This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/041d0f-be8d-4148-bcba-d70f28515fbd/1/m-bkRVX187dEm5VhlRV9oFQafr4.roa File: m-bkRVX187dEm5VhlRV9oFQafr4.roa (raw, json) Hash identifier: Ume0d4Lf2OgydCDBWe/3ep3v3knwVOmKBIUnuc3Xd9g= Subject key identifier: 9B:E6:E4:45:55:F5:F3:B7:44:9B:95:61:95:15:7D:A0:54:1A:7E:BE Certificate issuer: /CN=10a5985cba32a877d3215bbc228cb07d0400917b Certificate serial: 019B7758ADAFBF8289927F400BE9D93FEF17 Authority key identifier: 10:A5:98:5C:BA:32:A8:77:D3:21:5B:BC:22:8C:B0:7D:04:00:91:7B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EKWYXLoyqHfTIVu8IoywfQQAkXs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/041d0f-be8d-4148-bcba-d70f28515fbd/1/m-bkRVX187dEm5VhlRV9oFQafr4.roa Signing time: Thu 01 Jan 2026 02:17:38 +0000 ROA not before: Thu 01 Jan 2026 02:17:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21660 IP address blocks: 185.89.148.0/23 maxlen: 23 185.89.150.0/24 maxlen: 24 185.89.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/041d0f-be8d-4148-bcba-d70f28515fbd/1/EKWYXLoyqHfTIVu8IoywfQQAkXs.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/041d0f-be8d-4148-bcba-d70f28515fbd/1/EKWYXLoyqHfTIVu8IoywfQQAkXs.mft rsync://rpki.ripe.net/repository/DEFAULT/EKWYXLoyqHfTIVu8IoywfQQAkXs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:ad:af:bf:82:89:92:7f:40:0b:e9:d9:3f:ef:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10a5985cba32a877d3215bbc228cb07d0400917b Validity Not Before: Jan 1 02:17:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9be6e44555f5f3b7449b956195157da0541a7ebe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:dc:49:d8:30:3d:fb:28:d1:f2:4a:d5:83:ae: 37:30:5b:27:08:88:8c:c2:71:91:a9:30:f8:eb:21: a1:7d:21:f1:13:ba:f8:01:74:42:7b:62:c5:52:16: 7b:b0:91:9f:72:fe:a9:35:62:7c:fd:33:7d:64:db: e7:32:b1:bc:2b:e5:e4:7f:e3:87:77:0f:f6:7a:d7: ec:30:67:0f:28:16:68:6d:5b:87:73:7e:82:9e:39: 16:d5:bc:e0:f7:95:9e:46:f7:34:f3:8e:59:21:8c: 71:7e:86:8d:19:72:f2:74:68:7b:8e:4c:de:fc:eb: e6:62:8c:36:44:8b:f7:f6:5b:9f:00:17:e0:92:a8: 1b:26:6f:cb:53:08:1c:dd:a9:b5:50:93:c7:96:58: 07:fd:fc:5c:96:16:8c:45:d5:1e:0b:ae:e3:48:59: a8:eb:a8:c5:83:95:b3:40:a7:6d:bd:8e:88:24:fb: 92:bd:e5:18:82:41:1b:30:92:97:ca:57:67:cb:09: 71:2f:8c:0e:b5:43:13:59:71:ea:ab:19:3b:6f:96: 1f:fa:16:2c:74:5a:63:88:81:50:c5:25:bc:72:74: 85:2c:58:e3:ba:a7:18:0c:2f:fc:e6:cc:24:51:df: b2:8e:05:ac:ee:b8:66:3c:f5:3d:f1:69:ee:62:3f: d7:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:E6:E4:45:55:F5:F3:B7:44:9B:95:61:95:15:7D:A0:54:1A:7E:BE X509v3 Authority Key Identifier: