This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/suUbWGeNBw5ePtioMY9U94S7lSw.roa File: suUbWGeNBw5ePtioMY9U94S7lSw.roa (raw, json) Hash identifier: M06oDkMYsepjO/1pxSEeQ8cUvDUMgzU9aQtQ7cy78x8= Subject key identifier: B2:E5:1B:58:67:8D:07:0E:5E:3E:D8:A8:31:8F:54:F7:84:BB:95:2C Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9 Certificate serial: 019B7F849FEF5E0898797444A509657798AC Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/suUbWGeNBw5ePtioMY9U94S7lSw.roa Signing time: Fri 02 Jan 2026 16:22:36 +0000 ROA not before: Fri 02 Jan 2026 16:22:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204303 IP address blocks: 185.137.68.0/22 maxlen: 22 185.137.68.0/24 maxlen: 24 185.137.70.0/24 maxlen: 24 185.137.71.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.mft rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:9f:ef:5e:08:98:79:74:44:a5:09:65:77:98:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9 Validity Not Before: Jan 2 16:22:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b2e51b58678d070e5e3ed8a8318f54f784bb952c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:8b:7d:f3:53:64:c0:8c:1a:97:d1:a8:d4:3c: 54:e6:60:36:28:51:d8:57:62:0d:24:bd:f2:7a:88: db:5b:3a:d8:a0:4c:23:da:df:df:75:48:b9:c8:64: 81:42:4f:42:9c:a7:33:bc:bb:77:05:c6:71:23:96: 04:3b:70:90:85:ad:5d:1f:0b:83:09:87:69:ea:5a: f9:4e:aa:9b:70:d4:de:65:04:b3:85:52:6d:5a:b2: 3d:1b:13:ed:a1:df:1c:71:41:fb:a9:16:a0:3f:fe: e0:00:54:55:9e:0a:dc:b0:b2:70:6a:b3:5b:71:f4: 81:b8:1c:89:cc:c6:dc:c2:ca:bc:cf:e8:92:59:a4: 8c:32:fe:6f:49:6a:4d:cf:3c:14:db:41:34:80:3c: f1:25:6e:54:f9:b1:29:99:4a:81:86:0b:14:64:dd: 91:41:87:83:65:ef:e1:d7:52:6c:c4:13:4f:10:02: 77:02:a8:35:c9:49:e8:39:22:79:ed:dc:fe:36:ab: 45:0b:ad:28:43:94:26:5c:f2:47:31:98:04:76:6c: 5d:47:2f:03:25:d6:77:e5:a2:97:30:9f:e1:e2:db: b6:03:a4:dd:ba:08:89:96:0d:12:a5:d7:6a:fd:ab: 5a:ea:f4:1e:d6:bb:63:9b:91:66:ba:3c:2d:14:5b: 93:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:E5:1B:58:67:8D:07:0E:5E:3E:D8:A8:31:8F:54:F7:84:BB:95:2C X509v3 Authority Key Identifier: keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/suUbWGeNBw5ePtioMY9U94S7lSw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.137.68.0/22 Signature Algorithm: sha256WithRSAEncryption 73:96:67:10:9c:de:f1:d3:83:b4:45:70:c9:0c:34:21:9e:68: ea:51:82:55:f5:64:17:42:82:45:db:fa:ce:0e:b4:89:ca:4c: 67:ec:93:54:63:8d:97:73:64:8b:2f:19:aa:4e:f2:1a:14:a3: 13:a8:d3:04:24:bf:fd:76:50:ed:ae:51:e7:09:2e:50:8d:c6: 4a:ee:d7:7d:be:f8:90:54:b9:86:88:d6:69:1b:42:20:a6:f4: 4a:0e:b8:4c:9a:74:89:76:66:2c:2e:08:70:88:a1:f5:1b:f0: ea:c0:7e:b4:9e:cb:1f:3f:4d:a2:26:2d:ce:22:34:e8:81:9a: 0f:82:be:41:17:d6:5d:92:04:2c:0a:0f:1e:89:17:46:df:11: ff:1a:63:5a:ae:d2:cf:07:e6:61:f4:47:07:39:73:e5:0b:cc: 6a:26:b2:b0:78:f2:0e:45:51:4e:7d:72:2c:49:83:30:8e:e4: 3b:60:83:5e:87:04:a7:73:18:ee:99:be:c8:b9:23:cb:8b:7d: 61:5a:00:bf:97:84:a9:03:a3:9b:75:65:30:93:51:7f:6f:4b: 15:cb:5a:6e:25:ce:3e:49:70:38:b1:98:71:af:4e:20:55:19: 5a:ea:90:f9:03:78:63:23:c3:a8:f0:b5:28:2c:c2:7a:50:91: d4:95:f1:ee -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hJ/vXgiYeXREpQlld5isMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1 MTBhYTkwHhcNMjYwMTAyMTYyMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMmU1MWI1ODY3OGQwNzBlNWUzZWQ4YTgzMThmNTRmNzg0YmI5NTJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIt981NkwIwal9Go1DxU5mA2KFHY V2INJL3yeojbWzrYoEwj2t/fdUi5yGSBQk9CnKczvLt3BcZxI5YEO3CQha1dHwuD CYdp6lr5TqqbcNTeZQSzhVJtWrI9GxPtod8ccUH7qRagP/7gAFRVngrcsLJwarNb cfSBuByJzMbcwsq8z+iSWaSMMv5vSWpNzzwU20E0gDzxJW5U+bEpmUqBhgsUZN2R QYeDZe/h11JsxBNPEAJ3Aqg1yUnoOSJ57dz+NqtFC60oQ5QmXPJHMZgEdmxdRy8D JdZ35aKXMJ/h4tu2A6TdugiJlg0Spddq/ata6vQe1rtjm5FmujwtFFuTfwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLLlG1hnjQcOXj7YqDGPVPeEu5UsMB8GA1UdIwQY MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt M2FhMTUwYTkyYWI3LzEvc3VVYldHZU5CdzVlUHRpb01ZOVU5NFM3bFN3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3 LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYlEMA0G CSqGSIb3DQEBCwUAA4IBAQBzlmcQnN7x04O0RXDJDDQhnmjqUYJV9WQXQoJF2/rO DrSJykxn7JNUY42Xc2SLLxmqTvIaFKMTqNMEJL/9dlDtrlHnCS5QjcZK7td9vviQ VLmGiNZpG0IgpvRKDrhMmnSJdmYsLghwiKH1G/DqwH60nssfP02iJi3OIjTogZoP gr5BF9ZdkgQsCg8eiRdG3xH/GmNartLPB+Zh9EcHOXPlC8xqJrKwePIORVFOfXIs SYMwjuQ7YINehwSncxjumb7IuSPLi31hWgC/l4SpA6ObdWUwk1F/b0sVy1puJc4+ SXA4sZhxr04gVRla6pD5A3hjI8Oo8LUoLMJ6UJHUlfHu -----END CERTIFICATE-----Generated at Tue Feb 10 07:11:34 2026 by rpki-client