This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/5b73d7-f1f5-4e8f-a4b6-cdf89683540e/1/1-2UtBiTjHsLQddCqGP3gVri-xW0.roa File: 1-2UtBiTjHsLQddCqGP3gVri-xW0.roa (raw, json) Hash identifier: DJE2DUvAsy++YyvCOr1N7VjrxiOrJBdKXmpjw8gEGfk= Subject key identifier: FB:65:2D:06:24:E3:1E:C2:D0:75:D0:AA:18:FD:E0:56:B8:BE:C5:6D Certificate issuer: /CN=17bbd60374bc23ed07d01c24e7cfd9178b8fed21 Certificate serial: 019B7A5A5521A9CA181E3CE402169E85D706 Authority key identifier: 17:BB:D6:03:74:BC:23:ED:07:D0:1C:24:E7:CF:D9:17:8B:8F:ED:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7vWA3S8I-0H0Bwk58_ZF4uP7SE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/5b73d7-f1f5-4e8f-a4b6-cdf89683540e/1/1-2UtBiTjHsLQddCqGP3gVri-xW0.roa Signing time: Thu 01 Jan 2026 16:18:18 +0000 ROA not before: Thu 01 Jan 2026 16:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3356 IP address blocks: 185.66.212.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/5b73d7-f1f5-4e8f-a4b6-cdf89683540e/1/F7vWA3S8I-0H0Bwk58_ZF4uP7SE.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/5b73d7-f1f5-4e8f-a4b6-cdf89683540e/1/F7vWA3S8I-0H0Bwk58_ZF4uP7SE.mft rsync://rpki.ripe.net/repository/DEFAULT/F7vWA3S8I-0H0Bwk58_ZF4uP7SE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:55:21:a9:ca:18:1e:3c:e4:02:16:9e:85:d7:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17bbd60374bc23ed07d01c24e7cfd9178b8fed21 Validity Not Before: Jan 1 16:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fb652d0624e31ec2d075d0aa18fde056b8bec56d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:71:54:0f:34:50:98:c3:bc:63:89:28:be:81: 99:ce:29:88:8d:b3:5d:d7:69:40:72:7f:57:02:96: 6f:da:b8:b6:fe:f0:4f:a6:a1:b7:76:f5:7f:69:40: 5b:4a:21:f0:ef:ad:2a:80:a9:d9:ec:99:57:a2:d8: 7a:b1:fa:f2:39:51:60:bd:d8:0b:2f:88:d6:3e:ec: 58:65:57:31:d5:4e:27:f7:04:c9:a7:a4:d2:9f:4c: ef:1f:af:de:a8:f3:8b:c6:77:23:c5:b1:09:9d:48: c6:92:97:20:c6:f6:7b:af:69:d7:a5:8b:df:65:5c: 04:ff:07:ce:70:e3:08:71:bb:a2:38:ef:7f:e2:9f: a7:d8:a7:4f:d2:88:96:7d:d1:85:c5:bd:9c:25:b3: b9:a8:40:8c:7a:a3:38:f0:4f:ff:2f:1f:46:00:e0: c6:1c:99:e5:cf:1e:d2:f2:af:30:e9:f7:80:3a:93: 96:4e:14:30:12:b3:d7:1a:5d:4a:7d:3b:9d:43:97: 02:39:df:7b:4e:5d:7e:19:c5:b7:f5:ac:de:9e:91: 1e:d4:77:fa:bd:63:2c:1f:39:73:1a:a9:6d:49:28: 54:f3:22:0b:e5:0a:f3:a2:29:c4:9d:7a:f2:4b:67: 6e:7b:85:8e:fe:ed:a6:74:d5:53:d7:88:9b:06:41: 96:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:65:2D:06:24:E3:1E:C2:D0:75:D0:AA:18:FD:E0:56:B8:BE:C5:6D X509v3 Authority Key Identifier: keyid:17:BB:D6:03:74:BC:23:ED:07:D0:1C:24:E7:CF:D9:17:8B:8F:ED:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7vWA3S8I-0H0Bwk58_ZF4uP7SE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b73d7-f1f5-4e8f-a4b6-cdf89683540e/1/1-2UtBiTjHsLQddCqGP3gVri-xW0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b73d7-f1f5-4e8f-a4b6-cdf89683540e/1/F7vWA3S8I-0H0Bwk58_ZF4uP7SE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.66.212.0/24 