This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/1CqGfPawb52m-pGrteiG3oQk2KU.roa File: 1CqGfPawb52m-pGrteiG3oQk2KU.roa (raw, json) Hash identifier: 2lm0tiO0M7HeFTLSLrNkh2ItHdSD4WFYa8PtNjzMSSg= Subject key identifier: D4:2A:86:7C:F6:B0:6F:9D:A6:FA:91:AB:B5:E8:86:DE:84:24:D8:A5 Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52 Certificate serial: 019B77C6AFDF3CA1964FB75E90FA9E94FEFE Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/1CqGfPawb52m-pGrteiG3oQk2KU.roa Signing time: Thu 01 Jan 2026 04:17:48 +0000 ROA not before: Thu 01 Jan 2026 04:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 397200 IP address blocks: 81.19.195.30/32 maxlen: 32 81.19.195.31/32 maxlen: 32 185.100.0.53/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:af:df:3c:a1:96:4f:b7:5e:90:fa:9e:94:fe:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52 Validity Not Before: Jan 1 04:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d42a867cf6b06f9da6fa91abb5e886de8424d8a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:bc:7f:5f:f3:08:87:0f:b1:6e:0b:29:6e:2f: fe:09:a2:d8:e5:c5:8e:f8:85:f7:db:a6:2b:d0:d7: 45:0e:60:48:aa:44:e0:05:94:91:02:6a:e8:8a:81: 2f:6f:9c:cc:3e:04:20:9d:11:60:a2:7a:d1:cc:9a: f7:37:3a:3a:80:45:08:89:c1:1e:19:b1:79:6f:4f: 5d:9e:04:42:75:f2:2a:50:42:e9:57:1d:47:22:50: f1:17:b3:9e:d5:ca:35:e4:b7:90:cf:77:4c:24:70: 45:17:34:03:00:65:e6:6a:c5:e1:56:5f:cb:bc:f0: 81:b9:be:82:cb:0e:ee:96:31:15:55:70:14:90:ac: 02:19:0c:06:d5:4a:e4:d2:0a:c9:90:13:ee:f2:d2: 57:a9:02:7e:57:89:d0:6f:3c:27:f1:82:dd:da:4b: 63:96:8b:5d:0a:0b:8c:eb:67:fc:45:8d:a5:8f:e1: 18:96:a7:7a:f0:d0:26:57:75:b9:55:87:d0:aa:6c: 9f:61:81:ed:7b:86:0b:ec:55:0b:63:94:1e:b2:0b: a3:c9:e0:0f:69:54:c2:d1:3f:10:bc:5e:3b:c1:6c: 37:e2:95:e4:e9:fc:e6:28:03:4b:76:a2:9e:de:1c: fe:0c:a9:d4:82:fc:1f:ff:a3:8d:bc:4b:a6:40:85: ab:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:2A:86:7C:F6:B0:6F:9D:A6:FA:91:AB:B5:E8:86:DE:84:24:D8:A5 X509v3 Authority Key Identifier: keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/1CqGfPawb52m-pGrteiG3oQk2KU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.19.195.30/31 185.100.0.53/32 Signature Algorithm: sha256WithRSAEncryption a1:7f:6f:8f:e3:a7:15:01:96:88:c2:64:a0:29:9a:40:62:86: ac:36:e9:8d:16:65:ff:22:27:e3:f2:27:4f:8e:86:0d:a1:cd: e9:81:61:2e:23:ee:96:d9:fe:6a:42:39:f1:79:85:7e:bd:a1: 50:f4:36:1a:dd:71:d2:1e:e2:94:c7:0f:61:f2:c7:2b:35:73: 06:d9:f6:c8:29:a4:fc:e0:e6:e2:e5:a7:fe:99:84:74:50:b7: 0a:f9:a3:6e:b2:32:2d:d7:42:4e:89:85:92:aa:37:5e:de:85: 13:52:18:04:ad:dd:a4:5f:13:11:71:5b:86:52:0f:65:7c:f1: 02:8b:44:1e:55:65:26:ee:c6:21:44:66:be:30:5f:d0:bb:98: 18:7c:07:f5:84:3f:02:7d:a1:3b:6a:c3:1c:b2:85:e4:18:b9: 67:0d:ac:5a:e4:48:8c:05:ae:5c:24:0c:1d:1e:44:9d:38:90: b9:90:f0:1b:c6:fb:93:ea:36:a2:a9:fe:4b:6d:a2:7d:81:a5: 1a:2a:ac:43:88:ce:2e:4b:ce:1f:56:f9:11:fd:d2:21:5a:9b: 59:22:7b:7d:75:c7:db:9a:32:20:03:2d:50:f7:dc:17:33:60: c7:89:fc:a6:8b:95:fb:4e:6e:fc:12:79:f9:eb:cd:36:0d:d9: 5b:04:39:60 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt3xq/fPKGWT7dekPqelP7+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl MDZkNTIwHhcNMjYwMTAxMDQxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNDJhODY3Y2Y2YjA2ZjlkYTZmYTkxYWJiNWU4ODZkZTg0MjRkOGE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrx/X/MIhw+xbgspbi/+CaLY5cWO +IX326Yr0NdFDmBIqkTgBZSRAmroioEvb5zMPgQgnRFgonrRzJr3Nzo6gEUIicEe GbF5b09dngRCdfIqUELpVx1HIlDxF7Oe1co15LeQz3dMJHBFFzQDAGXmasXhVl/L vPCBub6Cyw7uljEVVXAUkKwCGQwG1Urk0grJkBPu8tJXqQJ+V4nQbzwn8YLd2ktj lotdCguM62f8RY2lj+EYlqd68NAmV3W5VYfQqmyfYYHte4YL7FULY5QesgujyeAP aVTC0T8QvF47wWw34pXk6fzmKANLdqKe3hz+DKnUgvwf/6ONvEumQIWrQQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFNQqhnz2sG+dpvqRq7Xoht6EJNilMB8GA1UdIwQY MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt MzZjY2I1YTA2MTk1LzEvMUNxR2ZQYXdiNTJtLXBHcnRlaUczb1FrMktVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1 LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF ALlkADUwDQYJKoZIhvcNAQELBQADggEBAKF/b4/jpxUBlojCZKApmkBihqw26Y0W Zf8iJ+PyJ0+Ohg2hzemBYS4j7pbZ/mpCOfF5hX69oVD0NhrdcdIe4pTHD2Hyxys1 cwbZ9sgppPzg5uLlp/6ZhHRQtwr5o26yMi3XQk6JhZKqN17ehRNSGASt3aRfExFx W4ZSD2V88QKLRB5VZSbuxiFEZr4wX9C7mBh8B/WEPwJ9oTtqwxyyheQYuWcNrFrk SIwFrlwkDB0eRJ04kLmQ8BvG+5PqNqKp/ktton2BpRoqrEOIzi5Lzh9W+RH90iFa m1kie311x9uaMiADLVD33BczYMeJ/KaLlftObvwSefnrzTYN2VsEOWA= -----END CERTIFICATE-----Generated at Mon Jan 26 00:37:30 2026 by rpki-client