This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/61db4e-3efc-462d-ab1f-e590e6b4cd0e/1/aeMqOjfotVxQU7L_71TE5A4rNWU.roa File: aeMqOjfotVxQU7L_71TE5A4rNWU.roa (raw, json) Hash identifier: gZnRYvhPdhuDLwx6E5z6j8fKe+fAGfafgA+jlQbEpfM= Subject key identifier: 69:E3:2A:3A:37:E8:B5:5C:50:53:B2:FF:EF:54:C4:E4:0E:2B:35:65 Certificate issuer: /CN=e11ce6b7dd9a6ac0b324ba5ad873b0af46a392d4 Certificate serial: 019B7EA7255881EFFA4FDEFB8CFD2FF610AF Authority key identifier: E1:1C:E6:B7:DD:9A:6A:C0:B3:24:BA:5A:D8:73:B0:AF:46:A3:92:D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Rzmt92aasCzJLpa2HOwr0ajktQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/61db4e-3efc-462d-ab1f-e590e6b4cd0e/1/aeMqOjfotVxQU7L_71TE5A4rNWU.roa Signing time: Fri 02 Jan 2026 12:20:41 +0000 ROA not before: Fri 02 Jan 2026 12:20:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215047 IP address blocks: 185.218.225.0/24 maxlen: 24 2a14:5fc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/61db4e-3efc-462d-ab1f-e590e6b4cd0e/1/4Rzmt92aasCzJLpa2HOwr0ajktQ.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/61db4e-3efc-462d-ab1f-e590e6b4cd0e/1/4Rzmt92aasCzJLpa2HOwr0ajktQ.mft rsync://rpki.ripe.net/repository/DEFAULT/4Rzmt92aasCzJLpa2HOwr0ajktQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:25:58:81:ef:fa:4f:de:fb:8c:fd:2f:f6:10:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e11ce6b7dd9a6ac0b324ba5ad873b0af46a392d4 Validity Not Before: Jan 2 12:20:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69e32a3a37e8b55c5053b2ffef54c4e40e2b3565 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:81:c1:a2:7f:7a:1a:de:43:1b:4e:f5:34:b4:9b: 2f:d3:43:fa:2a:5c:d0:d4:80:e4:ff:fb:89:7a:c4: ca:5f:fb:1c:7b:41:da:7c:a4:58:c6:44:85:af:ba: 49:2d:db:e8:eb:a1:fd:46:8f:8e:e0:5b:46:91:6e: a5:a9:82:29:db:ea:cd:0b:f1:76:c8:d7:40:77:47: e7:21:ed:a8:74:9c:b1:b6:13:40:87:66:0e:7c:6a: bf:d5:c6:ec:84:f0:53:6e:24:f7:d2:e2:a0:c0:60: 5d:20:b3:53:db:c9:82:50:56:f8:30:e7:94:e9:2d: 24:e4:b1:78:77:f9:f2:22:98:e2:c6:f2:ec:5a:5e: a0:51:a6:8f:14:94:3f:e8:3d:6b:b8:54:1c:d0:86: d5:06:d4:ec:12:d8:d3:0c:6e:ae:0c:d6:54:3a:4a: db:10:f4:d1:0e:34:bb:51:75:8d:4c:1c:0d:d4:7f: 87:ab:1f:44:20:28:fa:2c:6f:bd:37:c3:af:fe:49: 46:35:fa:5e:c4:f5:92:82:26:22:b1:0b:2f:0b:0c: 83:d4:fc:74:64:46:a8:3b:17:5e:b0:6d:8e:b0:7b: b4:74:6f:e8:75:f7:18:b3:6b:b8:af:6c:35:df:9d: 90:fd:fe:f8:e0:c7:aa:14:63:03:ac:e3:56:41:5e: 5c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:E3:2A:3A:37:E8:B5:5C:50:53:B2:FF:EF:54:C4:E4:0E:2B:35:65 X509v3 Authority Key Identifier: keyid:E1:1C:E6:B7:DD:9A:6A:C0:B3:24:BA:5A:D8:73:B0:AF:46:A3:92:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Rzmt92aasCzJLpa2HOwr0ajktQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/61db4e-3efc-462d-ab1f-e590e6b4cd0e/1/aeMqOjfotVxQU7L_71TE5A4rNWU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/61db4e-3efc-462d-ab1f-e590e6b4cd0e/1/4Rzmt92aasCzJLpa2HOwr0ajktQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.218.225.0/24 