This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/cIAjOguDSgqReQ62gGNwhDs3FsM.roa File: cIAjOguDSgqReQ62gGNwhDs3FsM.roa (raw, json) Hash identifier: TFf8FnZKCR2DKzKeOZFiA2ziGDoeOIEoz46aZNZ0n6U= Subject key identifier: 70:80:23:3A:0B:83:4A:0A:91:79:0E:B6:80:63:70:84:3B:37:16:C3 Certificate issuer: /CN=8521d103fc73e9075dcf1e22bc8242b70f98c884 Certificate serial: 019B7AC86D035BC13E2DAC25F17F768F6140 Authority key identifier: 85:21:D1:03:FC:73:E9:07:5D:CF:1E:22:BC:82:42:B7:0F:98:C8:84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/cIAjOguDSgqReQ62gGNwhDs3FsM.roa Signing time: Thu 01 Jan 2026 18:18:34 +0000 ROA not before: Thu 01 Jan 2026 18:18:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47914 IP address blocks: 91.245.128.0/19 maxlen: 24 91.247.0.0/19 maxlen: 24 93.157.232.0/21 maxlen: 24 109.206.128.0/19 maxlen: 24 176.108.192.0/19 maxlen: 24 2001:67c:2704::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:6d:03:5b:c1:3e:2d:ac:25:f1:7f:76:8f:61:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8521d103fc73e9075dcf1e22bc8242b70f98c884 Validity Not Before: Jan 1 18:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7080233a0b834a0a91790eb6806370843b3716c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:ef:c1:47:84:30:a4:e3:f8:16:ee:d0:11:de: 22:68:00:8c:f8:08:62:2c:5d:b9:66:00:f7:58:b2: 74:95:4e:ea:42:22:f9:a1:7f:52:5b:bd:cb:99:a7: 72:3d:60:dc:c0:f2:8f:dc:13:de:8b:19:ec:7d:c6: 46:bb:7a:31:f3:04:ae:4f:ed:89:2d:c4:ae:b6:b8: 76:b0:ef:2c:d3:19:d3:1c:fd:5a:8e:3f:ae:54:20: 91:89:e4:ff:45:bb:c4:35:27:e7:2b:b0:57:a5:e0: 61:83:f4:fe:56:c2:1c:8d:83:65:51:94:4f:ae:10: 16:56:87:ea:97:93:7e:c4:83:c2:6f:4b:f4:b9:87: e7:8b:42:27:cd:b7:78:c7:f0:52:ab:17:a8:fd:df: 74:59:62:f3:97:c7:f3:10:1c:3f:7d:88:47:f1:6d: 20:a8:66:00:43:b7:1b:2b:9c:a5:9e:f0:b0:a9:48: 34:c6:e9:9f:9b:35:15:df:73:e9:3a:38:83:69:e4: 21:98:9b:32:42:42:1d:17:7d:a9:28:0b:9e:44:44: bc:72:22:65:85:88:9b:91:b4:a1:52:00:40:69:7c: 32:86:c1:e9:c8:ac:55:c4:74:57:7c:1b:bc:37:db: af:36:14:b0:45:86:e2:e4:7b:ce:3e:c1:1e:fe:5f: 96:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:80:23:3A:0B:83:4A:0A:91:79:0E:B6:80:63:70:84:3B:37:16:C3 X509v3 Authority Key Identifier: keyid:85:21:D1:03:FC:73:E9:07:5D:CF:1E:22:BC:82:42:B7:0F:98:C8:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/cIAjOguDSgqReQ62gGNwhDs3FsM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.245.128.0/19 91.247.0.0/19 93.157.232.0/21 109.206.128.0/19 176.108.192.0/19 IPv6: 2001:67c:2704::/48 Signature Algorithm: sha256WithRSAEncryption 