This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/apKWJZAqjwjRd0dehHbbTa9ZY3A.roa File: apKWJZAqjwjRd0dehHbbTa9ZY3A.roa (raw, json) Hash identifier: nVaIovGi66UncedynfpwyGBTPpXsXon+jV7FMQbYQEg= Subject key identifier: 6A:92:96:25:90:2A:8F:08:D1:77:47:5E:84:76:DB:4D:AF:59:63:70 Certificate issuer: /CN=cc977e9d52afbc47799d3975fcee8ac51ca0cf6a Certificate serial: 019B79ED39E25674D25D61FDB2CE990DFBF8 Authority key identifier: CC:97:7E:9D:52:AF:BC:47:79:9D:39:75:FC:EE:8A:C5:1C:A0:CF:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zJd-nVKvvEd5nTl1_O6KxRygz2o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/apKWJZAqjwjRd0dehHbbTa9ZY3A.roa Signing time: Thu 01 Jan 2026 14:19:08 +0000 ROA not before: Thu 01 Jan 2026 14:19:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 396982 IP address blocks: 85.208.98.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/zJd-nVKvvEd5nTl1_O6KxRygz2o.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/zJd-nVKvvEd5nTl1_O6KxRygz2o.mft rsync://rpki.ripe.net/repository/DEFAULT/zJd-nVKvvEd5nTl1_O6KxRygz2o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 21:02:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:39:e2:56:74:d2:5d:61:fd:b2:ce:99:0d:fb:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cc977e9d52afbc47799d3975fcee8ac51ca0cf6a Validity Not Before: Jan 1 14:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a929625902a8f08d177475e8476db4daf596370 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:81:2d:f3:01:a9:b5:aa:5b:7c:2c:56:46:7c: 75:93:40:ff:ba:46:c3:f3:bf:ae:3b:ad:93:90:15: 99:b7:23:ac:8d:f7:73:99:1e:d3:ff:4c:a7:14:29: a9:21:e2:0d:2c:94:54:f1:a1:0c:34:e7:5c:e4:15: 56:2a:e2:73:dc:99:5a:2d:4f:7e:9b:4a:2f:a0:10: 72:33:9c:cf:57:cc:b9:4a:1f:7c:59:54:97:08:d8: a2:cd:bd:f2:2d:40:ad:6b:56:0f:cb:9e:81:57:79: bb:5f:e0:72:bf:bc:a3:5f:fb:99:7c:04:5d:20:eb: 5b:16:89:a7:47:c4:ef:9d:70:cb:b3:da:0a:62:82: 1a:59:47:69:ea:ad:b6:4f:a8:82:e8:79:74:56:6d: 1a:a8:a9:79:19:0b:6d:21:c6:dd:7d:ad:1d:44:94: d5:ee:d2:db:1f:5a:68:ac:d4:e9:c4:58:92:a7:b0: 98:04:3b:fe:ac:24:1c:00:f5:b0:f2:6e:1f:95:81: 38:57:b8:d5:16:e7:2a:d5:c6:cb:31:73:30:b7:3e: 0c:8c:53:8f:79:ef:63:72:29:50:10:90:5f:cf:ef: 1b:43:cf:e6:37:ea:e6:eb:2d:9a:84:41:74:94:42: 9f:3e:be:53:fc:50:e3:da:ad:80:5e:21:85:a3:df: 71:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:92:96:25:90:2A:8F:08:D1:77:47:5E:84:76:DB:4D:AF:59:63:70 X509v3 Authority Key Identifier: keyid:CC:97:7E:9D:52:AF:BC:47:79:9D:39:75:FC:EE:8A:C5:1C:A0:CF:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zJd-nVKvvEd5nTl1_O6KxRygz2o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/apKWJZAqjwjRd0dehHbbTa9ZY3A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/zJd-nVKvvEd5nTl1_O6KxRygz2o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.208.98.0/24 