This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4wQsrh4QDpBUFfXdd9X_-MiLCL8.roa File: 4wQsrh4QDpBUFfXdd9X_-MiLCL8.roa (raw, json) Hash identifier: oHdtstTpCgRSDZ/uAOrQjW33pp8IkqP5O0VCSkg+gX8= Subject key identifier: E3:04:2C:AE:1E:10:0E:90:54:15:F5:DD:77:D5:FF:F8:C8:8B:08:BF Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D45A3127843F904D8762116C3F0AC Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4wQsrh4QDpBUFfXdd9X_-MiLCL8.roa Signing time: Fri 02 Jan 2026 06:20:23 +0000 ROA not before: Fri 02 Jan 2026 06:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58073 IP address blocks: 185.214.10.0/24 maxlen: 24 188.215.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:45:a3:12:78:43:f9:04:d8:76:21:16:c3:f0:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e3042cae1e100e905415f5dd77d5fff8c88b08bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:5d:c3:b4:eb:63:72:2d:8f:02:d4:a9:1a:7f: b0:6a:7c:e1:05:35:ba:e8:3f:75:9d:08:2b:17:b6: 91:75:ec:c3:cc:7e:57:ac:23:5b:fc:df:11:aa:b6: 96:30:c4:42:7a:97:63:1c:cf:41:fa:a4:d2:0e:03: 25:1f:24:eb:0e:7d:93:8f:6a:b3:fa:a0:92:0b:1d: da:3f:55:c5:6c:1d:29:22:01:d9:0f:cf:57:5f:95: 29:dd:79:ff:2f:86:c5:22:cb:6b:d8:58:40:7a:81: c2:7a:ce:03:39:5c:c5:f1:f4:c0:79:a1:85:39:cf: 48:a7:f8:71:c2:ae:8c:2e:55:1f:ca:f9:55:8e:7e: c3:20:18:a2:12:83:d2:54:11:af:0f:54:db:40:6c: 90:55:a9:f6:8b:28:75:ff:87:36:ce:a4:f0:73:71: 63:32:9b:88:81:e8:6a:01:ba:3b:45:5b:5b:c1:b0: 6e:0d:5d:52:f2:45:38:ee:96:8b:7c:62:8d:57:78: 2f:04:44:82:97:57:d9:4a:3b:bf:98:f0:e0:a5:30: 84:c6:b1:77:d2:56:fa:11:3c:d4:84:84:d7:e6:c2: 8d:1f:65:0e:ce:fc:5e:c2:ca:96:e2:5e:fb:6e:ac: 3b:39:7a:92:89:e6:85:d7:45:52:f1:b7:92:87:d6: fd:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:04:2C:AE:1E:10:0E:90:54:15:F5:DD:77:D5:FF:F8:C8:8B:08:BF X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4wQsrh4QDpBUFfXdd9X_-MiLCL8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.214.10.0/24 188.215.229.0/24 Signature Algorithm: sha256WithRSAEncryption 88:c2:6c:15:2b:3c:14:73:c1:52:d4:f8:f1:e1:ed:e7:1b:1b: 79:91:88:20:e2:07:cb:b8:87:5a:c3:95:7e:f8:f5:55:59:6c: 52:e1:21:af:cf:92:ed:78:9c:77:6d:f9:46:98:5a:fb:b3:23: 4b:fd:67:bf:f1:8d:de:e5:b6:50:a8:05:3a:14:92:d3:51:2a: 3b:54:95:05:7d:82:84:16:dc:bb:d7:42:f5:24:6d:b0:6e:15: fe:d1:2f:03:9c:35:92:8a:90:cc:dc:f9:03:a7:2b:71:c2:0f: c5:63:c7:64:97:50:32:81:24:dc:84:ae:2d:97:15:d1:29:79: 5a:0d:6a:24:e2:20:10:a2:3e:e4:e4:00:c0:ce:86:86:c5:4c: 55:7b:c0:05:c7:d4:c5:9e:d2:48:20:5e:93:f5:2e:7e:89:ed: 86:9c:5b:70:ce:26:e3:28:24:d7:e0:c6:72:7f:af:ae:05:b4: 6b:48:aa:af:ea:55:0f:78:d0:04:9d:fc:74:e1:44:7f:6b:e3: 8e:7f:69:76:bf:e0:c5:1f:27:e6:23:9f:87:84:d7:58:f0:5c: c5:f3:1f:69:61:ae:50:56:fc:5c:d5:72:23:c6:52:e9:37:7b: 58:9c:39:b9:e5:51:10:6c:6f:3d:e8:e7:d1:2c:52:c5:ad:26: a2:95:9c:a5 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XUWjEnhD+QTYdiEWw/CsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMzA0MmNhZTFlMTAwZTkwNTQxNWY1ZGQ3N2Q1ZmZmOGM4OGIwOGJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF3DtOtjci2PAtSpGn+wanzhBTW6 6D91nQgrF7aRdezDzH5XrCNb/N8RqraWMMRCepdjHM9B+qTSDgMlHyTrDn2Tj2qz +qCSCx3aP1XFbB0pIgHZD89XX5Up3Xn/L4bFIstr2FhAeoHCes4DOVzF8fTAeaGF Oc9Ip/hxwq6MLlUfyvlVjn7DIBiiEoPSVBGvD1TbQGyQVan2iyh1/4c2zqTwc3Fj MpuIgehqAbo7RVtbwbBuDV1S8kU47paLfGKNV3gvBESCl1fZSju/mPDgpTCExrF3 0lb6ETzUhITX5sKNH2UOzvxewsqW4l77bqw7OXqSieaF10VS8beSh9b9uwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFOMELK4eEA6QVBX13XfV//jIiwi/MB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvNHdRc3JoNFFEcEJVRmZYZGQ5WF8tTWlMQ0w4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudYKAwQA vNflMA0GCSqGSIb3DQEBCwUAA4IBAQCIwmwVKzwUc8FS1Pjx4e3nGxt5kYgg4gfL uIdaw5V++PVVWWxS4SGvz5LteJx3bflGmFr7syNL/We/8Y3e5bZQqAU6FJLTUSo7 VJUFfYKEFty710L1JG2wbhX+0S8DnDWSipDM3PkDpytxwg/FY8dkl1AygSTchK4t lxXRKXlaDWok4iAQoj7k5ADAzoaGxUxVe8AFx9TFntJIIF6T9S5+ie2GnFtwzibj KCTX4MZyf6+uBbRrSKqv6lUPeNAEnfx04UR/a+OOf2l2v+DFHyfmI5+HhNdY8FzF 8x9pYa5QVvxc1XIjxlLpN3tYnDm55VEQbG896OfRLFLFrSailZyl -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:15 2026 by rpki-client