This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/kDZBEQd8X8a6Ri4ZiMRV4xIBI1A.roa File: kDZBEQd8X8a6Ri4ZiMRV4xIBI1A.roa (raw, json) Hash identifier: 9Rhl7lYUjCGs1lO+wHeAjgtYn9ueEyqs2vyMjVj9JvM= Subject key identifier: 90:36:41:11:07:7C:5F:C6:BA:46:2E:19:88:C4:55:E3:12:01:23:50 Certificate issuer: /CN=6f3d89a81fc299f39c092e4f6d0173a9a9cfbc65 Certificate serial: 019B797E165F7956C81265ACAF675E331E16 Authority key identifier: 6F:3D:89:A8:1F:C2:99:F3:9C:09:2E:4F:6D:01:73:A9:A9:CF:BC:65 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bz2JqB_CmfOcCS5PbQFzqanPvGU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/kDZBEQd8X8a6Ri4ZiMRV4xIBI1A.roa Signing time: Thu 01 Jan 2026 12:17:44 +0000 ROA not before: Thu 01 Jan 2026 12:17:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16024 IP address blocks: 46.28.32.0/21 maxlen: 24 149.232.184.0/22 maxlen: 24 149.232.190.0/23 maxlen: 24 149.232.244.0/22 maxlen: 24 149.232.248.0/22 maxlen: 24 156.67.56.0/23 maxlen: 23 156.67.56.0/24 maxlen: 24 156.67.57.0/24 maxlen: 24 185.47.232.0/22 maxlen: 24 185.159.32.0/22 maxlen: 24 217.70.160.0/20 maxlen: 24 217.70.161.0/24 maxlen: 26 217.70.161.128/26 maxlen: 26 217.70.161.192/26 maxlen: 26 217.70.162.0/24 maxlen: 24 217.70.167.0/24 maxlen: 24 217.70.172.0/24 maxlen: 24 2a02:1670::/29 maxlen: 32 2a02:1670::/32 maxlen: 32 2a02:1671::/32 maxlen: 32 2a02:1672::/32 maxlen: 32 2a02:1673::/32 maxlen: 32 2a02:1674::/32 maxlen: 32 2a02:1675::/32 maxlen: 32 2a02:1676::/32 maxlen: 32 2a02:1677::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/bz2JqB_CmfOcCS5PbQFzqanPvGU.crl rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/bz2JqB_CmfOcCS5PbQFzqanPvGU.mft rsync://rpki.ripe.net/repository/DEFAULT/bz2JqB_CmfOcCS5PbQFzqanPvGU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:16:5f:79:56:c8:12:65:ac:af:67:5e:33:1e:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f3d89a81fc299f39c092e4f6d0173a9a9cfbc65 Validity Not Before: Jan 1 12:17:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90364111077c5fc6ba462e1988c455e312012350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:62:3a:16:1a:61:7a:93:c2:7e:09:d8:a2:8d: 81:6a:15:f4:8a:e3:89:ac:04:a2:d3:1a:50:c5:66: 0f:20:76:03:c7:04:c3:b4:e3:d9:48:ba:95:a5:1b: fe:f8:c8:4a:62:05:08:be:51:0f:b8:fb:6a:41:67: 06:27:1d:d6:70:e7:b6:c7:d4:ef:b4:4d:c5:51:0f: 06:16:84:0b:9c:fb:25:2f:1a:ea:bc:60:f7:2e:d1: 02:20:63:af:41:69:3f:27:a3:12:5c:51:5f:a6:48: 8a:cf:3a:91:77:d9:7c:06:a6:a7:e9:f1:79:9f:b0: 20:14:75:2b:df:f0:e7:2b:b5:17:09:d7:8c:76:de: 25:e5:49:81:e9:45:a5:86:9d:52:63:1b:1b:5b:0c: 0c:33:d5:19:48:2c:ec:d0:70:c2:20:a9:42:5d:22: a6:65:35:ff:ef:b9:3b:3a:23:79:cb:50:7c:ab:18: 59:76:ff:8b:64:5e:10:0e:3f:4a:f2:56:ba:b8:94: 61:be:ee:a4:8c:b1:6d:7c:82:f7:39:d0:bc:8f:0a: 5d:ff:ce:b0:54:cf:dc:d6:3d:81:37:45:c4:3c:b6: e4:25:70:18:4d:4a:a6:93:5f:58:a9:7a:36:cf:f2: 85:a5:83:30:e6:38:68:15:9f:0d:33:31:75:df:ba: 2d:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:36:41:11:07:7C:5F:C6:BA:46:2E:19:88:C4:55:E3:12:01:23:50 X509v3 Authority Key Identifier: keyid:6F:3D:89:A8:1F:C2:99:F3:9C:09:2E:4F:6D:01:73:A9:A9:CF:BC:65 