This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/tK7aGwsWXQ5Rdap_-wxkvvfxiF8.roa File: tK7aGwsWXQ5Rdap_-wxkvvfxiF8.roa (raw, json) Hash identifier: 3GlFqrtc0oVSDla+MN40U6l/NhCSaw7M/Uwru63GXMw= Subject key identifier: B4:AE:DA:1B:0B:16:5D:0E:51:75:AA:7F:FB:0C:64:BE:F7:F1:88:5F Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5 Certificate serial: 019B7BA375825C711D525D2A325A160607C7 Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/tK7aGwsWXQ5Rdap_-wxkvvfxiF8.roa Signing time: Thu 01 Jan 2026 22:17:48 +0000 ROA not before: Thu 01 Jan 2026 22:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1299 IP address blocks: 45.137.208.0/22 maxlen: 24 81.201.208.0/20 maxlen: 24 84.19.128.0/20 maxlen: 24 84.19.144.0/21 maxlen: 24 91.192.252.0/22 maxlen: 24 91.224.36.0/23 maxlen: 24 185.56.212.0/22 maxlen: 24 185.57.168.0/22 maxlen: 24 185.114.104.0/22 maxlen: 24 185.224.56.0/22 maxlen: 24 188.65.152.0/21 maxlen: 24 193.41.118.0/23 maxlen: 24 193.254.192.0/23 maxlen: 24 2a00:e900::/29 maxlen: 48 2a01:4400::/32 maxlen: 48 2a02:5120::/32 maxlen: 48 2a0b:fd80::/32 maxlen: 48 2a0b:fd81::/32 maxlen: 48 2a0b:fd82::/32 maxlen: 48 2a0b:fd87::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.mft rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:75:82:5c:71:1d:52:5d:2a:32:5a:16:06:07:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5 Validity Not Before: Jan 1 22:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b4aeda1b0b165d0e5175aa7ffb0c64bef7f1885f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:83:33:b7:ca:93:02:89:68:3a:42:3e:e1:49: b8:27:c0:67:8c:1b:5d:66:af:62:1d:99:c0:3b:ad: 36:34:50:bc:bb:be:10:04:6a:cb:b7:f2:bd:c4:40: 41:94:43:3f:5c:3d:b9:91:8f:4d:3b:e5:47:30:07: c8:a0:62:fa:0a:83:fd:30:69:19:db:a0:6a:25:e6: 4b:4d:b7:8f:93:18:a2:a0:5e:21:e9:f3:6e:64:bb: 0a:20:3b:76:d8:ce:f7:76:cf:42:68:8c:b3:af:a2: be:91:61:7c:07:bd:65:af:52:ff:5a:94:e5:c7:b5: 18:a4:09:0e:af:e9:97:31:bf:45:6b:49:1a:d0:ae: f2:a7:67:34:2c:52:25:f0:90:e8:ee:0e:4c:91:2c: bf:3e:c0:47:32:71:d3:c1:df:f4:30:99:de:56:3e: 2b:13:13:4a:07:9e:c5:40:d3:90:cf:42:85:cb:23: 71:6b:63:f8:27:1f:57:55:c7:e1:e1:1b:a6:d4:36: eb:db:f0:e0:c7:6a:00:aa:28:20:e5:c4:63:59:4f: 13:3b:74:84:b0:d6:87:d7:0d:b1:a1:4d:b4:b1:88: 53:4a:74:0b:40:b3:ab:82:9d:0e:48:fb:bd:fa:28: 7b:9a:25:83:02:7a:d1:52:85:d5:4d:44:d2:47:4d: 9f:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:AE:DA:1B:0B:16:5D:0E:51:75:AA:7F:FB:0C:64:BE:F7:F1:88:5F X509v3 Authority Key Identifier: keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/tK7aGwsWXQ5Rdap_-wxkvvfxiF8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.137.208.0/22 81.201.208.0/20 