This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/_fhuGjpkRKlqYVqbCWdqX4nzLXQ.roa File: _fhuGjpkRKlqYVqbCWdqX4nzLXQ.roa (raw, json) Hash identifier: pemjsumjmI0Bd/B3SuE+a27XcI8Ly+FKaqAAHNiWTdM= Subject key identifier: FD:F8:6E:1A:3A:64:44:A9:6A:61:5A:9B:09:67:6A:5F:89:F3:2D:74 Certificate issuer: /CN=9a5e76f929d21b586f42e30f7d9b00399b3dcbf0 Certificate serial: 019B7D5D0527182AD6F6B7D1A0DEC87481F1 Authority key identifier: 9A:5E:76:F9:29:D2:1B:58:6F:42:E3:0F:7D:9B:00:39:9B:3D:CB:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ml52-SnSG1hvQuMPfZsAOZs9y_A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/_fhuGjpkRKlqYVqbCWdqX4nzLXQ.roa Signing time: Fri 02 Jan 2026 06:20:06 +0000 ROA not before: Fri 02 Jan 2026 06:20:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 174 IP address blocks: 86.54.20.0/24 maxlen: 24 86.54.228.0/24 maxlen: 24 86.54.235.0/24 maxlen: 24 86.54.249.0/24 maxlen: 24 194.54.181.0/24 maxlen: 24 194.54.182.0/24 maxlen: 24 194.54.183.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/ml52-SnSG1hvQuMPfZsAOZs9y_A.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/ml52-SnSG1hvQuMPfZsAOZs9y_A.mft rsync://rpki.ripe.net/repository/DEFAULT/ml52-SnSG1hvQuMPfZsAOZs9y_A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 15:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:05:27:18:2a:d6:f6:b7:d1:a0:de:c8:74:81:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9a5e76f929d21b586f42e30f7d9b00399b3dcbf0 Validity Not Before: Jan 2 06:20:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fdf86e1a3a6444a96a615a9b09676a5f89f32d74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:7b:52:c9:9c:3c:73:48:11:25:d7:69:0e:4e: 7c:4a:ac:28:9a:15:ab:83:2f:f0:bd:c4:d1:81:94: 08:5f:e2:f8:69:cd:f0:5a:6a:11:27:cb:20:e7:bd: 11:44:97:36:b8:fb:07:d6:e0:3f:0c:6b:5d:93:ac: e0:80:23:47:2a:85:81:b3:ea:03:03:56:8e:50:52: 59:8a:6b:ca:a2:c9:8f:48:5c:7b:99:14:9f:85:e1: 6a:bd:bd:c0:eb:b3:32:67:13:d9:59:9c:3f:0f:aa: b1:60:81:55:8f:11:d3:be:cd:36:39:47:d0:23:43: bb:b4:2b:33:1f:93:6f:c2:cd:43:68:ea:79:40:87: 7b:9f:2c:ff:e5:e2:e7:c5:72:7a:06:64:bf:c2:0b: 0e:74:a2:41:b5:fd:26:ad:0e:f4:f8:9e:75:ba:c1: 61:9e:af:56:84:79:03:bf:a8:38:87:dc:61:ce:bc: 2f:5f:a3:30:07:a3:52:11:f5:e2:2d:21:6f:ec:85: c7:5b:36:4a:d5:4e:a6:70:34:68:88:c7:6d:3c:91: 3f:b5:b9:ef:4b:2b:6f:58:45:e0:2c:45:3f:de:bb: f4:08:90:3c:50:e2:bd:f4:69:f4:c3:1e:81:a5:00: 06:a2:e3:37:c2:da:b1:27:71:8a:8d:1c:ca:07:c1: 67:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:F8:6E:1A:3A:64:44:A9:6A:61:5A:9B:09:67:6A:5F:89:F3:2D:74 X509v3 Authority Key Identifier: keyid:9A:5E:76:F9:29:D2:1B:58:6F:42:E3:0F:7D:9B:00:39:9B:3D:CB:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ml52-SnSG1hvQuMPfZsAOZs9y_A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/_fhuGjpkRKlqYVqbCWdqX4nzLXQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/ml52-SnSG1hvQuMPfZsAOZs9y_A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.54.20.0/24 