This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/FzYQ8UfkOoXbLMAefaap0q8s5jo.roa File: FzYQ8UfkOoXbLMAefaap0q8s5jo.roa (raw, json) Hash identifier: uu0TxkfB1szooYSk1YRvasc+kONIbxD4r+CRWDgwPzQ= Subject key identifier: 17:36:10:F1:47:E4:3A:85:DB:2C:C0:1E:7D:A6:A9:D2:AF:2C:E6:3A Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2 Certificate serial: 019B7DCB24C14CBC89667E8966E5FA8EE450 Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/FzYQ8UfkOoXbLMAefaap0q8s5jo.roa Signing time: Fri 02 Jan 2026 08:20:23 +0000 ROA not before: Fri 02 Jan 2026 08:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212228 IP address blocks: 37.10.71.0/24 maxlen: 24 45.11.180.0/24 maxlen: 24 91.240.202.0/24 maxlen: 24 91.242.217.0/24 maxlen: 24 185.158.250.0/24 maxlen: 24 2a0b:7140:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.mft rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:24:c1:4c:bc:89:66:7e:89:66:e5:fa:8e:e4:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2 Validity Not Before: Jan 2 08:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=173610f147e43a85db2cc01e7da6a9d2af2ce63a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:3e:65:81:da:0b:da:c6:e3:71:63:ee:31:77: 80:28:9e:ce:29:71:53:56:19:01:48:cb:72:e0:00: 96:8f:12:c5:b7:59:7d:35:a5:0e:f4:b8:93:46:fa: d6:b8:6a:53:94:6d:e7:c3:06:fc:96:eb:1a:8f:ee: ff:6b:11:59:41:42:0a:48:1f:ec:2c:0f:d8:7e:46: e7:f0:4d:ea:c1:7e:71:f4:f4:f9:8f:78:b0:2c:87: 4b:50:fb:c8:d3:7d:4d:55:0f:e7:da:c0:fa:e6:03: 1f:6b:5d:18:f7:86:06:0e:76:26:15:fa:15:05:71: 0a:d5:1c:7c:84:82:e1:f1:6f:97:38:c5:9a:bf:24: 45:0b:bb:90:53:d1:ec:0d:02:a7:42:7d:86:6a:b9: 7c:eb:c7:23:cd:29:cc:32:ff:6b:2c:dd:75:17:9f: f2:b2:89:31:1e:93:11:73:60:bb:8a:a3:3b:8e:2e: 91:5e:57:7f:ff:1a:c4:2a:0f:7f:62:04:0c:7c:d7: 78:66:6d:82:5c:d9:8d:c9:02:51:90:4b:18:85:9f: 64:01:71:86:4c:45:32:59:53:46:5b:4b:5f:6d:47: 96:04:cc:5a:cc:37:3b:45:4f:90:7a:e8:5e:0d:45: 05:68:ca:51:8a:aa:3a:a5:ee:0f:b0:61:85:02:61: 2c:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:36:10:F1:47:E4:3A:85:DB:2C:C0:1E:7D:A6:A9:D2:AF:2C:E6:3A X509v3 Authority Key Identifier: keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/FzYQ8UfkOoXbLMAefaap0q8s5jo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.10.71.0/24 45.11.180.0/24 91.240.202.0/24 91.242.217.0/24 185.158.250.0/24 IPv6: 2a0b:7140:2::/48 Signature Algorithm: sha256WithRSAEncryption 46:d0:d2:65:e9:94:b9:a7:82:83:f2:41:8b:9c:55:4a:86:5b: 73:6a:d6:3a:d7:ee:20:6a:1b:c6:87:11:ed:dd:08:7a:47:16: f3:20:3c:61:46:5e:b6:2e:e4:6a:05:88:42:00:25:b4:80:ba: 98:31:0f:cc:8b:45:d6:45:30:2e:94:6f:c4:3e:40:4f:74:70: 4d:f6:52:bf:a8:3a:6a:05:78:3d:51:b5:e7:43:7e:8e:2f:14: 92:a7:05:6f:8d:aa:14:d6:66:89:ff:ee:cf:88:53:c1:57:b9: 6c:94:00:aa:d0:e6:02:7a:9f:8c:34:02:57:19:f0:42:b4:45: 85:ed:84:91:20:01:75:37:7c:93:31:5e:b0:67:16:76:5d:61: d1:55:88:b3:4c:b9:19:fd:9a:8d:2f:ed:f6:78:2d:67:42:68: a9:d8:13:e1:4e:8f:a0:6b:a4:d4:03:55:f6:5c:53:16:aa:00: 68:52:a6:bd:e8:d1:29:bb:02:c5:85:bd:37:66:59:ef:36:4a: 6d:b9:9e:2d:c8:8a:cb:e1:e5:c9:53:9b:d6:8a:6a:d2:ef:df: 6a:52:dc:da:50:bc:2d:43:a3:61:42:25:16:d2:93:9b:1a:8d: b5:66:1f:7b:58:ce:3d:e3:27:31:12:92:bb:24:81:72:29:80: 57:44:27:db -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt9yyTBTLyJZn6JZuX6juRQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy MWZjZjIwHhcNMjYwMTAyMDgyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNzM2MTBmMTQ3ZTQzYTg1ZGIyY2MwMWU3ZGE2YTlkMmFmMmNlNjNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzD5lgdoL2sbjcWPuMXeAKJ7OKXFT VhkBSMty4ACWjxLFt1l9NaUO9LiTRvrWuGpTlG3nwwb8lusaj+7/axFZQUIKSB/s LA/Yfkbn8E3qwX5x9PT5j3iwLIdLUPvI031NVQ/n2sD65gMfa10Y94YGDnYmFfoV BXEK1Rx8hILh8W+XOMWavyRFC7uQU9HsDQKnQn2Garl868cjzSnMMv9rLN11F5/y sokxHpMRc2C7iqM7ji6RXld//xrEKg9/YgQMfNd4Zm2CXNmNyQJRkEsYhZ9kAXGG TEUyWVNGW0tfbUeWBMxazDc7RU+QeuheDUUFaMpRiqo6pe4PsGGFAmEsGwIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFBc2EPFH5DqF2yzAHn2mqdKvLOY6MB8GA1UdIwQY MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt Mzk1NTk1OWVhZjgxLzEvRnpZUThVZmtPb1hiTE1BZWZhYXAwcThzNWpvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAJQpHAwQA LQu0AwQAW/DKAwQAW/LZAwQAuZ76MA8EAgACMAkDBwAqC3FAAAIwDQYJKoZIhvcN AQELBQADggEBAEbQ0mXplLmngoPyQYucVUqGW3Nq1jrX7iBqG8aHEe3dCHpHFvMg PGFGXrYu5GoFiEIAJbSAupgxD8yLRdZFMC6Ub8Q+QE90cE32Ur+oOmoFeD1RtedD fo4vFJKnBW+NqhTWZon/7s+IU8FXuWyUAKrQ5gJ6n4w0AlcZ8EK0RYXthJEgAXU3 fJMxXrBnFnZdYdFViLNMuRn9mo0v7fZ4LWdCaKnYE+FOj6BrpNQDVfZcUxaqAGhS pr3o0Sm7AsWFvTdmWe82Sm25ni3Iisvh5clTm9aKatLv32pS3NpQvC1Do2FCJRbS k5sajbVmH3tYzj3jJzESkrskgXIpgFdEJ9s= -----END CERTIFICATE-----Generated at Sun Jan 25 20:58:59 2026 by rpki-client