84.19.128.0-84.19.151.255 91.192.252.0/22 91.224.36.0/23 185.56.212.0/22 185.57.168.0/22 185.114.104.0/22 185.224.56.0/22 188.65.152.0/21 193.41.118.0/23 193.254.192.0/23 IPv6: 2a00:e900::/29 2a01:4400::/32 2a02:5120::/32 2a0b:fd80::-2a0b:fd82:ffff:ffff:ffff:ffff:ffff:ffff 2a0b:fd87::/32 Signature Algorithm: sha256WithRSAEncryption 90:cb:67:35:88:66:29:c6:6a:2e:c0:ab:84:bd:fb:d3:56:81: 14:61:b9:6d:80:5a:7f:78:4c:81:91:bf:eb:4e:26:74:88:33: 7a:14:52:03:33:ec:7f:cd:ba:e2:df:28:6b:4e:5a:03:7f:c7: 38:e0:09:a9:59:08:05:7e:50:c4:c3:cb:33:ed:cc:0f:ba:ed: d0:65:51:28:f0:bb:66:98:2b:a7:a6:60:3f:fa:ed:39:92:da: 2a:7d:5d:01:56:31:45:50:cc:0d:7d:75:d9:33:16:c7:62:1a: cf:e1:fd:75:cd:b0:15:2e:27:0e:0a:3e:dd:d9:33:58:1e:1c: 7b:4c:b8:bc:31:c7:af:2d:64:36:1b:bc:56:95:8a:c8:5e:aa: c7:b1:1d:0a:2c:8e:a5:77:46:3a:65:47:8c:f5:01:b7:86:7d: 40:81:50:43:40:75:96:e9:2f:2b:82:e1:4d:80:44:e6:82:f2: aa:db:84:e3:ee:cd:64:b5:71:da:6b:fa:e2:cc:87:5d:b4:1f: f4:ec:80:5d:f8:22:1f:cd:e9:a5:50:cc:06:98:17:0e:9c:1f: b4:6f:51:9e:fa:3b:0c:55:e8:00:e4:c5:d9:ea:a7:2c:bb:71: f5:6d:8d:e7:12:ce:92:b9:6b:b5:59:4d:60:9d:5f:df:d7:5e: 17:74:d1:ec -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgISAZt7o3WCXHEdUl0qMloWBgfHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj NDE1ZDUwHhcNMjYwMTAxMjIxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNGFlZGExYjBiMTY1ZDBlNTE3NWFhN2ZmYjBjNjRiZWY3ZjE4ODVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYMzt8qTAoloOkI+4Um4J8BnjBtd Zq9iHZnAO602NFC8u74QBGrLt/K9xEBBlEM/XD25kY9NO+VHMAfIoGL6CoP9MGkZ 26BqJeZLTbePkxiioF4h6fNuZLsKIDt22M73ds9CaIyzr6K+kWF8B71lr1L/WpTl x7UYpAkOr+mXMb9Fa0ka0K7yp2c0LFIl8JDo7g5MkSy/PsBHMnHTwd/0MJneVj4r ExNKB57FQNOQz0KFyyNxa2P4Jx9XVcfh4Rum1Dbr2/Dgx2oAqigg5cRjWU8TO3SE sNaH1w2xoU20sYhTSnQLQLOrgp0OSPu9+ih7miWDAnrRUoXVTUTSR02f2wIDAQAB o4ICijCCAoYwHQYDVR0OBBYEFLSu2hsLFl0OUXWqf/sMZL738YhfMB8GA1UdIwQY MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt OGZkMzk0YjUzNTdjLzEvdEs3YUd3c1dYUTVSZGFwXy13eGt2dmZ4aUY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBWBAIAATBQAwQCLYnQ AwQEUcnQMAwDBAdUE4ADBANUE5ADBAJbwPwDBAFb4CQDBAK5ONQDBAK5OagDBAK5 cmgDBAK54DgDBAO8QZgDBAHBKXYDBAHB/sAwMgQCAAIwLAMFAyoA6QADBQAqAUQA AwUAKgJRIDAOAwUHKgv9gAMFACoL/YIDBQAqC/2HMA0GCSqGSIb3DQEBCwUAA4IB AQCQy2c1iGYpxmouwKuEvfvTVoEUYbltgFp/eEyBkb/rTiZ0iDN6FFIDM+x/zbri 3yhrTloDf8c44AmpWQgFflDEw8sz7cwPuu3QZVEo8LtmmCunpmA/+u05ktoqfV0B VjFFUMwNfXXZMxbHYhrP4f11zbAVLicOCj7d2TNYHhx7TLi8McevLWQ2G7xWlYrI XqrHsR0KLI6ld0Y6ZUeM9QG3hn1AgVBDQHWW6S8rguFNgETmgvKq24Tj7s1ktXHa a/rizIddtB/07IBd+CIfzemlUMwGmBcOnB+0b1Ge+jsMVegA5MXZ6qcsu3H1bY3n Es6SuWu1WU1gnV/f114XdNHs -----END CERTIFICATE-----Generated at Wed Jan 21 07:22:15 2026 by rpki-client