This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/fxjDmBMtX4lZXvQ-w62aJNa_wcA.roa File: fxjDmBMtX4lZXvQ-w62aJNa_wcA.roa (raw, json) Hash identifier: k9PdZxgspVP2JG6hPwNtH2QKs9wDWHLF4meodXKpQn0= Subject key identifier: 7F:18:C3:98:13:2D:5F:89:59:5E:F4:3E:C3:AD:9A:24:D6:BF:C1:C0 Certificate issuer: /CN=7720c670434da5102261099da101f25dd3f7aada Certificate serial: 019B7DCA683BF5C8A7A375C610F4F4F2067A Authority key identifier: 77:20:C6:70:43:4D:A5:10:22:61:09:9D:A1:01:F2:5D:D3:F7:AA:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dyDGcENNpRAiYQmdoQHyXdP3qto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/fxjDmBMtX4lZXvQ-w62aJNa_wcA.roa Signing time: Fri 02 Jan 2026 08:19:35 +0000 ROA not before: Fri 02 Jan 2026 08:19:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2134 IP address blocks: 195.43.48.0/22 maxlen: 22 195.43.48.0/24 maxlen: 24 195.43.49.0/24 maxlen: 24 195.43.50.0/24 maxlen: 24 195.43.51.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.crl rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.mft rsync://rpki.ripe.net/repository/DEFAULT/dyDGcENNpRAiYQmdoQHyXdP3qto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:68:3b:f5:c8:a7:a3:75:c6:10:f4:f4:f2:06:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7720c670434da5102261099da101f25dd3f7aada Validity Not Before: Jan 2 08:19:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7f18c398132d5f89595ef43ec3ad9a24d6bfc1c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:76:7d:93:d2:a9:ed:ed:42:b2:68:5c:a8:bd: 46:6a:de:b7:48:6c:09:a8:2d:0d:bd:2d:8a:54:8f: 54:3e:9d:fe:6d:c9:97:9f:d5:d3:04:8f:0a:18:50: ea:a4:3a:92:d2:27:a7:b6:3b:40:fc:06:bb:58:d6: 37:a2:69:2c:aa:68:42:c6:3b:28:98:61:56:39:07: 6f:a1:be:fb:de:99:d6:6e:2d:34:09:13:44:2f:87: 51:95:4d:c4:a2:4c:45:ca:9c:e5:fc:4b:9c:5d:62: c5:b8:50:c6:9d:33:ea:1b:c8:4f:98:e1:f8:71:42: 11:35:b4:58:ee:4a:51:16:d9:1e:a2:be:d1:cb:bd: f8:82:b7:94:39:58:48:f3:15:c9:ac:de:99:27:7f: 17:8e:d9:67:25:e9:da:f0:2c:d9:1d:78:be:c0:52: 8d:5e:40:f0:eb:ed:33:24:60:27:aa:c7:43:25:b2: 6b:97:cf:35:4a:b5:e7:47:0b:7a:10:01:d5:29:ca: 25:5b:d2:35:6b:6b:0c:ab:e2:ee:59:87:45:6a:b1: 5d:2d:04:00:33:18:d4:6f:e1:20:00:54:73:d9:83: d9:94:f6:0b:87:ea:40:98:fe:b5:27:37:89:96:03: 5e:94:3e:84:74:96:4e:a0:95:6d:a7:a7:18:2f:7b: 73:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:18:C3:98:13:2D:5F:89:59:5E:F4:3E:C3:AD:9A:24:D6:BF:C1:C0 X509v3 Authority Key Identifier: keyid:77:20:C6:70:43:4D:A5:10:22:61:09:9D:A1:01:F2:5D:D3:F7:AA:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dyDGcENNpRAiYQmdoQHyXdP3qto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/fxjDmBMtX4lZXvQ-w62aJNa_wcA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.43.48.0/22 