This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/tK20It-Gxi8d5G3lIHR237kGrRs.roa File: tK20It-Gxi8d5G3lIHR237kGrRs.roa (raw, json) Hash identifier: 7t/M3+9H0KNiC9VIhfV8J5boGB1F8dIJpPRmQzRdpho= Subject key identifier: B4:AD:B4:22:DF:86:C6:2F:1D:E4:6D:E5:20:74:76:DF:B9:06:AD:1B Certificate issuer: /CN=54b0bec8f58db0ce5b91f34505277e40bfd3ae11 Certificate serial: 019B797E0B265F6D0B186D3BB223C06F4E1F Authority key identifier: 54:B0:BE:C8:F5:8D:B0:CE:5B:91:F3:45:05:27:7E:40:BF:D3:AE:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLC-yPWNsM5bkfNFBSd-QL_TrhE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/tK20It-Gxi8d5G3lIHR237kGrRs.roa Signing time: Thu 01 Jan 2026 12:17:42 +0000 ROA not before: Thu 01 Jan 2026 12:17:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24768 IP address blocks: 95.85.200.0/22 maxlen: 22 95.85.220.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/VLC-yPWNsM5bkfNFBSd-QL_TrhE.crl rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/VLC-yPWNsM5bkfNFBSd-QL_TrhE.mft rsync://rpki.ripe.net/repository/DEFAULT/VLC-yPWNsM5bkfNFBSd-QL_TrhE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:0b:26:5f:6d:0b:18:6d:3b:b2:23:c0:6f:4e:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=54b0bec8f58db0ce5b91f34505277e40bfd3ae11 Validity Not Before: Jan 1 12:17:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b4adb422df86c62f1de46de5207476dfb906ad1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:3f:6a:d2:a5:53:cc:27:85:d5:ff:14:27:0b: be:b7:6f:f2:a6:2f:91:80:6b:e7:f3:da:11:4b:08: ff:ce:51:a0:b1:63:47:34:c7:2a:62:ff:24:26:18: d9:dd:cc:42:06:95:63:5e:14:b2:e1:80:c9:bd:47: 4e:7d:d1:8f:d2:24:90:22:41:72:a0:08:aa:b8:9c: b9:07:94:fa:7d:3f:5d:99:16:11:33:cf:89:41:f6: 6f:b5:c6:e3:41:c0:74:bf:0c:86:57:07:69:53:a3: d7:31:77:63:4f:cd:f5:ec:29:40:17:dc:3a:44:f5: dd:fb:95:59:ad:db:13:bd:38:e1:95:c1:e3:94:11: 1d:6d:99:8c:5e:6e:de:34:50:2b:48:5f:70:79:98: 5f:a5:9b:17:c1:5e:14:51:62:b0:e8:07:33:e6:4f: a9:56:32:42:97:ea:d5:df:00:3c:5b:11:a1:f6:c8: a3:ee:6b:fc:3b:91:ad:e9:d5:05:ab:d8:49:a8:08: fc:b7:43:08:ee:3b:9a:95:53:2a:c9:c6:24:56:62: 5a:5d:5b:28:e3:2e:cd:4a:96:93:9d:f4:66:c8:9e: 72:a1:89:46:53:08:72:06:e4:55:cc:ab:2f:19:1f: 49:09:fb:f5:39:66:69:7f:53:6a:f5:68:d6:5d:a6: 5b:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:AD:B4:22:DF:86:C6:2F:1D:E4:6D:E5:20:74:76:DF:B9:06:AD:1B X509v3 Authority Key Identifier: keyid:54:B0:BE:C8:F5:8D:B0:CE:5B:91:F3:45:05:27:7E:40:BF:D3:AE:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLC-yPWNsM5bkfNFBSd-QL_TrhE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/tK20It-Gxi8d5G3lIHR237kGrRs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/VLC-yPWNsM5bkfNFBSd-QL_TrhE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.85.200.0/22 