This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/8XEzSk8CvDfLkSMnM2czmx_ulWg.roa File: 8XEzSk8CvDfLkSMnM2czmx_ulWg.roa (raw, json) Hash identifier: 40hPE/BqPPQ7BBdeMCvpBaKM0QkTjFWRsFW8s0ufoAc= Subject key identifier: F1:71:33:4A:4F:02:BC:37:CB:91:23:27:33:67:33:9B:1F:EE:95:68 Certificate issuer: /CN=593897174f967490dbf6189d479df2c9371bf404 Certificate serial: 019B77C749BE3F93052BC07EC20EFB6DC96B Authority key identifier: 59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/8XEzSk8CvDfLkSMnM2czmx_ulWg.roa Signing time: Thu 01 Jan 2026 04:18:27 +0000 ROA not before: Thu 01 Jan 2026 04:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 185.67.36.0/22 maxlen: 32 2a05:bc0::/29 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.mft rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 10:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:49:be:3f:93:05:2b:c0:7e:c2:0e:fb:6d:c9:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=593897174f967490dbf6189d479df2c9371bf404 Validity Not Before: Jan 1 04:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f171334a4f02bc37cb9123273367339b1fee9568 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ea:1e:5a:08:00:51:98:3b:e4:e7:68:92:bb: f2:88:b1:0a:b1:f6:fb:e7:ef:17:fa:32:37:cd:08: 88:a3:bf:38:ce:bc:9a:6e:c4:14:e5:81:cb:8b:49: 1e:91:e0:08:7d:f4:61:b1:42:25:3b:83:c7:e9:bb: 23:47:6f:52:1e:0b:3e:36:00:36:1e:76:8a:e8:ee: 2f:d1:fe:6d:2d:db:58:85:8e:49:68:2a:ea:43:61: 8a:56:99:c6:a5:a9:42:ee:f7:44:8b:78:cf:8c:7f: 5c:1e:64:fe:93:23:d3:5e:6c:5a:5f:0f:05:9d:88: 1c:e8:ba:cf:eb:aa:ae:8b:33:fc:d1:15:dd:43:6e: 2e:56:51:80:26:85:02:91:32:56:c4:2e:f8:49:09: 86:7e:d1:46:b6:1b:9c:0f:6a:7b:42:59:82:d5:23: a0:8c:52:f7:3c:8d:15:08:b2:56:ef:fc:ec:3f:40: a2:75:91:44:1e:a4:6d:99:c6:a7:cc:96:e3:22:00: 0a:90:d6:20:77:38:2c:55:7a:d9:60:ef:c3:5e:f6: 9e:fd:09:1a:11:ae:95:15:e9:98:8b:47:51:ce:9c: de:3b:4a:d7:d3:9a:2f:ec:41:51:09:8d:85:bb:a5: 8b:fd:4e:33:ee:bf:94:8e:72:7d:3f:b1:aa:0e:41: 45:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:71:33:4A:4F:02:BC:37:CB:91:23:27:33:67:33:9B:1F:EE:95:68 X509v3 Authority Key Identifier: keyid:59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/8XEzSk8CvDfLkSMnM2czmx_ulWg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.67.36.0/22 IPv6: 2a05:bc0::/29 Signature Algorithm: sha256WithRSAEncryption 29:09:0b:be:f2:33:89:7d:3d:32:37:c7:46:af:fe:d8:1c:79: 2f:ae:ee:ae:a2:78:df:b0:e5:44:72:45:a0:cb:77:dd:c6:b3: 06:66:bd:e0:b9:fb:74:49:06:d9:33:dc:59:db:67:45:31:21: a6:77:18:54:08:8d:e7:32:68:25:f0:64:6c:28:ad:12:e7:9c: a4:25:fe:46:88:a4:e6:2b:e1:d2:c2:30:54:17:11:b9:3a:cb: 06:29:38:aa:f6:f4:68:0d:84:ff:50:77:a7:7c:0d:66:94:8c: 05:22:b3:35:e9:02:9d:24:1c:ab:52:b2:ed:38:7e:2b:d4:78: 1e:4f:de:9e:f7:27:24:cb:03:66:03:02:6a:65:be:c6:f6:d3: ff:a9:7b:78:2f:02:d4:3d:6e:52:f0:b3:b9:d5:9d:67:c1:52: de:17:3d:1a:fa:30:f4:7d:b4:a5:53:d6:7f:01:b0:6d:fb:36: d1:9d:16:c6:37:ff:3e:63:8e:ad:ea:59:31:f5:65:40:ff:4d: 96:3a:d0:14:27:51:9e:87:51:04:e8:75:8f:53:32:f2:b0:c6: 93:8e:de:9c:2f:51:bb:eb:27:96:3b:1f:23:b0:8a:05:4b:7c: ae:ab:54:d0:1a:02:70:a5:fe:32:5a:43:ae:99:a7:76:d7:26: 1e:ab:d3:3d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3x0m+P5MFK8B+wg77bclrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU5Mzg5NzE3NGY5Njc0OTBkYmY2MTg5ZDQ3OWRmMmM5Mzcx YmY0MDQwHhcNMjYwMTAxMDQxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMTcxMzM0YTRmMDJiYzM3Y2I5MTIzMjczMzY3MzM5YjFmZWU5NTY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueoeWggAUZg75OdokrvyiLEKsfb7 5+8X+jI3zQiIo784zryabsQU5YHLi0kekeAIffRhsUIlO4PH6bsjR29SHgs+NgA2 HnaK6O4v0f5tLdtYhY5JaCrqQ2GKVpnGpalC7vdEi3jPjH9cHmT+kyPTXmxaXw8F nYgc6LrP66quizP80RXdQ24uVlGAJoUCkTJWxC74SQmGftFGthucD2p7QlmC1SOg jFL3PI0VCLJW7/zsP0CidZFEHqRtmcanzJbjIgAKkNYgdzgsVXrZYO/DXvae/Qka Ea6VFemYi0dRzpzeO0rX05ov7EFRCY2Fu6WL/U4z7r+UjnJ9P7GqDkFFywIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFPFxM0pPArw3y5EjJzNnM5sf7pVoMB8GA1UdIwQY MBaAFFk4lxdPlnSQ2/YYnUed8sk3G/QEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTIt NWY4ZmM3MDc4MzZhLzEvOFhFelNrOEN2RGZMa1NNbk0yY3pteF91bFdnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTItNWY4ZmM3MDc4MzZh LzEvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUMkMA0E AgACMAcDBQMqBQvAMA0GCSqGSIb3DQEBCwUAA4IBAQApCQu+8jOJfT0yN8dGr/7Y HHkvru6uonjfsOVEckWgy3fdxrMGZr3guft0SQbZM9xZ22dFMSGmdxhUCI3nMmgl 8GRsKK0S55ykJf5GiKTmK+HSwjBUFxG5OssGKTiq9vRoDYT/UHenfA1mlIwFIrM1 6QKdJByrUrLtOH4r1HgeT96e9yckywNmAwJqZb7G9tP/qXt4LwLUPW5S8LO51Z1n wVLeFz0a+jD0fbSlU9Z/AbBt+zbRnRbGN/8+Y46t6lkx9WVA/02WOtAUJ1Geh1EE 6HWPUzLysMaTjt6cL1G76yeWOx8jsIoFS3yuq1TQGgJwpf4yWkOumad21yYeq9M9 -----END CERTIFICATE-----Generated at Fri Jan 9 17:04:38 2026 by rpki-client