This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/fPEwsxpmefb9fjYFeDH-lJRf640.roa File: fPEwsxpmefb9fjYFeDH-lJRf640.roa (raw, json) Hash identifier: 7rIO/BEaUyGIHDMRwSaQPobC5+CDIXrbYr2N9MoOU1o= Subject key identifier: 7C:F1:30:B3:1A:66:79:F6:FD:7E:36:05:78:31:FE:94:94:5F:EB:8D Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Certificate serial: 019B77C69CFE3C2A799C1D8DAB18D837969D Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/fPEwsxpmefb9fjYFeDH-lJRf640.roa Signing time: Thu 01 Jan 2026 04:17:43 +0000 ROA not before: Thu 01 Jan 2026 04:17:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211261 IP address blocks: 78.136.101.0/24 maxlen: 24 178.156.112.0/24 maxlen: 24 178.156.113.0/24 maxlen: 24 185.25.196.0/24 maxlen: 24 185.25.197.0/24 maxlen: 24 185.25.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 21:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:9c:fe:3c:2a:79:9c:1d:8d:ab:18:d8:37:96:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Validity Not Before: Jan 1 04:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7cf130b31a6679f6fd7e36057831fe94945feb8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:6f:d9:e4:33:1c:56:a8:49:ae:15:71:08:85: a7:f3:7e:8f:75:e7:72:fc:d4:01:4b:09:3e:69:9e: 68:9f:12:89:fc:f1:eb:9a:da:ef:f1:f0:7c:8e:35: 2f:9c:9a:a5:19:22:2b:82:65:e3:0a:16:ed:d6:9e: d6:e2:64:91:b5:ff:af:c4:33:1a:b3:6d:3f:95:92: b9:c1:ab:78:f7:cc:f0:26:30:00:69:08:3e:7b:b6: 39:df:35:37:3e:e5:34:93:44:0f:41:68:72:d3:37: 7a:f2:e4:16:1f:2e:14:01:b1:33:5f:60:9a:57:d5: a9:48:ca:cd:2c:11:a3:ab:10:66:df:65:42:59:eb: 8b:c4:f7:05:d4:8c:5c:ed:a9:5d:7b:7d:cd:30:5c: 3c:4f:d7:2f:4c:ab:69:bc:e8:7e:59:8a:6c:0e:fb: 9d:91:02:cf:9e:d5:1c:14:1e:14:2b:b5:cb:cc:c9: fe:14:3c:40:2a:3f:c8:fa:2d:e9:57:5e:84:3c:1a: b9:fe:bb:ed:b0:41:4b:0b:f5:2b:b0:17:ed:8b:d2: d6:8a:0e:2a:17:4f:06:8c:5c:e3:0a:ed:a5:ff:ce: 32:19:d1:6f:78:1b:1d:96:fa:ce:1d:01:98:1c:fa: f9:e0:d6:8b:62:69:4b:36:88:07:78:23:55:a9:1b: c7:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:F1:30:B3:1A:66:79:F6:FD:7E:36:05:78:31:FE:94:94:5F:EB:8D X509v3 Authority Key Identifier: keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/fPEwsxpmefb9fjYFeDH-lJRf640.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.136.101.0/24 178.156.112.0/23 185.25.196.0-185.25.198.255 Signature Algorithm: sha256WithRSAEncryption a0:34:38:63:2f:b4:46:64:77:b9:bc:92:68:5a:23:ee:6b:46: 8f:ea:bf:c4:48:ea:29:e2:d8:13:78:b7:fe:5f:51:3b:c1:07: c6:80:d8:e5:6c:ef:67:83:42:f4:f2:13:5b:5a:fb:00:fb:27: f3:33:b3:1f:80:18:c3:c2:2b:b6:fd:78:57:c7:14:94:c7:9a: b2:29:bf:9a:09:12:18:f9:ea:9e:ad:26:8e:e8:53:ae:37:cf: 4e:c9:da:c9:9d:45:5e:5c:d6:7a:b5:e1:7b:e1:8b:e4:93:51: 24:fb:8b:f2:b6:2a:1d:5a:1d:3a:c3:68:fc:d2:d8:40:3e:0b: e5:df:7a:a2:69:80:78:45:aa:67:ec:51:50:46:f4:f9:27:96: cf:ad:e2:2c:86:e7:9b:cb:d2:1e:eb:4b:dc:f5:07:80:27:8c: 96:e1:e1:b7:8e:12:21:ad:86:ee:1e:5f:00:ce:48:0e:c6:2d: 25:8a:b6:ee:47:75:79:79:b1:40:b1:bb:1d:20:eb:bb:dd:9f: 67:75:7b:62:d9:d4:a9:67:35:6e:b9:d0:98:aa:bf:49:0e:d5: bc:c4:b1:87:91:b5:ea:dd:68:b1:9f:9e:46:ce:d5:b6:41:aa: 4c:e3:a4:89:14:69:2c:92:6c:40:11:d0:4a:b2:28:fd:07:cd: 08:28:35:21 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt3xpz+PCp5nB2NqxjYN5adMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy MGI3M2UwHhcNMjYwMTAxMDQxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3Y2YxMzBiMzFhNjY3OWY2ZmQ3ZTM2MDU3ODMxZmU5NDk0NWZlYjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW/Z5DMcVqhJrhVxCIWn836Pdedy /NQBSwk+aZ5onxKJ/PHrmtrv8fB8jjUvnJqlGSIrgmXjChbt1p7W4mSRtf+vxDMa s20/lZK5wat498zwJjAAaQg+e7Y53zU3PuU0k0QPQWhy0zd68uQWHy4UAbEzX2Ca V9WpSMrNLBGjqxBm32VCWeuLxPcF1Ixc7alde33NMFw8T9cvTKtpvOh+WYpsDvud kQLPntUcFB4UK7XLzMn+FDxAKj/I+i3pV16EPBq5/rvtsEFLC/UrsBfti9LWig4q F08GjFzjCu2l/84yGdFveBsdlvrOHQGYHPr54NaLYmlLNogHeCNVqRvHzQIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFHzxMLMaZnn2/X42BXgx/pSUX+uNMB8GA1UdIwQY MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt Y2YwNmQxOTgzYmExLzEvZlBFd3N4cG1lZmI5ZmpZRmVESC1sSlJmNjQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQATohlAwQB spxwMAwDBAK5GcQDBAC5GcYwDQYJKoZIhvcNAQELBQADggEBAKA0OGMvtEZkd7m8 kmhaI+5rRo/qv8RI6ini2BN4t/5fUTvBB8aA2OVs72eDQvTyE1ta+wD7J/Mzsx+A GMPCK7b9eFfHFJTHmrIpv5oJEhj56p6tJo7oU643z07J2smdRV5c1nq14Xvhi+ST UST7i/K2Kh1aHTrDaPzS2EA+C+XfeqJpgHhFqmfsUVBG9Pknls+t4iyG55vL0h7r S9z1B4AnjJbh4beOEiGthu4eXwDOSA7GLSWKtu5HdXl5sUCxux0g67vdn2d1e2LZ 1KlnNW650Jiqv0kO1bzEsYeRterdaLGfnkbO1bZBqkzjpIkUaSySbEAR0EqyKP0H zQgoNSE= -----END CERTIFICATE-----Generated at Sun Jan 25 07:17:12 2026 by rpki-client