IPv6: 2a14:5fc0::/29 Signature Algorithm: sha256WithRSAEncryption 85:15:8f:ae:9b:5a:b4:c4:b3:c6:66:a2:78:95:ec:a1:b2:79: 97:b9:9a:68:c4:86:12:0b:bf:70:25:1b:82:ce:7d:ed:ab:43: ac:59:34:dc:29:b7:3d:22:cf:c0:07:8d:bc:83:49:cf:e7:85: a0:ad:f5:ca:d7:a9:fa:63:6e:77:f4:b5:1e:66:9e:79:2e:37: df:16:d3:a2:38:47:08:ab:ca:58:57:05:f8:dd:94:30:b5:44: bc:5e:a2:a2:d7:d9:70:32:5b:98:5a:0f:05:58:a9:94:6c:b6: 3f:8f:88:43:03:f4:6a:c8:6e:5d:92:d3:f6:da:48:2a:cb:8f: d8:d9:62:a7:8a:40:d2:ec:16:3d:3f:3c:01:cf:51:f9:f4:c6: c6:e9:9a:c0:69:81:d4:ae:86:f3:6f:d4:12:4b:8f:63:33:9f: 80:b3:28:63:88:93:f8:d8:e2:e8:7e:a6:0d:b1:e1:a3:80:8f: b5:43:d3:a2:40:7e:b4:a8:92:57:be:af:08:dd:b3:39:07:45: d1:a8:23:65:8d:70:4d:9f:7e:cc:93:fb:a8:60:cc:ba:47:05: 27:97:e8:24:e5:8f:8d:6f:6e:e0:1f:af:f1:78:44:69:fd:ff: d0:5d:d8:95:87:c5:d5:32:29:75:8e:9e:09:c4:0e:9b:f7:69: 1b:3a:a2:cb -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+pyVYge/6T977jP0v9hCvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUxMWNlNmI3ZGQ5YTZhYzBiMzI0YmE1YWQ4NzNiMGFmNDZh MzkyZDQwHhcNMjYwMTAyMTIyMDQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OWUzMmEzYTM3ZThiNTVjNTA1M2IyZmZlZjU0YzRlNDBlMmIzNTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcGif3oa3kMbTvU0tJsv00P6KlzQ 1IDk//uJesTKX/sce0HafKRYxkSFr7pJLdvo66H9Ro+O4FtGkW6lqYIp2+rNC/F2 yNdAd0fnIe2odJyxthNAh2YOfGq/1cbshPBTbiT30uKgwGBdILNT28mCUFb4MOeU 6S0k5LF4d/nyIpjixvLsWl6gUaaPFJQ/6D1ruFQc0IbVBtTsEtjTDG6uDNZUOkrb EPTRDjS7UXWNTBwN1H+Hqx9EICj6LG+9N8Ov/klGNfpexPWSgiYisQsvCwyD1Px0 ZEaoOxdesG2OsHu0dG/odfcYs2u4r2w1352Q/f744MeqFGMDrONWQV5cKQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGnjKjo36LVcUFOy/+9UxOQOKzVlMB8GA1UdIwQY MBaAFOEc5rfdmmrAsyS6WthzsK9Go5LUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNFJ6bXQ5MmFhc0N6SkxwYTJIT3dyMGFqa3RRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82MWRiNGUtM2VmYy00NjJkLWFiMWYt ZTU5MGU2YjRjZDBlLzEvYWVNcU9qZm90VnhRVTdMXzcxVEU1QTRyTldVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy82MWRiNGUtM2VmYy00NjJkLWFiMWYtZTU5MGU2YjRjZDBl LzEvNFJ6bXQ5MmFhc0N6SkxwYTJIT3dyMGFqa3RRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudrhMA0E AgACMAcDBQMqFF/AMA0GCSqGSIb3DQEBCwUAA4IBAQCFFY+um1q0xLPGZqJ4leyh snmXuZpoxIYSC79wJRuCzn3tq0OsWTTcKbc9Is/AB428g0nP54WgrfXK16n6Y253 9LUeZp55LjffFtOiOEcIq8pYVwX43ZQwtUS8XqKi19lwMluYWg8FWKmUbLY/j4hD A/RqyG5dktP22kgqy4/Y2WKnikDS7BY9PzwBz1H59MbG6ZrAaYHUrobzb9QSS49j M5+AsyhjiJP42OLofqYNseGjgI+1Q9OiQH60qJJXvq8I3bM5B0XRqCNljXBNn37M k/uoYMy6RwUnl+gk5Y+Nb27gH6/xeERp/f/QXdiVh8XVMil1jp4JxA6b92kbOqLL -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:34 2026 by rpki-client