This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/u-PjOq1WjK6PsqFBvXy59id7R_I.roa File: u-PjOq1WjK6PsqFBvXy59id7R_I.roa (raw, json) Hash identifier: Pz8fOepb3H13pqdKO3L1FSkff2yUOqZGUk6QeB6m10U= Subject key identifier: BB:E3:E3:3A:AD:56:8C:AE:8F:B2:A1:41:BD:7C:B9:F6:27:7B:47:F2 Certificate issuer: /CN=a369fb191bee51cdc7414a6963197f86bbf313ab Certificate serial: 019B797F367A139C1ECDB5DF079461F59EC6 Authority key identifier: A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/u-PjOq1WjK6PsqFBvXy59id7R_I.roa Signing time: Thu 01 Jan 2026 12:18:58 +0000 ROA not before: Thu 01 Jan 2026 12:18:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203836 IP address blocks: 185.164.228.0/24 maxlen: 24 185.164.229.0/24 maxlen: 24 185.164.230.0/24 maxlen: 24 185.164.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.mft rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:36:7a:13:9c:1e:cd:b5:df:07:94:61:f5:9e:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a369fb191bee51cdc7414a6963197f86bbf313ab Validity Not Before: Jan 1 12:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bbe3e33aad568cae8fb2a141bd7cb9f6277b47f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:5c:c9:3d:19:0d:ef:e0:9f:fb:91:54:cd:26: e8:39:7a:c0:2f:77:63:8b:13:ed:47:f9:4f:16:20: 54:75:d9:64:67:fb:56:79:ba:d0:ef:2a:07:94:3a: 57:02:fc:5d:29:28:25:80:81:dd:f6:2a:3c:0b:c3: 96:6b:27:81:f5:e0:7a:4d:6e:5f:95:88:60:03:d5: ae:44:30:ed:56:3b:71:f2:c1:45:e7:08:cc:68:b6: 70:8f:13:23:bc:33:bc:70:5f:db:24:61:ad:77:51: 8d:d0:80:df:c8:66:a5:c2:9b:57:8d:69:a3:2b:ee: 60:9a:cc:f1:f6:d7:a4:bb:d1:b5:89:85:e9:4b:aa: 7c:69:d6:e9:e5:2a:49:88:86:a9:07:46:b3:23:7a: a3:9c:dc:48:6f:83:a0:28:b7:b3:cf:26:8b:38:35: 6a:ca:97:12:2d:12:f1:54:d9:8c:10:9f:82:b5:b0: e2:c3:a5:c9:cb:28:a4:f6:14:bc:2a:63:01:c7:f7: ca:75:28:ad:b9:05:b9:f9:27:ba:6a:12:5c:6f:e3: 4c:ed:15:88:24:36:b2:93:95:6b:de:4e:ef:1b:d6: f8:bd:a8:3f:3d:b4:59:a0:6f:bf:22:da:77:0a:e7: a2:5e:86:bc:e4:c1:fb:b8:e7:e9:e3:dc:1e:bb:f1: 0a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:E3:E3:3A:AD:56:8C:AE:8F:B2:A1:41:BD:7C:B9:F6:27:7B:47:F2 X509v3 Authority Key Identifier: keyid:A3:69:FB:19:1B:EE:51:CD:C7:41:4A:69:63:19:7F:86:BB:F3:13:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2n7GRvuUc3HQUppYxl_hrvzE6s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/u-PjOq1WjK6PsqFBvXy59id7R_I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20da60-c719-4be1-8e4f-e18052f381bb/1/o2n7GRvuUc3HQUppYxl_hrvzE6s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.164.228.0/22 