Signature Algorithm: sha256WithRSAEncryption 4f:dd:b4:06:f8:ca:fc:18:9e:7c:f7:66:0d:77:bf:56:54:d4: 37:99:de:04:98:95:c7:8d:09:17:ab:29:4e:04:78:b8:cf:13: af:5d:af:6b:27:bf:d4:b5:48:3d:46:6e:9d:89:61:85:01:4a: f0:42:df:e5:d1:7e:92:d4:90:93:a9:02:53:95:08:8d:c7:9b: 42:4a:81:c2:58:1b:6e:96:9c:7c:7d:e6:91:92:c8:e4:0c:92: 88:b4:35:97:13:c8:ba:93:4e:10:c1:a4:86:c2:08:a1:06:f3: 0a:38:1a:32:87:1a:c5:8c:22:4d:14:05:82:fc:02:2f:52:7f: 87:35:9d:ff:e2:38:e6:9a:9b:c8:c7:66:85:8e:e0:28:e1:8d: db:b9:ab:81:63:d9:23:06:ca:9a:c0:39:fc:82:b5:58:f6:62: f4:9f:83:20:5c:27:0c:41:18:46:c4:c2:fd:94:b3:14:dd:7e: 47:96:3e:68:0f:62:da:44:4e:b3:c8:5b:85:5a:68:89:bb:b4: ab:76:29:98:5b:20:9a:ef:df:ac:f5:c8:67:df:6a:13:a3:75: 8c:18:1c:ab:11:da:99:dd:50:09:e5:df:a6:d5:25:09:56:b8: e0:b3:5f:80:08:fc:8d:d8:25:37:6a:c2:79:9e:64:f0:fb:d6: 3c:36:c4:82 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt57TniVnTSXWH9ss6ZDfv4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjOTc3ZTlkNTJhZmJjNDc3OTlkMzk3NWZjZWU4YWM1MWNh MGNmNmEwHhcNMjYwMTAxMTQxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YTkyOTYyNTkwMmE4ZjA4ZDE3NzQ3NWU4NDc2ZGI0ZGFmNTk2MzcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYEt8wGptapbfCxWRnx1k0D/ukbD 87+uO62TkBWZtyOsjfdzmR7T/0ynFCmpIeINLJRU8aEMNOdc5BVWKuJz3JlaLU9+ m0ovoBByM5zPV8y5Sh98WVSXCNiizb3yLUCta1YPy56BV3m7X+Byv7yjX/uZfARd IOtbFomnR8TvnXDLs9oKYoIaWUdp6q22T6iC6Hl0Vm0aqKl5GQttIcbdfa0dRJTV 7tLbH1porNTpxFiSp7CYBDv+rCQcAPWw8m4flYE4V7jVFucq1cbLMXMwtz4MjFOP ee9jcilQEJBfz+8bQ8/mN+rm6y2ahEF0lEKfPr5T/FDj2q2AXiGFo99xuwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGqSliWQKo8I0XdHXoR2202vWWNwMB8GA1UdIwQY MBaAFMyXfp1Sr7xHeZ05dfzuisUcoM9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvekpkLW5WS3Z2RWQ1blRsMV9PNkt4UnlnejJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85NWE1ZTYtNTU4My00Y2NlLTg2ZTkt ZTIzMDQ2MmZjNTdiLzEvYXBLV0paQXFqd2pSZDBkZWhIYmJUYTlaWTNBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy85NWE1ZTYtNTU4My00Y2NlLTg2ZTktZTIzMDQ2MmZjNTdi LzEvekpkLW5WS3Z2RWQ1blRsMV9PNkt4UnlnejJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBiMA0G CSqGSIb3DQEBCwUAA4IBAQBP3bQG+Mr8GJ5892YNd79WVNQ3md4EmJXHjQkXqylO BHi4zxOvXa9rJ7/UtUg9Rm6diWGFAUrwQt/l0X6S1JCTqQJTlQiNx5tCSoHCWBtu lpx8feaRksjkDJKItDWXE8i6k04QwaSGwgihBvMKOBoyhxrFjCJNFAWC/AIvUn+H NZ3/4jjmmpvIx2aFjuAo4Y3buauBY9kjBsqawDn8grVY9mL0n4MgXCcMQRhGxML9 lLMU3X5Hlj5oD2LaRE6zyFuFWmiJu7SrdimYWyCa79+s9chn32oTo3WMGByrEdqZ 3VAJ5d+m1SUJVrjgs1+ACPyN2CU3asJ5nmTw+9Y8NsSC -----END CERTIFICATE-----Generated at Fri Jan 9 06:21:10 2026 by rpki-client