Signature Algorithm: sha256WithRSAEncryption ad:dc:a4:49:f7:a3:e9:41:6b:c2:8f:f2:78:af:d7:74:77:c8: 79:40:20:46:3e:34:23:d2:6d:f1:d2:48:e6:04:f7:b1:d2:53: 9c:f9:ec:9c:e1:02:3b:8e:4b:ba:dd:56:a8:6c:ae:5e:47:4e: e4:7a:f7:53:46:f8:cc:e0:ee:85:eb:93:80:5a:90:19:d5:3d: d9:fd:f5:6c:4d:aa:02:b4:f4:d1:b2:47:05:9d:29:18:7d:39: e9:6d:79:e4:73:08:d2:98:6f:30:96:3b:9a:24:d4:6b:c3:a6: 29:9d:62:3d:c8:e2:6c:75:9d:71:cd:13:11:14:15:d5:d5:2c: 02:66:a5:8c:41:4c:ac:0a:b6:a6:a1:f6:52:56:1d:b8:f5:fc: bf:6f:c3:84:c0:2f:96:d0:31:59:92:ae:19:ce:fb:99:4c:0b: f0:70:4d:c3:6f:3f:57:da:07:57:14:87:37:45:ca:d2:eb:7d: fb:16:7d:51:c0:95:a1:b4:3e:77:e1:c4:e4:40:df:8b:a3:b9: 45:b9:65:87:3a:bc:4a:74:9c:d5:28:95:4a:8e:88:d8:d4:1c: f5:77:8c:74:b6:58:15:b4:2e:52:fe:59:e6:2e:6b:ac:bc:68: 02:ab:ac:45:a7:32:d9:1d:54:a7:95:c6:1f:91:1d:25:22:9d: 25:0b:70:1d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9ymg79cino3XGEPT08gZ6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3MjBjNjcwNDM0ZGE1MTAyMjYxMDk5ZGExMDFmMjVkZDNm N2FhZGEwHhcNMjYwMTAyMDgxOTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZjE4YzM5ODEzMmQ1Zjg5NTk1ZWY0M2VjM2FkOWEyNGQ2YmZjMWMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHZ9k9Kp7e1CsmhcqL1Gat63SGwJ qC0NvS2KVI9UPp3+bcmXn9XTBI8KGFDqpDqS0ientjtA/Aa7WNY3omksqmhCxjso mGFWOQdvob773pnWbi00CRNEL4dRlU3EokxFypzl/EucXWLFuFDGnTPqG8hPmOH4 cUIRNbRY7kpRFtkeor7Ry734greUOVhI8xXJrN6ZJ38XjtlnJena8CzZHXi+wFKN XkDw6+0zJGAnqsdDJbJrl881SrXnRwt6EAHVKcolW9I1a2sMq+LuWYdFarFdLQQA MxjUb+EgAFRz2YPZlPYLh+pAmP61JzeJlgNelD6EdJZOoJVtp6cYL3tzbwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFH8Yw5gTLV+JWV70PsOtmiTWv8HAMB8GA1UdIwQY MBaAFHcgxnBDTaUQImEJnaEB8l3T96raMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHlER2NFTk5wUkFpWVFtZG9RSHlYZFAzcXRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjc1M2YtNzc4MS00ZGZlLWEzOGUt ZDg0NTk5NTk5MWFjLzEvZnhqRG1CTXRYNGxaWHZRLXc2MmFKTmFfd2NBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9jZjc1M2YtNzc4MS00ZGZlLWEzOGUtZDg0NTk5NTk5MWFj LzEvZHlER2NFTk5wUkFpWVFtZG9RSHlYZFAzcXRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwyswMA0G CSqGSIb3DQEBCwUAA4IBAQCt3KRJ96PpQWvCj/J4r9d0d8h5QCBGPjQj0m3x0kjm BPex0lOc+eyc4QI7jku63VaobK5eR07kevdTRvjM4O6F65OAWpAZ1T3Z/fVsTaoC tPTRskcFnSkYfTnpbXnkcwjSmG8wljuaJNRrw6YpnWI9yOJsdZ1xzRMRFBXV1SwC ZqWMQUysCramofZSVh249fy/b8OEwC+W0DFZkq4ZzvuZTAvwcE3Dbz9X2gdXFIc3 RcrS6337Fn1RwJWhtD534cTkQN+Lo7lFuWWHOrxKdJzVKJVKjojY1Bz1d4x0tlgV tC5S/lnmLmusvGgCq6xFpzLZHVSnlcYfkR0lIp0lC3Ad -----END CERTIFICATE-----Generated at Mon Jan 26 01:41:16 2026 by rpki-client