This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/ffozWOJhdYTlZsYd3LUTrpAH84g.roa File: ffozWOJhdYTlZsYd3LUTrpAH84g.roa (raw, json) Hash identifier: LqRzq5DyTPzo0AG3Z9lInY0bhS/P0365y/30CPyVkNM= Subject key identifier: 7D:FA:33:58:E2:61:75:84:E5:66:C6:1D:DC:B5:13:AE:90:07:F3:88 Certificate issuer: /CN=ab54fe831b6a719f42e6c8486fd03b550be761fb Certificate serial: 019BBD62F9CEAB3579CBF7D6E47052DBBF35 Authority key identifier: AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/ffozWOJhdYTlZsYd3LUTrpAH84g.roa Signing time: Wed 14 Jan 2026 16:42:18 +0000 ROA not before: Wed 14 Jan 2026 16:42:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13287 IP address blocks: 109.234.80.0/21 maxlen: 24 185.19.68.0/22 maxlen: 24 185.33.66.0/23 maxlen: 24 185.111.184.0/22 maxlen: 24 185.235.35.0/24 maxlen: 24 213.162.192.0/19 maxlen: 24 2a02:23a0::/32 maxlen: 48 2a10:f680::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.mft rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:bd:62:f9:ce:ab:35:79:cb:f7:d6:e4:70:52:db:bf:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab54fe831b6a719f42e6c8486fd03b550be761fb Validity Not Before: Jan 14 16:42:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7dfa3358e2617584e566c61ddcb513ae9007f388 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:97:3f:34:5b:2b:a5:9c:c2:b5:61:03:01:04: 49:62:ba:e8:55:f6:63:34:98:c1:6c:00:fb:55:4f: 29:1d:6b:24:95:8a:0e:95:cf:c0:20:b8:55:2c:c3: 2a:38:9c:01:ad:a3:47:1a:03:db:1e:0e:81:6d:38: a3:30:27:22:58:6b:d3:2a:86:53:36:70:05:ff:0c: 9f:7f:dc:28:12:5a:47:74:39:f9:5f:00:24:39:a4: 30:78:4f:f0:57:ba:a3:40:d5:bd:5b:b8:12:93:44: 3d:8f:f1:b6:8b:9f:78:3b:27:00:2f:a8:c3:75:da: 47:a7:44:aa:fb:85:61:8a:34:25:01:e0:f6:f6:cf: 02:ef:c1:1c:11:b2:7c:47:e0:ff:47:38:da:3e:00: 88:47:50:12:92:49:9c:1d:39:3f:0d:13:e4:3b:63: d7:e1:2f:c3:8b:cf:66:d5:8f:f9:87:55:19:59:18: 3d:ad:e4:83:6f:c6:a9:06:13:16:6f:c6:c2:dd:84: 54:00:e6:73:b1:8e:e5:a2:bd:6f:69:43:8e:62:b8: 25:a0:1e:5f:33:b2:01:b3:6b:d1:54:b8:71:e0:63: b9:7c:9a:60:58:1a:de:8e:c6:f2:ba:35:93:62:56: b6:dd:67:27:e8:8f:75:84:e2:ad:20:0b:ec:6b:30: 95:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:FA:33:58:E2:61:75:84:E5:66:C6:1D:DC:B5:13:AE:90:07:F3:88 X509v3 Authority Key Identifier: keyid:AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/ffozWOJhdYTlZsYd3LUTrpAH84g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.234.80.0/21 185.19.68.0/22 185.33.66.0/23 185.111.184.0/22 185.235.35.0/24 213.162.192.0/19 IPv6: 2a02:23a0::/32 2a10:f680::/29 Signature Algorithm: sha256WithRSAEncryption 