This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/0lwIzPsGn14owxvXy7_61u8zBPk.roa File: 0lwIzPsGn14owxvXy7_61u8zBPk.roa (raw, json) Hash identifier: RHYNuusrfwoS7Vg7kp1EMywIH/hGj3OELuZX6uFgB7Q= Subject key identifier: D2:5C:08:CC:FB:06:9F:5E:28:C3:1B:D7:CB:BF:FA:D6:EF:33:04:F9 Certificate issuer: /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40 Certificate serial: 019B7AC808DF876995709C24C49B64C8AE36 Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/0lwIzPsGn14owxvXy7_61u8zBPk.roa Signing time: Thu 01 Jan 2026 18:18:08 +0000 ROA not before: Thu 01 Jan 2026 18:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50782 IP address blocks: 2.57.48.0/22 maxlen: 22 91.215.240.0/22 maxlen: 22 185.159.200.0/22 maxlen: 22 185.246.20.0/22 maxlen: 22 194.127.196.0/24 maxlen: 24 194.127.202.0/24 maxlen: 24 194.127.206.0/24 maxlen: 24 194.127.214.0/24 maxlen: 24 2a07:b6c0::/29 maxlen: 29 2a09:c940::/29 maxlen: 29 2a0d:6680::/29 maxlen: 29 2a0f:afc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:08:df:87:69:95:70:9c:24:c4:9b:64:c8:ae:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40 Validity Not Before: Jan 1 18:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d25c08ccfb069f5e28c31bd7cbbffad6ef3304f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:71:bc:44:68:fd:7f:43:c8:df:88:3f:14:04: 8a:b4:ac:fe:51:1c:b8:50:ec:47:82:4b:ec:8f:3f: 03:b6:2c:2c:3b:1b:ff:dd:79:b1:ba:1a:8e:a1:70: 4b:47:cd:8b:24:08:3c:dd:a8:3c:87:1c:74:98:f4: 70:5a:35:cb:b2:ad:f0:73:64:7e:2f:f5:a2:54:52: 41:74:c5:53:4d:a1:88:0e:e7:c2:d6:99:96:d6:60: 48:67:79:0d:93:2b:4f:63:6a:13:bb:3b:82:f1:7a: d0:a1:b2:54:0f:23:18:e4:70:0e:4a:f1:c0:b8:9a: 3e:56:55:60:a2:a5:ca:b0:b7:bc:d7:dd:c6:a9:06: 85:9f:d5:63:aa:45:de:f0:42:f2:79:bd:ba:ec:6b: 00:dd:55:0b:8c:53:54:f0:84:d9:b6:68:d9:33:a1: 9a:02:1b:b3:c3:ae:ad:0e:c8:22:ef:38:d0:1b:43: ab:48:2e:13:3c:75:59:eb:cb:d9:04:c9:dd:31:e6: 4b:4f:da:5b:6e:a4:8f:ef:c6:22:8a:46:81:80:02: 6c:81:b2:90:94:69:11:88:ca:21:c4:65:27:5a:e1: 30:82:e9:7d:03:36:5c:40:d6:54:86:a3:6f:a0:31: b9:f1:3c:46:a0:2f:af:38:48:6b:f9:ec:f3:4d:c1: 94:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:5C:08:CC:FB:06:9F:5E:28:C3:1B:D7:CB:BF:FA:D6:EF:33:04:F9 X509v3 Authority Key Identifier: keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/0lwIzPsGn14owxvXy7_61u8zBPk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.57.48.0/22 91.215.240.0/22 185.159.200.0/22 185.246.20.0/22 