This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/z8XoAnZ03V47t1hOY-uk-3tN8U0.roa File: z8XoAnZ03V47t1hOY-uk-3tN8U0.roa (raw, json) Hash identifier: UcF6sy8hP78bQQegH3qIsA5LxH0dzQkKTfxUjWedo7w= Subject key identifier: CF:C5:E8:02:76:74:DD:5E:3B:B7:58:4E:63:EB:A4:FB:7B:4D:F1:4D Certificate issuer: /CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486 Certificate serial: 019B7C80A28E7FFF39885066CE6AD2AE364D Authority key identifier: 32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/z8XoAnZ03V47t1hOY-uk-3tN8U0.roa Signing time: Fri 02 Jan 2026 02:19:23 +0000 ROA not before: Fri 02 Jan 2026 02:19:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199139 IP address blocks: 5.172.216.0/21 maxlen: 21 185.64.192.0/22 maxlen: 22 185.122.152.0/22 maxlen: 22 2a02:f600::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.mft rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:a2:8e:7f:ff:39:88:50:66:ce:6a:d2:ae:36:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486 Validity Not Before: Jan 2 02:19:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cfc5e8027674dd5e3bb7584e63eba4fb7b4df14d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:f4:2a:d9:85:b3:7d:50:09:63:13:b5:5b:bf: e0:95:a8:b4:20:88:c1:1b:4f:40:88:f1:ac:f0:05: 11:e6:ec:18:5e:65:15:41:2f:2d:40:4d:d5:95:aa: 93:41:a2:a9:49:cf:69:5b:69:83:ac:84:63:b2:86: a5:c9:6e:c8:bc:ea:09:4b:6a:48:7b:7c:a0:d8:48: 88:d5:a9:de:ab:f0:fc:82:24:16:8c:73:7e:8b:b9: 7d:42:7f:16:4d:25:ec:dc:4c:3b:dc:87:7b:33:85: 25:35:46:63:d9:7c:a0:ae:ec:80:c2:03:31:41:24: 20:81:97:56:90:1f:55:d3:ed:4d:8e:80:2f:ce:a6: c9:ff:98:5e:6b:43:80:a3:2e:3b:f8:9d:23:55:8a: d2:ed:7a:07:eb:81:ed:8c:dd:67:23:44:c6:c9:94: 8f:32:f0:3f:a4:df:71:04:0e:31:8b:55:3b:74:de: 60:c5:f4:a5:9e:95:7e:f1:57:b0:e6:3e:de:4e:3d: 9a:56:6f:d4:87:92:2a:6b:c4:fb:52:64:c1:a8:cf: 2a:2d:ec:d7:7f:e3:b3:7b:cf:1b:1e:c4:91:f9:7e: 6d:47:30:c5:a4:f3:58:0a:7a:c2:98:8b:1c:7b:ce: fc:51:d7:d2:a1:d8:5d:bf:e4:55:8b:58:64:44:b8: 50:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:C5:E8:02:76:74:DD:5E:3B:B7:58:4E:63:EB:A4:FB:7B:4D:F1:4D X509v3 Authority Key Identifier: keyid:32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/z8XoAnZ03V47t1hOY-uk-3tN8U0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.172.216.0/21 185.64.192.0/22 185.122.152.0/22 IPv6: 2a02:f600::/29 Signature Algorithm: sha256WithRSAEncryption 9b:69:71:b8:fb:f7:04:da:97:59:94:f7:5b:aa:df:52:4c:08: b1:bc:32:bd:dc:ba:eb:24:ea:ab:59:1a:32:50:00:6b:bb:3b: d1:42:22:11:08:47:91:2d:37:d2:cd:ff:7b:77:2f:3f:9c:43: 9a:89:50:b4:db:d7:12:fb:45:b2:19:9e:2b:d0:87:e2:07:3d: 56:70:ff:0f:d8:c2:31:dd:1c:98:9a:ba:ff:3b:04:57:4b:81: 5c:00:3a:3f:07:60:5a:8d:84:ce:79:fb:fa:39:13:23:dd:65: b2:d3:34:aa:03:08:45:f0:8d:b0:50:ed:dd:5e:36:d1:3c:ee: c0:db:76:4c:49:a3:f1:98:aa:f9:18:09:98:85:d3:8b:e8:b0: 06:f6:eb:56:24:12:74:7d:c5:4b:03:d4:fa:04:64:13:61:67: cd:fe:7b:cb:db:5f:c9:96:92:8e:8d:3f:6b:7a:22:e6:21:a8: bc:b5:90:5f:70:f2:eb:a9:72:b8:a4:c2:9c:f5:12:12:61:59: 39:00:5a:59:51:fb:59:5b:19:9a:5d:07:79:b3:85:47:57:45: 04:7f:19:9e:73:5a:72:70:ab:35:53:12:e8:c4:bf:b3:eb:97: b2:11:9c:34:c4:43:d6:d7:e9:8e:2d:ff:e7:20:94:48:f4:9d: 22:1e:5a:8d -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt8gKKOf/85iFBmzmrSrjZNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyM2FiNWJhOThiZWY1ZDBkOWJkMGNlYTAzMWExZmUxMzc3 N2E0ODYwHhcNMjYwMTAyMDIxOTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZmM1ZTgwMjc2NzRkZDVlM2JiNzU4NGU2M2ViYTRmYjdiNGRmMTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvQq2YWzfVAJYxO1W7/glai0IIjB G09AiPGs8AUR5uwYXmUVQS8tQE3VlaqTQaKpSc9pW2mDrIRjsoalyW7IvOoJS2pI e3yg2EiI1aneq/D8giQWjHN+i7l9Qn8WTSXs3Ew73Id7M4UlNUZj2XygruyAwgMx QSQggZdWkB9V0+1NjoAvzqbJ/5hea0OAoy47+J0jVYrS7XoH64HtjN1nI0TGyZSP MvA/pN9xBA4xi1U7dN5gxfSlnpV+8Vew5j7eTj2aVm/Uh5Iqa8T7UmTBqM8qLezX f+Oze88bHsSR+X5tRzDFpPNYCnrCmIsce878UdfSodhdv+RVi1hkRLhQIwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFM/F6AJ2dN1eO7dYTmPrpPt7TfFNMB8GA1UdIwQY MBaAFDI6tbqYvvXQ2b0M6gMaH+E3d6SGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQt Zjk1MTI0OTllMDVjLzEvejhYb0FuWjAzVjQ3dDFoT1ktdWstM3ROOFUwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQtZjk1MTI0OTllMDVj LzEvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBazYAwQC uUDAAwQCuXqYMA0EAgACMAcDBQMqAvYAMA0GCSqGSIb3DQEBCwUAA4IBAQCbaXG4 +/cE2pdZlPdbqt9STAixvDK93LrrJOqrWRoyUABruzvRQiIRCEeRLTfSzf97dy8/ nEOaiVC029cS+0WyGZ4r0IfiBz1WcP8P2MIx3RyYmrr/OwRXS4FcADo/B2BajYTO efv6ORMj3WWy0zSqAwhF8I2wUO3dXjbRPO7A23ZMSaPxmKr5GAmYhdOL6LAG9utW JBJ0fcVLA9T6BGQTYWfN/nvL21/JlpKOjT9reiLmIai8tZBfcPLrqXK4pMKc9RIS YVk5AFpZUftZWxmaXQd5s4VHV0UEfxmec1pycKs1UxLoxL+z65eyEZw0xEPW1+mO Lf/nIJRI9J0iHlqN -----END CERTIFICATE-----Generated at Tue Feb 10 05:48:49 2026 by rpki-client