This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/r1pmqXxtvzdCJtUeEPYuXd1H_9g.roa File: r1pmqXxtvzdCJtUeEPYuXd1H_9g.roa (raw, json) Hash identifier: 28fxinFllwvBRYDeUU0ETkB+HVMFUpPCVSh1xQIIp3Y= Subject key identifier: AF:5A:66:A9:7C:6D:BF:37:42:26:D5:1E:10:F6:2E:5D:DD:47:FF:D8 Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e Certificate serial: 019B7F1469BB3BFD8219FFD7F868769CE073 Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/r1pmqXxtvzdCJtUeEPYuXd1H_9g.roa Signing time: Fri 02 Jan 2026 14:20:02 +0000 ROA not before: Fri 02 Jan 2026 14:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215376 IP address blocks: 77.221.134.0/24 maxlen: 24 77.221.146.0/24 maxlen: 24 109.120.136.0/24 maxlen: 24 176.98.187.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.mft rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:69:bb:3b:fd:82:19:ff:d7:f8:68:76:9c:e0:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e Validity Not Before: Jan 2 14:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af5a66a97c6dbf374226d51e10f62e5ddd47ffd8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:3b:84:29:b8:5b:ae:99:2e:63:1f:66:2c:07: 36:18:b9:b3:bf:f5:f9:d5:df:ea:48:67:b3:fd:a8: 9f:d8:46:1b:d5:49:0c:fd:b8:4f:a4:d5:5c:5b:1a: 1a:dc:1d:a0:61:3b:7b:e4:92:02:da:4f:99:d9:38: e4:ba:c4:3b:ae:cf:cb:6a:a6:ab:1d:f0:cf:dd:bd: ed:16:1f:11:54:3f:70:fb:18:f4:42:9d:c3:39:43: c7:3e:0a:4e:ac:47:65:13:40:98:76:61:cb:56:e2: 52:aa:f5:9b:7d:c6:af:1a:5b:6f:30:bb:40:bf:b6: f5:d0:59:c7:72:4a:00:1b:c3:88:25:80:f2:42:47: 94:1d:10:ce:6e:8e:bf:85:0c:df:0f:a6:5b:dd:9b: 93:18:9f:d6:a3:21:6c:91:e2:28:8d:33:22:27:7d: 01:55:95:46:d4:dd:b4:a5:28:db:8e:13:c1:1f:49: 62:bf:f6:68:c2:e0:81:b9:43:83:9c:a4:16:5b:9d: 14:df:0c:bd:b5:1c:de:d4:3a:b2:c2:23:f4:78:14: fa:27:c8:2e:cd:f8:24:db:77:dd:52:69:04:3e:c0: 01:c1:31:e7:d5:cd:69:2b:85:a6:f1:d7:19:1e:37: 12:c2:99:21:f3:82:d2:5c:fa:bf:c5:27:63:25:3c: aa:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:5A:66:A9:7C:6D:BF:37:42:26:D5:1E:10:F6:2E:5D:DD:47:FF:D8 X509v3 Authority Key Identifier: keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/r1pmqXxtvzdCJtUeEPYuXd1H_9g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.221.134.0/24 77.221.146.0/24 109.120.136.0/24 176.98.187.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:ed:4e:80:c2:bd:2d:e8:02:c9:b4:63:21:b5:7c:7c:f5:b8: 64:a3:41:da:9c:80:de:7b:8f:3f:50:1a:19:8c:96:c0:40:d6: d5:5b:44:a8:e6:0b:e8:d1:81:a0:3c:1e:1f:17:63:b5:5f:72: 0e:a1:af:fc:4d:04:dd:77:5d:2d:ae:e9:7e:cc:9c:1c:9c:54: ed:87:91:d5:b9:43:11:a6:27:8f:28:5e:aa:44:78:77:47:4d: 87:01:08:79:81:28:e0:be:87:1c:27:ae:1b:6a:d9:ba:e4:5a: 57:b7:87:ac:9a:ed:c1:c0:9a:50:01:8a:98:0a:2c:ba:3f:a3: b3:6a:f7:bc:a8:33:95:e8:68:f8:f6:55:da:5d:16:80:ad:6a: aa:ff:9b:fb:d7:da:70:e2:a6:fa:0c:0b:2c:7b:a2:95:e1:5b: 81:e8:97:b4:5e:92:b4:dd:b0:66:cf:57:0b:7e:b8:ea:25:7e: 8f:14:a0:65:53:4a:45:c1:88:a3:5f:33:c2:0c:f0:cb:ae:46: 31:54:bb:7d:96:a5:6b:83:3c:29:bd:3b:dc:fe:23:5c:ca:d5: 5b:d8:22:42:e9:fb:b7:03:67:fe:af:af:f9:71:ba:e6:73:12: b4:bd:a7:60:c4:72:ed:08:3e:ae:fe:d3:da:80:5e:18:79:64: 16:0d:2b:f0 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt/FGm7O/2CGf/X+Gh2nOBzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl NmRlNWUwHhcNMjYwMTAyMTQyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjVhNjZhOTdjNmRiZjM3NDIyNmQ1MWUxMGY2MmU1ZGRkNDdmZmQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzuEKbhbrpkuYx9mLAc2GLmzv/X5 1d/qSGez/aif2EYb1UkM/bhPpNVcWxoa3B2gYTt75JIC2k+Z2TjkusQ7rs/Laqar HfDP3b3tFh8RVD9w+xj0Qp3DOUPHPgpOrEdlE0CYdmHLVuJSqvWbfcavGltvMLtA v7b10FnHckoAG8OIJYDyQkeUHRDObo6/hQzfD6Zb3ZuTGJ/WoyFskeIojTMiJ30B VZVG1N20pSjbjhPBH0liv/ZowuCBuUODnKQWW50U3wy9tRze1DqywiP0eBT6J8gu zfgk23fdUmkEPsABwTHn1c1pK4Wm8dcZHjcSwpkh84LSXPq/xSdjJTyqCwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFK9aZql8bb83QibVHhD2Ll3dR//YMB8GA1UdIwQY MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt OTJjODFmMjJlNzEyLzEvcjFwbXFYeHR2emRDSnRVZUVQWXVYZDFIXzlnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATd2GAwQA Td2SAwQAbXiIAwQAsGK7MA0GCSqGSIb3DQEBCwUAA4IBAQAK7U6Awr0t6ALJtGMh tXx89bhko0HanIDee48/UBoZjJbAQNbVW0So5gvo0YGgPB4fF2O1X3IOoa/8TQTd d10trul+zJwcnFTth5HVuUMRpiePKF6qRHh3R02HAQh5gSjgvoccJ64batm65FpX t4esmu3BwJpQAYqYCiy6P6Ozave8qDOV6Gj49lXaXRaArWqq/5v719pw4qb6DAss e6KV4VuB6Je0XpK03bBmz1cLfrjqJX6PFKBlU0pFwYijXzPCDPDLrkYxVLt9lqVr gzwpvTvc/iNcytVb2CJC6fu3A2f+r6/5cbrmcxK0vadgxHLtCD6u/tPagF4YeWQW DSvw -----END CERTIFICATE-----Generated at Sun Jan 25 12:17:51 2026 by rpki-client