This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/d8FG4uqfwLEukvWAq3H43tsMPiI.roa File: d8FG4uqfwLEukvWAq3H43tsMPiI.roa (raw, json) Hash identifier: DN96dwyOMYD2YxopLKnUfhnKc+nYl4cz3MheQMA++zM= Subject key identifier: 77:C1:46:E2:EA:9F:C0:B1:2E:92:F5:80:AB:71:F8:DE:DB:0C:3E:22 Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e Certificate serial: 019B7F83A839AE5DC7C77BED17A8B5B18CA1 Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/d8FG4uqfwLEukvWAq3H43tsMPiI.roa Signing time: Fri 02 Jan 2026 16:21:33 +0000 ROA not before: Fri 02 Jan 2026 16:21:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61400 IP address blocks: 141.101.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:a8:39:ae:5d:c7:c7:7b:ed:17:a8:b5:b1:8c:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e Validity Not Before: Jan 2 16:21:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=77c146e2ea9fc0b12e92f580ab71f8dedb0c3e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:6f:fd:a3:3f:cf:f7:47:ba:55:08:69:cf:75: 73:3e:e5:ea:e6:f7:f5:aa:ac:f8:15:11:00:d2:f0: bb:2f:cc:4b:0a:67:d5:39:ae:59:c7:8b:84:e5:d4: 66:51:37:01:2a:9f:12:07:8f:a2:a4:cf:fb:bb:5e: 32:e1:b0:e4:fa:1c:5d:b8:36:1a:98:a0:f8:9b:50: 21:07:51:8d:67:0d:bb:85:70:b4:3e:10:40:3f:e5: 10:26:b5:c5:a7:82:46:de:fa:34:d9:80:a7:5f:48: 41:08:ea:4a:84:6b:1b:5f:c7:4e:b6:de:db:cc:3d: 2c:1a:ac:38:8e:42:8f:9e:c0:8d:d0:24:b5:09:31: e4:1b:3d:f3:18:bc:ae:08:20:3b:cd:d3:e3:ce:e6: 76:24:ff:44:4f:18:81:cb:ba:32:9b:15:e6:9d:a4: e5:f4:21:bc:4a:0f:f6:71:e7:9a:5f:12:c7:63:b6: 3e:36:d4:ac:a2:4f:37:8d:e1:f6:8c:34:27:58:92: e2:d8:6e:62:5e:50:79:c6:4e:fc:4e:7c:a0:aa:33: 6f:65:b0:ee:8e:de:3a:c2:96:29:f7:fa:4a:2d:67: 68:4a:96:ae:b5:48:f2:4a:ae:1b:e5:e8:77:35:e0: b5:35:8c:1d:0c:a1:dc:d5:bc:3d:80:6d:e2:4d:39: 87:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:C1:46:E2:EA:9F:C0:B1:2E:92:F5:80:AB:71:F8:DE:DB:0C:3E:22 X509v3 Authority Key Identifier: keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/d8FG4uqfwLEukvWAq3H43tsMPiI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.101.255.0/24 Signature Algorithm: sha256WithRSAEncryption bf:4f:20:fb:b9:4b:30:24:09:f0:a5:b6:34:c8:2f:fa:77:72: 67:d0:85:a3:f7:5e:ca:05:e9:f2:dc:82:11:a4:c6:e9:df:aa: 87:97:d0:c5:4d:3a:1b:a3:67:87:d5:6f:ec:af:65:15:52:85: c0:f4:c8:a3:31:62:4a:19:68:d6:57:8f:f9:c7:b9:89:1c:ab: 4d:97:b8:bb:e4:35:6e:1e:8d:dc:dc:ea:36:bf:5d:b4:0c:4e: 4c:69:cc:e0:2a:d2:04:8f:bd:e4:5b:d7:9f:65:ce:22:d8:10: 1d:89:83:94:a9:e9:14:10:82:98:68:d6:92:6a:0b:bb:e5:12: 35:f7:79:7d:70:8a:ad:ed:11:51:09:82:e6:bd:da:84:e2:06: 6d:22:2b:46:43:a2:a4:b9:2a:80:f1:a7:8a:8b:12:74:0e:63: 03:66:2f:95:15:1a:16:3c:1d:77:7b:af:e1:6a:df:4d:08:48: a5:ca:9c:02:90:2c:7c:86:f6:6f:24:f9:43:33:8a:e2:f7:68: 71:6b:94:b6:6a:fa:c2:6e:d9:70:6b:2d:52:c7:b0:8d:f7:34: bd:7d:99:ba:45:de:31:da:fc:dc:94:9c:11:b2:71:40:1a:5d: 48:87:d3:d0:3e:b9:c4:d5:96:51:45:ee:a2:fe:52:7c:60:05: 7b:c7:26:be -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/g6g5rl3Hx3vtF6i1sYyhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0 NzA2N2UwHhcNMjYwMTAyMTYyMTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3N2MxNDZlMmVhOWZjMGIxMmU5MmY1ODBhYjcxZjhkZWRiMGMzZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2/9oz/P90e6VQhpz3VzPuXq5vf1 qqz4FREA0vC7L8xLCmfVOa5Zx4uE5dRmUTcBKp8SB4+ipM/7u14y4bDk+hxduDYa mKD4m1AhB1GNZw27hXC0PhBAP+UQJrXFp4JG3vo02YCnX0hBCOpKhGsbX8dOtt7b zD0sGqw4jkKPnsCN0CS1CTHkGz3zGLyuCCA7zdPjzuZ2JP9ETxiBy7oymxXmnaTl 9CG8Sg/2ceeaXxLHY7Y+NtSsok83jeH2jDQnWJLi2G5iXlB5xk78TnygqjNvZbDu jt46wpYp9/pKLWdoSpautUjySq4b5eh3NeC1NYwdDKHc1bw9gG3iTTmHGQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHfBRuLqn8CxLpL1gKtx+N7bDD4iMB8GA1UdIwQY MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt OGM5NTgxZDk2ZDhmLzEvZDhGRzR1cWZ3TEV1a3ZXQXEzSDQzdHNNUGlJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWX/MA0G CSqGSIb3DQEBCwUAA4IBAQC/TyD7uUswJAnwpbY0yC/6d3Jn0IWj917KBeny3IIR pMbp36qHl9DFTTobo2eH1W/sr2UVUoXA9MijMWJKGWjWV4/5x7mJHKtNl7i75DVu Ho3c3Oo2v120DE5MaczgKtIEj73kW9efZc4i2BAdiYOUqekUEIKYaNaSagu75RI1 93l9cIqt7RFRCYLmvdqE4gZtIitGQ6KkuSqA8aeKixJ0DmMDZi+VFRoWPB13e6/h at9NCEilypwCkCx8hvZvJPlDM4ri92hxa5S2avrCbtlway1Sx7CN9zS9fZm6Rd4x 2vzclJwRsnFAGl1Ih9PQPrnE1ZZRRe6i/lJ8YAV7xya+ -----END CERTIFICATE-----Generated at Sun Jan 25 21:57:39 2026 by rpki-client