This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/d06f5f-ad69-4885-8c71-aace70abc6a0/1/4mgNH8XwBSSzfcxM2M3wBB24llg.roa File: 4mgNH8XwBSSzfcxM2M3wBB24llg.roa (raw, json) Hash identifier: eqAYAn3Tw5ha0/M1juELQFyoOAhP8ul6NtZvl3loSp4= Subject key identifier: E2:68:0D:1F:C5:F0:05:24:B3:7D:CC:4C:D8:CD:F0:04:1D:B8:96:58 Certificate issuer: /CN=d70b07459e2f116fb5a97f11bae75c0db491c196 Certificate serial: 019B7D5CE7088E4B3C7363D238CEAEC551A7 Authority key identifier: D7:0B:07:45:9E:2F:11:6F:B5:A9:7F:11:BA:E7:5C:0D:B4:91:C1:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wsHRZ4vEW-1qX8RuudcDbSRwZY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/d06f5f-ad69-4885-8c71-aace70abc6a0/1/4mgNH8XwBSSzfcxM2M3wBB24llg.roa Signing time: Fri 02 Jan 2026 06:19:58 +0000 ROA not before: Fri 02 Jan 2026 06:19:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204760 IP address blocks: 185.22.0.0/22 maxlen: 22 185.241.64.0/22 maxlen: 24 2a0c:9c80::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/d06f5f-ad69-4885-8c71-aace70abc6a0/1/1wsHRZ4vEW-1qX8RuudcDbSRwZY.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/d06f5f-ad69-4885-8c71-aace70abc6a0/1/1wsHRZ4vEW-1qX8RuudcDbSRwZY.mft rsync://rpki.ripe.net/repository/DEFAULT/1wsHRZ4vEW-1qX8RuudcDbSRwZY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:e7:08:8e:4b:3c:73:63:d2:38:ce:ae:c5:51:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d70b07459e2f116fb5a97f11bae75c0db491c196 Validity Not Before: Jan 2 06:19:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e2680d1fc5f00524b37dcc4cd8cdf0041db89658 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:20:04:66:c6:45:de:29:27:5b:e0:80:0d:05: 13:c5:2d:dd:ef:1e:4a:5a:1e:c7:13:ec:61:f1:03: 50:de:2b:f8:ba:12:df:66:4c:29:66:a0:2b:61:36: 77:5a:c7:f5:1f:9d:a8:d0:e2:18:9b:e6:55:60:74: 5b:3c:40:64:5c:d2:eb:28:06:c2:7e:92:d8:6a:53: 55:3d:0e:a6:e6:50:04:15:9c:cd:17:9b:50:09:33: 92:9c:4b:d8:8d:95:0c:c4:a8:f3:55:f3:74:89:5d: e1:d0:63:b9:02:c1:7c:5f:e0:73:bb:6c:3f:2d:ba: 0d:57:22:b5:af:a2:4a:07:d6:85:90:e0:fc:07:d5: 01:bf:b6:87:ab:ef:19:71:a1:c8:39:b8:c9:28:d8: c2:05:58:0a:1f:65:0d:04:64:5c:3b:fb:48:40:9f: 31:49:12:3b:48:df:e1:c4:e1:77:2f:ef:52:61:09: 7c:b3:cd:73:58:57:57:04:b4:b6:18:1f:d7:30:47: d4:f3:da:ad:57:46:f0:2f:fd:4d:62:2d:dc:6b:9f: 19:16:92:d4:ac:92:60:00:de:91:40:76:e0:25:ec: a1:01:93:e6:e5:5a:87:e5:57:cb:0b:2d:d4:f6:b3: d0:98:09:31:7b:a8:15:d3:35:cb:16:2c:83:58:d2: 13:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:68:0D:1F:C5:F0:05:24:B3:7D:CC:4C:D8:CD:F0:04:1D:B8:96:58 X509v3 Authority Key Identifier: keyid:D7:0B:07:45:9E:2F:11:6F:B5:A9:7F:11:BA:E7:5C:0D:B4:91:C1:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wsHRZ4vEW-1qX8RuudcDbSRwZY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/d06f5f-ad69-4885-8c71-aace70abc6a0/1/4mgNH8XwBSSzfcxM2M3wBB24llg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/d06f5f-ad69-4885-8c71-aace70abc6a0/1/1wsHRZ4vEW-1qX8RuudcDbSRwZY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.22.0.0/22 