This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/faa50f-4de1-4d1c-b803-19bf7810961b/1/gCdkelcku20UE3AgB6eQSuQOOYY.roa File: gCdkelcku20UE3AgB6eQSuQOOYY.roa (raw, json) Hash identifier: dJjFIayFe8nzFROO5Sz7ye6wsmq4p85VT0pjVrRuHPw= Subject key identifier: 80:27:64:7A:57:24:BB:6D:14:13:70:20:07:A7:90:4A:E4:0E:39:86 Certificate issuer: /CN=9d8c08f4ad8fead371da3e7c02b6cfd689fca5ba Certificate serial: 019B7F8262D51B01DE0D31742DCCA9992A30 Authority key identifier: 9D:8C:08:F4:AD:8F:EA:D3:71:DA:3E:7C:02:B6:CF:D6:89:FC:A5:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nYwI9K2P6tNx2j58ArbP1on8pbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/faa50f-4de1-4d1c-b803-19bf7810961b/1/gCdkelcku20UE3AgB6eQSuQOOYY.roa Signing time: Fri 02 Jan 2026 16:20:09 +0000 ROA not before: Fri 02 Jan 2026 16:20:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210391 IP address blocks: 185.147.252.0/24 maxlen: 24 185.147.254.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/faa50f-4de1-4d1c-b803-19bf7810961b/1/nYwI9K2P6tNx2j58ArbP1on8pbo.crl rsync://rpki.ripe.net/repository/DEFAULT/86/faa50f-4de1-4d1c-b803-19bf7810961b/1/nYwI9K2P6tNx2j58ArbP1on8pbo.mft rsync://rpki.ripe.net/repository/DEFAULT/nYwI9K2P6tNx2j58ArbP1on8pbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:62:d5:1b:01:de:0d:31:74:2d:cc:a9:99:2a:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d8c08f4ad8fead371da3e7c02b6cfd689fca5ba Validity Not Before: Jan 2 16:20:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8027647a5724bb6d1413702007a7904ae40e3986 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:29:1e:be:ed:d2:d3:31:e9:6b:d6:5b:cc:36: 8b:61:10:4a:b9:fe:27:a8:f7:9f:4b:74:5a:72:33: 39:f6:28:6a:4b:7b:57:41:eb:61:dc:1e:26:4c:77: b7:39:10:2f:c7:bc:bb:53:85:1b:b3:7e:f2:5b:bc: e7:91:03:b6:17:8f:2b:35:a4:08:30:ca:0b:6a:a4: 8e:ca:90:0a:06:c7:19:4c:13:cb:17:47:57:33:04: 7e:d8:c7:11:b0:66:53:5f:4f:7d:6f:c9:22:07:1a: 02:d0:ee:0e:c6:d8:71:1b:82:00:7a:d2:50:f8:1e: 45:59:8a:f6:56:48:dc:e8:90:f4:0b:55:a0:52:e1: e9:8c:42:ac:b7:71:49:03:01:18:54:cd:05:27:56: f5:b7:4c:bf:c5:11:e6:55:44:75:c4:32:1d:1c:ef: 4d:38:b8:aa:07:1e:16:28:d0:65:91:51:74:69:fd: 80:e7:bc:de:32:c7:be:87:c8:53:f7:db:17:bc:d6: 8e:0a:94:89:fb:9c:43:ca:ae:58:b9:c8:43:ca:ed: fd:25:a6:02:b4:80:cb:3d:e2:1b:a8:16:cb:71:4c: 7a:a6:8b:2d:c5:c4:74:ec:4a:34:e0:58:fe:b4:fb: 6b:bf:79:0d:10:d8:3c:d0:67:73:de:1b:f9:a8:0e: 9c:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:27:64:7A:57:24:BB:6D:14:13:70:20:07:A7:90:4A:E4:0E:39:86 X509v3 Authority Key Identifier: keyid:9D:8C:08:F4:AD:8F:EA:D3:71:DA:3E:7C:02:B6:CF:D6:89:FC:A5:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nYwI9K2P6tNx2j58ArbP1on8pbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/faa50f-4de1-4d1c-b803-19bf7810961b/1/gCdkelcku20UE3AgB6eQSuQOOYY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/faa50f-4de1-4d1c-b803-19bf7810961b/1/nYwI9K2P6tNx2j58ArbP1on8pbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.147.252.0/24 