42:f7:75:aa:cd:58:73:23:1c:52:ef:40:2c:91:f8:78:83:e1: 57:00:36:51:93:47:39:1c:f8:b5:2e:72:09:d4:42:69:90:f5: 39:d0:77:10:14:8d:0a:a5:c2:e4:9d:e4:70:50:02:03:c9:c7: a2:3c:cd:0c:82:d7:37:10:23:bd:2d:a8:64:4f:ea:5c:64:c7: 47:dd:de:2a:52:d0:4c:e6:dd:d5:cd:5b:73:ab:ac:73:8c:50: 59:63:ee:d3:12:c1:7e:70:69:d3:8e:91:7c:3e:fe:d2:98:14: 4a:26:98:44:93:a3:14:22:0f:59:5b:9b:46:18:66:74:d1:da: 07:8f:86:89:64:ff:d6:38:c2:21:d7:f9:32:f2:fd:b8:70:61: 89:f3:f2:fd:18:24:f0:db:d7:ec:65:a1:77:77:e1:02:1e:d8: a6:15:48:7a:a9:f0:9e:79:d0:ef:1b:d8:3e:99:b6:33:c9:1a: 8b:d1:78:62:6e:2d:24:6d:2c:5e:e9:28:6e:d1:38:b7:a2:d7: 0d:61:66:44:f1:be:eb:7f:14:42:17:bf:bc:88:58:21:65:e6: 9f:65:b4:a6:71:8d:6b:12:f2:0b:9c:ef:8f:df:3b:6e:9f:bc: ef:3c:31:2e:d5:b0:97:ff:75:6a:15:dd:8e:d2:7e:ae:57:08: 4b:a0:38:b0 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgISAZu9YvnOqzV5y/fW5HBS2781MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiNTRmZTgzMWI2YTcxOWY0MmU2Yzg0ODZmZDAzYjU1MGJl NzYxZmIwHhcNMjYwMTE0MTY0MjE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZGZhMzM1OGUyNjE3NTg0ZTU2NmM2MWRkY2I1MTNhZTkwMDdmMzg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJc/NFsrpZzCtWEDAQRJYrroVfZj NJjBbAD7VU8pHWsklYoOlc/AILhVLMMqOJwBraNHGgPbHg6BbTijMCciWGvTKoZT NnAF/wyff9woElpHdDn5XwAkOaQweE/wV7qjQNW9W7gSk0Q9j/G2i594OycAL6jD ddpHp0Sq+4VhijQlAeD29s8C78EcEbJ8R+D/RzjaPgCIR1ASkkmcHTk/DRPkO2PX 4S/Di89m1Y/5h1UZWRg9reSDb8apBhMWb8bC3YRUAOZzsY7lor1vaUOOYrgloB5f M7IBs2vRVLhx4GO5fJpgWBrejsbyujWTYla23Wcn6I91hOKtIAvsazCVIwIDAQAB o4ICPTCCAjkwHQYDVR0OBBYEFH36M1jiYXWE5WbGHdy1E66QB/OIMB8GA1UdIwQY MBaAFKtU/oMbanGfQubISG/QO1UL52H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTFULWd4dHFjWjlDNXNoSWI5QTdWUXZuWWZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81ZWFhYTctMzEwNy00MjY4LWFhZDYt NmZkOTc4OTIwNWJhLzEvZmZveldPSmhkWVRsWnNZZDNMVVRycEFIODRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS81ZWFhYTctMzEwNy00MjY4LWFhZDYtNmZkOTc4OTIwNWJh LzEvcTFULWd4dHFjWjlDNXNoSWI5QTdWUXZuWWZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDbepQAwQC uRNEAwQBuSFCAwQCuW+4AwQAuesjAwQF1aLAMBQEAgACMA4DBQAqAiOgAwUDKhD2 gDANBgkqhkiG9w0BAQsFAAOCAQEAQvd1qs1YcyMcUu9ALJH4eIPhVwA2UZNHORz4 tS5yCdRCaZD1OdB3EBSNCqXC5J3kcFACA8nHojzNDILXNxAjvS2oZE/qXGTHR93e KlLQTObd1c1bc6usc4xQWWPu0xLBfnBp046RfD7+0pgUSiaYRJOjFCIPWVubRhhm dNHaB4+GiWT/1jjCIdf5MvL9uHBhifPy/Rgk8NvX7GWhd3fhAh7YphVIeqnwnnnQ 7xvYPpm2M8kai9F4Ym4tJG0sXukobtE4t6LXDWFmRPG+638UQhe/vIhYIWXmn2W0 pnGNaxLyC5zvj987bp+87zwxLtWwl/91ahXdjtJ+rlcIS6A4sA== -----END CERTIFICATE-----Generated at Mon Jan 26 11:04:31 2026 by rpki-client