This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/cD7FBll6MKk0SBDKbacyHN6_vYE.roa File: cD7FBll6MKk0SBDKbacyHN6_vYE.roa (raw, json) Hash identifier: cJYyYoLcAXlS5p1/xiBLoInLHVf2mQgsRevDWR07J20= Subject key identifier: 70:3E:C5:06:59:7A:30:A9:34:48:10:CA:6D:A7:32:1C:DE:BF:BD:81 Certificate issuer: /CN=b65918f25d56000f881da98de323d91a064e0087 Certificate serial: 019B7F830F375D542412FE023C240917B816 Authority key identifier: B6:59:18:F2:5D:56:00:0F:88:1D:A9:8D:E3:23:D9:1A:06:4E:00:87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tlkY8l1WAA-IHamN4yPZGgZOAIc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/cD7FBll6MKk0SBDKbacyHN6_vYE.roa Signing time: Fri 02 Jan 2026 16:20:54 +0000 ROA not before: Fri 02 Jan 2026 16:20:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216131 IP address blocks: 185.165.116.0/23 maxlen: 23 185.165.116.0/24 maxlen: 24 185.165.117.0/24 maxlen: 24 185.165.118.0/23 maxlen: 23 185.165.118.0/24 maxlen: 24 185.165.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/tlkY8l1WAA-IHamN4yPZGgZOAIc.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/tlkY8l1WAA-IHamN4yPZGgZOAIc.mft rsync://rpki.ripe.net/repository/DEFAULT/tlkY8l1WAA-IHamN4yPZGgZOAIc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:0f:37:5d:54:24:12:fe:02:3c:24:09:17:b8:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b65918f25d56000f881da98de323d91a064e0087 Validity Not Before: Jan 2 16:20:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=703ec506597a30a9344810ca6da7321cdebfbd81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:40:4b:66:d7:ad:da:f7:2d:64:ea:32:07:1d: 7e:55:3b:20:cf:02:1e:7d:92:c2:a3:65:52:3d:70: 9d:4f:84:e3:cb:12:49:13:4b:a2:47:d6:df:a8:ae: 9a:08:f3:4e:84:05:8f:2c:7a:e7:a9:30:0f:e1:5b: 6e:b3:19:18:d8:55:81:a7:5b:5f:59:dc:be:da:f4: 88:76:74:07:7a:6d:95:e1:cf:d1:c2:ad:7a:c0:5b: 2a:79:78:a4:76:3a:5f:bd:f9:36:39:21:e9:3e:23: 84:6d:eb:20:fc:de:1a:34:f9:96:58:9f:f6:54:24: af:4d:7a:47:0b:ee:22:28:fe:e3:90:fc:f0:b3:82: 77:1f:0f:d4:c1:ce:b8:88:bd:e6:5b:9a:19:0f:ce: 1c:1f:cd:3d:7d:54:0c:22:f2:ce:26:6e:15:c9:75: 39:b5:8f:ea:c1:fc:89:64:c0:79:98:a8:a3:99:f9: 03:d9:2a:fa:6e:e2:6f:7d:9a:e7:de:66:f4:37:37: 01:91:4f:a8:b2:19:8b:b0:38:0e:07:37:d1:8b:e6: 56:f0:f9:d4:f5:b2:b7:06:17:5b:b9:e8:15:10:64: b6:c2:09:7d:bf:1f:cf:0f:da:93:4b:e8:48:10:12: 7c:86:27:41:84:ff:cb:20:45:19:99:84:b0:7c:59: c8:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:3E:C5:06:59:7A:30:A9:34:48:10:CA:6D:A7:32:1C:DE:BF:BD:81 X509v3 Authority Key Identifier: keyid:B6:59:18:F2:5D:56:00:0F:88:1D:A9:8D:E3:23:D9:1A:06:4E:00:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tlkY8l1WAA-IHamN4yPZGgZOAIc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/cD7FBll6MKk0SBDKbacyHN6_vYE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/tlkY8l1WAA-IHamN4yPZGgZOAIc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.165.116.0/22 