Signature Algorithm: sha256WithRSAEncryption be:4f:f9:b7:ce:d8:2d:09:19:20:21:e1:28:3c:8d:c7:ed:32: 08:4c:ee:86:43:85:bc:5e:66:dc:ae:f4:1a:12:9f:61:d4:dd: 63:97:4f:8d:3c:d2:e0:8c:bb:ba:ca:4e:5e:07:9f:77:a9:c0: cd:99:89:e8:a0:75:1c:73:54:81:5b:50:db:89:13:87:75:59: be:92:76:84:6b:e5:9e:4a:24:bc:ae:32:a9:f3:81:52:e3:42: b8:86:f9:90:e5:64:76:ab:a7:d5:e3:b1:fe:6a:88:0a:26:70: c9:83:ec:eb:f8:fa:4e:d5:d7:13:e4:8d:cd:79:d5:58:9d:90: 7d:f1:d4:bc:ab:0c:b5:06:76:ca:63:29:3a:bd:8d:33:be:e9: 40:9a:ab:eb:b5:94:02:0b:49:7d:1c:58:92:4c:11:29:13:ab: 1e:59:cc:29:a6:f2:9c:5c:a1:88:3d:91:c1:36:9f:aa:24:e1: ce:f2:45:e1:be:85:bd:72:b3:28:58:e9:e8:e5:cf:62:ff:51: 77:5e:0b:a8:94:ea:7d:3d:47:d5:89:67:b8:eb:0e:ba:3f:c7: 68:11:e6:5f:db:ae:1e:cd:18:02:e8:68:75:7f:0f:6b:91:4f: b3:ed:b1:4a:93:d0:e8:ac:94:79:93:46:7a:1f:b0:d6:61:ed: 46:f8:84:00 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5fzZ6E5wezbXfB5Rh9Z7GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNjlmYjE5MWJlZTUxY2RjNzQxNGE2OTYzMTk3Zjg2YmJm MzEzYWIwHhcNMjYwMTAxMTIxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYmUzZTMzYWFkNTY4Y2FlOGZiMmExNDFiZDdjYjlmNjI3N2I0N2YyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlzJPRkN7+Cf+5FUzSboOXrAL3dj ixPtR/lPFiBUddlkZ/tWebrQ7yoHlDpXAvxdKSglgIHd9io8C8OWayeB9eB6TW5f lYhgA9WuRDDtVjtx8sFF5wjMaLZwjxMjvDO8cF/bJGGtd1GN0IDfyGalwptXjWmj K+5gmszx9teku9G1iYXpS6p8adbp5SpJiIapB0azI3qjnNxIb4OgKLezzyaLODVq ypcSLRLxVNmMEJ+CtbDiw6XJyyik9hS8KmMBx/fKdSituQW5+Se6ahJcb+NM7RWI JDayk5Vr3k7vG9b4vag/PbRZoG+/Itp3CueiXoa85MH7uOfp49weu/EKPwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLvj4zqtVoyuj7KhQb18ufYne0fyMB8GA1UdIwQY MBaAFKNp+xkb7lHNx0FKaWMZf4a78xOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYt ZTE4MDUyZjM4MWJiLzEvdS1Qak9xMVdqSzZQc3FGQnZYeTU5aWQ3Ul9JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS8yMGRhNjAtYzcxOS00YmUxLThlNGYtZTE4MDUyZjM4MWJi LzEvbzJuN0dSdnVVYzNIUVVwcFl4bF9ocnZ6RTZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaTkMA0G CSqGSIb3DQEBCwUAA4IBAQC+T/m3ztgtCRkgIeEoPI3H7TIITO6GQ4W8XmbcrvQa Ep9h1N1jl0+NPNLgjLu6yk5eB593qcDNmYnooHUcc1SBW1DbiROHdVm+knaEa+We SiS8rjKp84FS40K4hvmQ5WR2q6fV47H+aogKJnDJg+zr+PpO1dcT5I3NedVYnZB9 8dS8qwy1BnbKYyk6vY0zvulAmqvrtZQCC0l9HFiSTBEpE6seWcwppvKcXKGIPZHB Np+qJOHO8kXhvoW9crMoWOno5c9i/1F3XguolOp9PUfViWe46w66P8doEeZf264e zRgC6Gh1fw9rkU+z7bFKk9DorJR5k0Z6H7DWYe1G+IQA -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:36 2026 by rpki-client