf8Ipr26i+zpPdjL axryfjXxWF/qyzpa+0+UPU6InTamZHiJIBjqpEV5NZ0WKyic+FBrIPW7tjQCV8Bu uM0= -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:23 2026 by rpki-client