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bz2JqB_CmfOcCS5PbQFzqanPvGU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/kDZBEQd8X8a6Ri4ZiMRV4xIBI1A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/bz2JqB_CmfOcCS5PbQFzqanPvGU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.28.32.0/21 149.232.184.0/22 149.232.190.0/23 149.232.244.0-149.232.251.255 156.67.56.0/23 185.47.232.0/22 185.159.32.0/22 217.70.160.0/20 IPv6: 2a02:1670::/29 Signature Algorithm: sha256WithRSAEncryption 7d:f8:80:f0:58:e6:62:86:35:55:88:db:c9:aa:a5:5a:c9:36: 2d:7b:f9:55:c9:5b:1c:b7:95:4b:36:e8:7f:fe:2e:bc:68:b0: c4:a7:58:c5:48:3f:b1:11:77:ae:2a:ab:22:5a:08:f5:ef:8d: 3f:ec:89:ea:17:e8:1a:18:9a:47:1f:7e:f0:14:03:91:b1:80: bf:d0:be:6c:fb:ce:27:cc:17:a2:f7:24:cf:13:dd:7e:5b:29: fd:be:ea:75:ba:27:9a:bd:21:56:27:1b:7f:34:98:1c:0b:76: e0:ae:9f:9a:d7:b0:ec:82:73:6e:9f:b0:cb:40:97:c0:53:e4: 4c:1a:0f:18:b3:e2:bf:a6:77:38:48:5f:9d:19:f8:ac:3c:d3: f6:03:e3:74:e4:41:0c:8b:93:2e:53:73:24:52:e4:ab:2d:15: 2b:60:e6:14:fd:f1:0a:95:d3:7e:64:88:91:9b:e4:95:61:78: 7c:c6:4e:96:01:4d:65:de:de:27:54:52:3f:80:16:f5:82:fb: 37:b6:a1:c2:11:8f:14:12:b3:97:43:4f:25:99:33:7f:a8:1f: 66:92:20:f7:ab:34:c1:54:23:c0:2e:36:94:f0:85:55:67:3a: 8d:a2:be:99:96:8a:2b:d4:31:d8:99:df:11:6c:af:a8:f7:ea: 3a:ad:e4:e5 -----BEGIN CERTIFICATE----- MIIFPjCCBCagAwIBAgISAZt5fhZfeVbIEmWsr2deMx4WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmM2Q4OWE4MWZjMjk5ZjM5YzA5MmU0ZjZkMDE3M2E5YTlj ZmJjNjUwHhcNMjYwMTAxMTIxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDM2NDExMTA3N2M1ZmM2YmE0NjJlMTk4OGM0NTVlMzEyMDEyMzUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGI6FhphepPCfgnYoo2BahX0iuOJ rASi0xpQxWYPIHYDxwTDtOPZSLqVpRv++MhKYgUIvlEPuPtqQWcGJx3WcOe2x9Tv tE3FUQ8GFoQLnPslLxrqvGD3LtECIGOvQWk/J6MSXFFfpkiKzzqRd9l8Bqan6fF5 n7AgFHUr3/DnK7UXCdeMdt4l5UmB6UWlhp1SYxsbWwwMM9UZSCzs0HDCIKlCXSKm ZTX/77k7OiN5y1B8qxhZdv+LZF4QDj9K8la6uJRhvu6kjLFtfIL3OdC8jwpd/86w VM/c1j2BN0XEPLbkJXAYTUqmk19YqXo2z/KFpYMw5jhoFZ8NMzF137ot0wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJA2QREHfF/GukYuGYjEVeMSASNQMB8GA1UdIwQY MBaAFG89iagfwpnznAkuT20Bc6mpz7xlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYnoySnFCX0NtZk9jQ1M1UGJRRnpxYW5QdkdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8wNWUwZWUtYWUwMy00MTI0LWI2NzAt MzA5YjdiOTYwZDE0LzEva0RaQkVRZDhYOGE2Umk0WmlNUlY0eElCSTFBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni8wNWUwZWUtYWUwMy00MTI0LWI2NzAtMzA5YjdiOTYwZDE0 LzEvYnoySnFCX0NtZk9jQ1M1UGJRRnpxYW5QdkdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQDLhwgAwQC lei4AwQBlei+MAwDBAKV6PQDBAKV6PgDBAGcQzgDBAK5L+gDBAK5nyADBATZRqAw DQQCAAIwBwMFAyoCFnAwDQYJKoZIhvcNAQELBQADggEBAH34gPBY5mKGNVWI28mq pVrJNi17+VXJWxy3lUs26H/+LrxosMSnWMVIP7ERd64qqyJaCPXvjT/sieoX6BoY mkcffvAUA5GxgL/Qvmz7zifMF6L3JM8T3X5bKf2+6nW6J5q9IVYnG380mBwLduCu n5rXsOyCc26fsMtAl8BT5EwaDxiz4r+mdzhIX50Z+Kw80/YD43TkQQyLky5TcyRS 5KstFStg5hT98QqV035kiJGb5JVheHzGTpYBTWXe3idUUj+AFvWC+ze2ocIRjxQS s5dDTyWZM3+oH2aSIPerNMFUI8AuNpTwhVVnOo2ivpmWiivUMdiZ3xFsr6j36jqt 5OU= -----END CERTIFICATE-----Generated at Tue Feb 10 00:08:23 2026 by rpki-client