This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/aTt1lDOQ__4_BOzrJWRmWq2_g_I.roa File: aTt1lDOQ__4_BOzrJWRmWq2_g_I.roa (raw, json) Hash identifier: v57HfwpPj2JAqIcZD1AamnQQx8/Wn9ebUoCosyKqGs8= Subject key identifier: 69:3B:75:94:33:90:FF:FE:3F:04:EC:EB:25:64:66:5A:AD:BF:83:F2 Certificate issuer: /CN=d03046d16cfc391b028b88743773ce005cf97b1d Certificate serial: 019B7CED8F593A1A50A1E45146A5C627AF51 Authority key identifier: D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/aTt1lDOQ__4_BOzrJWRmWq2_g_I.roa Signing time: Fri 02 Jan 2026 04:18:22 +0000 ROA not before: Fri 02 Jan 2026 04:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 185.163.152.0/24 maxlen: 24 185.163.153.0/24 maxlen: 24 185.163.154.0/24 maxlen: 24 185.163.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.mft rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:8f:59:3a:1a:50:a1:e4:51:46:a5:c6:27:af:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d03046d16cfc391b028b88743773ce005cf97b1d Validity Not Before: Jan 2 04:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=693b75943390fffe3f04eceb2564665aadbf83f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:38:72:06:e4:ff:9e:c1:cb:f1:ef:84:79:57: 8b:d4:0f:8f:68:9f:14:5a:97:f6:9d:de:06:8f:80: 61:1b:0a:49:9d:c8:d9:2a:22:99:26:9e:c7:e0:cb: 36:9b:a5:18:e0:da:88:d8:fd:6f:0a:44:e6:f5:48: 5d:ff:cf:6a:a6:95:4e:92:9e:6e:84:bd:b1:d3:b5: 8c:8b:da:b8:9e:de:76:26:01:50:cb:72:07:60:1c: 35:82:69:28:fc:eb:d3:7a:bd:98:32:b6:e1:a1:97: d4:58:c8:4c:fb:be:72:05:d4:eb:97:da:c5:72:79: 85:c1:68:27:19:11:ee:49:c0:66:ba:fb:97:b7:65: 5e:de:d3:b5:4d:3b:58:d9:a5:b8:38:95:89:ee:6d: d6:32:ac:9f:6e:b9:14:f6:bb:bd:f2:92:e4:4f:f4: a0:30:ae:25:03:fb:c8:99:fc:ac:67:74:7a:be:3d: 49:c1:59:31:d8:8e:41:4b:8b:c1:c5:eb:67:aa:4c: 94:1e:e3:b7:45:e4:ca:86:a1:f0:e8:56:ae:83:8c: f3:8d:20:f0:64:53:3c:90:61:2e:c3:f4:aa:80:e0: b6:36:65:4a:b8:6f:87:af:8e:40:d0:3a:69:54:f7: 2e:c7:46:f1:49:c3:d1:cf:a4:e1:a0:7d:7d:fd:2f: 27:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:3B:75:94:33:90:FF:FE:3F:04:EC:EB:25:64:66:5A:AD:BF:83:F2 X509v3 Authority Key Identifier: keyid:D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/aTt1lDOQ__4_BOzrJWRmWq2_g_I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.163.152.0/22 Signature Algorithm: sha256WithRSAEncryption a7:44:28:e9:02:8f:20:87:38:8a:c5:08:16:c1:9f:09:8a:3f: 33:68:35:a7:3a:06:d6:2d:7e:d2:c4:53:fe:6d:03:92:67:17: 24:ab:d4:56:bd:b8:f7:ba:75:df:0f:99:05:04:c1:2b:eb:05: 32:02:f9:21:3d:9d:7c:52:3a:b7:83:e8:33:a4:92:26:3f:0e: 1c:5c:fd:69:ad:88:76:aa:9d:7c:a1:77:08:21:77:72:f7:8e: 22:66:53:72:f2:9d:c2:b7:71:21:72:0e:6a:30:c6:82:96:b4: 0f:ff:ef:99:b7:74:8b:39:5d:9d:cc:e2:87:e0:e9:98:6a:cb: 0c:41:89:50:2a:1d:2a:9a:a2:e5:7c:75:58:6a:72:43:70:2b: db:8a:60:95:ec:1d:66:f8:e0:ec:95:07:cf:50:37:be:5e:d2: d6:41:aa:9b:30:cb:06:d5:27:5d:63:c3:2a:1f:37:e5:b7:8b: cf:9e:7c:b6:17:45:e9:cc:cf:84:28:8b:bc:33:19:e2:c8:36: 68:c4:bd:b8:28:ee:d1:1d:79:43:6a:22:08:d5:06:5a:cb:b5: 3a:a6:aa:b7:50:7c:52:4c:a5:0a:8b:71:5d:c9:67:57:49:db: 56:a9:ac:51:b0:fb:b2:1f:6e:06:88:41:6a:54:bb:5e:e5:dd: 2a:2f:5e:6d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87Y9ZOhpQoeRRRqXGJ69RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwMzA0NmQxNmNmYzM5MWIwMjhiODg3NDM3NzNjZTAwNWNm OTdiMWQwHhcNMjYwMTAyMDQxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OTNiNzU5NDMzOTBmZmZlM2YwNGVjZWIyNTY0NjY1YWFkYmY4M2YyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojhyBuT/nsHL8e+EeVeL1A+PaJ8U Wpf2nd4Gj4BhGwpJncjZKiKZJp7H4Ms2m6UY4NqI2P1vCkTm9Uhd/89qppVOkp5u hL2x07WMi9q4nt52JgFQy3IHYBw1gmko/OvTer2YMrbhoZfUWMhM+75yBdTrl9rF cnmFwWgnGRHuScBmuvuXt2Ve3tO1TTtY2aW4OJWJ7m3WMqyfbrkU9ru98pLkT/Sg MK4lA/vImfysZ3R6vj1JwVkx2I5BS4vBxetnqkyUHuO3ReTKhqHw6Faug4zzjSDw ZFM8kGEuw/SqgOC2NmVKuG+Hr45A0DppVPcux0bxScPRz6ThoH19/S8niQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGk7dZQzkP/+PwTs6yVkZlqtv4PyMB8GA1UdIwQY MBaAFNAwRtFs/DkbAouIdDdzzgBc+XsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYt ZGMwZTFhNzI1MjIxLzEvYVR0MWxET1FfXzRfQk96ckpXUm1XcTJfZ19JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYtZGMwZTFhNzI1MjIx LzEvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaOYMA0G CSqGSIb3DQEBCwUAA4IBAQCnRCjpAo8ghziKxQgWwZ8Jij8zaDWnOgbWLX7SxFP+ bQOSZxckq9RWvbj3unXfD5kFBMEr6wUyAvkhPZ18Ujq3g+gzpJImPw4cXP1prYh2 qp18oXcIIXdy944iZlNy8p3Ct3Ehcg5qMMaClrQP/++Zt3SLOV2dzOKH4OmYassM QYlQKh0qmqLlfHVYanJDcCvbimCV7B1m+ODslQfPUDe+XtLWQaqbMMsG1SddY8Mq Hzflt4vPnny2F0XpzM+EKIu8MxniyDZoxL24KO7RHXlDaiII1QZay7U6pqq3UHxS TKUKi3FdyWdXSdtWqaxRsPuyH24GiEFqVLte5d0qL15t -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:11 2026 by rpki-client