194.127.196.0/24 194.127.202.0/24 194.127.206.0/24 194.127.214.0/24 IPv6: 2a07:b6c0::/29 2a09:c940::/29 2a0d:6680::/29 2a0f:afc0::/29 Signature Algorithm: sha256WithRSAEncryption 34:80:b4:57:dd:4c:7b:e6:fb:0b:41:04:c9:27:06:16:01:cb: d4:ca:d4:96:42:3a:12:59:fa:17:54:a3:40:54:43:ed:da:07: ff:a6:d8:3c:ce:38:91:94:f3:87:76:91:cc:78:51:cc:76:c4: b0:20:07:32:a5:78:25:70:08:fa:4b:6e:22:6f:b2:14:f0:18: 7b:0c:06:b6:11:6e:55:86:40:b8:34:2d:ae:c9:0e:32:03:4c: 58:ea:15:9f:05:fd:3c:e3:17:55:d8:b5:1b:2d:36:b7:10:9e: 70:8a:5d:49:19:9b:2d:40:87:d9:61:60:0a:a8:f8:57:8d:34: 7f:60:d3:35:8f:d0:9d:17:40:f5:a6:67:25:a7:7b:b0:35:cc: 32:73:55:bb:46:15:4d:48:03:4d:88:30:2a:a3:80:a7:1a:81: ce:0b:65:64:ca:40:14:b3:65:36:eb:82:e3:39:ac:a7:1a:5e: cf:6e:49:ed:61:74:8e:a4:94:f1:10:e5:c0:99:c0:7e:32:cd: 6b:28:fb:5b:9f:82:10:96:4f:ae:b8:ba:95:85:df:8a:a3:a9: 1d:19:6b:22:e5:bf:d5:ee:39:22:ab:82:d0:96:99:51:d2:0e: 78:b0:fb:89:7b:7b:be:8c:46:33:79:53:fb:26:16:e8:d1:df: 6d:d7:60:9f -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgISAZt6yAjfh2mVcJwkxJtkyK42MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5 YTRiNDAwHhcNMjYwMTAxMTgxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMjVjMDhjY2ZiMDY5ZjVlMjhjMzFiZDdjYmJmZmFkNmVmMzMwNGY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHG8RGj9f0PI34g/FASKtKz+URy4 UOxHgkvsjz8DtiwsOxv/3XmxuhqOoXBLR82LJAg83ag8hxx0mPRwWjXLsq3wc2R+ L/WiVFJBdMVTTaGIDufC1pmW1mBIZ3kNkytPY2oTuzuC8XrQobJUDyMY5HAOSvHA uJo+VlVgoqXKsLe8193GqQaFn9VjqkXe8ELyeb267GsA3VULjFNU8ITZtmjZM6Ga Ahuzw66tDsgi7zjQG0OrSC4TPHVZ68vZBMndMeZLT9pbbqSP78YiikaBgAJsgbKQ lGkRiMohxGUnWuEwgul9AzZcQNZUhqNvoDG58TxGoC+vOEhr+ezzTcGUmwIDAQAB o4ICVzCCAlMwHQYDVR0OBBYEFNJcCMz7Bp9eKMMb18u/+tbvMwT5MB8GA1UdIwQY MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt ZGQ4YjVhZmNlZTNiLzEvMGx3SXpQc0duMTRvd3h2WHk3XzYxdTh6QlBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQCAjkwAwQC W9fwAwQCuZ/IAwQCufYUAwQAwn/EAwQAwn/KAwQAwn/OAwQAwn/WMCIEAgACMBwD BQMqB7bAAwUDKgnJQAMFAyoNZoADBQMqD6/AMA0GCSqGSIb3DQEBCwUAA4IBAQA0 gLRX3Ux75vsLQQTJJwYWAcvUytSWQjoSWfoXVKNAVEPt2gf/ptg8zjiRlPOHdpHM eFHMdsSwIAcypXglcAj6S24ib7IU8Bh7DAa2EW5VhkC4NC2uyQ4yA0xY6hWfBf08 4xdV2LUbLTa3EJ5wil1JGZstQIfZYWAKqPhXjTR/YNM1j9CdF0D1pmclp3uwNcwy c1W7RhVNSANNiDAqo4CnGoHOC2VkykAUs2U264LjOaynGl7PbkntYXSOpJTxEOXA mcB+Ms1rKPtbn4IQlk+uuLqVhd+Ko6kdGWsi5b/V7jkiq4LQlplR0g54sPuJe3u+ jEYzeVP7Jhbo0d9t12Cf -----END CERTIFICATE-----Generated at Tue Feb 10 00:09:39 2026 by rpki-client