This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/VxmBydPNDVkjAwNW0HlCl0mcW2A.roa File: VxmBydPNDVkjAwNW0HlCl0mcW2A.roa (raw, json) Hash identifier: 2uX2f6w9d7FkhAQJ79lByeDaz04Av+toag4OFSNYkF8= Subject key identifier: 57:19:81:C9:D3:CD:0D:59:23:03:03:56:D0:79:42:97:49:9C:5B:60 Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8 Certificate serial: 019B797E08022AAFFED8E1916020B8E85AB5 Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/VxmBydPNDVkjAwNW0HlCl0mcW2A.roa Signing time: Thu 01 Jan 2026 12:17:41 +0000 ROA not before: Thu 01 Jan 2026 12:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1290 IP address blocks: 146.101.0.0/16 maxlen: 24 154.8.0.0/19 maxlen: 24 154.8.32.0/20 maxlen: 24 154.32.0.0/16 maxlen: 24 193.82.96.0/19 maxlen: 24 193.82.128.0/19 maxlen: 24 193.82.192.0/19 maxlen: 24 193.117.32.0/19 maxlen: 24 195.152.0.0/15 maxlen: 15 2a02:1620::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.mft rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:08:02:2a:af:fe:d8:e1:91:60:20:b8:e8:5a:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8 Validity Not Before: Jan 1 12:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=571981c9d3cd0d5923030356d0794297499c5b60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:85:a8:cd:65:0f:bf:83:64:96:c3:03:e6:38: 34:0b:a4:2b:90:6c:88:73:19:ae:84:ef:66:45:7c: 81:44:67:01:7d:26:57:72:44:23:ab:64:85:2b:b4: c6:56:18:76:b8:1f:8a:39:64:22:92:2f:f3:d0:13: e4:c8:9b:fb:48:25:7a:93:b5:4b:17:6f:68:50:b4: d5:f3:df:db:2b:d3:0a:ce:66:d3:87:fb:fd:5d:f3: a2:16:13:ef:e1:81:f2:f7:cd:b7:4d:22:d2:06:4f: 7a:e1:71:96:2a:99:af:9e:52:14:aa:7a:f4:68:da: e0:11:5e:92:01:80:7a:e9:47:b8:7e:e4:0f:0c:5a: bd:8c:cf:4c:37:4f:93:de:89:48:7d:aa:ea:b3:8c: f6:c5:be:3b:d3:fd:0b:7f:20:81:5a:99:a2:db:ae: f2:68:f6:4a:34:1a:1a:13:9f:ec:ff:6c:59:57:d9: e7:69:ff:02:32:01:26:65:9b:2e:da:e1:d0:8e:f8: 44:84:ae:80:4a:e0:e7:05:40:5e:ae:0c:d7:07:58: 0f:c1:22:e3:97:98:60:ed:48:46:6f:90:82:6b:8d: 39:f6:1e:95:0f:c9:8a:7b:d6:a6:a0:73:ee:70:30: 19:ac:7a:f6:b7:27:05:35:b9:1c:bb:6f:1e:83:82: f2:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:19:81:C9:D3:CD:0D:59:23:03:03:56:D0:79:42:97:49:9C:5B:60 X509v3 Authority Key Identifier: keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/VxmBydPNDVkjAwNW0HlCl0mcW2A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 146.101.0.0/16 154.8.0.0-154.8.47.255 154.32.0.0/16 193.82.96.0-193.82.159.255 