This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/r2XaIkvbtNRIA7GDmackHk60QAM.roa File: r2XaIkvbtNRIA7GDmackHk60QAM.roa (raw, json) Hash identifier: 5qhD+1z/Ukex+udgPBqOlQgjbCAqwLAXHXdPV8FaxfA= Subject key identifier: AF:65:DA:22:4B:DB:B4:D4:48:03:B1:83:99:A7:24:1E:4E:B4:40:03 Certificate issuer: /CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450 Certificate serial: 019B7A5A7A29E70B9427EFA5A716F6F21ABE Authority key identifier: 3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/r2XaIkvbtNRIA7GDmackHk60QAM.roa Signing time: Thu 01 Jan 2026 16:18:28 +0000 ROA not before: Thu 01 Jan 2026 16:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57581 IP address blocks: 185.27.76.0/22 maxlen: 22 185.27.76.0/24 maxlen: 24 185.27.77.0/24 maxlen: 24 185.27.78.0/24 maxlen: 24 194.114.145.0/24 maxlen: 24 2a00:92a0::/32 maxlen: 32 2a00:92a0:20::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.mft rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:7a:29:e7:0b:94:27:ef:a5:a7:16:f6:f2:1a:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450 Validity Not Before: Jan 1 16:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af65da224bdbb4d44803b18399a7241e4eb44003 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:b5:c9:6e:f6:78:d2:23:cf:09:36:40:89:b7: f1:ed:53:0a:33:5d:79:38:80:62:8f:c1:f7:85:53: 1f:ce:18:2f:c4:88:cd:83:55:36:3a:a2:d0:26:4a: b4:90:85:15:13:14:3c:96:12:a8:8c:7a:df:20:0e: 1c:88:6a:50:17:38:78:99:35:0a:d6:90:65:8c:5e: c7:49:6b:99:ec:01:cb:48:5e:32:e3:11:a1:d3:f3: eb:62:26:9c:9f:ab:a3:b6:78:35:a0:ba:9b:aa:57: 21:96:4c:fa:c8:c4:b6:96:41:89:30:44:69:55:15: 72:be:38:a9:ac:b6:92:00:18:16:03:3c:61:09:32: b7:d9:64:97:58:99:65:2a:18:b1:e0:ea:0a:5f:41: a5:6b:69:f4:0b:a5:88:74:04:19:43:d9:48:89:e0: c1:40:2f:d1:db:84:90:88:51:90:2a:1d:eb:07:86: da:af:ed:c9:22:e3:c1:5f:48:52:89:66:60:13:b6: 26:57:69:83:23:1a:93:2d:55:8a:38:23:7a:4d:e8: 01:fa:4d:f9:89:9b:ba:8d:30:6a:2b:3c:3d:38:9a: f9:f6:e6:75:92:a6:e3:9a:06:13:29:d8:e2:5f:06: 3f:23:22:40:77:48:bc:10:4f:2a:79:9e:6a:f8:9a: d0:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:65:DA:22:4B:DB:B4:D4:48:03:B1:83:99:A7:24:1E:4E:B4:40:03 X509v3 Authority Key Identifier: keyid:3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/r2XaIkvbtNRIA7GDmackHk60QAM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.27.76.0/22 194.114.145.0/24 IPv6: 2a00:92a0::/32 Signature Algorithm: sha256WithRSAEncryption 91:ad:7e:f6:25:bb:be:d0:b8:89:b6:59:49:bf:50:dd:1b:c3: 70:82:9f:45:6d:1d:1e:40:d7:74:3e:0f:9b:00:1c:de:bc:31: 02:dd:7a:15:c5:5f:98:0e:eb:24:a4:77:50:3c:1f:9e:3f:d7: 30:83:50:f1:e6:a9:53:a2:3f:90:16:5a:e7:8c:f4:f0:88:0c: 49:2d:cb:13:f6:c5:d8:35:21:04:d8:41:3f:97:eb:3b:dc:29: a8:96:c8:3a:e7:a5:b9:4d:8d:f8:d1:a7:79:b0:b8:35:7e:b8: 37:63:f8:df:c1:a0:40:66:c6:ed:f3:e7:8d:62:a0:cf:89:f1: 22:a8:c4:b2:ea:59:4d:67:d9:c1:39:e6:75:65:21:35:d6:0f: 8d:7a:af:99:96:09:12:96:1d:68:28:46:e3:d3:76:f1:98:80: f4:3a:94:66:e0:5c:2c:6c:94:5b:b3:2a:f3:20:25:60:5b:21: 58:e4:66:dd:d1:ca:4b:7e:3e:6e:1d:56:2d:62:b3:dd:64:f8: 19:d3:82:54:cc:ea:4c:45:4f:2c:20:33:96:48:2e:b0:f4:53: 70:fc:01:98:08:4d:ab:06:e6:52:f2:a8:f3:f4:97:04:2e:d9: 20:cb:28:3e:61:67:8f:92:2a:a7:98:cd:fc:d6:c5:4a:35:33: 7e:92:9f:cb -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6Wnop5wuUJ++lpxb28hq+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZTAwOTYyNDdhOGM1NGU1ZGU4YzFiMGRhZjEwNTRhZWM4 Y2M0NTAwHhcNMjYwMTAxMTYxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjY1ZGEyMjRiZGJiNGQ0NDgwM2IxODM5OWE3MjQxZTRlYjQ0MDAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77XJbvZ40iPPCTZAibfx7VMKM115 OIBij8H3hVMfzhgvxIjNg1U2OqLQJkq0kIUVExQ8lhKojHrfIA4ciGpQFzh4mTUK 1pBljF7HSWuZ7AHLSF4y4xGh0/PrYiacn6ujtng1oLqbqlchlkz6yMS2lkGJMERp VRVyvjiprLaSABgWAzxhCTK32WSXWJllKhix4OoKX0Gla2n0C6WIdAQZQ9lIieDB QC/R24SQiFGQKh3rB4bar+3JIuPBX0hSiWZgE7YmV2mDIxqTLVWKOCN6TegB+k35 iZu6jTBqKzw9OJr59uZ1kqbjmgYTKdjiXwY/IyJAd0i8EE8qeZ5q+JrQfwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFK9l2iJL27TUSAOxg5mnJB5OtEADMB8GA1UdIwQY MBaAFDrgCWJHqMVOXejBsNrxBUrsjMRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgt Yjk3MjIxNDQ1MTNmLzEvcjJYYUlrdmJ0TlJJQTdHRG1hY2tIazYwUUFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgtYjk3MjIxNDQ1MTNm LzEvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRtMAwQA wnKRMA0EAgACMAcDBQAqAJKgMA0GCSqGSIb3DQEBCwUAA4IBAQCRrX72Jbu+0LiJ tllJv1DdG8Nwgp9FbR0eQNd0Pg+bABzevDEC3XoVxV+YDuskpHdQPB+eP9cwg1Dx 5qlToj+QFlrnjPTwiAxJLcsT9sXYNSEE2EE/l+s73Cmolsg656W5TY340ad5sLg1 frg3Y/jfwaBAZsbt8+eNYqDPifEiqMSy6llNZ9nBOeZ1ZSE11g+Neq+ZlgkSlh1o KEbj03bxmID0OpRm4FwsbJRbsyrzICVgWyFY5Gbd0cpLfj5uHVYtYrPdZPgZ04JU zOpMRU8sIDOWSC6w9FNw/AGYCE2rBuZS8qjz9JcELtkgyyg+YWePkiqnmM381sVK NTN+kp/L -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:32 2026 by rpki-client