This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4d865c-70f5-44b9-88a6-ea8afe678970/1/wfRbCWoZLVmY8bAvM8RMoZB0PGc.roa File: wfRbCWoZLVmY8bAvM8RMoZB0PGc.roa (raw, json) Hash identifier: bnGgZ1CdYYmazMBl45x5uGVuKXkwyk8jwkb9FImtueA= Subject key identifier: C1:F4:5B:09:6A:19:2D:59:98:F1:B0:2F:33:C4:4C:A1:90:74:3C:67 Certificate issuer: /CN=36f1d5676bdd704334b2db34ca904d77cdd2baca Certificate serial: 019B797E86033CF8404DD6EC61CAC52F68B1 Authority key identifier: 36:F1:D5:67:6B:DD:70:43:34:B2:DB:34:CA:90:4D:77:CD:D2:BA:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NvHVZ2vdcEM0sts0ypBNd83Suso.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/4d865c-70f5-44b9-88a6-ea8afe678970/1/wfRbCWoZLVmY8bAvM8RMoZB0PGc.roa Signing time: Thu 01 Jan 2026 12:18:13 +0000 ROA not before: Thu 01 Jan 2026 12:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50599 IP address blocks: 89.40.144.0/22 maxlen: 22 91.204.160.0/23 maxlen: 23 91.204.162.0/24 maxlen: 24 91.236.52.0/24 maxlen: 24 91.236.54.0/23 maxlen: 23 128.0.54.0/24 maxlen: 24 185.11.128.0/22 maxlen: 22 185.72.196.0/22 maxlen: 22 185.170.104.0/22 maxlen: 22 188.210.220.0/22 maxlen: 22 193.105.125.0/24 maxlen: 24 195.177.216.0/24 maxlen: 24 195.177.217.0/24 maxlen: 24 2a02:e7c0::/29 maxlen: 29 2a0b:5480::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/4d865c-70f5-44b9-88a6-ea8afe678970/1/NvHVZ2vdcEM0sts0ypBNd83Suso.crl rsync://rpki.ripe.net/repository/DEFAULT/de/4d865c-70f5-44b9-88a6-ea8afe678970/1/NvHVZ2vdcEM0sts0ypBNd83Suso.mft rsync://rpki.ripe.net/repository/DEFAULT/NvHVZ2vdcEM0sts0ypBNd83Suso.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:86:03:3c:f8:40:4d:d6:ec:61:ca:c5:2f:68:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36f1d5676bdd704334b2db34ca904d77cdd2baca Validity Not Before: Jan 1 12:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c1f45b096a192d5998f1b02f33c44ca190743c67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:8a:8b:d2:6e:7c:9d:17:c0:a2:cb:17:c4:af: 27:41:a7:2a:1f:ab:dc:9f:cd:ee:29:72:00:e7:36: be:4f:05:2e:96:cc:d0:fb:8e:26:aa:38:92:ed:36: be:74:53:ea:00:48:24:8b:ac:fb:05:59:e7:11:ba: a0:a6:4d:4f:93:2b:14:29:0f:28:65:0c:60:dc:c1: 11:61:4f:c2:79:95:a1:70:01:a9:f0:20:41:f2:7f: 10:1c:01:3d:14:17:ae:f9:9e:e8:5a:fa:0e:ab:74: 82:55:9a:77:45:a8:87:31:62:1c:8c:d4:d5:3d:af: 70:48:54:30:49:12:22:c1:77:f6:75:61:f4:e1:6f: 21:e9:99:e1:50:dd:83:a6:f3:82:da:75:81:ed:5c: 21:9f:b5:86:f4:3d:6f:3f:33:14:33:4d:cd:30:4c: 17:68:84:c1:43:b4:92:ec:22:ac:5f:16:0b:df:93: c0:17:9d:55:05:90:69:bb:1c:b2:2e:c5:25:0f:6b: 5d:7f:85:4d:42:6b:3a:eb:01:06:4a:0b:b5:da:1f: 05:7d:94:e8:a3:38:69:49:76:00:35:3e:06:c3:04: 5d:d5:56:86:14:ae:80:b2:fe:49:31:95:18:9a:98: e1:5d:50:2a:13:7e:fc:dd:be:c6:b6:34:9f:a3:fa: 79:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:F4:5B:09:6A:19:2D:59:98:F1:B0:2F:33:C4:4C:A1:90:74:3C:67 X509v3 Authority Key Identifier: keyid:36:F1:D5:67:6B:DD:70:43:34:B2:DB:34:CA:90:4D:77:CD:D2:BA:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NvHVZ2vdcEM0sts0ypBNd83Suso.