This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/1onWddNgt-hbXxg-7fMMVDkSMv8.roa File: 1onWddNgt-hbXxg-7fMMVDkSMv8.roa (raw, json) Hash identifier: 6xbzz0JrjMO/4fz5zHo8PgQ0CyGaKVVD/UoDkWFGr1M= Subject key identifier: D6:89:D6:75:D3:60:B7:E8:5B:5F:18:3E:ED:F3:0C:54:39:12:32:FF Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97 Certificate serial: 019B7758BD36E221A9CC936A69CAEAC1714E Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/1onWddNgt-hbXxg-7fMMVDkSMv8.roa Signing time: Thu 01 Jan 2026 02:17:42 +0000 ROA not before: Thu 01 Jan 2026 02:17:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205771 IP address blocks: 89.21.65.0/24 maxlen: 24 128.127.149.0/24 maxlen: 24 128.127.150.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.mft rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:bd:36:e2:21:a9:cc:93:6a:69:ca:ea:c1:71:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97 Validity Not Before: Jan 1 02:17:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d689d675d360b7e85b5f183eedf30c54391232ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:b2:7f:af:79:42:6f:83:e7:b7:b2:fb:a1:5d: 65:8d:6e:b0:3b:78:85:15:6f:a9:d6:5b:04:6e:5f: 62:92:2f:bd:3f:d3:04:cd:05:e8:70:12:9a:25:4d: 98:52:81:b9:57:fc:9f:3b:cf:74:b4:86:73:3e:fd: 39:85:51:20:4f:3d:10:da:41:65:82:7f:27:da:e2: 49:2b:d8:4b:e5:f2:65:78:4e:6e:67:9f:c8:55:1b: bc:9b:5a:dc:c8:10:50:70:b7:d8:ae:14:df:3e:be: db:6f:07:8c:b0:f5:ea:50:37:94:21:23:2d:f9:3e: c9:53:60:d6:9d:7b:e0:ad:d7:2d:f3:5e:68:c1:79: 0b:00:c1:e0:44:0a:d5:99:b4:8a:c9:0f:67:21:01: 94:e0:b5:a6:5f:3e:eb:96:b1:21:9f:0c:1b:50:5b: bd:eb:b6:99:d2:c7:73:5b:5a:55:21:96:06:19:84: 38:82:63:66:2b:db:03:98:f9:1d:f7:0a:1e:af:13: cd:3c:41:d1:1e:05:31:05:bf:9c:c0:6d:43:17:7f: 58:42:90:c5:8b:ab:4b:7d:e9:da:6b:68:04:f8:aa: 47:33:f1:71:91:bf:99:ea:96:76:32:3e:fd:84:84: 06:ca:b3:03:fd:5b:27:d6:7a:13:18:de:18:61:ce: 7e:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:89:D6:75:D3:60:B7:E8:5B:5F:18:3E:ED:F3:0C:54:39:12:32:FF X509v3 Authority Key Identifier: keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/1onWddNgt-hbXxg-7fMMVDkSMv8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.21.65.0/24 128.127.149.0-128.127.150.255 Signature Algorithm: sha256WithRSAEncryption 6a:e6:3f:5e:b4:17:78:d0:a8:ae:df:fe:00:d0:24:d6:13:b8: 6c:3f:5d:4f:70:05:d4:5d:8a:87:74:ca:9e:fe:ec:39:12:85: 46:78:8f:3d:2e:80:a5:e8:7e:17:c4:7d:41:b0:1c:2a:88:a0: a2:80:7b:1b:64:93:c6:66:6f:9a:e6:aa:62:5a:32:d8:ec:61: 06:6a:3a:e9:43:25:75:63:a8:cf:c7:1b:07:dc:67:a6:7f:86: d5:b2:e2:9c:26:ab:f4:d1:ad:65:3f:c7:68:87:0e:89:69:8a: 66:67:1c:4c:53:13:2d:9e:7a:da:b6:02:02:d3:4f:7b:78:03: 7b:e4:c8:f1:0f:41:34:6b:57:61:8e:6d:aa:56:e8:d8:15:61: a0:60:46:3d:e1:3b:c1:e1:95:18:1d:46:41:7f:d6:1a:3d:3b: 96:1b:47:6b:91:76:80:b2:35:10:84:42:03:30:d5:4d:af:72: 86:de:e2:cd:e4:f7:e6:2a:64:5c:f4:bc:5a:60:be:64:e6:36: 80:95:45:c8:76:bc:bb:7c:3b:a3:2b:8e:1c:8b:d7:69:85:f2: 9b:c8:29:0b:9a:fa:c2:5a:dd:04:5f:1a:0b:15:94:b1:07:62: 72:75:6e:e7:ce:f3:b5:d8:27:ea:1b:76:79:e2:93:f0:57:07: d6:61:e8:61 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt3WL024iGpzJNqacrqwXFOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4 M2FjOTcwHhcNMjYwMTAxMDIxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNjg5ZDY3NWQzNjBiN2U4NWI1ZjE4M2VlZGYzMGM1NDM5MTIzMmZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbJ/r3lCb4Pnt7L7oV1ljW6wO3iF FW+p1lsEbl9iki+9P9MEzQXocBKaJU2YUoG5V/yfO890tIZzPv05hVEgTz0Q2kFl gn8n2uJJK9hL5fJleE5uZ5/IVRu8m1rcyBBQcLfYrhTfPr7bbweMsPXqUDeUISMt +T7JU2DWnXvgrdct815owXkLAMHgRArVmbSKyQ9nIQGU4LWmXz7rlrEhnwwbUFu9 67aZ0sdzW1pVIZYGGYQ4gmNmK9sDmPkd9woerxPNPEHRHgUxBb+cwG1DF39YQpDF i6tLfenaa2gE+KpHM/Fxkb+Z6pZ2Mj79hIQGyrMD/Vsn1noTGN4YYc5+wQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFNaJ1nXTYLfoW18YPu3zDFQ5EjL/MB8GA1UdIwQY MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt N2UwNWFiNDFiNmU0LzEvMW9uV2RkTmd0LWhiWHhnLTdmTU1WRGtTTXY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0 LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWRVBMAwD BACAf5UDBACAf5YwDQYJKoZIhvcNAQELBQADggEBAGrmP160F3jQqK7f/gDQJNYT uGw/XU9wBdRdiod0yp7+7DkShUZ4jz0ugKXofhfEfUGwHCqIoKKAextkk8Zmb5rm qmJaMtjsYQZqOulDJXVjqM/HGwfcZ6Z/htWy4pwmq/TRrWU/x2iHDolpimZnHExT Ey2eetq2AgLTT3t4A3vkyPEPQTRrV2GObapW6NgVYaBgRj3hO8HhlRgdRkF/1ho9 O5YbR2uRdoCyNRCEQgMw1U2vcobe4s3k9+YqZFz0vFpgvmTmNoCVRch2vLt8O6Mr jhyL12mF8pvIKQua+sJa3QRfGgsVlLEHYnJ1bufO87XYJ+obdnnik/BXB9Zh6GE= -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:16 2026 by rpki-client