This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/rfIN427V9zPCMZ-z5PwfYOKvWvE.roa File: rfIN427V9zPCMZ-z5PwfYOKvWvE.roa (raw, json) Hash identifier: /rLACCeghRFqZopyBKHtIJ9ZVC/Uf5aLpLTNEVJcleE= Subject key identifier: AD:F2:0D:E3:6E:D5:F7:33:C2:31:9F:B3:E4:FC:1F:60:E2:AF:5A:F1 Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Certificate serial: 019B76EB12E679D2CAFF5C3DD46CC6059789 Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/rfIN427V9zPCMZ-z5PwfYOKvWvE.roa Signing time: Thu 01 Jan 2026 00:17:55 +0000 ROA not before: Thu 01 Jan 2026 00:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202583 IP address blocks: 157.97.176.0/21 maxlen: 24 185.72.0.0/22 maxlen: 24 185.250.92.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:12:e6:79:d2:ca:ff:5c:3d:d4:6c:c6:05:97:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Validity Not Before: Jan 1 00:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=adf20de36ed5f733c2319fb3e4fc1f60e2af5af1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:7f:5f:ed:d3:ab:2e:52:65:7d:61:d6:a2:cb: 53:7b:b6:91:00:70:f7:90:1b:3f:32:95:06:c9:02: 6b:94:04:2e:24:a6:a8:34:fc:95:02:d6:20:55:24: 7b:63:5f:0b:9b:97:2c:94:ca:08:b2:fe:77:a4:d4: 8b:8a:ec:40:be:aa:39:ff:dd:b8:2f:f7:f3:86:85: ff:1b:e0:8f:72:49:a3:eb:c7:8d:b7:e2:33:77:a7: 90:95:d7:dd:82:e8:b4:4a:c1:3f:ae:6c:6b:73:c8: d9:07:a2:2e:79:6d:f5:44:da:7b:a7:ae:fc:30:d3: fd:17:03:94:76:07:f2:00:52:08:3f:33:e7:75:aa: 80:3b:f3:4a:7f:bd:7b:a9:ef:3e:bd:e0:21:5e:6b: be:95:b7:fc:71:d4:85:b7:83:14:ad:53:b5:4a:73: d3:3d:80:05:15:d0:d7:90:41:83:49:ae:b1:41:a4: 03:8a:6b:f3:7b:b4:b3:80:11:c5:8e:e9:40:42:79: 27:03:1a:72:4a:fe:47:cf:8a:e5:64:83:5b:27:82: 65:89:c9:78:fa:e5:28:47:ff:1d:52:18:7d:26:10: 91:94:d1:ac:d9:d5:d1:bf:c5:d8:97:03:5c:b6:cf: 59:c1:a9:57:c3:01:a0:f6:e6:62:c1:ba:af:37:b6: 9c:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:F2:0D:E3:6E:D5:F7:33:C2:31:9F:B3:E4:FC:1F:60:E2:AF:5A:F1 X509v3 Authority Key Identifier: keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/rfIN427V9zPCMZ-z5PwfYOKvWvE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.97.176.0/21 185.72.0.0/22 185.250.92.0/22 Signature Algorithm: sha256WithRSAEncryption 12:c5:20:a0:ab:be:e0:65:0a:5d:a8:95:d3:41:7e:c7:80:00: de:19:e1:77:58:62:bf:e5:25:ae:74:df:b0:32:00:86:48:61: 91:99:ce:a7:6f:44:16:1d:3d:d0:ba:e7:cb:15:4d:85:1b:cf: 76:92:fa:91:6a:d5:bf:70:6d:65:c0:92:3d:b8:55:09:b0:f6: 19:8c:1c:26:bd:39:6b:cb:67:3b:03:06:77:23:c9:6b:26:7c: 6e:ec:f6:1d:c2:85:bd:cb:52:d6:9f:24:5f:fd:0a:e1:ad:86: 1b:b2:9a:2e:57:2a:d4:62:f0:7f:c7:0b:86:59:bb:fe:93:d8: 0e:3a:77:c4:5e:60:28:3b:c0:41:9d:6b:0a:ab:55:6a:6b:1a: 8d:6e:2c:a8:3a:87:83:64:72:1f:8f:4a:74:39:2d:c9:07:c5: 48:a9:43:9f:bd:b6:95:a5:48:0e:74:1f:87:bb:b7:13:cc:6e: 39:a4:4e:e2:c1:78:a2:a8:bd:10:f9:16:be:21:0b:58:43:a5: c7:62:c5:60:8e:3c:3c:38:e9:2e:48:8f:ca:b0:91:ee:80:1e: 2a:fc:4f:f4:ff:c7:4a:ed:3f:38:0f:5b:2f:9f:9b:de:e5:22: 0e:e2:82:02:a8:a1:d4:5f:5a:55:3a:9f:02:5b:1a:63:08:36: 02:c9:57:b0 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt26xLmedLK/1w91GzGBZeJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4 YjZiNzUwHhcNMjYwMTAxMDAxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZGYyMGRlMzZlZDVmNzMzYzIzMTlmYjNlNGZjMWY2MGUyYWY1YWYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyn9f7dOrLlJlfWHWostTe7aRAHD3 kBs/MpUGyQJrlAQuJKaoNPyVAtYgVSR7Y18Lm5cslMoIsv53pNSLiuxAvqo5/924 L/fzhoX/G+CPckmj68eNt+Izd6eQldfdgui0SsE/rmxrc8jZB6IueW31RNp7p678 MNP9FwOUdgfyAFIIPzPndaqAO/NKf717qe8+veAhXmu+lbf8cdSFt4MUrVO1SnPT PYAFFdDXkEGDSa6xQaQDimvze7SzgBHFjulAQnknAxpySv5Hz4rlZINbJ4Jlicl4 +uUoR/8dUhh9JhCRlNGs2dXRv8XYlwNcts9ZwalXwwGg9uZiwbqvN7acpwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFK3yDeNu1fczwjGfs+T8H2Dir1rxMB8GA1UdIwQY MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt Yzc5MTRhYjY0MjczLzEvcmZJTjQyN1Y5elBDTVotejVQd2ZZT0t2V3ZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDnWGwAwQC uUgAAwQCufpcMA0GCSqGSIb3DQEBCwUAA4IBAQASxSCgq77gZQpdqJXTQX7HgADe GeF3WGK/5SWudN+wMgCGSGGRmc6nb0QWHT3QuufLFU2FG892kvqRatW/cG1lwJI9 uFUJsPYZjBwmvTlry2c7AwZ3I8lrJnxu7PYdwoW9y1LWnyRf/QrhrYYbspouVyrU YvB/xwuGWbv+k9gOOnfEXmAoO8BBnWsKq1VqaxqNbiyoOoeDZHIfj0p0OS3JB8VI qUOfvbaVpUgOdB+Hu7cTzG45pE7iwXiiqL0Q+Ra+IQtYQ6XHYsVgjjw8OOkuSI/K sJHugB4q/E/0/8dK7T84D1svn5ve5SIO4oICqKHUX1pVOp8CWxpjCDYCyVew -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:08 2026 by rpki-client