This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/_CKH0NPKePgQmfkQwBAqF7isKR0.roa File: _CKH0NPKePgQmfkQwBAqF7isKR0.roa (raw, json) Hash identifier: ghaupre6oze0hToZ8lc6XJoP3I8j3iyx30t5QLH2zrM= Subject key identifier: FC:22:87:D0:D3:CA:78:F8:10:99:F9:10:C0:10:2A:17:B8:AC:29:1D Certificate issuer: /CN=f05a17dd3beb8dc848fbe7629061d6080141e7d4 Certificate serial: 019B7B3665A360694A5B222FB3CB3B4ED9A3 Authority key identifier: F0:5A:17:DD:3B:EB:8D:C8:48:FB:E7:62:90:61:D6:08:01:41:E7:D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FoX3TvrjchI--dikGHWCAFB59Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/_CKH0NPKePgQmfkQwBAqF7isKR0.roa Signing time: Thu 01 Jan 2026 20:18:41 +0000 ROA not before: Thu 01 Jan 2026 20:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51351 IP address blocks: 164.138.96.0/24 maxlen: 24 164.138.97.0/24 maxlen: 24 164.138.98.0/24 maxlen: 24 194.31.10.0/24 maxlen: 24 2a11:ec00::/29 maxlen: 29 2a11:ec07::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/8FoX3TvrjchI--dikGHWCAFB59Q.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/8FoX3TvrjchI--dikGHWCAFB59Q.mft rsync://rpki.ripe.net/repository/DEFAULT/8FoX3TvrjchI--dikGHWCAFB59Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:65:a3:60:69:4a:5b:22:2f:b3:cb:3b:4e:d9:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f05a17dd3beb8dc848fbe7629061d6080141e7d4 Validity Not Before: Jan 1 20:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fc2287d0d3ca78f81099f910c0102a17b8ac291d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:41:ae:a6:f4:5b:b2:9d:45:4d:7f:d5:58:b8: 3a:47:18:f6:f4:93:46:26:a0:a1:09:6a:69:e8:77: 22:64:a0:16:d9:dd:96:4f:ae:22:1c:4a:de:bb:60: 82:d1:3a:43:e4:48:e7:72:68:fe:ad:2f:d7:e1:7c: 55:88:d9:38:03:04:a0:75:4c:1e:4b:b6:3c:82:7b: 9c:09:38:4b:5c:16:6a:5d:83:bb:60:51:4f:a2:18: ef:c9:e5:6e:ab:73:0d:01:a5:31:a8:1a:9e:e6:a6: e0:11:99:c7:99:c0:e2:a6:fc:96:2e:92:e9:41:67: cf:26:dc:6c:25:5d:ea:a4:4b:70:2e:47:79:8a:e7: 8e:05:42:e0:5f:ef:54:15:ae:60:55:6c:d6:cd:47: 7c:06:c6:76:6e:8f:0f:97:7a:48:38:a0:6e:b9:bd: e8:97:51:17:d8:36:34:b9:5c:1f:fc:8e:1c:73:36: ff:b2:93:f2:60:12:a4:9a:50:23:6d:83:2b:58:ac: 89:89:e2:7c:85:f8:59:d7:7b:8c:f1:98:44:93:b0: 6f:73:81:1d:e5:69:73:95:03:b7:30:5b:32:74:95: 60:72:e6:d8:06:be:df:2b:4b:67:8e:63:a5:ec:de: ea:2b:6a:46:92:f5:7f:0b:47:c2:7f:ad:03:b4:05: 4c:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:22:87:D0:D3:CA:78:F8:10:99:F9:10:C0:10:2A:17:B8:AC:29:1D X509v3 Authority Key Identifier: keyid:F0:5A:17:DD:3B:EB:8D:C8:48:FB:E7:62:90:61:D6:08:01:41:E7:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FoX3TvrjchI--dikGHWCAFB59Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/_CKH0NPKePgQmfkQwBAqF7isKR0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/8FoX3TvrjchI--dikGHWCAFB59Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 