185.241.64.0/22 IPv6: 2a0c:9c80::/29 Signature Algorithm: sha256WithRSAEncryption 1e:5b:3c:66:37:9b:0a:07:ba:7f:8b:36:c5:1a:a9:08:1b:e0: 6f:55:1d:28:dc:9d:71:9d:77:8d:61:7b:e6:3f:f3:b5:1f:f7: 31:7d:cd:6b:c3:66:29:39:24:70:73:85:a9:f3:a0:6e:eb:0f: 4c:14:ee:5b:dc:0e:e3:e4:a0:5a:ae:17:51:7c:80:3f:01:5e: 0e:e4:e7:dc:7f:90:ea:56:e7:e5:d6:97:73:56:0f:cd:02:38: cb:99:e9:0d:d0:e6:c8:80:90:18:a5:7c:9b:34:eb:70:cf:5f: 71:e1:30:fb:5f:65:3e:ce:f1:4b:62:86:0d:41:d9:6e:5c:10: fc:53:ef:1c:9f:51:44:d1:08:76:42:0e:03:95:a2:35:ef:86: 28:7a:c8:f4:d4:23:11:ff:5c:4f:03:ec:b9:1e:14:e6:66:ca: 18:f1:b0:e1:1a:58:cd:7d:cc:67:b7:74:09:28:9f:b4:e4:3f: 7d:ad:84:d9:97:55:66:4d:ac:d6:26:eb:94:16:bc:14:9f:7c: 94:aa:5a:2d:1d:24:e9:bc:a8:04:02:23:d3:77:2c:9f:c9:68: b4:eb:fb:c9:15:c4:55:07:7f:74:6a:1f:1e:65:37:aa:b8:77: d4:0e:f8:a1:11:9f:af:47:7d:5f:ea:f4:de:36:25:69:7e:87: fd:29:01:11 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt9XOcIjks8c2PSOM6uxVGnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3MGIwNzQ1OWUyZjExNmZiNWE5N2YxMWJhZTc1YzBkYjQ5 MWMxOTYwHhcNMjYwMTAyMDYxOTU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMjY4MGQxZmM1ZjAwNTI0YjM3ZGNjNGNkOGNkZjAwNDFkYjg5NjU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SAEZsZF3iknW+CADQUTxS3d7x5K Wh7HE+xh8QNQ3iv4uhLfZkwpZqArYTZ3Wsf1H52o0OIYm+ZVYHRbPEBkXNLrKAbC fpLYalNVPQ6m5lAEFZzNF5tQCTOSnEvYjZUMxKjzVfN0iV3h0GO5AsF8X+Bzu2w/ LboNVyK1r6JKB9aFkOD8B9UBv7aHq+8ZcaHIObjJKNjCBVgKH2UNBGRcO/tIQJ8x SRI7SN/hxOF3L+9SYQl8s81zWFdXBLS2GB/XMEfU89qtV0bwL/1NYi3ca58ZFpLU rJJgAN6RQHbgJeyhAZPm5VqH5VfLCy3U9rPQmAkxe6gV0zXLFiyDWNITrwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFOJoDR/F8AUks33MTNjN8AQduJZYMB8GA1UdIwQY MBaAFNcLB0WeLxFvtal/EbrnXA20kcGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMXdzSFJaNHZFVy0xcVg4UnV1ZGNEYlNSd1pZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9kMDZmNWYtYWQ2OS00ODg1LThjNzEt YWFjZTcwYWJjNmEwLzEvNG1nTkg4WHdCU1N6ZmN4TTJNM3dCQjI0bGxnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC9kMDZmNWYtYWQ2OS00ODg1LThjNzEtYWFjZTcwYWJjNmEw LzEvMXdzSFJaNHZFVy0xcVg4UnV1ZGNEYlNSd1pZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRYAAwQC ufFAMA0EAgACMAcDBQMqDJyAMA0GCSqGSIb3DQEBCwUAA4IBAQAeWzxmN5sKB7p/ izbFGqkIG+BvVR0o3J1xnXeNYXvmP/O1H/cxfc1rw2YpOSRwc4Wp86Bu6w9MFO5b 3A7j5KBarhdRfIA/AV4O5Ofcf5DqVufl1pdzVg/NAjjLmekN0ObIgJAYpXybNOtw z19x4TD7X2U+zvFLYoYNQdluXBD8U+8cn1FE0Qh2Qg4DlaI174Yoesj01CMR/1xP A+y5HhTmZsoY8bDhGljNfcxnt3QJKJ+05D99rYTZl1VmTazWJuuUFrwUn3yUqlot HSTpvKgEAiPTdyyfyWi06/vJFcRVB390ah8eZTequHfUDvihEZ+vR31f6vTeNiVp fof9KQER -----END CERTIFICATE-----Generated at Mon Feb 9 23:46:19 2026 by rpki-client