This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/kAQRnXnn1bepnTjDte_6dOnnntw.roa File: kAQRnXnn1bepnTjDte_6dOnnntw.roa (raw, json) Hash identifier: fvCT2Eh+lUDVebIFnLuZITE86ooUogC2tmwd5l7+wO8= Subject key identifier: 90:04:11:9D:79:E7:D5:B7:A9:9D:38:C3:B5:EF:FA:74:E9:E7:9E:DC Certificate issuer: /CN=e1a21f85f9bf17c020987ea1320d3d63c55ae489 Certificate serial: 019C0A6B9C99F425C064F39429493AD73823 Authority key identifier: E1:A2:1F:85:F9:BF:17:C0:20:98:7E:A1:32:0D:3D:63:C5:5A:E4:89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/kAQRnXnn1bepnTjDte_6dOnnntw.roa Signing time: Thu 29 Jan 2026 15:42:30 +0000 ROA not before: Thu 29 Jan 2026 15:42:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202803 IP address blocks: 185.154.44.0/22 maxlen: 24 185.154.44.0/23 maxlen: 23 185.154.46.0/23 maxlen: 23 193.138.120.0/23 maxlen: 23 193.138.120.0/24 maxlen: 24 193.138.121.0/24 maxlen: 24 212.6.55.0/24 maxlen: 24 2a0b:5ac0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.crl rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.mft rsync://rpki.ripe.net/repository/DEFAULT/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:0a:6b:9c:99:f4:25:c0:64:f3:94:29:49:3a:d7:38:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e1a21f85f9bf17c020987ea1320d3d63c55ae489 Validity Not Before: Jan 29 15:42:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9004119d79e7d5b7a99d38c3b5effa74e9e79edc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:bc:c8:72:53:d7:f4:27:8b:8a:86:6f:90:f5: 4e:47:98:f9:09:4d:9f:78:64:a3:84:b6:12:54:2a: 2d:2b:7d:5a:79:6f:d7:39:25:11:c9:e6:90:7a:3e: 5d:32:ed:54:a5:ce:8a:47:a2:65:57:03:27:51:a1: 99:7d:4a:c8:c8:01:95:c8:7c:b4:cc:05:b0:74:58: cb:eb:28:ba:d4:9f:ba:70:0d:1c:f5:47:98:28:c0: 40:fe:a6:5a:df:9a:c9:21:d1:82:52:f9:d9:5c:a7: 9b:f8:6b:8f:26:bd:d0:21:57:4b:b7:d4:e6:8d:27: ce:cf:6e:18:6b:a7:09:35:df:3b:d4:db:53:87:4a: b5:d3:42:56:5c:67:61:03:ea:93:26:17:72:83:cd: 98:8f:8c:0c:0d:a4:55:16:ed:76:af:bc:97:26:ce: 88:cf:36:a4:95:d8:94:04:45:de:ef:53:76:ef:2d: 28:e1:9d:91:e5:b2:7f:79:29:b7:f4:22:90:40:9b: b3:27:f9:d5:92:66:38:d1:18:d1:d7:ed:a2:88:a4: a7:00:d5:06:73:0b:5b:a8:7e:5a:ab:77:e9:c1:aa: 39:cf:01:cd:3f:56:9c:36:81:d2:54:26:e4:39:cf: 02:58:17:78:35:4d:a9:b8:1c:a5:7f:d3:6a:da:10: ac:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:04:11:9D:79:E7:D5:B7:A9:9D:38:C3:B5:EF:FA:74:E9:E7:9E:DC X509v3 Authority Key Identifier: keyid:E1:A2:1F:85:F9:BF:17:C0:20:98:7E:A1:32:0D:3D:63:C5:5A:E4:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/kAQRnXnn1bepnTjDte_6dOnnntw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.154.44.0/22 