This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/aXlS2MBHT3otsZcZeVd3GMw9MKU.roa File: aXlS2MBHT3otsZcZeVd3GMw9MKU.roa (raw, json) Hash identifier: EW9PAlMsLE2KLuPGMAVWKhlfJ/oPt4738Dlm3TTrJp4= Subject key identifier: 69:79:52:D8:C0:47:4F:7A:2D:B1:97:19:79:57:77:18:CC:3D:30:A5 Certificate issuer: /CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b Certificate serial: 019B89641B74003F20956D80058CF898E05A Authority key identifier: A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/aXlS2MBHT3otsZcZeVd3GMw9MKU.roa Signing time: Sun 04 Jan 2026 14:23:17 +0000 ROA not before: Sun 04 Jan 2026 14:23:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206974 IP address blocks: 192.124.196.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.mft rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 23:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:89:64:1b:74:00:3f:20:95:6d:80:05:8c:f8:98:e0:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b Validity Not Before: Jan 4 14:23:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=697952d8c0474f7a2db1971979577718cc3d30a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:e6:1b:a2:77:a4:07:a2:73:08:ff:2a:9e:db: 3f:28:61:d4:f5:02:4b:a0:3f:e1:d6:73:02:8e:b3: 7a:7f:e9:86:46:6c:36:7a:fb:5d:5d:ad:1b:f8:fa: 41:55:f8:b7:d2:1a:6e:c7:fb:b5:52:6c:80:3e:b4: 05:9a:24:08:92:64:10:3e:a6:f0:e9:11:a4:4d:a5: ca:f9:1d:e5:19:e6:d6:ea:bf:4d:ec:1b:9e:80:8c: 5b:1d:db:ab:9d:cc:cc:81:41:14:c1:49:68:bc:1c: fe:38:db:81:ea:d0:00:d6:e6:db:a6:66:38:ab:af: b9:c5:e9:55:76:b4:b9:88:fe:af:e1:a5:05:c4:a6: ca:f2:06:44:23:21:20:e9:2b:fa:b3:b7:a2:d1:7a: 7c:c8:64:85:b2:0e:54:94:e5:7a:39:0e:c0:82:a4: a0:2d:7d:e2:d9:70:6e:16:eb:d9:e0:2e:29:08:32: f7:87:8f:28:dc:ac:39:48:cd:a5:0d:44:1e:65:a2: 98:6b:26:91:0c:e2:d3:cd:9d:e4:dd:2c:e3:3e:f3: c6:70:fb:ee:be:f5:8c:bc:27:6e:4f:26:57:c7:5b: 20:3e:da:d5:cc:6a:2e:a3:83:03:3a:13:b0:f4:d2: e7:99:20:18:d8:ef:ff:a8:52:b4:9a:7f:3d:d6:37: d0:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:79:52:D8:C0:47:4F:7A:2D:B1:97:19:79:57:77:18:CC:3D:30:A5 X509v3 Authority Key Identifier: keyid:A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/aXlS2MBHT3otsZcZeVd3GMw9MKU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.124.196.0/24 Signature Algorithm: sha256WithRSAEncryption a2:4e:ed:5e:25:35:61:0b:50:88:e9:dc:ab:70:69:24:46:cc: d8:b0:c3:ee:45:aa:ef:df:b4:32:06:5d:71:92:7c:7e:f9:d2: b9:37:f4:7f:dd:6a:30:48:cf:9b:16:ba:de:56:2a:36:30:4f: dd:30:0d:25:c2:66:dc:de:45:f5:04:b3:24:62:96:b5:d0:0c: 1f:33:58:f2:98:1f:5a:15:aa:3c:6a:c0:8c:78:6f:95:26:ee: 8b:d6:07:d5:d3:cd:ff:42:57:4a:fd:74:14:72:77:b7:5b:5f: 76:d1:a1:71:97:c4:46:ac:55:a2:ef:b0:62:5a:b5:a4:bc:79: 30:92:88:8c:48:68:35:f9:fb:18:d6:df:cf:8e:4a:d2:45:5f: d4:f4:5b:13:67:d6:87:c4:31:94:ae:0a:98:5a:38:08:cc:34: 3a:3d:00:86:d2:ec:1f:23:27:b2:33:07:95:67:51:c2:aa:d5: 5e:77:54:7b:83:fe:e1:73:8b:b1:03:1a:08:a1:3e:e6:29:b1: f0:a5:13:ff:26:0f:5c:e8:12:13:00:4a:10:01:c2:c2:66:31: f5:81:b1:10:e1:98:1a:bb:ba:e7:1b:8e:ae:f5:b7:4b:00:ea: 42:77:1f:93:a5:7d:d8:de:3a:f4:1d:43:d3:4d:b8:6a:b8:6c: 5d:a0:9c:3f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZuJZBt0AD8glW2ABYz4mOBaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4YjVmZTY3YzIwNzk3ZDM5NDE1NTU1NTRmOGM5ODhjYTJm N2MxN2IwHhcNMjYwMTA0MTQyMzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OTc5NTJkOGMwNDc0ZjdhMmRiMTk3MTk3OTU3NzcxOGNjM2QzMGE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+YbonekB6JzCP8qnts/KGHU9QJL oD/h1nMCjrN6f+mGRmw2evtdXa0b+PpBVfi30hpux/u1UmyAPrQFmiQIkmQQPqbw 6RGkTaXK+R3lGebW6r9N7BuegIxbHdurnczMgUEUwUlovBz+ONuB6tAA1ubbpmY4 q6+5xelVdrS5iP6v4aUFxKbK8gZEIyEg6Sv6s7ei0Xp8yGSFsg5UlOV6OQ7AgqSg LX3i2XBuFuvZ4C4pCDL3h48o3Kw5SM2lDUQeZaKYayaRDOLTzZ3k3SzjPvPGcPvu vvWMvCduTyZXx1sgPtrVzGouo4MDOhOw9NLnmSAY2O//qFK0mn891jfQqwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGl5UtjAR096LbGXGXlXdxjMPTClMB8GA1UdIwQY MBaAFKi1/mfCB5fTlBVVVU+MmIyi98F7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQt MWNjNjE5MTk3NTUxLzEvYVhsUzJNQkhUM290c1pjWmVWZDNHTXc5TUtVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQtMWNjNjE5MTk3NTUx LzEvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHzEMA0G CSqGSIb3DQEBCwUAA4IBAQCiTu1eJTVhC1CI6dyrcGkkRszYsMPuRarv37QyBl1x knx++dK5N/R/3WowSM+bFrreVio2ME/dMA0lwmbc3kX1BLMkYpa10AwfM1jymB9a Fao8asCMeG+VJu6L1gfV083/QldK/XQUcne3W1920aFxl8RGrFWi77BiWrWkvHkw koiMSGg1+fsY1t/PjkrSRV/U9FsTZ9aHxDGUrgqYWjgIzDQ6PQCG0uwfIyeyMweV Z1HCqtVed1R7g/7hc4uxAxoIoT7mKbHwpRP/Jg9c6BITAEoQAcLCZjH1gbEQ4Zga u7rnG46u9bdLAOpCdx+TpX3Y3jr0HUPTTbhquGxdoJw/ -----END CERTIFICATE-----Generated at Mon Jan 26 09:22:51 2026 by rpki-client