164.138.96.0-164.138.98.255 194.31.10.0/24 IPv6: 2a11:ec00::/29 Signature Algorithm: sha256WithRSAEncryption 64:36:8c:9b:fd:b2:ee:de:98:4b:d6:13:17:98:b5:45:9d:31: d0:b1:da:91:f7:f3:a8:10:17:f1:c1:33:ca:d7:65:4d:aa:cd: d0:51:73:7b:e4:e2:78:ab:3b:ee:d2:27:2c:be:1f:6b:99:6a: 11:51:e9:ac:3f:a3:35:a1:15:8c:b6:32:94:b0:59:42:e5:70: 31:7c:ca:74:34:c9:ed:7c:a5:e1:6c:c8:70:78:b8:0d:4f:8d: 39:57:b6:1b:23:13:2b:d5:d8:e2:e6:18:45:c9:83:83:4a:ab: 15:ae:31:8e:4b:77:30:43:b5:c0:00:07:21:01:47:5b:32:16: f0:6a:ea:d0:fa:25:67:e8:00:a6:cc:0a:ca:52:d7:92:d7:69: be:40:ec:08:7c:04:2d:ad:24:ad:0b:7d:fa:87:a0:e2:7d:99: 7a:c0:22:34:5a:6a:15:30:05:f4:17:0a:e4:db:1d:55:f5:5b: 51:fd:87:64:40:a3:50:ad:b3:38:8e:b9:0a:f0:f2:5b:aa:45: 07:c6:d1:5e:a2:f2:b3:6e:0a:9b:71:87:3e:f2:cf:35:5d:a9: 3b:1f:4b:bd:9f:4b:73:20:8d:62:3b:42:cd:7c:bc:24:b4:9a: 1a:e5:ce:8d:e9:ee:4f:c3:69:ca:82:39:af:b9:4f:a1:9c:47: 4b:aa:69:15 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt7NmWjYGlKWyIvs8s7TtmjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNWExN2RkM2JlYjhkYzg0OGZiZTc2MjkwNjFkNjA4MDE0 MWU3ZDQwHhcNMjYwMTAxMjAxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYzIyODdkMGQzY2E3OGY4MTA5OWY5MTBjMDEwMmExN2I4YWMyOTFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkGupvRbsp1FTX/VWLg6Rxj29JNG JqChCWpp6HciZKAW2d2WT64iHEreu2CC0TpD5Ejncmj+rS/X4XxViNk4AwSgdUwe S7Y8gnucCThLXBZqXYO7YFFPohjvyeVuq3MNAaUxqBqe5qbgEZnHmcDipvyWLpLp QWfPJtxsJV3qpEtwLkd5iueOBULgX+9UFa5gVWzWzUd8BsZ2bo8Pl3pIOKBuub3o l1EX2DY0uVwf/I4cczb/spPyYBKkmlAjbYMrWKyJieJ8hfhZ13uM8ZhEk7Bvc4Ed 5WlzlQO3MFsydJVgcubYBr7fK0tnjmOl7N7qK2pGkvV/C0fCf60DtAVMYwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFPwih9DTynj4EJn5EMAQKhe4rCkdMB8GA1UdIwQY MBaAFPBaF907643ISPvnYpBh1ggBQefUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEZvWDNUdnJqY2hJLS1kaWtHSFdDQUZCNTlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yYjJjZGYtMmVlNS00Njg5LTg2M2It M2QxM2U5Nzc2ZmY3LzEvX0NLSDBOUEtlUGdRbWZrUXdCQXFGN2lzS1IwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8yYjJjZGYtMmVlNS00Njg5LTg2M2ItM2QxM2U5Nzc2ZmY3 LzEvOEZvWDNUdnJqY2hJLS1kaWtHSFdDQUZCNTlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAWkimAD BACkimIDBADCHwowDQQCAAIwBwMFAyoR7AAwDQYJKoZIhvcNAQELBQADggEBAGQ2 jJv9su7emEvWExeYtUWdMdCx2pH386gQF/HBM8rXZU2qzdBRc3vk4nirO+7SJyy+ H2uZahFR6aw/ozWhFYy2MpSwWULlcDF8ynQ0ye18peFsyHB4uA1PjTlXthsjEyvV 2OLmGEXJg4NKqxWuMY5LdzBDtcAAByEBR1syFvBq6tD6JWfoAKbMCspS15LXab5A 7Ah8BC2tJK0LffqHoOJ9mXrAIjRaahUwBfQXCuTbHVX1W1H9h2RAo1CtsziOuQrw 8luqRQfG0V6i8rNuCptxhz7yzzVdqTsfS72fS3MgjWI7Qs18vCS0mhrlzo3p7k/D acqCOa+5T6GcR0uqaRU= -----END CERTIFICATE-----Generated at Mon Jan 26 00:14:11 2026 by rpki-client