This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/0K2GHqkNtHFH0tB9nWXJ94AFGAw.roa File: 0K2GHqkNtHFH0tB9nWXJ94AFGAw.roa (raw, json) Hash identifier: 5NSYWTgnAdKm8Hqko31XGdj55Gsj1FCzKYaW0vszh0w= Subject key identifier: D0:AD:86:1E:A9:0D:B4:71:47:D2:D0:7D:9D:65:C9:F7:80:05:18:0C Certificate issuer: /CN=6400f953adbfdb52b78815fecfc0e8cde09762c3 Certificate serial: 019B7DCAE43B911ABB7397AB4CAE4307095C Authority key identifier: 64:00:F9:53:AD:BF:DB:52:B7:88:15:FE:CF:C0:E8:CD:E0:97:62:C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAD5U62_21K3iBX-z8DozeCXYsM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/0K2GHqkNtHFH0tB9nWXJ94AFGAw.roa Signing time: Fri 02 Jan 2026 08:20:07 +0000 ROA not before: Fri 02 Jan 2026 08:20:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201720 IP address blocks: 185.56.164.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/ZAD5U62_21K3iBX-z8DozeCXYsM.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/ZAD5U62_21K3iBX-z8DozeCXYsM.mft rsync://rpki.ripe.net/repository/DEFAULT/ZAD5U62_21K3iBX-z8DozeCXYsM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 21:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:e4:3b:91:1a:bb:73:97:ab:4c:ae:43:07:09:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6400f953adbfdb52b78815fecfc0e8cde09762c3 Validity Not Before: Jan 2 08:20:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d0ad861ea90db47147d2d07d9d65c9f78005180c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ab:fb:20:da:b2:58:09:56:ed:ee:8a:d0:62: b8:5e:43:00:c5:17:68:9e:6d:84:1a:ca:9d:3a:72: 67:cf:9e:67:68:17:80:a7:cd:f0:5a:b9:5f:d7:e8: e3:7b:0f:91:38:c5:43:88:5a:81:6d:17:fe:dc:17: 2e:32:d5:12:19:1c:59:df:76:08:c8:97:8f:7c:db: b8:0b:64:1d:d1:0a:76:fd:ed:b1:c2:51:ac:ad:44: f9:6f:72:c1:23:44:82:f7:d8:f7:79:0c:6e:6a:18: 2c:a4:ce:2a:f2:45:c1:d4:dd:24:98:1d:e7:13:dc: e1:ca:48:04:29:ab:de:17:ce:4f:a0:21:01:e4:be: f1:2f:4c:f7:62:76:44:b4:8a:69:44:a5:bf:e8:37: 3d:4d:68:cb:fd:b0:ba:5e:be:90:e3:f4:ee:43:74: fe:f6:00:4c:26:a8:ab:d9:7a:74:72:2a:33:1f:3f: ed:5d:7b:59:19:04:68:2d:63:11:ab:02:74:60:3c: 5e:3a:04:70:96:6f:3b:68:57:51:9e:60:8e:c5:26: f5:ed:c2:24:2a:45:fb:80:32:c0:e2:d0:8e:f2:b5: 2e:6c:e4:15:8b:98:94:13:3a:f0:0a:54:9c:6a:fa: 7d:20:f9:06:ee:a7:cf:6b:f8:ea:5f:df:33:52:fe: 0c:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:AD:86:1E:A9:0D:B4:71:47:D2:D0:7D:9D:65:C9:F7:80:05:18:0C X509v3 Authority Key Identifier: keyid:64:00:F9:53:AD:BF:DB:52:B7:88:15:FE:CF:C0:E8:CD:E0:97:62:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAD5U62_21K3iBX-z8DozeCXYsM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/0K2GHqkNtHFH0tB9nWXJ94AFGAw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/ZAD5U62_21K3iBX-z8DozeCXYsM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.56.164.0/22 