193.138.120.0/23 212.6.55.0/24 IPv6: 2a0b:5ac0::/29 Signature Algorithm: sha256WithRSAEncryption a5:3d:6c:cd:a3:fb:6e:a9:b4:db:92:7a:96:2f:89:34:50:58: 59:3f:58:3f:c2:29:1e:00:98:44:50:2a:68:34:60:66:5c:bb: fd:e1:0a:85:70:37:9a:ff:12:61:8c:b0:c9:a5:20:ab:dd:60: 7f:c6:ba:ed:96:82:0a:e3:ca:a2:34:0e:c6:1a:10:d4:06:d6: 0f:fb:f5:0c:7b:1f:bb:78:ed:af:6a:8d:fd:94:fc:15:20:79: 71:05:cb:66:2e:75:a5:bb:70:6f:46:e4:6d:15:ca:9a:7c:9c: 4a:0d:58:23:cb:8f:04:97:44:75:12:c4:d3:ba:25:00:2d:6d: 93:84:6f:05:bb:d4:09:98:ea:1b:af:46:6e:b1:75:13:9d:6f: f4:af:6a:8b:46:95:e3:01:d9:2c:78:4c:63:e1:33:5e:4f:6b: 18:60:07:de:20:ff:f3:ac:b6:ad:a6:f1:ce:22:2a:92:20:0e: f8:7c:19:63:01:b7:5d:b0:3c:c4:96:de:a3:bd:44:b1:47:c3: 48:40:ab:e5:d8:50:b9:d1:5c:bb:4b:1c:5a:c1:c9:3d:7d:86: 48:63:d9:07:3f:1a:50:0f:ad:90:ec:98:70:8e:63:4a:53:22: e9:7c:14:fb:dc:29:ba:cc:9b:75:b1:bc:80:39:52:8d:df:bc: d1:04:86:ba -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZwKa5yZ9CXAZPOUKUk61zgjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUxYTIxZjg1ZjliZjE3YzAyMDk4N2VhMTMyMGQzZDYzYzU1 YWU0ODkwHhcNMjYwMTI5MTU0MjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDA0MTE5ZDc5ZTdkNWI3YTk5ZDM4YzNiNWVmZmE3NGU5ZTc5ZWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbzIclPX9CeLioZvkPVOR5j5CU2f eGSjhLYSVCotK31aeW/XOSURyeaQej5dMu1Upc6KR6JlVwMnUaGZfUrIyAGVyHy0 zAWwdFjL6yi61J+6cA0c9UeYKMBA/qZa35rJIdGCUvnZXKeb+GuPJr3QIVdLt9Tm jSfOz24Ya6cJNd871NtTh0q100JWXGdhA+qTJhdyg82Yj4wMDaRVFu12r7yXJs6I zzakldiUBEXe71N27y0o4Z2R5bJ/eSm39CKQQJuzJ/nVkmY40RjR1+2iiKSnANUG cwtbqH5aq3fpwao5zwHNP1acNoHSVCbkOc8CWBd4NU2puBylf9Nq2hCslQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFJAEEZ1559W3qZ04w7Xv+nTp557cMB8GA1UdIwQY MBaAFOGiH4X5vxfAIJh+oTINPWPFWuSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGFJZmhmbV9GOEFnbUg2aE1nMDlZOFZhNUlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MzIwOGQtNmMzMS00ZTEyLWFhMjUt ODYyNjg0ZWNlYjQ2LzEva0FRUm5Ybm4xYmVwblRqRHRlXzZkT25ubnR3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMi81MzIwOGQtNmMzMS00ZTEyLWFhMjUtODYyNjg0ZWNlYjQ2 LzEvNGFJZmhmbV9GOEFnbUg2aE1nMDlZOFZhNUlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuZosAwQB wYp4AwQA1AY3MA0EAgACMAcDBQMqC1rAMA0GCSqGSIb3DQEBCwUAA4IBAQClPWzN o/tuqbTbknqWL4k0UFhZP1g/wikeAJhEUCpoNGBmXLv94QqFcDea/xJhjLDJpSCr 3WB/xrrtloIK48qiNA7GGhDUBtYP+/UMex+7eO2vao39lPwVIHlxBctmLnWlu3Bv RuRtFcqafJxKDVgjy48El0R1EsTTuiUALW2ThG8Fu9QJmOobr0ZusXUTnW/0r2qL RpXjAdkseExj4TNeT2sYYAfeIP/zrLatpvHOIiqSIA74fBljAbddsDzElt6jvUSx R8NIQKvl2FC50Vy7Sxxawck9fYZIY9kHPxpQD62Q7JhwjmNKUyLpfBT73Cm6zJt1 sbyAOVKN37zRBIa6 -----END CERTIFICATE-----Generated at Mon Feb 9 22:35:29 2026 by rpki-client