This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/_fXKYqOoOeAsBe3wfvstIhc1KgU.roa File: _fXKYqOoOeAsBe3wfvstIhc1KgU.roa (raw, json) Hash identifier: 6aMvK6MOhdOCbYvLk+UnSkhnsNfdyPHzti08/1dj5Nc= Subject key identifier: FD:F5:CA:62:A3:A8:39:E0:2C:05:ED:F0:7E:FB:2D:22:17:35:2A:05 Certificate issuer: /CN=ee2259f158b9aa76aad0b1adfa62c1eed4559d14 Certificate serial: 019B797F28498D744D9FA92EABBFCDD9F8FD Authority key identifier: EE:22:59:F1:58:B9:AA:76:AA:D0:B1:AD:FA:62:C1:EE:D4:55:9D:14 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/_fXKYqOoOeAsBe3wfvstIhc1KgU.roa Signing time: Thu 01 Jan 2026 12:18:55 +0000 ROA not before: Thu 01 Jan 2026 12:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34476 IP address blocks: 45.139.200.0/22 maxlen: 24 152.114.206.0/24 maxlen: 24 185.86.82.0/24 maxlen: 24 185.254.94.0/24 maxlen: 24 212.102.103.0/24 maxlen: 24 2a0f:8c80::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.crl rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.mft rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:28:49:8d:74:4d:9f:a9:2e:ab:bf:cd:d9:f8:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ee2259f158b9aa76aad0b1adfa62c1eed4559d14 Validity Not Before: Jan 1 12:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fdf5ca62a3a839e02c05edf07efb2d2217352a05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:28:f9:b9:77:61:6e:c2:ff:44:73:35:a6:f1: 8d:eb:88:9c:59:71:4b:c1:ba:32:03:63:f4:16:66: e1:de:3d:b4:b4:ce:e9:39:a7:49:7b:a3:86:05:d9: 01:85:8f:32:ea:63:08:24:f4:06:1a:1c:78:d9:f7: cf:87:68:b9:72:16:a2:a1:f4:11:36:b4:01:ed:61: e6:cb:f2:fb:7e:29:33:0c:69:f9:3f:8e:79:e1:1a: 8f:0f:bb:76:16:6d:47:0f:3b:8d:12:db:06:d7:75: 7c:ea:31:36:86:a8:95:24:fd:80:f6:b6:d3:0d:74: a3:a8:8a:c2:05:11:20:5e:a7:14:d7:0c:3b:c7:9c: 07:65:92:0c:37:d6:3c:60:1e:99:28:4f:13:cb:c9: 40:39:b1:ac:2c:42:c0:a2:81:7c:3d:d7:84:2b:be: 24:be:05:c7:60:8e:35:9a:bd:5b:76:1b:1d:73:c9: fb:23:ae:50:a8:9e:bc:3a:f0:e3:32:9a:b7:35:45: 17:cd:72:fb:33:92:73:43:e0:ef:35:a4:51:32:12: 4f:23:a4:21:42:8b:36:39:b5:e6:dd:12:e9:d2:31: 97:45:36:95:80:cb:ee:80:d4:7a:cb:c8:c4:98:71: af:d7:01:9c:6b:55:c3:d4:14:94:c6:1a:8b:b7:6e: ef:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:F5:CA:62:A3:A8:39:E0:2C:05:ED:F0:7E:FB:2D:22:17:35:2A:05 X509v3 Authority Key Identifier: keyid:EE:22:59:F1:58:B9:AA:76:AA:D0:B1:AD:FA:62:C1:EE:D4:55:9D:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/_fXKYqOoOeAsBe3wfvstIhc1KgU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.139.200.0/22 152.114.206.0/24 185.86.82.0/24 185.254.94.0/24 212.102.103.0/24 IPv6: 2a0f:8c80::/29 