This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/vMIHGFPf0heT2WpdAxKEA8H1uqY.roa File: vMIHGFPf0heT2WpdAxKEA8H1uqY.roa (raw, json) Hash identifier: Y7aS0+OiMr6KF+wJQp4D98bim2LplH1VyBIQ6kJaS6A= Subject key identifier: BC:C2:07:18:53:DF:D2:17:93:D9:6A:5D:03:12:84:03:C1:F5:BA:A6 Certificate issuer: /CN=4e69b402b67d75936f45dc8bc54b86814e0636ba Certificate serial: 019B78352C49EAD744299840DF31C40CDF82 Authority key identifier: 4E:69:B4:02:B6:7D:75:93:6F:45:DC:8B:C5:4B:86:81:4E:06:36:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/vMIHGFPf0heT2WpdAxKEA8H1uqY.roa Signing time: Thu 01 Jan 2026 06:18:29 +0000 ROA not before: Thu 01 Jan 2026 06:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2119 IP address blocks: 80.89.160.0/20 maxlen: 20 80.94.208.0/20 maxlen: 20 88.83.128.0/19 maxlen: 19 2a00:6e80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.mft rsync://rpki.ripe.net/repository/DEFAULT/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:2c:49:ea:d7:44:29:98:40:df:31:c4:0c:df:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e69b402b67d75936f45dc8bc54b86814e0636ba Validity Not Before: Jan 1 06:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bcc2071853dfd21793d96a5d03128403c1f5baa6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:76:7a:69:c7:d2:df:25:c9:51:f6:bc:f9:01: 92:7f:78:20:4b:3c:71:4b:a6:8a:a5:2e:f8:da:30: 0a:44:fc:8e:9d:cd:5c:9d:25:a4:61:c5:a9:fc:18: c8:ea:6b:00:ec:89:73:0f:57:4d:b7:65:f3:ea:39: 08:83:01:0a:5c:ae:29:b3:81:37:fb:31:35:0d:ba: f9:4d:9d:85:54:a0:97:64:68:1e:75:d9:a7:b6:8b: fb:12:60:9e:73:10:83:3d:d1:4f:58:25:c7:d6:37: 67:a2:c3:e2:59:8f:53:2e:03:2b:6b:59:5a:49:d9: f8:11:90:a8:43:ee:bd:52:31:46:6b:bf:79:9e:cb: e1:f2:a0:c7:4d:d0:a1:e3:ca:02:60:d5:d3:36:2b: 8e:30:c9:d2:65:ac:71:da:84:cb:cc:c0:b0:f1:88: f9:e9:9e:2e:e7:07:c0:80:25:9c:77:f0:28:df:e4: 4b:ea:e7:f5:13:57:b5:89:24:7b:99:c4:77:45:ad: c7:21:13:ad:02:2c:a4:85:f0:99:27:b2:98:35:d0: e6:bb:56:3d:36:3b:bf:89:5b:1c:9b:e5:31:51:cc: 3c:f4:56:b5:d1:9f:8a:23:34:4d:84:09:73:d8:7f: 9f:48:34:07:df:c4:86:5c:0f:88:d5:be:86:67:29: c8:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:C2:07:18:53:DF:D2:17:93:D9:6A:5D:03:12:84:03:C1:F5:BA:A6 X509v3 Authority Key Identifier: keyid:4E:69:B4:02:B6:7D:75:93:6F:45:DC:8B:C5:4B:86:81:4E:06:36:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/vMIHGFPf0heT2WpdAxKEA8H1uqY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.89.160.0/20 80.94.208.0/20 88.83.128.0/19 IPv6: 2a00:6e80::/32 Signature Algorithm: sha256WithRSAEncryption 