keyid:10:A5:98:5C:BA:32:A8:77:D3:21:5B:BC:22:8C:B0:7D:04:00:91:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKWYXLoyqHfTIVu8IoywfQQAkXs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/041d0f-be8d-4148-bcba-d70f28515fbd/1/m-bkRVX187dEm5VhlRV9oFQafr4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/041d0f-be8d-4148-bcba-d70f28515fbd/1/EKWYXLoyqHfTIVu8IoywfQQAkXs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.89.148.0/22 Signature Algorithm: sha256WithRSAEncryption a0:46:80:87:46:32:6e:b7:fb:ce:64:8c:f1:c3:c4:da:c7:7f: 56:95:14:ff:5a:40:c9:f0:30:fb:d4:06:d8:ae:56:4a:03:11: 96:bd:df:89:54:c3:da:e8:45:92:16:ba:88:56:c7:e7:98:cb: 30:d5:09:b9:92:ae:96:50:6a:62:39:fd:25:ac:a5:fc:ca:13: e5:45:1e:83:17:60:76:17:04:47:34:b4:96:1c:66:2a:d8:cd: 03:8b:8f:48:37:9f:8f:90:a3:bb:ea:45:23:35:88:63:35:2e: 87:78:15:0f:03:ce:b6:8b:db:00:10:c3:16:69:66:5d:5c:34: c6:2d:df:5e:b5:d9:91:cf:2b:7e:dc:da:26:61:28:56:ec:6a: b9:71:82:64:d5:1b:39:dd:b0:49:09:9e:87:31:1d:8c:d4:98: c3:0d:44:6e:91:19:a1:08:cf:fb:cb:56:72:b2:62:38:08:a8: 81:4c:ac:dc:55:b6:41:e1:8a:e9:c5:d9:07:c8:0f:87:46:51: 99:28:6a:29:ea:f1:41:b3:d7:f7:90:de:c3:54:28:94:9e:b1: 6f:50:48:55:b5:ff:1c:d8:fa:c2:98:72:4d:fb:88:2b:59:df: 94:5f:bf:c8:04:85:28:13:1e:c1:80:b6:44:86:c9:67:36:b3: 69:0d:55:be -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WK2vv4KJkn9AC+nZP+8XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEwYTU5ODVjYmEzMmE4NzdkMzIxNWJiYzIyOGNiMDdkMDQw MDkxN2IwHhcNMjYwMTAxMDIxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YmU2ZTQ0NTU1ZjVmM2I3NDQ5Yjk1NjE5NTE1N2RhMDU0MWE3ZWJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2txJ2DA9+yjR8krVg643MFsnCIiM wnGRqTD46yGhfSHxE7r4AXRCe2LFUhZ7sJGfcv6pNWJ8/TN9ZNvnMrG8K+Xkf+OH dw/2etfsMGcPKBZobVuHc36CnjkW1bzg95WeRvc0845ZIYxxfoaNGXLydGh7jkze /OvmYow2RIv39lufABfgkqgbJm/LUwgc3am1UJPHllgH/fxclhaMRdUeC67jSFmo 66jFg5WzQKdtvY6IJPuSveUYgkEbMJKXyldnywlxL4wOtUMTWXHqqxk7b5Yf+hYs dFpjiIFQxSW8cnSFLFjjuqcYDC/85swkUd+yjgWs7rhmPPU98WnuYj/X2QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJvm5EVV9fO3RJuVYZUVfaBUGn6+MB8GA1UdIwQY MBaAFBClmFy6Mqh30yFbvCKMsH0EAJF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRUtXWVhMb3lxSGZUSVZ1OElveXdmUVFBa1hzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wNDFkMGYtYmU4ZC00MTQ4LWJjYmEt ZDcwZjI4NTE1ZmJkLzEvbS1ia1JWWDE4N2RFbTVWaGxSVjlvRlFhZnI0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8wNDFkMGYtYmU4ZC00MTQ4LWJjYmEtZDcwZjI4NTE1ZmJk LzEvRUtXWVhMb3lxSGZUSVZ1OElveXdmUVFBa1hzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVmUMA0G CSqGSIb3DQEBCwUAA4IBAQCgRoCHRjJut/vOZIzxw8Tax39WlRT/WkDJ8DD71AbY rlZKAxGWvd+JVMPa6EWSFrqIVsfnmMsw1Qm5kq6WUGpiOf0lrKX8yhPlRR6DF2B2 FwRHNLSWHGYq2M0Di49IN5+PkKO76kUjNYhjNS6HeBUPA862i9sAEMMWaWZdXDTG Ld9etdmRzyt+3NomYShW7Gq5cYJk1Rs53bBJCZ6HMR2M1JjDDURukRmhCM/7y1Zy smI4CKiBTKzcVbZB4YrpxdkHyA+HRlGZKGop6vFBs9f3kN7DVCiUnrFvUEhVtf8c 2PrCmHJN+4grWd+UX7/IBIUoEx7BgLZEhslnNrNpDVW+ -----END CERTIFICATE-----Generated at Tue Feb 10 01:44:28 2026 by rpki-client