Signature Algorithm: sha256WithRSAEncryption b0:8f:39:67:fe:fb:17:40:80:4f:c3:80:8b:44:55:22:2a:c4: 75:33:ad:4e:64:77:b2:8f:2a:69:6a:36:19:07:3e:64:e8:cd: ae:4e:1b:7a:91:6b:51:48:02:2c:80:75:d6:d9:a6:33:0c:7f: 2a:de:69:1a:6b:ae:99:24:b5:2b:8f:0f:9f:58:99:85:c8:8c: 8b:76:54:06:4c:e9:ff:69:8e:ff:ba:4b:93:44:4c:fa:56:c2: e3:71:24:03:99:c2:fb:e9:1f:60:4d:64:64:00:48:6d:96:5b: 8d:6a:e4:68:ec:c1:14:94:ef:31:2a:74:bc:fe:2e:ec:e4:65: db:56:1a:3a:45:5f:01:38:46:de:d1:be:a9:df:4d:37:05:6c: 20:66:45:40:fd:a8:95:0b:09:21:5b:ba:96:b8:2c:e0:b6:fc: e6:4e:e7:29:ec:ce:fb:db:10:c1:f7:81:5c:64:77:bd:73:da: 53:b6:f8:3c:62:37:eb:86:05:5a:15:da:ca:24:51:35:d8:33: 9b:af:0f:30:a7:18:7c:2e:26:a7:8a:48:49:a4:07:8b:59:c6: 54:c1:3a:53:5c:61:ce:4e:98:bf:94:04:55:6f:b2:44:d3:7f: 70:d0:41:5b:c7:a3:65:2b:05:90:4c:84:ac:6f:e1:40:a0:94: e9:cd:19:17 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt5fyhJjXRNn6kuq7/N2fj9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVlMjI1OWYxNThiOWFhNzZhYWQwYjFhZGZhNjJjMWVlZDQ1 NTlkMTQwHhcNMjYwMTAxMTIxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZGY1Y2E2MmEzYTgzOWUwMmMwNWVkZjA3ZWZiMmQyMjE3MzUyYTA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyj5uXdhbsL/RHM1pvGN64icWXFL wboyA2P0Fmbh3j20tM7pOadJe6OGBdkBhY8y6mMIJPQGGhx42ffPh2i5chaiofQR NrQB7WHmy/L7fikzDGn5P4554RqPD7t2Fm1HDzuNEtsG13V86jE2hqiVJP2A9rbT DXSjqIrCBREgXqcU1ww7x5wHZZIMN9Y8YB6ZKE8Ty8lAObGsLELAooF8PdeEK74k vgXHYI41mr1bdhsdc8n7I65QqJ68OvDjMpq3NUUXzXL7M5JzQ+DvNaRRMhJPI6Qh Qos2ObXm3RLp0jGXRTaVgMvugNR6y8jEmHGv1wGca1XD1BSUxhqLt27vzQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFP31ymKjqDngLAXt8H77LSIXNSoFMB8GA1UdIwQY MBaAFO4iWfFYuap2qtCxrfpiwe7UVZ0UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN2lKWjhWaTVxbmFxMExHdC1tTEI3dFJWblJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80MTAxMmUtNzg4NS00ZjQwLWJkZjQt MzQ5N2NlMWI3MWJmLzEvX2ZYS1lxT29PZUFzQmUzd2Z2c3RJaGMxS2dVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC80MTAxMmUtNzg4NS00ZjQwLWJkZjQtMzQ5N2NlMWI3MWJm LzEvN2lKWjhWaTVxbmFxMExHdC1tTEI3dFJWblJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLYvIAwQA mHLOAwQAuVZSAwQAuf5eAwQA1GZnMA0EAgACMAcDBQMqD4yAMA0GCSqGSIb3DQEB CwUAA4IBAQCwjzln/vsXQIBPw4CLRFUiKsR1M61OZHeyjyppajYZBz5k6M2uTht6 kWtRSAIsgHXW2aYzDH8q3mkaa66ZJLUrjw+fWJmFyIyLdlQGTOn/aY7/ukuTREz6 VsLjcSQDmcL76R9gTWRkAEhtlluNauRo7MEUlO8xKnS8/i7s5GXbVho6RV8BOEbe 0b6p3003BWwgZkVA/aiVCwkhW7qWuCzgtvzmTucp7M772xDB94FcZHe9c9pTtvg8 YjfrhgVaFdrKJFE12DObrw8wpxh8LianikhJpAeLWcZUwTpTXGHOTpi/lARVb7JE 039w0EFbx6NlKwWQTISsb+FAoJTpzRkX -----END CERTIFICATE-----Generated at Sun Jan 25 22:31:54 2026 by rpki-client