This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/r87aSMlTcvbfUcNgDrz01QCPAQA.roa File: r87aSMlTcvbfUcNgDrz01QCPAQA.roa (raw, json) Hash identifier: 4IqazvlvJ1xS+3jpTJGpmr9Z+5iN7AeI5Qg7WLedfSg= Subject key identifier: AF:CE:DA:48:C9:53:72:F6:DF:51:C3:60:0E:BC:F4:D5:00:8F:01:00 Certificate issuer: /CN=0e5e32ff207c32f5a69894baeab56bf633dbaa1e Certificate serial: 019B7C134DF15B03B260A4FBCD0425A904C6 Authority key identifier: 0E:5E:32:FF:20:7C:32:F5:A6:98:94:BA:EA:B5:6B:F6:33:DB:AA:1E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dl4y_yB8MvWmmJS66rVr9jPbqh4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/r87aSMlTcvbfUcNgDrz01QCPAQA.roa Signing time: Fri 02 Jan 2026 00:19:58 +0000 ROA not before: Fri 02 Jan 2026 00:19:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211943 IP address blocks: 185.85.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/Dl4y_yB8MvWmmJS66rVr9jPbqh4.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/Dl4y_yB8MvWmmJS66rVr9jPbqh4.mft rsync://rpki.ripe.net/repository/DEFAULT/Dl4y_yB8MvWmmJS66rVr9jPbqh4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:4d:f1:5b:03:b2:60:a4:fb:cd:04:25:a9:04:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e5e32ff207c32f5a69894baeab56bf633dbaa1e Validity Not Before: Jan 2 00:19:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=afceda48c95372f6df51c3600ebcf4d5008f0100 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0e:09:fc:cc:26:ea:5d:ae:84:99:c9:25:b1: 64:43:40:5b:1f:e7:4b:ad:c3:31:a6:d5:e3:26:a9: 26:b2:60:6a:7c:22:9e:19:f2:eb:cb:27:53:f4:cf: 51:f4:1e:3e:e5:fc:93:11:4e:5d:ae:38:e7:95:ba: f3:75:a8:da:58:9b:81:40:42:bb:5e:12:60:04:8e: b2:ac:74:48:68:6b:90:dd:17:d1:fd:a1:fa:bd:02: 01:d6:a8:af:9e:51:51:3b:4e:42:d0:fd:f9:73:2a: 05:01:a1:de:1c:95:1d:88:0b:0d:60:57:51:72:de: 43:b3:b5:71:0b:b3:31:90:38:b7:bf:93:52:f5:21: c2:8e:78:60:7a:3f:1d:2c:6f:7e:dd:ce:1d:6d:c1: 83:16:3f:35:a2:b0:7c:38:07:e9:9b:07:10:82:a1: 18:62:85:ed:64:5d:6c:67:5a:86:4c:bf:a9:97:d8: 95:04:d1:7c:fc:33:e0:a8:0b:50:f7:ba:df:cb:de: 77:a0:09:4e:c6:2a:e7:cc:01:59:50:b7:1e:d7:ac: 6f:3d:37:57:ed:23:61:7b:5f:ed:a6:00:b2:e1:40: b1:b7:3e:2c:68:eb:ff:3b:1d:cc:6e:66:ff:b9:03: f5:a0:06:52:9d:21:00:30:b3:d2:98:6e:6f:85:41: ea:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:CE:DA:48:C9:53:72:F6:DF:51:C3:60:0E:BC:F4:D5:00:8F:01:00 X509v3 Authority Key Identifier: keyid:0E:5E:32:FF:20:7C:32:F5:A6:98:94:BA:EA:B5:6B:F6:33:DB:AA:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dl4y_yB8MvWmmJS66rVr9jPbqh4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/r87aSMlTcvbfUcNgDrz01QCPAQA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/Dl4y_yB8MvWmmJS66rVr9jPbqh4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.85.252.0/24 