193.82.192.0/19 193.117.32.0/19 195.152.0.0/15 IPv6: 2a02:1620::/32 Signature Algorithm: sha256WithRSAEncryption 86:60:92:04:b7:4e:1c:f0:f3:28:f3:b3:47:3d:ac:5f:ab:c1: 9b:c2:51:c7:5a:91:13:89:cd:74:21:28:f5:28:5e:f6:7e:4f: 5b:1d:e4:12:8b:67:5a:5b:c7:82:7f:44:c4:34:5d:94:ff:87: 78:22:26:8d:66:43:9e:2b:df:9b:ee:a5:f5:02:37:dc:50:51: ca:ee:13:5a:70:48:dd:32:16:e7:81:45:6a:93:76:5b:ab:a4: cf:1e:cf:3f:d4:00:a8:8e:e8:28:f0:2f:eb:08:e0:b1:7a:91: fc:4e:3e:05:e3:ea:b4:77:16:0a:d0:ad:52:18:ed:99:b4:68: bb:e9:9a:e8:4a:e2:a6:84:66:d9:35:3c:2c:9f:40:9f:82:77: 21:27:27:cb:74:d9:49:d6:da:ce:cd:b9:f3:23:fe:ed:d6:9c: d6:43:af:55:2c:79:d5:f3:d2:ee:3a:9c:5a:e5:6b:04:62:d0: 09:83:06:ba:03:e8:bb:e1:09:03:34:6d:30:30:24:a3:23:74: 74:8c:a2:bc:18:e4:8d:ef:9e:53:2e:1e:a3:31:68:17:bf:54: 91:f7:ee:69:f6:36:2f:a5:ef:5f:2a:63:f8:2b:ce:36:a4:36: 75:b7:77:5a:48:6a:b3:04:cf:da:b4:08:1c:20:17:bb:b0:ef: bf:25:20:36 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgISAZt5fggCKq/+2OGRYCC46Fq1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1 ZGQ2ZTgwHhcNMjYwMTAxMTIxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NzE5ODFjOWQzY2QwZDU5MjMwMzAzNTZkMDc5NDI5NzQ5OWM1YjYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IWozWUPv4NklsMD5jg0C6QrkGyI cxmuhO9mRXyBRGcBfSZXckQjq2SFK7TGVhh2uB+KOWQiki/z0BPkyJv7SCV6k7VL F29oULTV89/bK9MKzmbTh/v9XfOiFhPv4YHy9823TSLSBk964XGWKpmvnlIUqnr0 aNrgEV6SAYB66Ue4fuQPDFq9jM9MN0+T3olIfarqs4z2xb470/0LfyCBWpmi267y aPZKNBoaE5/s/2xZV9nnaf8CMgEmZZsu2uHQjvhEhK6ASuDnBUBergzXB1gPwSLj l5hg7UhGb5CCa4059h6VD8mKe9amoHPucDAZrHr2tycFNbkcu28eg4Ly2wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFcZgcnTzQ1ZIwMDVtB5QpdJnFtgMB8GA1UdIwQY MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt MjkyNmQyODFiNTE0LzEvVnhtQnlkUE5EVmtqQXdOVzBIbENsMG1jVzJBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0 LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwMAkmUwCwMD A5oIAwQEmgggAwMAmiAwDAMEBcFSYAMEBcFSgAMEBcFSwAMEBcF1IAMDAcOYMA0E AgACMAcDBQAqAhYgMA0GCSqGSIb3DQEBCwUAA4IBAQCGYJIEt04c8PMo87NHPaxf q8GbwlHHWpETic10ISj1KF72fk9bHeQSi2daW8eCf0TENF2U/4d4IiaNZkOeK9+b 7qX1AjfcUFHK7hNacEjdMhbngUVqk3Zbq6TPHs8/1ACojugo8C/rCOCxepH8Tj4F 4+q0dxYK0K1SGO2ZtGi76ZroSuKmhGbZNTwsn0CfgnchJyfLdNlJ1trOzbnzI/7t 1pzWQ69VLHnV89LuOpxa5WsEYtAJgwa6A+i74QkDNG0wMCSjI3R0jKK8GOSN755T Lh6jMWgXv1SR9+5p9jYvpe9fKmP4K842pDZ1t3daSGqzBM/atAgcIBe7sO+/JSA2 -----END CERTIFICATE-----Generated at Sun Jan 25 22:29:07 2026 by rpki-client