This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/KIeo57i2HPTMf-OuTIV1Im2isnI.roa File: KIeo57i2HPTMf-OuTIV1Im2isnI.roa (raw, json) Hash identifier: byqGa6PqgQ91x46Mr1No6b2uTARtOfxk40SvehiN5a8= Subject key identifier: 28:87:A8:E7:B8:B6:1C:F4:CC:7F:E3:AE:4C:85:75:22:6D:A2:B2:72 Certificate issuer: /CN=5aedcb334d39e797817e2eb47703c018b4dc49d5 Certificate serial: 019B7B36B3D89FD4D94845C0808BCAE6A7A9 Authority key identifier: 5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/KIeo57i2HPTMf-OuTIV1Im2isnI.roa Signing time: Thu 01 Jan 2026 20:19:01 +0000 ROA not before: Thu 01 Jan 2026 20:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39767 IP address blocks: 78.158.72.0/21 maxlen: 21 78.158.80.0/20 maxlen: 21 185.90.140.0/22 maxlen: 22 194.88.12.0/23 maxlen: 23 2a05:e200::/29 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.mft rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:b3:d8:9f:d4:d9:48:45:c0:80:8b:ca:e6:a7:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5aedcb334d39e797817e2eb47703c018b4dc49d5 Validity Not Before: Jan 1 20:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2887a8e7b8b61cf4cc7fe3ae4c8575226da2b272 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:8e:a3:21:eb:b3:82:ab:a3:1e:10:ae:25:e2: 93:09:ee:2b:59:7f:cf:87:ee:ff:e8:3c:ed:ce:d0: 5e:9b:c8:ba:39:93:67:89:e1:31:b2:ee:a0:38:ad: 7f:da:ff:af:1a:e3:66:1e:1c:9c:78:a9:52:de:f6: 21:8c:e8:c4:96:24:73:23:56:ef:dc:0b:e4:8a:42: c4:c8:4e:d7:93:b4:25:95:dd:2d:f9:da:a6:6a:e7: e8:cb:5d:7f:13:d5:9a:8b:75:f0:7a:8d:5e:ca:5c: 4f:df:0f:f0:c4:ea:29:55:8c:b8:43:c9:33:e2:7c: 45:a2:37:56:2c:bc:0b:9d:33:37:e1:f0:7a:99:4e: bf:0c:44:ec:c4:b3:94:8e:a8:7c:60:34:c5:11:75: 68:7a:3f:6d:57:c2:b5:54:49:b9:17:57:7c:99:a0: 92:9a:45:cd:26:cb:ea:ba:4d:ea:79:9f:5a:5b:96: 34:b5:be:f5:6f:ac:b0:19:b8:c0:fe:bc:e5:72:f7: 17:59:23:42:ca:30:94:20:5a:21:f5:50:b8:6a:5a: 1e:7a:fe:8c:db:fa:3a:ac:10:a3:7b:43:26:52:5b: 20:81:5d:66:4d:4b:fe:0b:2f:3f:f8:12:9d:4c:4a: ec:9a:5d:eb:30:16:f5:66:16:cd:83:f1:fe:5e:14: 84:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:87:A8:E7:B8:B6:1C:F4:CC:7F:E3:AE:4C:85:75:22:6D:A2:B2:72 X509v3 Authority Key Identifier: keyid:5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/KIeo57i2HPTMf-OuTIV1Im2isnI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.158.72.0-78.158.95.255 185.90.140.0/22 194.88.12.0/23 IPv6: 2a05:e200::/29 Signature Algorithm: sha256WithRSAEncryption 81:98:bd:1e:17:ae:13:57:44:51:ab:46:e4:ea:78:6f:a1:2b: 44:73:1a:61:05:78:4a:d8:cc:0f:e9:0b:8d:75:2e:4b:08:8a: 80:24:36:04:61:21:07:b8:79:53:05:31:3a:1f:d5:ee:2d:b3: a5:20:cb:a8:48:fa:7e:0f:47:ff:88:c6:a6:53:50:66:dd:0c: 82:a3:76:e1:09:35:64:41:d3:a2:66:06:d0:76:9a:e7:a0:e8: 9c:24:fe:4b:60:03:3c:70:5d:75:83:89:b9:5c:10:11:4b:f8: f5:0b:5c:6d:93:e7:fd:59:aa:73:f9:25:c8:29:59:3e:e2:d0: 02:84:c9:a7:b7:cb:fb:9c:bd:21:57:b7:a0:a7:78:e1:56:48: cf:52:86:5a:ac:32:ac:11:a6:a0:98:d1:ec:cf:44:12:7e:97: 1f:40:f5:34:ed:fd:53:e3:5e:24:55:47:f7:df:2f:bf:ee:02: 1e:92:1b:10:15:3f:3c:d5:db:3d:2e:4b:8b:8f:89:d8:63:9b: 94:4c:8f:39:62:01:9a:bd:3c:e1:82:24:77:e0:cc:e1:b6:07: b7:15:29:18:9d:8f:6c:6a:8b:83:ec:02:20:d8:3a:95:f7:1b: 64:cd:72:46:84:c3:a1:5d:d3:ac:de:27:32:25:56:e7:76:8f: 70:7c:3b:d4 -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt7NrPYn9TZSEXAgIvK5qepMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhZWRjYjMzNGQzOWU3OTc4MTdlMmViNDc3MDNjMDE4YjRk YzQ5ZDUwHhcNMjYwMTAxMjAxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODg3YThlN2I4YjYxY2Y0Y2M3ZmUzYWU0Yzg1NzUyMjZkYTJiMjcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0I6jIeuzgqujHhCuJeKTCe4rWX/P h+7/6DztztBem8i6OZNnieExsu6gOK1/2v+vGuNmHhyceKlS3vYhjOjEliRzI1bv 3AvkikLEyE7Xk7Qlld0t+dqmaufoy11/E9Wai3Xweo1eylxP3w/wxOopVYy4Q8kz 4nxFojdWLLwLnTM34fB6mU6/DETsxLOUjqh8YDTFEXVoej9tV8K1VEm5F1d8maCS mkXNJsvquk3qeZ9aW5Y0tb71b6ywGbjA/rzlcvcXWSNCyjCUIFoh9VC4aloeev6M 2/o6rBCje0MmUlsggV1mTUv+Cy8/+BKdTErsml3rMBb1ZhbNg/H+XhSEvQIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFCiHqOe4thz0zH/jrkyFdSJtorJyMB8GA1UdIwQY MBaAFFrtyzNNOeeXgX4utHcDwBi03EnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEt ZTBhZWUxYmJmOWUzLzEvS0llbzU3aTJIUFRNZi1PdVRJVjFJbTJpc25JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEtZTBhZWUxYmJmOWUz LzEvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBANOnkgD BAVOnkADBAK5WowDBAHCWAwwDQQCAAIwBwMFAyoF4gAwDQYJKoZIhvcNAQELBQAD ggEBAIGYvR4XrhNXRFGrRuTqeG+hK0RzGmEFeErYzA/pC411LksIioAkNgRhIQe4 eVMFMTof1e4ts6Ugy6hI+n4PR/+IxqZTUGbdDIKjduEJNWRB06JmBtB2mueg6Jwk /ktgAzxwXXWDiblcEBFL+PULXG2T5/1ZqnP5JcgpWT7i0AKEyae3y/ucvSFXt6Cn eOFWSM9ShlqsMqwRpqCY0ezPRBJ+lx9A9TTt/VPjXiRVR/ffL7/uAh6SGxAVPzzV 2z0uS4uPidhjm5RMjzliAZq9POGCJHfgzOG2B7cVKRidj2xqi4PsAiDYOpX3G2TN ckaEw6Fd06zeJzIlVud2j3B8O9Q= -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:13 2026 by rpki-client