This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/fEH6GXoroSfAEDj0z55rGNitKMU.roa File: fEH6GXoroSfAEDj0z55rGNitKMU.roa (raw, json) Hash identifier: Zmq+V4G0nlMIUgVrJqMNAD4Dj5EQvHd5LCZ6hw/cQJg= Subject key identifier: 7C:41:FA:19:7A:2B:A1:27:C0:10:38:F4:CF:9E:6B:18:D8:AD:28:C5 Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Certificate serial: 019B78A371A5084D1317D78DAEF6AF42BE82 Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/fEH6GXoroSfAEDj0z55rGNitKMU.roa Signing time: Thu 01 Jan 2026 08:18:55 +0000 ROA not before: Thu 01 Jan 2026 08:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43289 IP address blocks: 45.153.124.0/24 maxlen: 24 89.46.232.0/24 maxlen: 24 92.243.67.0/24 maxlen: 24 188.190.12.0/24 maxlen: 24 188.190.30.0/24 maxlen: 24 2a03:f80:373::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:71:a5:08:4d:13:17:d7:8d:ae:f6:af:42:be:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Validity Not Before: Jan 1 08:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7c41fa197a2ba127c01038f4cf9e6b18d8ad28c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:54:7b:82:ce:bf:0a:4f:24:ca:8f:d2:e4:ba: 15:aa:3b:ab:8d:94:8e:87:b4:fd:37:1a:64:21:53: 6d:fc:2b:65:89:53:22:70:ea:5d:3c:6f:cf:a8:02: 23:d1:d6:74:dd:5b:6f:db:9c:a0:f2:a6:b3:dd:27: fe:d9:77:7c:88:fb:cf:05:90:5e:fd:21:57:a0:6e: 9a:e3:2f:5c:ba:c4:72:77:6a:9e:5d:44:d5:de:83: 99:99:a8:16:38:41:a7:1d:08:84:a4:f7:9f:94:41: 1f:fd:6c:13:d1:69:24:6a:a1:de:41:5f:17:d1:ad: a9:a8:cc:d9:c7:2e:b9:21:c7:bc:08:14:be:a4:bc: 7c:cf:ec:d5:ea:41:7a:68:9a:08:0a:6c:71:12:6d: 9f:74:75:25:19:94:d8:df:d8:9e:e6:ad:70:da:da: ba:34:2c:fc:86:b8:8b:65:2e:56:84:8f:f6:ed:93: 92:fd:ba:40:87:66:a4:7d:c6:e2:80:e8:e6:cc:eb: 9d:fb:c4:15:f2:40:f6:b2:f7:d1:2c:b6:76:ae:44: e2:d9:78:2e:a5:50:f9:b8:8c:6f:f3:f1:ac:28:ef: 27:2c:86:98:be:80:e5:61:b6:e8:8c:02:64:7f:9d: 91:01:47:af:b8:36:a3:8b:2b:59:4c:55:2a:16:c6: 1f:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:41:FA:19:7A:2B:A1:27:C0:10:38:F4:CF:9E:6B:18:D8:AD:28:C5 X509v3 Authority Key Identifier: keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/fEH6GXoroSfAEDj0z55rGNitKMU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.153.124.0/24 89.46.232.0/24 92.243.67.0/24 188.190.12.0/24 188.190.30.0/24 IPv6: 2a03:f80:373::/48 Signature Algorithm: sha256WithRSAEncryption 3b:68:f2:3e:b2:32:04:2b:6b:b0:46:3c:bd:4a:b7:9a:99:b8: 78:06:f3:66:87:e8:ad:17:d0:43:e2:ed:40:f5:81:30:40:97: 57:9b:f2:6c:44:51:e1:72:8a:1b:ac:66:a0:a9:52:69:55:f4: 0c:bc:f0:2a:ac:42:7a:96:d6:9f:cc:33:10:97:7f:92:69:58: 29:a5:ba:33:27:6b:8b:5d:d9:4c:cf:fc:7d:c2:68:cc:f1:6c: 0e:40:0d:23:a4:dd:7d:f4:3f:36:0c:1c:4a:6f:e8:c5:60:63: 4b:34:dd:a5:2c:3b:7e:4e:b1:b8:e4:3e:87:ba:9e:68:a7:c4: 3b:e2:1f:e8:de:43:c0:b9:40:78:6f:bd:e1:0f:2d:a4:60:a5: cc:39:a0:ba:d7:0a:2c:5f:49:8a:56:ec:6a:0d:cb:d7:26:03: 38:9f:de:d7:b1:2d:9c:d5:68:65:e3:5d:3a:0c:65:6c:94:09: ee:1d:99:b5:dd:49:b6:2d:95:50:01:64:54:6c:44:37:ca:b5: 87:9f:b3:71:e8:24:6c:c4:6f:4c:64:ba:91:55:46:51:cc:8b: 02:8d:d4:46:c5:a9:0b:ea:85:6c:60:a6:e4:1a:53:4e:95:74: ff:d3:5f:8b:12:6f:dc:e5:2b:08:57:e5:d8:98:7d:d3:c6:c0: dc:54:12:0a -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt4o3GlCE0TF9eNrvavQr6CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj MjhmNmEwHhcNMjYwMTAxMDgxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YzQxZmExOTdhMmJhMTI3YzAxMDM4ZjRjZjllNmIxOGQ4YWQyOGM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlR7gs6/Ck8kyo/S5LoVqjurjZSO h7T9NxpkIVNt/CtliVMicOpdPG/PqAIj0dZ03Vtv25yg8qaz3Sf+2Xd8iPvPBZBe /SFXoG6a4y9cusRyd2qeXUTV3oOZmagWOEGnHQiEpPeflEEf/WwT0WkkaqHeQV8X 0a2pqMzZxy65Ice8CBS+pLx8z+zV6kF6aJoICmxxEm2fdHUlGZTY39ie5q1w2tq6 NCz8hriLZS5WhI/27ZOS/bpAh2akfcbigOjmzOud+8QV8kD2svfRLLZ2rkTi2Xgu pVD5uIxv8/GsKO8nLIaYvoDlYbbojAJkf52RAUevuDajiytZTFUqFsYf0wIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFHxB+hl6K6EnwBA49M+eaxjYrSjFMB8GA1UdIwQY MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt YjM4ZTI2NzdiM2RjLzEvZkVINkdYb3JvU2ZBRURqMHo1NXJHTml0S01VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQALZl8AwQA WS7oAwQAXPNDAwQAvL4MAwQAvL4eMA8EAgACMAkDBwAqAw+AA3MwDQYJKoZIhvcN AQELBQADggEBADto8j6yMgQra7BGPL1Kt5qZuHgG82aH6K0X0EPi7UD1gTBAl1eb 8mxEUeFyihusZqCpUmlV9Ay88CqsQnqW1p/MMxCXf5JpWCmlujMna4td2UzP/H3C aMzxbA5ADSOk3X30PzYMHEpv6MVgY0s03aUsO35OsbjkPoe6nminxDviH+jeQ8C5 QHhvveEPLaRgpcw5oLrXCixfSYpW7GoNy9cmAzif3texLZzVaGXjXToMZWyUCe4d mbXdSbYtlVABZFRsRDfKtYefs3HoJGzEb0xkupFVRlHMiwKN1EbFqQvqhWxgpuQa U06VdP/TX4sSb9zlKwhX5diYfdPGwNxUEgo= -----END CERTIFICATE-----Generated at Sun Jan 25 22:30:09 2026 by rpki-client