86.54.228.0/24 86.54.235.0/24 86.54.249.0/24 194.54.181.0-194.54.183.255 Signature Algorithm: sha256WithRSAEncryption 3c:9c:7f:49:6e:6d:fc:96:bb:26:a2:87:53:c9:6d:c6:c0:0a: d9:66:9a:91:c1:00:2e:e7:c2:ae:a7:5f:00:e5:94:52:be:87: 59:87:ba:b9:e4:73:5e:a5:53:d7:7c:7d:a8:92:13:33:80:3d: fe:3a:ca:a8:19:13:dd:50:c9:61:7b:03:45:16:ae:c1:7a:b8: 45:ea:08:f2:75:84:c7:41:53:00:bc:4b:64:42:6f:e8:da:8b: 0c:bc:96:6a:8c:58:a6:43:7b:b8:86:f6:bb:cc:52:b3:cf:67: f8:8c:0a:0d:3e:c6:9b:1a:c9:11:df:ca:a2:2e:b7:e7:0e:7f: a1:90:e1:9f:24:2e:da:09:d0:29:b1:e6:2a:d1:d4:9a:95:f4: 9a:fb:49:2c:a7:c9:7c:8e:01:9c:20:6b:ef:97:4b:15:39:55: 83:da:62:cf:05:e6:16:1c:11:ad:6d:5c:58:e4:af:1a:bc:07: 04:da:c5:b0:f5:c7:fc:35:e3:a5:f8:8f:79:f1:38:bd:32:b8: 15:88:4f:f8:a5:46:15:3d:ca:a4:f7:b2:22:0e:b9:48:7e:a9: 9d:41:1c:4c:dc:13:1a:42:a3:cc:32:8a:05:e4:2e:6f:4b:82: d4:b7:19:ba:48:f0:98:67:8d:b0:a2:c6:43:2e:e6:a9:82:89: 81:4e:79:c8 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZt9XQUnGCrW9rfRoN7IdIHxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhNWU3NmY5MjlkMjFiNTg2ZjQyZTMwZjdkOWIwMDM5OWIz ZGNiZjAwHhcNMjYwMTAyMDYyMDA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZGY4NmUxYTNhNjQ0NGE5NmE2MTVhOWIwOTY3NmE1Zjg5ZjMyZDc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsntSyZw8c0gRJddpDk58SqwomhWr gy/wvcTRgZQIX+L4ac3wWmoRJ8sg570RRJc2uPsH1uA/DGtdk6zggCNHKoWBs+oD A1aOUFJZimvKosmPSFx7mRSfheFqvb3A67MyZxPZWZw/D6qxYIFVjxHTvs02OUfQ I0O7tCszH5Nvws1DaOp5QId7nyz/5eLnxXJ6BmS/wgsOdKJBtf0mrQ70+J51usFh nq9WhHkDv6g4h9xhzrwvX6MwB6NSEfXiLSFv7IXHWzZK1U6mcDRoiMdtPJE/tbnv SytvWEXgLEU/3rv0CJA8UOK99Gn0wx6BpQAGouM3wtqxJ3GKjRzKB8Fn6QIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFP34bho6ZESpamFamwlnal+J8y10MB8GA1UdIwQY MBaAFJpedvkp0htYb0LjD32bADmbPcvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbWw1Mi1TblNHMWh2UXVNUGZac0FPWnM5eV9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS83NjdkNmQtMzZjOC00MDNiLTgxYjAt YjRhYWEyM2ZkYWE5LzEvX2ZodUdqcGtSS2xxWVZxYkNXZHFYNG56TFhRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS83NjdkNmQtMzZjOC00MDNiLTgxYjAtYjRhYWEyM2ZkYWE5 LzEvbWw1Mi1TblNHMWh2UXVNUGZac0FPWnM5eV9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVjYUAwQA VjbkAwQAVjbrAwQAVjb5MAwDBADCNrUDBAPCNrAwDQYJKoZIhvcNAQELBQADggEB ADycf0lubfyWuyaih1PJbcbACtlmmpHBAC7nwq6nXwDllFK+h1mHurnkc16lU9d8 faiSEzOAPf46yqgZE91QyWF7A0UWrsF6uEXqCPJ1hMdBUwC8S2RCb+jaiwy8lmqM WKZDe7iG9rvMUrPPZ/iMCg0+xpsayRHfyqIut+cOf6GQ4Z8kLtoJ0Cmx5irR1JqV 9Jr7SSynyXyOAZwga++XSxU5VYPaYs8F5hYcEa1tXFjkrxq8BwTaxbD1x/w146X4 j3nxOL0yuBWIT/ilRhU9yqT3siIOuUh+qZ1BHEzcExpCo8wyigXkLm9LgtS3GbpI 8JhnjbCixkMu5qmCiYFOecg= -----END CERTIFICATE-----Generated at Mon Jan 12 00:54:08 2026 by rpki-client