This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/fl0ZAFdlfHmaO-tRgRiDI18HGbI.roa File: fl0ZAFdlfHmaO-tRgRiDI18HGbI.roa (raw, json) Hash identifier: MwB5gNGA9bGWfwt6Pb+LVkIHTpzaIDIKiSps/GwLDPs= Subject key identifier: 7E:5D:19:00:57:65:7C:79:9A:3B:EB:51:81:18:83:23:5F:07:19:B2 Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16 Certificate serial: 019B7BA36D980A511FCF5E16F947F87D62D4 Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/fl0ZAFdlfHmaO-tRgRiDI18HGbI.roa Signing time: Thu 01 Jan 2026 22:17:46 +0000 ROA not before: Thu 01 Jan 2026 22:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 196977 IP address blocks: 5.153.188.0/22 maxlen: 24 5.153.190.0/23 maxlen: 23 5.153.190.0/24 maxlen: 24 5.153.191.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.mft rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:6d:98:0a:51:1f:cf:5e:16:f9:47:f8:7d:62:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16 Validity Not Before: Jan 1 22:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7e5d190057657c799a3beb51811883235f0719b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:7f:88:72:f0:23:a7:60:50:3e:82:8c:8b:5e: 16:2a:95:9e:a5:ad:25:90:a1:f2:48:ce:fb:ad:b8: e1:9f:e9:67:12:21:b3:4c:b7:71:64:54:a1:d5:e7: 1d:73:c5:60:c9:63:63:34:c0:7d:81:e4:b7:c0:ff: 57:fa:5d:87:b5:c7:81:d8:c2:73:7b:fe:19:db:28: aa:db:f5:4d:80:f2:a6:bc:dd:09:eb:1f:cc:e9:3e: 94:8c:9f:b7:c9:e8:81:df:fa:1d:84:65:75:57:5a: 6e:28:59:65:aa:9e:df:60:ca:42:bb:d7:07:a5:e4: 99:74:42:d9:0b:9e:0f:43:16:07:b5:e3:fb:8c:a0: 58:d2:d6:dd:25:be:62:2a:02:c3:6e:5e:63:ac:c2: 69:ef:cd:bc:a9:07:ce:e5:2a:13:7b:ee:28:f7:86: 03:3d:e8:de:cd:9e:56:e7:bc:fe:b6:87:da:65:d8: 27:bd:21:9a:10:3d:22:19:c1:af:c8:02:3e:91:0f: 1f:ea:16:69:6f:b8:56:4e:ca:d7:91:b3:9c:57:9e: 2b:30:8d:71:11:fa:11:cf:76:2e:5b:ec:59:9c:44: 1c:29:f2:e9:a5:6b:2b:bc:31:15:64:9a:68:7c:1d: 60:db:59:6e:eb:a7:3b:8d:41:d2:c1:c7:78:18:13: 29:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:5D:19:00:57:65:7C:79:9A:3B:EB:51:81:18:83:23:5F:07:19:B2 X509v3 Authority Key Identifier: keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/fl0ZAFdlfHmaO-tRgRiDI18HGbI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.153.188.0/22 Signature Algorithm: sha256WithRSAEncryption 86:a8:66:82:aa:8c:1a:e4:a7:6d:50:6c:cb:2d:1b:b2:f4:86: 48:98:fe:2c:4c:c5:31:7f:f2:88:1e:28:41:92:66:4f:64:b6: 1d:6f:02:aa:27:55:54:ca:15:39:1e:18:b4:fe:26:27:df:0e: 72:ce:dd:fc:b0:40:d0:3d:be:fd:fc:82:e6:60:14:77:b7:c3: f4:0f:bd:49:dc:d6:6a:af:76:71:eb:0e:d8:e9:14:ab:1e:aa: 50:a3:30:8b:f1:d6:b5:1f:70:15:cd:1d:cb:95:ad:c6:8d:e6: 37:7f:7c:61:ee:1e:e5:97:96:cf:88:eb:2d:91:3a:a5:e9:12: 48:e0:a9:84:7a:63:b7:d8:11:46:2b:e7:dc:4c:ce:e2:d4:ed: 18:74:82:30:d2:57:eb:d3:50:ad:00:60:c2:86:fb:e9:db:d6: ca:aa:6d:c6:84:ed:ac:91:b7:b3:e5:83:35:bc:c7:5f:d9:bb: 3b:d4:aa:3f:c6:45:de:16:cb:2c:3b:72:6c:0d:94:eb:9e:03: 0f:d2:41:ae:ff:86:14:76:e5:75:69:be:0a:c7:b4:33:01:04: 93:6e:d5:2f:86:15:fe:b7:bf:6e:38:93:39:8f:ec:f7:21:32: 3d:50:1f:47:17:b0:2b:49:3a:13:f3:86:50:c0:ca:b9:bb:f1: 7b:91:97:a0 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7o22YClEfz14W+Uf4fWLUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx ZGRhMTYwHhcNMjYwMTAxMjIxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZTVkMTkwMDU3NjU3Yzc5OWEzYmViNTE4MTE4ODMyMzVmMDcxOWIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3+IcvAjp2BQPoKMi14WKpWepa0l kKHySM77rbjhn+lnEiGzTLdxZFSh1ecdc8VgyWNjNMB9geS3wP9X+l2HtceB2MJz e/4Z2yiq2/VNgPKmvN0J6x/M6T6UjJ+3yeiB3/odhGV1V1puKFllqp7fYMpCu9cH peSZdELZC54PQxYHteP7jKBY0tbdJb5iKgLDbl5jrMJp7828qQfO5SoTe+4o94YD PejezZ5W57z+tofaZdgnvSGaED0iGcGvyAI+kQ8f6hZpb7hWTsrXkbOcV54rMI1x EfoRz3YuW+xZnEQcKfLppWsrvDEVZJpofB1g21lu66c7jUHSwcd4GBMpDwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFH5dGQBXZXx5mjvrUYEYgyNfBxmyMB8GA1UdIwQY MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt ZmVlOGYzNzkwNTY3LzEvZmwwWkFGZGxmSG1hTy10UmdSaURJMThIR2JJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3 LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBZm8MA0G CSqGSIb3DQEBCwUAA4IBAQCGqGaCqowa5KdtUGzLLRuy9IZImP4sTMUxf/KIHihB kmZPZLYdbwKqJ1VUyhU5Hhi0/iYn3w5yzt38sEDQPb79/ILmYBR3t8P0D71J3NZq r3Zx6w7Y6RSrHqpQozCL8da1H3AVzR3Lla3GjeY3f3xh7h7ll5bPiOstkTql6RJI 4KmEemO32BFGK+fcTM7i1O0YdIIw0lfr01CtAGDChvvp29bKqm3GhO2skbez5YM1 vMdf2bs71Ko/xkXeFsssO3JsDZTrngMP0kGu/4YUduV1ab4Kx7QzAQSTbtUvhhX+ t79uOJM5j+z3ITI9UB9HF7ArSToT84ZQwMq5u/F7kZeg -----END CERTIFICATE-----Generated at Mon Jan 26 10:23:09 2026 by rpki-client