This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/4O7JXBvPOYztRW27KQbfsJapV8I.roa File: 4O7JXBvPOYztRW27KQbfsJapV8I.roa (raw, json) Hash identifier: CnJtkzBJ3WzY6WSIQ98/SBNuBHldMzltsiyedt5bTUA= Subject key identifier: E0:EE:C9:5C:1B:CF:39:8C:ED:45:6D:BB:29:06:DF:B0:96:A9:57:C2 Certificate issuer: /CN=877aad307ad330ebb8cf44ec21389a170436fd53 Certificate serial: 019B79108051948A932D54C111D1CB5F762A Authority key identifier: 87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/4O7JXBvPOYztRW27KQbfsJapV8I.roa Signing time: Thu 01 Jan 2026 10:18:03 +0000 ROA not before: Thu 01 Jan 2026 10:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199272 IP address blocks: 185.14.24.0/22 maxlen: 22 185.14.24.0/24 maxlen: 24 185.14.25.0/24 maxlen: 24 185.14.26.0/24 maxlen: 24 185.14.27.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:80:51:94:8a:93:2d:54:c1:11:d1:cb:5f:76:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=877aad307ad330ebb8cf44ec21389a170436fd53 Validity Not Before: Jan 1 10:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e0eec95c1bcf398ced456dbb2906dfb096a957c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:b8:02:7c:4c:2e:bc:28:8d:61:6e:45:24:97: 69:e0:aa:0e:1d:50:8e:f8:aa:af:df:3d:ed:57:39: ba:58:d8:1f:73:fd:52:35:f9:05:19:f0:6b:a8:c2: af:62:f0:84:e6:5e:c7:5c:00:0e:46:a6:a3:dd:ce: 5e:9e:cf:d6:ec:95:d6:b4:5e:a0:0e:cc:6f:cb:80: fb:20:b5:55:ea:28:fc:2f:9c:53:1c:84:15:ba:74: b0:88:cb:7f:a1:27:bc:91:77:c4:84:01:46:f2:e1: 2d:47:a0:7f:75:1c:75:16:f0:0e:49:15:1c:5c:4b: 6a:c5:8b:7d:e7:40:d4:a3:c3:be:f2:e7:a6:04:cc: 6e:72:55:4e:0b:8b:7d:88:9f:b2:7d:f6:87:4a:43: b6:1d:9f:35:3b:c5:9f:15:84:99:0b:12:27:0d:62: 79:33:03:3d:95:1d:a6:03:77:b7:1c:5a:ef:8a:d4: 85:96:36:2c:d5:9a:b0:d9:ce:be:46:f9:9e:00:5e: f1:2f:54:09:6f:25:17:c3:0a:b0:84:ea:8c:3e:3a: a5:e0:64:b0:d1:d3:d8:30:e5:74:58:c1:66:d9:e2: c3:7e:56:82:11:a4:2e:d7:84:bc:d4:05:69:f0:87: 31:68:bf:8f:54:f8:68:c7:e0:86:fd:93:3e:bf:72: 99:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:EE:C9:5C:1B:CF:39:8C:ED:45:6D:BB:29:06:DF:B0:96:A9:57:C2 X509v3 Authority Key Identifier: keyid:87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/4O7JXBvPOYztRW27KQbfsJapV8I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.14.24.0/22 Signature Algorithm: sha256WithRSAEncryption a0:b0:27:8c:4a:d6:e8:f2:c9:bb:4b:f1:a9:ce:ce:1d:b0:ac: 1b:3a:a9:24:ce:93:2e:5c:69:2c:5b:c1:7b:7e:fd:c4:cf:22: 65:d0:b8:cf:2b:d1:fc:4d:53:3a:30:73:d1:98:b9:1d:a0:d1: 1a:52:e3:c4:70:e3:5c:c6:e6:af:87:e4:76:09:4e:e0:13:13: 7e:e0:2e:8c:ba:f6:58:f2:e6:4a:73:85:41:6c:4e:d3:2f:a7: b2:b9:84:4c:e7:83:d9:1b:68:09:c0:f8:db:86:9e:47:44:5b: ea:1a:d9:44:6c:dd:a8:a7:47:d0:a8:1f:5f:be:0f:ff:cb:5d: 97:b5:0b:96:48:6a:1d:ec:32:42:06:e0:45:59:89:c4:7f:d1: 23:3d:5c:d2:67:a4:1a:52:4f:3e:af:77:76:c0:24:c9:24:f0: 8c:7c:81:71:cd:57:ae:23:f8:e2:43:af:7a:13:8c:c1:8e:ee: bb:5c:eb:87:07:5f:14:24:b3:54:79:b1:9b:7c:8a:ae:84:9f: 47:eb:26:8e:3f:0a:3e:dd:3e:70:a0:a6:97:a4:64:8e:ba:16: 9c:02:6b:13:a1:89:6a:84:49:f9:b8:ea:23:a2:7a:5a:f0:e6: 34:33:b5:86:c4:82:02:95:de:2c:2e:1a:13:f2:df:e8:57:22: 48:f1:e3:7a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5EIBRlIqTLVTBEdHLX3YqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3N2FhZDMwN2FkMzMwZWJiOGNmNDRlYzIxMzg5YTE3MDQz NmZkNTMwHhcNMjYwMTAxMTAxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMGVlYzk1YzFiY2YzOThjZWQ0NTZkYmIyOTA2ZGZiMDk2YTk1N2MyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7gCfEwuvCiNYW5FJJdp4KoOHVCO +Kqv3z3tVzm6WNgfc/1SNfkFGfBrqMKvYvCE5l7HXAAORqaj3c5ens/W7JXWtF6g Dsxvy4D7ILVV6ij8L5xTHIQVunSwiMt/oSe8kXfEhAFG8uEtR6B/dRx1FvAOSRUc XEtqxYt950DUo8O+8uemBMxuclVOC4t9iJ+yffaHSkO2HZ81O8WfFYSZCxInDWJ5 MwM9lR2mA3e3HFrvitSFljYs1Zqw2c6+RvmeAF7xL1QJbyUXwwqwhOqMPjql4GSw 0dPYMOV0WMFm2eLDflaCEaQu14S81AVp8IcxaL+PVPhox+CG/ZM+v3KZCwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFODuyVwbzzmM7UVtuykG37CWqVfCMB8GA1UdIwQY MBaAFId6rTB60zDruM9E7CE4mhcENv1TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUt NTA4MDk5YzEzM2JiLzEvNE83SlhCdlBPWXp0UlcyN0tRYmZzSmFwVjhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUtNTA4MDk5YzEzM2Ji LzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ4YMA0G CSqGSIb3DQEBCwUAA4IBAQCgsCeMStbo8sm7S/Gpzs4dsKwbOqkkzpMuXGksW8F7 fv3EzyJl0LjPK9H8TVM6MHPRmLkdoNEaUuPEcONcxuavh+R2CU7gExN+4C6MuvZY 8uZKc4VBbE7TL6eyuYRM54PZG2gJwPjbhp5HRFvqGtlEbN2op0fQqB9fvg//y12X tQuWSGod7DJCBuBFWYnEf9EjPVzSZ6QaUk8+r3d2wCTJJPCMfIFxzVeuI/jiQ696 E4zBju67XOuHB18UJLNUebGbfIquhJ9H6yaOPwo+3T5woKaXpGSOuhacAmsToYlq hEn5uOojonpa8OY0M7WGxIICld4sLhoT8t/oVyJI8eN6 -----END CERTIFICATE-----Generated at Tue Feb 10 00:09:12 2026 by rpki-client