95.85.220.0/22 Signature Algorithm: sha256WithRSAEncryption 9c:4d:50:6f:c9:5c:70:4b:2f:7a:0f:e6:37:98:ed:35:7c:6b: d0:1e:15:91:21:64:bf:12:0c:57:1e:74:48:49:79:b5:e7:a3: 2b:c4:31:9d:a2:d4:b6:71:5c:66:0c:0a:f6:19:21:2b:d3:ed: b9:6f:e9:e6:d8:56:44:9f:8a:b5:1d:c1:e1:f9:da:4c:8f:d5: e3:95:45:a3:13:aa:b9:d9:58:c1:3a:f2:66:9a:54:8e:5b:5d: 9d:8e:7b:59:ed:73:36:dd:f3:ea:4b:b8:63:2b:63:88:59:e7: 67:36:18:79:dd:2d:28:a8:16:39:a6:b1:96:74:bc:58:e2:38: 0f:b7:da:ad:21:22:51:0f:b6:c9:a3:df:2e:bf:64:01:cd:6e: c3:b7:9d:79:d7:11:cd:cf:7e:07:bb:7a:31:21:8c:20:21:47: 48:1b:fa:4a:8f:f0:56:b0:d2:37:e6:42:67:36:c9:f8:84:f3: de:13:21:0b:8f:46:85:2f:e0:cc:a5:ed:d4:92:44:d8:0a:5d: 2d:3f:d1:ec:3c:66:a7:37:b6:e6:7e:22:3d:b1:95:78:1d:72: 85:41:0d:00:d8:e7:06:6c:46:24:5e:6e:88:3e:0c:a2:30:a3: 4e:53:17:bd:d5:42:65:89:21:b7:d6:e5:d6:11:19:62:f0:33: 90:ca:b7:1f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5fgsmX20LGG07siPAb04fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU0YjBiZWM4ZjU4ZGIwY2U1YjkxZjM0NTA1Mjc3ZTQwYmZk M2FlMTEwHhcNMjYwMTAxMTIxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNGFkYjQyMmRmODZjNjJmMWRlNDZkZTUyMDc0NzZkZmI5MDZhZDFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj9q0qVTzCeF1f8UJwu+t2/ypi+R gGvn89oRSwj/zlGgsWNHNMcqYv8kJhjZ3cxCBpVjXhSy4YDJvUdOfdGP0iSQIkFy oAiquJy5B5T6fT9dmRYRM8+JQfZvtcbjQcB0vwyGVwdpU6PXMXdjT8317ClAF9w6 RPXd+5VZrdsTvTjhlcHjlBEdbZmMXm7eNFArSF9weZhfpZsXwV4UUWKw6Acz5k+p VjJCl+rV3wA8WxGh9sij7mv8O5Gt6dUFq9hJqAj8t0MI7jualVMqycYkVmJaXVso 4y7NSpaTnfRmyJ5yoYlGUwhyBuRVzKsvGR9JCfv1OWZpf1Nq9WjWXaZb4QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLSttCLfhsYvHeRt5SB0dt+5Bq0bMB8GA1UdIwQY MBaAFFSwvsj1jbDOW5HzRQUnfkC/064RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVkxDLXlQV05zTTVia2ZORkJTZC1RTF9UcmhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8yYWQzNGUtYjFlNS00ZDhjLTk0OGUt MGY0ZGJiODkwYmQwLzEvdEsyMEl0LUd4aThkNUczbElIUjIzN2tHclJzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni8yYWQzNGUtYjFlNS00ZDhjLTk0OGUtMGY0ZGJiODkwYmQw LzEvVkxDLXlQV05zTTVia2ZORkJTZC1RTF9UcmhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCX1XIAwQC X1XcMA0GCSqGSIb3DQEBCwUAA4IBAQCcTVBvyVxwSy96D+Y3mO01fGvQHhWRIWS/ EgxXHnRISXm156MrxDGdotS2cVxmDAr2GSEr0+25b+nm2FZEn4q1HcHh+dpMj9Xj lUWjE6q52VjBOvJmmlSOW12djntZ7XM23fPqS7hjK2OIWednNhh53S0oqBY5prGW dLxY4jgPt9qtISJRD7bJo98uv2QBzW7Dt5151xHNz34Hu3oxIYwgIUdIG/pKj/BW sNI35kJnNsn4hPPeEyELj0aFL+DMpe3UkkTYCl0tP9HsPGanN7bmfiI9sZV4HXKF QQ0A2OcGbEYkXm6IPgyiMKNOUxe91UJliSG31uXWERli8DOQyrcf -----END CERTIFICATE-----Generated at Sun Jan 25 19:36:28 2026 by rpki-client