This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/kxHXeC-RgFki1x0jEKzH48eBz8c.roa File: kxHXeC-RgFki1x0jEKzH48eBz8c.roa (raw, json) Hash identifier: E6qamccMc25rG9FxeXNYkNGoky+PcxFg+Xq4GlM3NUs= Subject key identifier: 93:11:D7:78:2F:91:80:59:22:D7:1D:23:10:AC:C7:E3:C7:81:CF:C7 Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9 Certificate serial: 019B7F84A1C7F6E1EC4B8D6C4FC025DA4175 Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/kxHXeC-RgFki1x0jEKzH48eBz8c.roa Signing time: Fri 02 Jan 2026 16:22:37 +0000 ROA not before: Fri 02 Jan 2026 16:22:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214636 IP address blocks: 185.143.0.0/22 maxlen: 22 185.143.0.0/23 maxlen: 23 185.143.0.0/24 maxlen: 24 185.143.1.0/24 maxlen: 24 185.143.2.0/23 maxlen: 23 185.143.2.0/24 maxlen: 24 185.143.3.0/24 maxlen: 24 185.174.212.0/24 maxlen: 24 185.232.172.0/22 maxlen: 22 185.232.172.0/23 maxlen: 23 185.232.172.0/24 maxlen: 24 185.232.173.0/24 maxlen: 24 185.232.174.0/23 maxlen: 23 185.232.174.0/24 maxlen: 24 185.232.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.mft rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:a1:c7:f6:e1:ec:4b:8d:6c:4f:c0:25:da:41:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9 Validity Not Before: Jan 2 16:22:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9311d7782f91805922d71d2310acc7e3c781cfc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:c1:f6:6a:d6:10:d6:44:cf:54:d6:21:2a:8d: 11:e0:e6:94:59:fe:44:9a:70:74:5e:d3:57:be:b8: d0:49:50:87:7b:5b:f0:05:f3:bf:de:a5:75:86:22: 90:b5:dc:e0:0c:7c:d0:61:45:84:8e:ac:f7:bc:50: f8:1a:aa:aa:cb:5c:d7:38:f0:d4:d3:c5:94:42:6a: 18:f9:da:ae:9a:61:9d:36:4c:d5:12:80:2a:6b:57: 6f:84:59:fe:6b:6f:8d:d9:bf:22:53:36:5e:39:40: 37:72:df:b7:28:2e:1c:b7:72:40:de:65:c8:2f:c1: bf:02:53:a7:b6:a6:c4:1c:88:57:c6:85:08:e3:fb: ff:e6:04:80:72:43:5b:28:2a:a4:de:ff:57:db:20: 16:bf:e1:27:3c:33:f3:b7:ed:ea:9a:76:97:1b:6c: 25:2e:55:3e:26:03:a1:6d:d2:7c:6d:fd:b4:58:16: 6a:8a:47:64:2a:ea:4c:25:64:1b:32:65:3b:ac:00: d3:17:68:92:59:57:59:3e:23:76:f0:e1:5d:67:01: 4e:ce:2f:85:ff:7c:38:ea:49:f5:09:4f:46:e8:fa: 6b:de:6c:75:10:fd:03:fe:8c:62:13:88:3a:e9:5b: 66:d4:1e:4e:48:0d:7c:8c:2a:60:c2:e3:54:1d:b1: a9:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:11:D7:78:2F:91:80:59:22:D7:1D:23:10:AC:C7:E3:C7:81:CF:C7 X509v3 Authority Key Identifier: keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/kxHXeC-RgFki1x0jEKzH48eBz8c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.143.0.0/22 185.174.212.0/24 185.232.172.0/22 Signature Algorithm: sha256WithRSAEncryption 13:0b:cc:bd:7b:49:3d:b5:7e:8c:9d:a7:28:ae:13:f4:c9:ba: 3d:5a:12:62:9b:e2:bd:d8:c9:0f:42:90:af:42:6a:90:d3:4a: 3d:ff:5f:33:3f:0e:49:c4:94:10:f9:f8:4e:e0:c2:b4:d9:dd: 89:6e:2a:d6:f2:f9:c6:01:b8:3e:f7:d1:99:cb:e2:28:b8:0a: ee:c1:5c:c4:e4:11:ff:37:e9:e3:74:a0:33:2d:b9:b0:65:8c: 17:9f:ee:79:71:a6:00:d0:a8:6d:a8:e9:a5:a1:c9:48:cb:82: d0:6f:ec:e5:ee:52:04:fc:e7:9c:02:31:59:0b:a3:d7:06:8f: 36:df:92:5b:90:d6:e2:7f:cf:76:10:2e:60:73:b9:5c:fe:fc: 28:ed:08:ac:74:77:8e:ab:27:5f:52:90:33:5b:c8:29:67:f9: d9:f4:80:8d:16:ba:cf:42:f1:c7:fa:59:61:c4:a7:ac:63:1f: c9:2e:63:ed:3a:18:5c:38:28:d9:cb:bf:c3:f2:c7:88:71:f2: 6c:50:f5:d2:9f:65:f2:4e:de:f3:22:a8:6d:67:96:42:19:7d: 3b:01:c3:a5:35:6f:22:2c:70:02:ad:96:7a:69:da:ca:60:94: 88:6c:43:b1:e1:14:fd:20:a1:8b:43:8b:4f:04:d9:aa:ba:1b: 60:3c:64:3a -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/hKHH9uHsS41sT8Al2kF1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1 MTBhYTkwHhcNMjYwMTAyMTYyMjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MzExZDc3ODJmOTE4MDU5MjJkNzFkMjMxMGFjYzdlM2M3ODFjZmM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcH2atYQ1kTPVNYhKo0R4OaUWf5E mnB0XtNXvrjQSVCHe1vwBfO/3qV1hiKQtdzgDHzQYUWEjqz3vFD4Gqqqy1zXOPDU 08WUQmoY+dqummGdNkzVEoAqa1dvhFn+a2+N2b8iUzZeOUA3ct+3KC4ct3JA3mXI L8G/AlOntqbEHIhXxoUI4/v/5gSAckNbKCqk3v9X2yAWv+EnPDPzt+3qmnaXG2wl LlU+JgOhbdJ8bf20WBZqikdkKupMJWQbMmU7rADTF2iSWVdZPiN28OFdZwFOzi+F /3w46kn1CU9G6Ppr3mx1EP0D/oxiE4g66Vtm1B5OSA18jCpgwuNUHbGpKQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFJMR13gvkYBZItcdIxCsx+PHgc/HMB8GA1UdIwQY MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt M2FhMTUwYTkyYWI3LzEva3hIWGVDLVJnRmtpMXgwakVLekg0OGVCejhjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3 LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuY8AAwQA ua7UAwQCueisMA0GCSqGSIb3DQEBCwUAA4IBAQATC8y9e0k9tX6MnacorhP0ybo9 WhJim+K92MkPQpCvQmqQ00o9/18zPw5JxJQQ+fhO4MK02d2JbirW8vnGAbg+99GZ y+IouAruwVzE5BH/N+njdKAzLbmwZYwXn+55caYA0KhtqOmloclIy4LQb+zl7lIE /OecAjFZC6PXBo8235JbkNbif892EC5gc7lc/vwo7QisdHeOqydfUpAzW8gpZ/nZ 9ICNFrrPQvHH+llhxKesYx/JLmPtOhhcOCjZy7/D8seIcfJsUPXSn2XyTt7zIqht Z5ZCGX07AcOlNW8iLHACrZZ6adrKYJSIbEOx4RT9IKGLQ4tPBNmquhtgPGQ6 -----END CERTIFICATE-----Generated at Tue Feb 10 07:11:32 2026 by rpki-client