This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/VXXJGd4FEOBiTRuvKylQZSh5MPc.roa File: VXXJGd4FEOBiTRuvKylQZSh5MPc.roa (raw, json) Hash identifier: 9Lce4m09pJL6B9nHSj0pDfxmZ/8/J6ec+N4whDnZ0b8= Subject key identifier: 55:75:C9:19:DE:05:10:E0:62:4D:1B:AF:2B:29:50:65:28:79:30:F7 Certificate issuer: /CN=345ae646ea34ad2688aca2fdd1a6f3340356495e Certificate serial: 019B78A36661040439E2E6A03C245096AB58 Authority key identifier: 34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/VXXJGd4FEOBiTRuvKylQZSh5MPc.roa Signing time: Thu 01 Jan 2026 08:18:53 +0000 ROA not before: Thu 01 Jan 2026 08:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203887 IP address blocks: 185.120.172.0/22 maxlen: 24 185.120.172.0/24 maxlen: 24 185.120.173.0/24 maxlen: 24 185.120.174.0/23 maxlen: 24 185.120.174.0/24 maxlen: 24 185.120.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.mft rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:66:61:04:04:39:e2:e6:a0:3c:24:50:96:ab:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=345ae646ea34ad2688aca2fdd1a6f3340356495e Validity Not Before: Jan 1 08:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5575c919de0510e0624d1baf2b295065287930f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:35:7a:8c:d0:82:6b:59:b1:64:e7:0c:24:6c: 72:83:e1:8b:5f:51:c8:3a:8a:29:91:67:69:9a:db: 41:2e:f5:36:5f:81:20:22:88:a0:d2:a8:bf:3e:e1: ae:e6:e4:6b:5d:3a:de:f4:df:e0:20:c0:0c:ce:8d: 9c:83:b6:ed:be:84:24:e3:b4:d9:b0:d1:a0:86:17: 08:ea:9f:16:38:8d:c3:ac:8d:02:3c:1a:2b:26:a8: b7:74:25:cc:d8:74:47:86:9c:82:37:98:ad:b7:41: 93:13:49:26:61:ae:1d:10:c9:c5:e9:c3:f4:91:c3: 82:1d:74:b0:2e:7f:ad:f5:8c:58:c5:69:66:53:24: 89:ff:d0:ac:e1:6d:45:24:5e:c3:af:a6:c0:16:08: 09:d7:0a:6e:59:93:48:ac:69:d1:6d:05:b3:e2:31: b2:1d:ca:a5:0e:4a:1c:60:72:dd:6b:0c:17:fa:85: 22:55:45:2c:a0:5a:97:be:9b:66:9a:b7:2d:01:06: 87:b7:be:4a:7d:b7:a1:97:9c:ae:0e:0c:1a:59:96: ba:07:b8:1e:3c:4a:d6:49:0b:aa:b1:82:2a:75:37: bd:2d:0b:fd:8e:34:ca:93:43:71:ca:17:bf:3e:17: 85:6a:07:d2:af:a6:bb:a2:a1:0d:63:18:0b:af:f5: bf:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:75:C9:19:DE:05:10:E0:62:4D:1B:AF:2B:29:50:65:28:79:30:F7 X509v3 Authority Key Identifier: keyid:34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/VXXJGd4FEOBiTRuvKylQZSh5MPc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.120.172.0/22 Signature Algorithm: sha256WithRSAEncryption 96:21:5a:eb:10:80:54:df:c4:72:12:5a:ad:17:21:b7:fb:1f: f3:a3:b0:d7:ca:c6:54:33:63:9b:13:46:e9:1e:b5:b1:22:8b: 20:55:df:6e:a9:c1:0c:67:a6:29:95:63:5c:c5:a2:d6:7b:78: 92:6d:64:e7:8d:53:eb:4e:16:d3:bd:4c:3e:72:a3:38:ab:d8: d8:32:32:af:7b:be:75:1d:7a:5b:da:02:00:65:90:e7:9f:a3: 39:77:28:d6:f1:81:c0:a6:25:40:7b:cc:1e:c8:8f:50:7d:9e: 11:d4:b7:5f:9b:ee:0a:0d:c4:fe:a3:0a:37:c1:8e:60:28:37: 6c:f0:51:4b:d6:a2:66:1f:81:03:71:0c:bf:db:b2:a4:2e:d5: 29:b0:fa:e9:80:51:12:c7:29:7f:df:14:2f:bc:4d:06:78:e8: d5:81:a7:d5:3c:68:eb:c2:98:da:d7:0d:f4:b5:17:92:36:30: 90:94:73:5c:da:c5:32:f3:f4:1f:30:31:c2:93:38:0f:fb:f3: c3:24:38:99:eb:ca:7c:3a:86:63:62:89:a2:1e:a1:17:2b:75: 1c:16:7d:e1:1c:0e:2c:75:73:f6:4c:56:57:ed:62:fc:79:5e: 4f:65:12:af:46:37:54:3f:b6:60:36:b0:95:3d:93:92:31:99: 09:1b:62:89 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4o2ZhBAQ54uagPCRQlqtYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0NWFlNjQ2ZWEzNGFkMjY4OGFjYTJmZGQxYTZmMzM0MDM1 NjQ5NWUwHhcNMjYwMTAxMDgxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NTc1YzkxOWRlMDUxMGUwNjI0ZDFiYWYyYjI5NTA2NTI4NzkzMGY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjV6jNCCa1mxZOcMJGxyg+GLX1HI OoopkWdpmttBLvU2X4EgIoig0qi/PuGu5uRrXTre9N/gIMAMzo2cg7btvoQk47TZ sNGghhcI6p8WOI3DrI0CPBorJqi3dCXM2HRHhpyCN5itt0GTE0kmYa4dEMnF6cP0 kcOCHXSwLn+t9YxYxWlmUySJ/9Cs4W1FJF7Dr6bAFggJ1wpuWZNIrGnRbQWz4jGy HcqlDkocYHLdawwX+oUiVUUsoFqXvptmmrctAQaHt75Kfbehl5yuDgwaWZa6B7ge PErWSQuqsYIqdTe9LQv9jjTKk0Nxyhe/PheFagfSr6a7oqENYxgLr/W/ywIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFV1yRneBRDgYk0bryspUGUoeTD3MB8GA1UdIwQY MBaAFDRa5kbqNK0miKyi/dGm8zQDVkleMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMt ZjQ5MTIwYmVkNTFjLzEvVlhYSkdkNEZFT0JpVFJ1dkt5bFFaU2g1TVBjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMtZjQ5MTIwYmVkNTFj LzEvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXisMA0G CSqGSIb3DQEBCwUAA4IBAQCWIVrrEIBU38RyElqtFyG3+x/zo7DXysZUM2ObE0bp HrWxIosgVd9uqcEMZ6YplWNcxaLWe3iSbWTnjVPrThbTvUw+cqM4q9jYMjKve751 HXpb2gIAZZDnn6M5dyjW8YHApiVAe8weyI9QfZ4R1Ldfm+4KDcT+owo3wY5gKDds 8FFL1qJmH4EDcQy/27KkLtUpsPrpgFESxyl/3xQvvE0GeOjVgafVPGjrwpja1w30 tReSNjCQlHNc2sUy8/QfMDHCkzgP+/PDJDiZ68p8OoZjYomiHqEXK3UcFn3hHA4s dXP2TFZX7WL8eV5PZRKvRjdUP7ZgNrCVPZOSMZkJG2KJ -----END CERTIFICATE-----Generated at Sun Jan 25 13:06:22 2026 by rpki-client