Signature Algorithm: sha256WithRSAEncryption 92:f5:66:5f:2b:18:f9:84:80:9b:ab:47:ad:97:b0:83:77:5b: 4f:fa:71:f4:30:cb:57:a6:47:1f:1f:bb:98:2e:51:b3:e4:ec: 36:38:43:50:5e:51:b4:df:9a:eb:d4:d4:b2:50:fa:f9:80:d6: 96:8a:2e:bd:78:9f:69:9f:cb:de:7d:be:8a:e6:51:2d:38:b7: c4:9c:99:42:65:fd:58:18:11:e0:a3:ab:5d:6f:3c:06:87:68: ce:a7:d8:1b:27:53:1c:00:d7:74:17:7e:56:89:35:5a:28:00: 69:81:48:d4:7f:aa:5e:ac:1d:5f:f2:74:3f:e1:13:c1:11:40: 4a:de:5c:13:bb:02:97:f6:24:b8:41:82:28:d4:9d:07:08:bd: 0d:5d:7f:5a:ba:cb:4e:83:6e:4f:53:f1:2b:6a:03:44:05:f0: 3e:6f:2a:05:5b:ab:d9:76:4f:3b:cd:39:53:a0:1f:28:aa:2a: a2:66:86:c6:f2:df:32:c5:c2:96:c2:63:4e:c8:b1:69:99:2a: 9d:cc:6e:78:a8:41:de:3b:46:ec:e7:52:6c:30:a3:0a:bc:79: 75:e2:60:ab:e0:54:9b:a8:63:0e:dd:7e:72:e7:1b:bf:e5:c9: af:c1:d5:a9:71:33:de:32:1c:b5:2c:3e:95:a2:e4:07:57:4e: bc:d5:7c:86 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8E03xWwOyYKT7zQQlqQTGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlNWUzMmZmMjA3YzMyZjVhNjk4OTRiYWVhYjU2YmY2MzNk YmFhMWUwHhcNMjYwMTAyMDAxOTU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZmNlZGE0OGM5NTM3MmY2ZGY1MWMzNjAwZWJjZjRkNTAwOGYwMTAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw4J/Mwm6l2uhJnJJbFkQ0BbH+dL rcMxptXjJqkmsmBqfCKeGfLryydT9M9R9B4+5fyTEU5drjjnlbrzdajaWJuBQEK7 XhJgBI6yrHRIaGuQ3RfR/aH6vQIB1qivnlFRO05C0P35cyoFAaHeHJUdiAsNYFdR ct5Ds7VxC7MxkDi3v5NS9SHCjnhgej8dLG9+3c4dbcGDFj81orB8OAfpmwcQgqEY YoXtZF1sZ1qGTL+pl9iVBNF8/DPgqAtQ97rfy953oAlOxirnzAFZULce16xvPTdX 7SNhe1/tpgCy4UCxtz4saOv/Ox3Mbmb/uQP1oAZSnSEAMLPSmG5vhUHqIwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFK/O2kjJU3L231HDYA689NUAjwEAMB8GA1UdIwQY MBaAFA5eMv8gfDL1ppiUuuq1a/Yz26oeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGw0eV95QjhNdldtbUpTNjZyVnI5alBicWg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iZTlmMjktMDAwNi00NjVlLTk0Mzct NGJhOGNiMTUwMWZkLzEvcjg3YVNNbFRjdmJmVWNOZ0RyejAxUUNQQVFBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9iZTlmMjktMDAwNi00NjVlLTk0MzctNGJhOGNiMTUwMWZk LzEvRGw0eV95QjhNdldtbUpTNjZyVnI5alBicWg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVX8MA0G CSqGSIb3DQEBCwUAA4IBAQCS9WZfKxj5hICbq0etl7CDd1tP+nH0MMtXpkcfH7uY LlGz5Ow2OENQXlG035rr1NSyUPr5gNaWii69eJ9pn8vefb6K5lEtOLfEnJlCZf1Y GBHgo6tdbzwGh2jOp9gbJ1McANd0F35WiTVaKABpgUjUf6perB1f8nQ/4RPBEUBK 3lwTuwKX9iS4QYIo1J0HCL0NXX9austOg25PU/EragNEBfA+byoFW6vZdk87zTlT oB8oqiqiZobG8t8yxcKWwmNOyLFpmSqdzG54qEHeO0bs51JsMKMKvHl14mCr4FSb qGMO3X5y5xu/5cmvwdWpcTPeMhy1LD6VouQHV0681XyG -----END CERTIFICATE-----Generated at Mon Feb 9 18:23:25 2026 by rpki-client