Signature Algorithm: sha256WithRSAEncryption 3c:0b:9d:63:f6:5f:f8:26:94:2d:09:0c:f9:e5:20:a7:40:f9: b0:f5:e1:8f:6c:92:13:4d:38:4a:76:43:20:21:de:20:62:35: 89:73:80:9f:12:d7:30:37:28:ee:8d:85:4c:62:85:28:4c:b0: 95:cf:d8:b4:d6:d1:42:b3:7d:1c:8b:58:9d:d1:8a:f9:37:c7: 44:b0:24:b7:5a:db:11:ed:f3:06:62:bd:4b:90:23:25:75:5d: 2e:a8:8b:a7:bc:2d:1b:66:73:a0:f9:20:4f:a9:79:a9:63:9c: 2e:69:a1:a0:83:b3:af:68:92:19:54:f7:1d:07:0f:ff:96:3d: 28:51:6c:1d:f0:eb:e2:82:d2:66:66:ff:bc:6f:01:8d:76:48: 4c:8f:2d:e5:de:85:54:70:95:79:09:2b:b3:3d:ed:29:2e:ba: e6:c9:51:69:85:36:48:59:32:29:68:7e:db:4e:b2:3d:83:e9: b0:06:7b:74:c4:cf:1c:d8:92:df:a1:83:2d:f8:e9:01:92:6b: ee:5e:d7:02:4f:45:3d:c0:b6:49:52:6b:8f:1e:3e:06:fa:83: a9:83:89:ed:f6:93:79:a6:18:16:07:a9:75:5a:fb:43:f4:f2: ba:46:03:01:85:06:fa:ea:87:b1:bc:db:04:04:66:8a:d3:4d: b7:35:5b:43 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/gw83XVQkEv4CPCQJF7gWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2NTkxOGYyNWQ1NjAwMGY4ODFkYTk4ZGUzMjNkOTFhMDY0 ZTAwODcwHhcNMjYwMTAyMTYyMDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDNlYzUwNjU5N2EzMGE5MzQ0ODEwY2E2ZGE3MzIxY2RlYmZiZDgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUBLZtet2vctZOoyBx1+VTsgzwIe fZLCo2VSPXCdT4TjyxJJE0uiR9bfqK6aCPNOhAWPLHrnqTAP4VtusxkY2FWBp1tf Wdy+2vSIdnQHem2V4c/Rwq16wFsqeXikdjpfvfk2OSHpPiOEbesg/N4aNPmWWJ/2 VCSvTXpHC+4iKP7jkPzws4J3Hw/Uwc64iL3mW5oZD84cH809fVQMIvLOJm4VyXU5 tY/qwfyJZMB5mKijmfkD2Sr6buJvfZrn3mb0NzcBkU+oshmLsDgOBzfRi+ZW8PnU 9bK3BhdbuegVEGS2wgl9vx/PD9qTS+hIEBJ8hidBhP/LIEUZmYSwfFnI4QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHA+xQZZejCpNEgQym2nMhzev72BMB8GA1UdIwQY MBaAFLZZGPJdVgAPiB2pjeMj2RoGTgCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGxrWThsMVdBQS1JSGFtTjR5UFpHZ1pPQUljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC81NTA2ZGUtMGIxYS00N2VlLTk5ZDEt YTUyMGQ0MzQ2NTRhLzEvY0Q3RkJsbDZNS2swU0JES2JhY3lITjZfdllFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC81NTA2ZGUtMGIxYS00N2VlLTk5ZDEtYTUyMGQ0MzQ2NTRh LzEvdGxrWThsMVdBQS1JSGFtTjR5UFpHZ1pPQUljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaV0MA0G CSqGSIb3DQEBCwUAA4IBAQA8C51j9l/4JpQtCQz55SCnQPmw9eGPbJITTThKdkMg Id4gYjWJc4CfEtcwNyjujYVMYoUoTLCVz9i01tFCs30ci1id0Yr5N8dEsCS3WtsR 7fMGYr1LkCMldV0uqIunvC0bZnOg+SBPqXmpY5wuaaGgg7OvaJIZVPcdBw//lj0o UWwd8OvigtJmZv+8bwGNdkhMjy3l3oVUcJV5CSuzPe0pLrrmyVFphTZIWTIpaH7b TrI9g+mwBnt0xM8c2JLfoYMt+OkBkmvuXtcCT0U9wLZJUmuPHj4G+oOpg4nt9pN5 phgWB6l1WvtD9PK6RgMBhQb66oexvNsEBGaK0023NVtD -----END CERTIFICATE-----Generated at Tue Jan 27 01:41:46 2026 by rpki-client