48:04:b7:f0:c0:1c:39:3d:f7:71:60:d7:28:fe:94:11:22:fb: b4:4c:87:6c:d6:26:21:3b:b2:e8:0c:2a:7e:76:17:b8:aa:3e: cb:2a:ef:f9:58:9a:26:e0:5b:06:0d:15:71:91:9c:80:e9:02: 1c:3f:5b:af:5d:04:8e:0a:c8:c1:7a:9e:68:fc:59:85:87:00: 0f:5a:d9:31:10:57:cf:5b:df:b7:f3:d6:38:52:96:2d:8f:59: a4:fe:e1:26:5a:1d:2e:d9:5a:ff:06:55:b8:04:e3:a2:88:24: ad:30:87:bc:c9:4c:65:a9:6c:dd:1f:35:54:2b:e2:75:df:dc: 92:9e:fb:f2:3d:10:b5:dc:fd:ed:f9:af:c9:44:28:03:64:2c: 9c:54:06:5f:0b:ca:aa:6d:d4:26:a5:8e:46:32:dd:32:2d:79: 6f:5f:6c:db:b4:c2:19:a7:8f:c5:42:e0:0c:c8:b3:16:75:6c: ab:0b:03:cf:4f:6c:9a:17:58:0b:9e:bd:51:15:fd:3e:4e:8e: 6c:65:15:e4:91:1a:e5:b8:d6:8e:61:33:c2:41:12:bb:10:fd: af:8a:e2:f5:93:bf:b8:db:e4:eb:7d:4c:f6:bb:d9:76:11:60: d3:31:0f:f7:84:03:d0:86:3b:58:3c:7f:95:f6:f8:4a:db:1d: be:51:83:da -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt6yG0DW8E+Lawl8X92j2FAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MjFkMTAzZmM3M2U5MDc1ZGNmMWUyMmJjODI0MmI3MGY5 OGM4ODQwHhcNMjYwMTAxMTgxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDgwMjMzYTBiODM0YTBhOTE3OTBlYjY4MDYzNzA4NDNiMzcxNmMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu/BR4QwpOP4Fu7QEd4iaACM+Ahi LF25ZgD3WLJ0lU7qQiL5oX9SW73LmadyPWDcwPKP3BPeixnsfcZGu3ox8wSuT+2J LcSutrh2sO8s0xnTHP1ajj+uVCCRieT/RbvENSfnK7BXpeBhg/T+VsIcjYNlUZRP rhAWVofql5N+xIPCb0v0uYfni0Inzbd4x/BSqxeo/d90WWLzl8fzEBw/fYhH8W0g qGYAQ7cbK5ylnvCwqUg0xumfmzUV33PpOjiDaeQhmJsyQkIdF32pKAueRES8ciJl hYibkbShUgBAaXwyhsHpyKxVxHRXfBu8N9uvNhSwRYbi5HvOPsEe/l+WewIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFHCAIzoLg0oKkXkOtoBjcIQ7NxbDMB8GA1UdIwQY MBaAFIUh0QP8c+kHXc8eIryCQrcPmMiEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFNIUkFfeHo2UWRkeng0aXZJSkN0dy1ZeUlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iMzUxZWEtN2UwOS00NWFmLWEwZWUt ZTQwZGUwODQxM2ZhLzEvY0lBak9ndURTZ3FSZVE2MmdHTndoRHMzRnNNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9iMzUxZWEtN2UwOS00NWFmLWEwZWUtZTQwZGUwODQxM2Zh LzEvaFNIUkFfeHo2UWRkeng0aXZJSkN0dy1ZeUlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQFW/WAAwQF W/cAAwQDXZ3oAwQFbc6AAwQFsGzAMA8EAgACMAkDBwAgAQZ8JwQwDQYJKoZIhvcN AQELBQADggEBAEgEt/DAHDk993Fg1yj+lBEi+7RMh2zWJiE7sugMKn52F7iqPssq 7/lYmibgWwYNFXGRnIDpAhw/W69dBI4KyMF6nmj8WYWHAA9a2TEQV89b37fz1jhS li2PWaT+4SZaHS7ZWv8GVbgE46KIJK0wh7zJTGWpbN0fNVQr4nXf3JKe+/I9ELXc /e35r8lEKANkLJxUBl8Lyqpt1CaljkYy3TIteW9fbNu0whmnj8VC4AzIsxZ1bKsL A89PbJoXWAuevVEV/T5OjmxlFeSRGuW41o5hM8JBErsQ/a+K4vWTv7jb5Ot9TPa7 2XYRYNMxD/eEA9CGO1g8f5X2+ErbHb5Rg9o= -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:51 2026 by rpki-client