2f:02:28:7e:50:4f:cd:f4:11:8d:52:c4:c6:f2:ee:c8:a9:40: ec:34:7c:3b:fb:7b:ca:e5:59:fe:75:88:60:0b:0a:7b:3e:40: 95:cf:07:9a:bb:4c:33:30:e7:b2:58:4a:32:29:fd:1a:bb:b6: e6:d1:d3:9a:61:c7:fc:1d:31:2e:c6:30:e3:d1:fe:66:73:c6: a9:1f:5b:ea:91:05:b0:99:c8:5e:71:14:a1:d6:8e:13:fd:ca: 64:9b:23:3d:49:9b:30:2b:94:91:a9:22:36:6d:dc:e4:ae:f6: 78:e0:04:75:66:81:25:27:78:3d:db:31:fb:e4:37:58:bf:a8: e6:e0:71:62:f1:2b:5c:24:d5:fd:00:fd:ec:53:44:f3:23:d6: 93:ff:b4:e6:04:d3:1e:d2:0a:33:b4:5a:5f:c6:b9:5a:02:d3: 90:48:83:80:67:ba:fc:bd:b0:cf:71:2b:c3:fd:1c:aa:a4:e5: b3:c4:eb:06:40:e9:e9:c0:c4:fb:71:c8:1b:61:d3:28:ba:c2: 05:d0:d4:f7:8d:f5:2c:b9:1e:9b:77:b8:37:e6:39:23:76:58: ab:5b:fd:1c:60:cb:67:37:fe:e1:03:5c:68:e9:e3:e9:48:47: e3:87:d5:83:fd:eb:71:06:49:65:e4:a8:5c:5a:7c:25:63:2b: 11:8f:32:35 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt4NSxJ6tdEKZhA3zHEDN+CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlNjliNDAyYjY3ZDc1OTM2ZjQ1ZGM4YmM1NGI4NjgxNGUw NjM2YmEwHhcNMjYwMTAxMDYxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiY2MyMDcxODUzZGZkMjE3OTNkOTZhNWQwMzEyODQwM2MxZjViYWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXZ6acfS3yXJUfa8+QGSf3ggSzxx S6aKpS742jAKRPyOnc1cnSWkYcWp/BjI6msA7IlzD1dNt2Xz6jkIgwEKXK4ps4E3 +zE1Dbr5TZ2FVKCXZGgeddmntov7EmCecxCDPdFPWCXH1jdnosPiWY9TLgMra1la Sdn4EZCoQ+69UjFGa795nsvh8qDHTdCh48oCYNXTNiuOMMnSZaxx2oTLzMCw8Yj5 6Z4u5wfAgCWcd/Ao3+RL6uf1E1e1iSR7mcR3Ra3HIROtAiykhfCZJ7KYNdDmu1Y9 Nju/iVscm+UxUcw89Fa10Z+KIzRNhAlz2H+fSDQH38SGXA+I1b6GZynIPwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFLzCBxhT39IXk9lqXQMShAPB9bqmMB8GA1UdIwQY MBaAFE5ptAK2fXWTb0Xci8VLhoFOBja6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVG1tMEFyWjlkWk52UmR5THhVdUdnVTRHTnJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82ODlhYjUtMzBkMi00NmEzLThjNTQt MTZiNDE5NmZhMjk0LzEvdk1JSEdGUGYwaGVUMldwZEF4S0VBOEgxdXFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC82ODlhYjUtMzBkMi00NmEzLThjNTQtMTZiNDE5NmZhMjk0 LzEvVG1tMEFyWjlkWk52UmR5THhVdUdnVTRHTnJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUFmgAwQE UF7QAwQFWFOAMA0EAgACMAcDBQAqAG6AMA0GCSqGSIb3DQEBCwUAA4IBAQAvAih+ UE/N9BGNUsTG8u7IqUDsNHw7+3vK5Vn+dYhgCwp7PkCVzweau0wzMOeyWEoyKf0a u7bm0dOaYcf8HTEuxjDj0f5mc8apH1vqkQWwmchecRSh1o4T/cpkmyM9SZswK5SR qSI2bdzkrvZ44AR1ZoElJ3g92zH75DdYv6jm4HFi8StcJNX9AP3sU0TzI9aT/7Tm BNMe0goztFpfxrlaAtOQSIOAZ7r8vbDPcSvD/RyqpOWzxOsGQOnpwMT7ccgbYdMo usIF0NT3jfUsuR6bd7g35jkjdlirW/0cYMtnN/7hA1xo6ePpSEfjh9WD/etxBkll 5KhcWnwlYysRjzI1 -----END CERTIFICATE-----Generated at Sun Jan 25 15:12:35 2026 by rpki-client