185.147.254.0/23 Signature Algorithm: sha256WithRSAEncryption 92:7c:d6:3f:c7:da:bc:5e:f3:b3:5e:81:35:b9:5b:e2:8c:ba: 18:72:cd:a3:f9:2a:73:87:d1:f8:7e:7f:0c:65:d6:e8:0b:52: be:6b:d3:a8:e5:98:3a:df:c0:cb:32:b2:82:ef:95:4f:7d:4c: fb:7c:94:21:b1:3e:38:43:c4:1c:e9:df:bf:b7:de:5d:d3:83: 84:65:6f:1e:c4:a2:ff:be:28:6c:05:31:30:c2:dc:17:31:95: c9:09:6d:d0:35:d1:43:a6:66:ca:4d:94:ef:c3:2e:a9:05:37: a7:b2:4d:f8:37:4a:5c:02:ab:51:98:68:42:53:17:e1:ff:2e: 96:07:e4:09:04:21:c0:89:88:55:21:25:75:18:65:09:6f:91: 0c:45:58:a4:63:9c:76:18:af:c0:bb:bf:61:9e:e4:d4:85:87: 3b:37:63:c8:e5:ea:14:ca:a3:7d:0c:64:24:e3:ce:5e:97:65: e7:c5:d9:d7:6c:58:1c:0e:69:48:de:f2:cc:39:ef:57:73:e6: a3:ff:1d:d8:d0:a7:f6:d2:c9:2c:65:5f:5f:61:04:04:c9:92: 29:08:a3:64:03:ce:92:2f:4d:a5:53:67:94:64:ba:1e:81:91: 67:76:ed:c0:1f:05:7a:17:12:94:b8:89:d2:7a:3a:5d:4d:7c: 55:18:de:72 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/gmLVGwHeDTF0LcypmSowMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkOGMwOGY0YWQ4ZmVhZDM3MWRhM2U3YzAyYjZjZmQ2ODlm Y2E1YmEwHhcNMjYwMTAyMTYyMDA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MDI3NjQ3YTU3MjRiYjZkMTQxMzcwMjAwN2E3OTA0YWU0MGUzOTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmikevu3S0zHpa9ZbzDaLYRBKuf4n qPefS3RacjM59ihqS3tXQeth3B4mTHe3ORAvx7y7U4Ubs37yW7znkQO2F48rNaQI MMoLaqSOypAKBscZTBPLF0dXMwR+2McRsGZTX099b8kiBxoC0O4OxthxG4IAetJQ +B5FWYr2Vkjc6JD0C1WgUuHpjEKst3FJAwEYVM0FJ1b1t0y/xRHmVUR1xDIdHO9N OLiqBx4WKNBlkVF0af2A57zeMse+h8hT99sXvNaOCpSJ+5xDyq5YuchDyu39JaYC tIDLPeIbqBbLcUx6postxcR07Eo04Fj+tPtrv3kNENg80Gdz3hv5qA6chQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIAnZHpXJLttFBNwIAenkErkDjmGMB8GA1UdIwQY MBaAFJ2MCPStj+rTcdo+fAK2z9aJ/KW6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbll3STlLMlA2dE54Mmo1OEFyYlAxb244cGJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9mYWE1MGYtNGRlMS00ZDFjLWI4MDMt MTliZjc4MTA5NjFiLzEvZ0Nka2VsY2t1MjBVRTNBZ0I2ZVFTdVFPT1lZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni9mYWE1MGYtNGRlMS00ZDFjLWI4MDMtMTliZjc4MTA5NjFi LzEvbll3STlLMlA2dE54Mmo1OEFyYlAxb244cGJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZP8AwQB uZP+MA0GCSqGSIb3DQEBCwUAA4IBAQCSfNY/x9q8XvOzXoE1uVvijLoYcs2j+Spz h9H4fn8MZdboC1K+a9Oo5Zg638DLMrKC75VPfUz7fJQhsT44Q8Qc6d+/t95d04OE ZW8exKL/vihsBTEwwtwXMZXJCW3QNdFDpmbKTZTvwy6pBTensk34N0pcAqtRmGhC Uxfh/y6WB+QJBCHAiYhVISV1GGUJb5EMRVikY5x2GK/Au79hnuTUhYc7N2PI5eoU yqN9DGQk485el2XnxdnXbFgcDmlI3vLMOe9Xc+aj/x3Y0Kf20sksZV9fYQQEyZIp CKNkA86SL02lU2eUZLoegZFndu3AHwV6FxKUuInSejpdTXxVGN5y -----END CERTIFICATE-----Generated at Tue Feb 10 01:44:17 2026 by rpki-client