This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/27f595-964f-4055-b92f-9ea9f5e203a0/1/z8SvFmHjwdkD9rVqW5FJ7sxlfdI.roa File: z8SvFmHjwdkD9rVqW5FJ7sxlfdI.roa (raw, json) Hash identifier: rejHdYVWNM7RsiIxf7jbWM9eJvH26EoCBws9Y59Tnv0= Subject key identifier: CF:C4:AF:16:61:E3:C1:D9:03:F6:B5:6A:5B:91:49:EE:CC:65:7D:D2 Certificate issuer: /CN=2b65275521d29caf7176ee2c398d40a1ec479c42 Certificate serial: 019B7FF23ED08C72C1A15A538A505601EAB1 Authority key identifier: 2B:65:27:55:21:D2:9C:AF:71:76:EE:2C:39:8D:40:A1:EC:47:9C:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K2UnVSHSnK9xdu4sOY1AoexHnEI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/27f595-964f-4055-b92f-9ea9f5e203a0/1/z8SvFmHjwdkD9rVqW5FJ7sxlfdI.roa Signing time: Fri 02 Jan 2026 18:22:20 +0000 ROA not before: Fri 02 Jan 2026 18:22:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203547 IP address blocks: 185.131.44.0/24 maxlen: 24 185.131.45.0/24 maxlen: 24 185.131.46.0/24 maxlen: 24 185.131.47.0/24 maxlen: 24 2a05:e7c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/27f595-964f-4055-b92f-9ea9f5e203a0/1/K2UnVSHSnK9xdu4sOY1AoexHnEI.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/27f595-964f-4055-b92f-9ea9f5e203a0/1/K2UnVSHSnK9xdu4sOY1AoexHnEI.mft rsync://rpki.ripe.net/repository/DEFAULT/K2UnVSHSnK9xdu4sOY1AoexHnEI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 12:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:3e:d0:8c:72:c1:a1:5a:53:8a:50:56:01:ea:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b65275521d29caf7176ee2c398d40a1ec479c42 Validity Not Before: Jan 2 18:22:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cfc4af1661e3c1d903f6b56a5b9149eecc657dd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:21:a9:94:04:b5:26:16:24:d8:95:eb:4f:03: 18:ea:4d:7e:b4:a2:31:d9:94:de:eb:7f:72:d0:f7: f8:66:06:09:91:2b:26:a6:94:a5:07:24:b9:c7:0a: 3e:3e:64:18:2a:5d:c3:f3:ff:20:4b:62:e7:0e:a0: a3:d6:11:39:98:6d:23:61:62:00:cf:f9:92:17:3f: 01:77:5f:3f:b7:98:63:15:64:0f:2d:61:3b:ad:e4: 27:13:3a:41:d7:52:8e:4b:63:13:eb:2b:8c:8f:d4: fd:92:42:ae:03:29:76:2d:94:b6:ba:5a:3f:ad:92: 15:c0:f9:1f:f3:ee:61:dd:1e:08:02:f5:4b:7c:ee: 38:c8:51:b9:ed:c2:3f:e0:04:fd:e4:3c:3c:9e:70: 31:22:aa:9f:30:ff:81:9d:b4:ca:53:e0:3a:f9:86: 8d:41:da:46:91:3c:22:01:e7:70:42:27:85:e6:35: f6:7a:ba:c7:da:da:90:b3:84:13:28:6b:44:e7:3c: 59:47:e3:12:7b:a4:9e:e3:e2:8a:df:00:2d:01:fb: 6b:53:b3:42:7f:26:59:e4:4b:2d:30:9b:ce:6a:93: 65:ef:7d:b4:b6:ad:b9:6f:49:62:79:d2:10:06:57: 23:73:93:dd:10:7d:f8:e4:0b:6e:f3:fc:e4:ba:bc: 50:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:C4:AF:16:61:E3:C1:D9:03:F6:B5:6A:5B:91:49:EE:CC:65:7D:D2 X509v3 Authority Key Identifier: keyid:2B:65:27:55:21:D2:9C:AF:71:76:EE:2C:39:8D:40:A1:EC:47:9C:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K2UnVSHSnK9xdu4sOY1AoexHnEI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/27f595-964f-4055-b92f-9ea9f5e203a0/1/z8SvFmHjwdkD9rVqW5FJ7sxlfdI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/27f595-964f-4055-b92f-9ea9f5e203a0/1/K2UnVSHSnK9xdu4sOY1AoexHnEI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.131.44.0/22 IPv6: 2a05:e7c0::/29 Signature Algorithm: sha256WithRSAEncryption 48:f7:d7:06:73:b5:7b:93:07:7f:43:38:a1:11:f5:ae:6d:42: 4e:67:fa:5e:9c:99:18:d7:3e:2b:9a:4e:06:73:03:f5:f5:57: cb:a3:bf:18:11:8d:c3:9e:0f:45:84:68:0b:5d:bb:8f:ea:34: a0:3c:04:b2:74:0c:6c:f4:a0:48:34:d6:a5:d4:df:52:79:8d: ec:7e:d5:98:73:66:fa:69:ac:de:10:0d:dc:74:61:32:df:cd: b1:48:26:34:93:8c:8b:39:1f:95:b7:98:ff:e1:ff:29:9c:0c: f3:bd:34:58:93:9b:bf:5a:3b:44:2f:fb:8f:9c:e0:65:79:67: a6:0f:22:4e:dd:7f:54:08:29:36:d7:8d:92:96:0e:ca:7a:14: 61:4a:01:7f:08:ab:45:00:1a:4d:55:99:81:dc:aa:6c:bf:a2: ec:f7:12:3c:75:53:50:8b:97:84:20:56:13:15:d7:b2:76:40: 19:ec:7b:57:f2:0f:06:e0:17:92:4b:ed:73:3c:3d:19:dd:83: 29:04:cd:26:a0:9d:ab:12:2e:29:d9:34:a2:64:37:cd:0a:89: e8:83:21:1b:c2:67:b2:ad:fb:3c:f4:6b:5e:0e:f6:ff:27:64: 5b:22:3c:3f:2a:5d:f6:cc:8b:09:c1:86:10:89:d5:92:8d:03: db:e0:3f:ab -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/8j7QjHLBoVpTilBWAeqxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiNjUyNzU1MjFkMjljYWY3MTc2ZWUyYzM5OGQ0MGExZWM0 NzljNDIwHhcNMjYwMTAyMTgyMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZmM0YWYxNjYxZTNjMWQ5MDNmNmI1NmE1YjkxNDllZWNjNjU3ZGQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCGplAS1JhYk2JXrTwMY6k1+tKIx 2ZTe639y0Pf4ZgYJkSsmppSlByS5xwo+PmQYKl3D8/8gS2LnDqCj1hE5mG0jYWIA z/mSFz8Bd18/t5hjFWQPLWE7reQnEzpB11KOS2MT6yuMj9T9kkKuAyl2LZS2ulo/ rZIVwPkf8+5h3R4IAvVLfO44yFG57cI/4AT95Dw8nnAxIqqfMP+BnbTKU+A6+YaN QdpGkTwiAedwQieF5jX2errH2tqQs4QTKGtE5zxZR+MSe6Se4+KK3wAtAftrU7NC fyZZ5EstMJvOapNl7320tq25b0liedIQBlcjc5PdEH345Atu8/zkurxQ0QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFM/ErxZh48HZA/a1aluRSe7MZX3SMB8GA1UdIwQY MBaAFCtlJ1Uh0pyvcXbuLDmNQKHsR5xCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSzJVblZTSFNuSzl4ZHU0c09ZMUFvZXhIbkVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8yN2Y1OTUtOTY0Zi00MDU1LWI5MmYt OWVhOWY1ZTIwM2EwLzEvejhTdkZtSGp3ZGtEOXJWcVc1Rko3c3hsZmRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS8yN2Y1OTUtOTY0Zi00MDU1LWI5MmYtOWVhOWY1ZTIwM2Ew LzEvSzJVblZTSFNuSzl4ZHU0c09ZMUFvZXhIbkVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYMsMA0E AgACMAcDBQMqBefAMA0GCSqGSIb3DQEBCwUAA4IBAQBI99cGc7V7kwd/QzihEfWu bUJOZ/penJkY1z4rmk4GcwP19VfLo78YEY3Dng9FhGgLXbuP6jSgPASydAxs9KBI NNal1N9SeY3sftWYc2b6aazeEA3cdGEy382xSCY0k4yLOR+Vt5j/4f8pnAzzvTRY k5u/WjtEL/uPnOBleWemDyJO3X9UCCk2142Slg7KehRhSgF/CKtFABpNVZmB3Kps v6Ls9xI8dVNQi5eEIFYTFdeydkAZ7HtX8g8G4BeSS+1zPD0Z3YMpBM0moJ2rEi4p 2TSiZDfNConogyEbwmeyrfs89GteDvb/J2RbIjw/Kl32zIsJwYYQidWSjQPb4D+r -----END CERTIFICATE-----Generated at Sun Jan 18 17:57:03 2026 by rpki-client