This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/436Hd-S_BVnAB9wLmGOzp-XnSjg.roa File: 436Hd-S_BVnAB9wLmGOzp-XnSjg.roa (raw, json) Hash identifier: llw/o1VUWMw1Xmtw7UPct5EjQN+vJpnFvT25Me1d82w= Subject key identifier: E3:7E:87:77:E4:BF:05:59:C0:07:DC:0B:98:63:B3:A7:E5:E7:4A:38 Certificate issuer: /CN=8cd9d61f83e0d7e8308a6cde4dd315dd75756c03 Certificate serial: 019B77588EFABFB316B22FA5C3492823C155 Authority key identifier: 8C:D9:D6:1F:83:E0:D7:E8:30:8A:6C:DE:4D:D3:15:DD:75:75:6C:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNnWH4Pg1-gwimzeTdMV3XV1bAM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/436Hd-S_BVnAB9wLmGOzp-XnSjg.roa Signing time: Thu 01 Jan 2026 02:17:31 +0000 ROA not before: Thu 01 Jan 2026 02:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205493 IP address blocks: 185.215.192.0/22 maxlen: 22 2a0b:ad40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/jNnWH4Pg1-gwimzeTdMV3XV1bAM.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/jNnWH4Pg1-gwimzeTdMV3XV1bAM.mft rsync://rpki.ripe.net/repository/DEFAULT/jNnWH4Pg1-gwimzeTdMV3XV1bAM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:8e:fa:bf:b3:16:b2:2f:a5:c3:49:28:23:c1:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8cd9d61f83e0d7e8308a6cde4dd315dd75756c03 Validity Not Before: Jan 1 02:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e37e8777e4bf0559c007dc0b9863b3a7e5e74a38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:11:35:67:cb:05:29:7f:e9:e3:80:43:50:6b: f2:b8:96:05:9d:6f:45:39:40:26:74:12:f1:43:be: cb:a5:2c:c8:cb:1c:ca:10:3e:50:29:dd:e5:96:84: 58:52:1e:7a:3d:56:85:99:02:74:0d:91:cf:46:b3: 77:82:80:9e:76:f8:90:73:df:b3:d0:3d:62:ad:ca: 1f:fc:64:21:cc:f3:3d:c7:37:90:3f:ec:64:b8:8b: 09:19:a7:03:dc:2e:07:9c:c2:f9:ab:dc:37:1f:0b: d2:62:09:3b:84:71:8c:d1:6f:9e:8b:5f:f7:b7:7f: 57:19:2f:56:93:24:fc:d7:88:dd:fe:1a:47:0b:95: a0:05:d6:73:91:ca:01:be:15:70:04:ce:c3:e0:e4: 20:31:31:88:0c:1c:bf:60:e1:fe:91:a5:ce:cf:ce: 50:9a:b7:fc:ad:eb:0d:96:a7:f8:e5:c1:03:b1:af: f9:de:35:e4:66:39:49:9f:74:cb:38:29:68:41:b0: 4c:75:c6:bf:ba:a3:14:8b:bf:70:05:64:af:dd:dd: ca:b1:d3:0d:bf:c6:5c:de:f8:3b:c3:75:f5:f6:14: b4:89:71:db:46:63:86:97:07:21:e9:fe:21:d5:86: 6e:7d:54:88:ca:28:cb:49:f6:57:91:79:e2:bd:ed: b2:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:7E:87:77:E4:BF:05:59:C0:07:DC:0B:98:63:B3:A7:E5:E7:4A:38 X509v3 Authority Key Identifier: keyid:8C:D9:D6:1F:83:E0:D7:E8:30:8A:6C:DE:4D:D3:15:DD:75:75:6C:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNnWH4Pg1-gwimzeTdMV3XV1bAM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/436Hd-S_BVnAB9wLmGOzp-XnSjg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/jNnWH4Pg1-gwimzeTdMV3XV1bAM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.215.192.0/22 