This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/8ncEIlz1-5zSR1QhL0rDdEkpqI4.roa File: 8ncEIlz1-5zSR1QhL0rDdEkpqI4.roa (raw, json) Hash identifier: nuQfSOfvY6zkx/iP7wr0MpQfCSukhDWy8/9CULyV7C4= Subject key identifier: F2:77:04:22:5C:F5:FB:9C:D2:47:54:21:2F:4A:C3:74:49:29:A8:8E Certificate issuer: /CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a Certificate serial: 019B7FF21DBAE11C488E5869BA22FC11ED1A Authority key identifier: 3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/8ncEIlz1-5zSR1QhL0rDdEkpqI4.roa Signing time: Fri 02 Jan 2026 18:22:12 +0000 ROA not before: Fri 02 Jan 2026 18:22:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198101 IP address blocks: 185.52.216.0/22 maxlen: 24 185.74.204.0/22 maxlen: 24 2a03:4760::/29 maxlen: 48 2a04:bf80::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.mft rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:1d:ba:e1:1c:48:8e:58:69:ba:22:fc:11:ed:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a Validity Not Before: Jan 2 18:22:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f27704225cf5fb9cd24754212f4ac3744929a88e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:04:3c:f4:9d:4d:19:bc:12:f8:6c:34:b9:39: 31:78:c1:fb:ce:cd:82:0a:03:4c:c3:36:84:9b:9a: 19:3b:b1:68:a0:38:9a:32:8d:a2:13:72:c2:93:2e: 40:c0:88:52:82:70:3f:25:38:30:1b:98:4e:ea:c9: ae:a1:6e:9d:63:e1:43:f8:ec:b6:33:32:70:74:0b: f3:a0:dc:6f:c0:5c:1c:a7:5f:df:77:50:41:4c:3a: a0:ea:d8:ff:41:ad:8e:5f:03:62:dc:3c:d7:56:20: 9b:81:b6:67:35:57:64:73:14:80:b7:04:0d:23:be: 23:6c:30:d0:4c:c7:4c:06:fc:89:59:26:60:c9:71: 44:ff:3b:07:8a:d8:61:00:2d:2c:25:e3:4a:6a:3b: df:3d:e0:70:dd:04:5a:05:6e:34:5b:bb:a3:ea:94: ab:29:cb:49:26:bc:6f:25:fe:dd:59:53:10:16:42: 50:d2:46:54:4c:38:5a:66:5b:7b:38:6a:5a:43:60: 13:de:36:50:0e:54:48:1a:75:9d:3c:1f:67:d5:46: 1f:a8:18:7b:25:5a:53:13:d3:06:c4:ae:68:14:af: 83:a0:d7:d1:f9:c1:f3:76:8c:11:87:03:ce:08:55: 21:9b:40:d7:2c:d7:d7:e9:12:a9:94:1e:f3:8a:22: 23:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:77:04:22:5C:F5:FB:9C:D2:47:54:21:2F:4A:C3:74:49:29:A8:8E X509v3 Authority Key Identifier: keyid:3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/8ncEIlz1-5zSR1QhL0rDdEkpqI4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.52.216.0/22 185.74.204.0/22 IPv6: 2a03:4760::/29 2a04:bf80::/29 Signature Algorithm: sha256WithRSAEncryption 31:8b:b0:f8:f5:b5:ce:a6:c3:0c:df:37:3b:34:1b:46:d5:74: 34:48:68:9f:d3:cf:e7:70:bb:ff:cb:15:c2:a1:47:88:79:9a: 83:29:5a:86:75:c7:a7:53:0e:e4:65:6c:0a:6d:ca:43:b2:0c: c5:89:34:cd:7f:a0:05:b9:ed:f1:74:c5:34:00:4d:28:ff:62: d0:91:44:63:cb:34:3f:43:98:3f:61:35:4f:3c:0d:ea:09:a7: b5:a1:00:dc:42:7a:e1:6b:ed:d1:68:33:6a:91:21:1d:f5:17: 7c:50:f8:c0:8f:cf:ec:56:c8:ef:76:55:43:28:e6:c3:6a:39: 9b:47:48:0c:88:ce:55:2b:b2:35:c5:10:4a:3e:c7:d6:6c:b9: c0:2d:e6:ae:a6:a4:18:6a:cc:9f:01:72:16:86:7f:18:49:0a: b7:9f:70:3c:71:d1:d9:10:5e:62:d0:3d:0e:5c:4e:df:1b:67: 32:81:11:6b:51:d6:00:b7:2c:37:46:cd:ea:ae:42:0c:63:78: 55:1a:6d:e3:0b:2c:bd:86:20:ad:ac:37:ea:fa:d0:71:f4:f9: d1:94:99:20:4b:bc:14:1d:22:f8:27:d3:00:af:e1:9f:e6:d2: 49:58:60:2e:4f:e0:cf:e1:25:19:ca:a8:94:84:28:8f:2d:ef: 97:7c:32:e7 -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt/8h264RxIjlhpuiL8Ee0aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmOTYyNDA5OThmY2U0MTI0YzNjYjRkZmJhY2JiMGVkMTYx ODQwNWEwHhcNMjYwMTAyMTgyMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMjc3MDQyMjVjZjVmYjljZDI0NzU0MjEyZjRhYzM3NDQ5MjlhODhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gQ89J1NGbwS+Gw0uTkxeMH7zs2C CgNMwzaEm5oZO7FooDiaMo2iE3LCky5AwIhSgnA/JTgwG5hO6smuoW6dY+FD+Oy2 MzJwdAvzoNxvwFwcp1/fd1BBTDqg6tj/Qa2OXwNi3DzXViCbgbZnNVdkcxSAtwQN I74jbDDQTMdMBvyJWSZgyXFE/zsHithhAC0sJeNKajvfPeBw3QRaBW40W7uj6pSr KctJJrxvJf7dWVMQFkJQ0kZUTDhaZlt7OGpaQ2AT3jZQDlRIGnWdPB9n1UYfqBh7 JVpTE9MGxK5oFK+DoNfR+cHzdowRhwPOCFUhm0DXLNfX6RKplB7ziiIjzQIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFPJ3BCJc9fuc0kdUIS9Kw3RJKaiOMB8GA1UdIwQY MBaAFD+WJAmY/OQSTDy037rLsO0WGEBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQt Yzc0MWMyN2I0ZTIyLzEvOG5jRUlsejEtNXpTUjFRaEwwckRkRWtwcUk0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQtYzc0MWMyN2I0ZTIy LzEvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuTTYAwQC uUrMMBQEAgACMA4DBQMqA0dgAwUDKgS/gDANBgkqhkiG9w0BAQsFAAOCAQEAMYuw +PW1zqbDDN83OzQbRtV0NEhon9PP53C7/8sVwqFHiHmagylahnXHp1MO5GVsCm3K Q7IMxYk0zX+gBbnt8XTFNABNKP9i0JFEY8s0P0OYP2E1TzwN6gmntaEA3EJ64Wvt 0WgzapEhHfUXfFD4wI/P7FbI73ZVQyjmw2o5m0dIDIjOVSuyNcUQSj7H1my5wC3m rqakGGrMnwFyFoZ/GEkKt59wPHHR2RBeYtA9DlxO3xtnMoERa1HWALcsN0bN6q5C DGN4VRpt4wssvYYgraw36vrQcfT50ZSZIEu8FB0i+CfTAK/hn+bSSVhgLk/gz+El GcqolIQojy3vl3wy5w== -----END CERTIFICATE-----Generated at Mon Feb 9 22:27:44 2026 by rpki-client