Signature Algorithm: sha256WithRSAEncryption 36:cd:38:2c:8b:45:04:3f:52:b5:2a:cf:28:0a:24:93:d3:0c: d7:a8:6c:1b:b0:b6:f2:fa:77:0e:ba:9c:20:35:d2:44:4e:bc: ad:64:63:4c:1b:bf:bf:76:eb:8a:2f:37:63:59:f5:30:bd:1d: be:ca:a6:6d:f5:e6:c0:46:f2:6a:71:43:c7:dd:d8:5d:92:c3: 93:8e:db:de:db:64:9d:d2:3b:db:84:ce:93:dd:fd:c3:ca:e8: 04:90:ae:07:88:d1:5a:63:b1:1c:06:8c:04:9e:41:bc:63:80: 4f:91:38:4a:a7:fc:74:27:86:86:46:4b:a5:45:7a:cb:b9:e1: 0b:eb:01:c1:28:db:82:12:ca:ae:d9:a9:3e:a4:a0:5e:2e:74: 2b:ab:7f:cb:22:97:35:71:18:fd:94:6d:57:f8:ab:4f:fb:fb: 4b:bd:83:03:7d:ad:2a:a7:3d:18:ef:ec:5d:95:4a:79:82:ae: 3d:8c:b2:c8:75:c2:aa:f6:07:16:9f:6f:98:8d:e2:f0:2d:83: 40:26:33:6b:d8:fd:5d:76:0a:e2:00:8a:e9:6f:75:23:ed:25: d5:54:bb:c0:45:a8:5f:4f:7d:1b:02:34:24:3b:cc:56:0e:7a: 52:69:fe:cf:5e:24:2e:f2:16:f3:ad:07:3b:33:b5:a0:eb:92: 67:e3:e0:c1 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yuQ7kRq7c5erTK5DBwlcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0MDBmOTUzYWRiZmRiNTJiNzg4MTVmZWNmYzBlOGNkZTA5 NzYyYzMwHhcNMjYwMTAyMDgyMDA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMGFkODYxZWE5MGRiNDcxNDdkMmQwN2Q5ZDY1YzlmNzgwMDUxODBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6v7INqyWAlW7e6K0GK4XkMAxRdo nm2EGsqdOnJnz55naBeAp83wWrlf1+jjew+ROMVDiFqBbRf+3BcuMtUSGRxZ33YI yJePfNu4C2Qd0Qp2/e2xwlGsrUT5b3LBI0SC99j3eQxuahgspM4q8kXB1N0kmB3n E9zhykgEKaveF85PoCEB5L7xL0z3YnZEtIppRKW/6Dc9TWjL/bC6Xr6Q4/TuQ3T+ 9gBMJqir2Xp0ciozHz/tXXtZGQRoLWMRqwJ0YDxeOgRwlm87aFdRnmCOxSb17cIk KkX7gDLA4tCO8rUubOQVi5iUEzrwClScavp9IPkG7qfPa/jqX98zUv4McwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNCthh6pDbRxR9LQfZ1lyfeABRgMMB8GA1UdIwQY MBaAFGQA+VOtv9tSt4gV/s/A6M3gl2LDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkFENVU2Ml8yMUszaUJYLXo4RG96ZUNYWXNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84MzA4ZmYtZmVjOC00OGNiLTk0ODUt NTYzYzEwZGVjODBkLzEvMEsyR0hxa050SEZIMHRCOW5XWEo5NEFGR0F3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC84MzA4ZmYtZmVjOC00OGNiLTk0ODUtNTYzYzEwZGVjODBk LzEvWkFENVU2Ml8yMUszaUJYLXo4RG96ZUNYWXNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTikMA0G CSqGSIb3DQEBCwUAA4IBAQA2zTgsi0UEP1K1Ks8oCiST0wzXqGwbsLby+ncOupwg NdJETrytZGNMG7+/duuKLzdjWfUwvR2+yqZt9ebARvJqcUPH3dhdksOTjtve22Sd 0jvbhM6T3f3DyugEkK4HiNFaY7EcBowEnkG8Y4BPkThKp/x0J4aGRkulRXrLueEL 6wHBKNuCEsqu2ak+pKBeLnQrq3/LIpc1cRj9lG1X+KtP+/tLvYMDfa0qpz0Y7+xd lUp5gq49jLLIdcKq9gcWn2+YjeLwLYNAJjNr2P1ddgriAIrpb3Uj7SXVVLvARahf T30bAjQkO8xWDnpSaf7PXiQu8hbzrQc7M7Wg65Jn4+DB -----END CERTIFICATE-----Generated at Sat Jan 3 06:52:13 2026 by rpki-client