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4d865c-70f5-44b9-88a6-ea8afe678970/1/wfRbCWoZLVmY8bAvM8RMoZB0PGc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4d865c-70f5-44b9-88a6-ea8afe678970/1/NvHVZ2vdcEM0sts0ypBNd83Suso.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.40.144.0/22 91.204.160.0-91.204.162.255 91.236.52.0/24 91.236.54.0/23 128.0.54.0/24 185.11.128.0/22 185.72.196.0/22 185.170.104.0/22 188.210.220.0/22 193.105.125.0/24 195.177.216.0/23 IPv6: 2a02:e7c0::/29 2a0b:5480::/29 Signature Algorithm: sha256WithRSAEncryption 62:74:54:69:66:cc:1d:f6:b0:ab:ea:0a:11:63:4e:cc:c7:52: 2d:ff:49:a6:a6:c2:e6:1c:d5:98:c3:81:52:f4:31:1d:71:93: 25:98:a5:95:45:30:ec:af:a1:18:bc:ea:fb:05:b8:75:5f:9c: ac:8d:8e:63:3f:15:ae:7e:03:f4:f0:0c:f6:a0:91:44:80:85: c3:dc:b8:33:85:6d:8e:64:e2:a6:02:18:2d:3d:af:db:1c:e0: 5c:c0:22:96:0b:54:41:9d:c8:67:fd:0e:db:f5:10:78:f7:68: 0b:52:64:a3:d1:a7:a3:7d:35:a9:96:94:a6:26:59:af:4c:b1: 58:18:18:95:77:47:1c:94:83:1d:f8:90:8d:c4:38:6d:f3:28: a8:99:3d:2e:39:93:d9:6c:cf:25:5c:b1:af:1e:2d:77:67:9c: 70:83:f2:5b:35:bb:10:3f:66:15:a1:c9:d7:43:df:c4:ef:44: 93:e9:eb:c2:73:29:4b:ae:33:6c:d5:20:fd:f5:07:c8:6f:dd: 32:e5:6e:ed:83:91:bc:3c:d0:d4:9f:e6:40:96:28:45:16:44: 2a:cc:0d:9b:b4:3b:d8:ee:ff:b2:7d:87:9d:c1:03:ed:4f:72: c6:3e:d0:1a:ce:82:1e:b8:40:0b:06:3c:05:65:8a:0e:ea:4a: d3:3b:3d:48 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgISAZt5foYDPPhATdbsYcrFL2ixMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2ZjFkNTY3NmJkZDcwNDMzNGIyZGIzNGNhOTA0ZDc3Y2Rk MmJhY2EwHhcNMjYwMTAxMTIxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMWY0NWIwOTZhMTkyZDU5OThmMWIwMmYzM2M0NGNhMTkwNzQzYzY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYqL0m58nRfAossXxK8nQacqH6vc n83uKXIA5za+TwUulszQ+44mqjiS7Ta+dFPqAEgki6z7BVnnEbqgpk1PkysUKQ8o ZQxg3MERYU/CeZWhcAGp8CBB8n8QHAE9FBeu+Z7oWvoOq3SCVZp3RaiHMWIcjNTV Pa9wSFQwSRIiwXf2dWH04W8h6ZnhUN2DpvOC2nWB7Vwhn7WG9D1vPzMUM03NMEwX aITBQ7SS7CKsXxYL35PAF51VBZBpuxyyLsUlD2tdf4VNQms66wEGSgu12h8FfZTo ozhpSXYANT4GwwRd1VaGFK6Asv5JMZUYmpjhXVAqE3783b7GtjSfo/p5pwIDAQAB o4ICYzCCAl8wHQYDVR0OBBYEFMH0WwlqGS1ZmPGwLzPETKGQdDxnMB8GA1UdIwQY MBaAFDbx1Wdr3XBDNLLbNMqQTXfN0rrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnZIVloydmRjRU0wc3RzMHlwQk5kODNTdXNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80ZDg2NWMtNzBmNS00NGI5LTg4YTYt ZWE4YWZlNjc4OTcwLzEvd2ZSYkNXb1pMVm1ZOGJBdk04Uk1vWkIwUEdjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS80ZDg2NWMtNzBmNS00NGI5LTg4YTYtZWE4YWZlNjc4OTcw LzEvTnZIVloydmRjRU0wc3RzMHlwQk5kODNTdXNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQCWSiQMAwD BAVbzKADBABbzKIDBABb7DQDBAFb7DYDBACAADYDBAK5C4ADBAK5SMQDBAK5qmgD BAK80twDBADBaX0DBAHDsdgwFAQCAAIwDgMFAyoC58ADBQMqC1SAMA0GCSqGSIb3 DQEBCwUAA4IBAQBidFRpZswd9rCr6goRY07Mx1It/0mmpsLmHNWYw4FS9DEdcZMl mKWVRTDsr6EYvOr7Bbh1X5ysjY5jPxWufgP08Az2oJFEgIXD3LgzhW2OZOKmAhgt Pa/bHOBcwCKWC1RBnchn/Q7b9RB492gLUmSj0aejfTWplpSmJlmvTLFYGBiVd0cc lIMd+JCNxDht8yiomT0uOZPZbM8lXLGvHi13Z5xwg/JbNbsQP2YVocnXQ9/E70ST 6evCcylLrjNs1SD99QfIb90y5W7tg5G8PNDUn+ZAlihFFkQqzA2btDvY7v+yfYed wQPtT3LGPtAazoIeuEALBjwFZYoO6krTOz1I -----END CERTIFICATE-----Generated at Mon Jan 26 11:04:57 2026 by rpki-client