Signature Algorithm: sha256WithRSAEncryption 66:98:8c:51:32:d4:3c:c3:59:96:4b:fe:58:eb:16:39:f2:bc: 14:65:68:c2:7b:13:a5:de:81:f1:3c:c0:5e:49:4d:ec:9d:84: 38:cd:60:0e:f4:05:95:d0:b7:da:44:84:c0:0c:7b:ac:10:49: a8:f1:6b:e8:1d:cf:54:25:0f:ad:42:58:25:fd:3b:86:ac:97: a4:c6:3f:48:ca:8a:43:e9:9f:fa:f0:4b:82:79:63:e4:16:17: 2f:93:6e:b7:93:ee:90:c6:b0:56:11:1d:08:6b:a4:23:da:bb: 70:78:fc:5d:c0:d8:f3:fa:a5:0f:bb:a7:72:f6:77:8d:70:f6: d4:a1:09:53:43:fe:93:12:b5:f5:7e:f3:aa:c3:f7:84:59:12: ae:53:38:d6:c0:fa:69:10:5c:61:63:1d:6f:42:c7:c1:00:51: 17:12:61:46:b3:54:32:25:5b:64:bc:4e:c3:0b:50:26:12:00: 32:22:ca:60:45:ac:92:89:48:57:1e:a9:fe:af:8e:f3:49:f7: a0:00:0f:86:68:f3:0c:e7:a7:57:af:b3:6b:3a:82:e4:73:29: 24:94:f5:79:fe:d5:97:22:a9:ea:bf:22:c1:51:a8:4c:c1:5d: fc:00:76:8c:59:11:74:cc:49:23:6e:d6:0a:33:5d:db:49:4b: c0:9f:33:04 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt6WlUhqcoYHjzkAhaehdcGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3YmJkNjAzNzRiYzIzZWQwN2QwMWMyNGU3Y2ZkOTE3OGI4 ZmVkMjEwHhcNMjYwMTAxMTYxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYjY1MmQwNjI0ZTMxZWMyZDA3NWQwYWExOGZkZTA1NmI4YmVjNTZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynFUDzRQmMO8Y4kovoGZzimIjbNd 12lAcn9XApZv2ri2/vBPpqG3dvV/aUBbSiHw760qgKnZ7JlXoth6sfryOVFgvdgL L4jWPuxYZVcx1U4n9wTJp6TSn0zvH6/eqPOLxncjxbEJnUjGkpcgxvZ7r2nXpYvf ZVwE/wfOcOMIcbuiOO9/4p+n2KdP0oiWfdGFxb2cJbO5qECMeqM48E//Lx9GAODG HJnlzx7S8q8w6feAOpOWThQwErPXGl1KfTudQ5cCOd97Tl1+GcW39azenpEe1Hf6 vWMsHzlzGqltSShU8yIL5QrzoinEnXryS2due4WO/u2mdNVT14ibBkGWswIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFPtlLQYk4x7C0HXQqhj94Fa4vsVtMB8GA1UdIwQY MBaAFBe71gN0vCPtB9AcJOfP2ReLj+0hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjd2V0EzUzhJLTBIMEJ3azU4X1pGNHVQN1NFLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81YjczZDctZjFmNS00ZThmLWE0YjYt Y2RmODk2ODM1NDBlLzEvMS0yVXRCaVRqSHNMUWRkQ3FHUDNnVnJpLXhXMC5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvZjMvNWI3M2Q3LWYxZjUtNGU4Zi1hNGI2LWNkZjg5NjgzNTQw ZS8xL0Y3dldBM1M4SS0wSDBCd2s1OF9aRjR1UDdTRS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlC1DAN BgkqhkiG9w0BAQsFAAOCAQEAZpiMUTLUPMNZlkv+WOsWOfK8FGVownsTpd6B8TzA XklN7J2EOM1gDvQFldC32kSEwAx7rBBJqPFr6B3PVCUPrUJYJf07hqyXpMY/SMqK Q+mf+vBLgnlj5BYXL5Nut5PukMawVhEdCGukI9q7cHj8XcDY8/qlD7uncvZ3jXD2 1KEJU0P+kxK19X7zqsP3hFkSrlM41sD6aRBcYWMdb0LHwQBRFxJhRrNUMiVbZLxO wwtQJhIAMiLKYEWskolIVx6p/q+O80n3oAAPhmjzDOenV6+zazqC5HMpJJT1ef7V lyKp6r8iwVGoTMFd/AB2jFkRdMxJI27WCjNd20lLwJ8zBA== -----END CERTIFICATE-----Generated at Fri Jan 23 16:01:58 2026 by rpki-client