IPv6: 2a0b:ad40::/29 Signature Algorithm: sha256WithRSAEncryption 5e:9d:60:1c:f4:73:4a:1c:d5:dc:7c:80:90:ea:da:99:54:48: 06:37:6b:76:38:c4:78:32:3f:b3:fb:4e:99:bb:2f:60:cf:b4: 34:8b:8a:03:a2:b1:12:4f:21:94:e3:39:c7:f2:b5:5c:1f:85: 7a:61:a2:80:02:8f:6a:e1:2a:49:a6:a0:fc:a7:f2:3d:c0:cb: 8e:45:b5:47:bc:c0:0f:17:22:03:34:13:e0:95:f3:49:42:91: c6:12:08:5e:d5:d2:06:15:14:57:3f:1c:21:94:c9:60:76:bb: e6:d5:09:74:5a:de:3d:b3:37:65:9b:41:b5:ee:d7:69:15:ca: 1a:f0:4e:6c:21:9a:6c:7d:b8:d1:d4:82:1c:31:2f:3c:f0:fb: 22:0e:05:69:ce:18:a1:64:16:93:76:07:c0:17:7b:54:df:9e: de:2e:6e:0a:3a:0e:af:82:59:75:11:09:03:68:90:12:e0:6d: 00:10:38:d8:a6:6e:19:7d:ad:39:71:55:02:b7:7b:44:05:48: b2:68:f3:86:32:02:59:9a:bc:1e:59:a2:d4:58:91:5d:e0:78: 2f:58:88:93:6d:98:92:ba:b3:91:84:2a:72:55:b6:e1:96:55: 44:cd:ef:98:db:06:24:22:74:8d:59:a8:29:fa:27:1b:81:d0: 0d:0c:67:73 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3WI76v7MWsi+lw0koI8FVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhjZDlkNjFmODNlMGQ3ZTgzMDhhNmNkZTRkZDMxNWRkNzU3 NTZjMDMwHhcNMjYwMTAxMDIxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMzdlODc3N2U0YmYwNTU5YzAwN2RjMGI5ODYzYjNhN2U1ZTc0YTM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hE1Z8sFKX/p44BDUGvyuJYFnW9F OUAmdBLxQ77LpSzIyxzKED5QKd3lloRYUh56PVaFmQJ0DZHPRrN3goCedviQc9+z 0D1ircof/GQhzPM9xzeQP+xkuIsJGacD3C4HnML5q9w3HwvSYgk7hHGM0W+ei1/3 t39XGS9WkyT814jd/hpHC5WgBdZzkcoBvhVwBM7D4OQgMTGIDBy/YOH+kaXOz85Q mrf8resNlqf45cEDsa/53jXkZjlJn3TLOCloQbBMdca/uqMUi79wBWSv3d3KsdMN v8Zc3vg7w3X19hS0iXHbRmOGlwch6f4h1YZufVSIyijLSfZXkXnive2yRQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFON+h3fkvwVZwAfcC5hjs6fl50o4MB8GA1UdIwQY MBaAFIzZ1h+D4NfoMIps3k3TFd11dWwDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvak5uV0g0UGcxLWd3aW16ZVRkTVYzWFYxYkFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84NmM5NDYtMTRjYi00OTM1LTg4ZTMt ZDJkNTc4NDNhMjdkLzEvNDM2SGQtU19CVm5BQjl3TG1HT3pwLVhuU2pnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS84NmM5NDYtMTRjYi00OTM1LTg4ZTMtZDJkNTc4NDNhMjdk LzEvak5uV0g0UGcxLWd3aW16ZVRkTVYzWFYxYkFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudfAMA0E AgACMAcDBQMqC61AMA0GCSqGSIb3DQEBCwUAA4IBAQBenWAc9HNKHNXcfICQ6tqZ VEgGN2t2OMR4Mj+z+06Zuy9gz7Q0i4oDorESTyGU4znH8rVcH4V6YaKAAo9q4SpJ pqD8p/I9wMuORbVHvMAPFyIDNBPglfNJQpHGEghe1dIGFRRXPxwhlMlgdrvm1Ql0 Wt49szdlm0G17tdpFcoa8E5sIZpsfbjR1IIcMS888PsiDgVpzhihZBaTdgfAF3tU 357eLm4KOg6vgll1EQkDaJAS4G0AEDjYpm4Zfa05cVUCt3tEBUiyaPOGMgJZmrwe WaLUWJFd4HgvWIiTbZiSurORhCpyVbbhllVEze+Y2wYkInSNWagp+icbgdANDGdz -----END CERTIFICATE-----Generated at Tue Feb 10 07:11:47 2026 by rpki-client