This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/591a46-1e21-4590-874c-58c7bfcdcfdf/1/1OfpxNPFwqp9XMtv17DCToBd3A0.roa File: 1OfpxNPFwqp9XMtv17DCToBd3A0.roa (raw, json) Hash identifier: EiZWsUI66iHeWYb4Ke4tZ8rBlqUcSPgP0TnEIClGK4A= Subject key identifier: D4:E7:E9:C4:D3:C5:C2:AA:7D:5C:CB:6F:D7:B0:C2:4E:80:5D:DC:0D Certificate issuer: /CN=14db04f9c92317ecc7a2aaff2ca4d7098d1bd26a Certificate serial: 019B77C6718008178DBF4B466DFBE77C4777 Authority key identifier: 14:DB:04:F9:C9:23:17:EC:C7:A2:AA:FF:2C:A4:D7:09:8D:1B:D2:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FNsE-ckjF-zHoqr_LKTXCY0b0mo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/591a46-1e21-4590-874c-58c7bfcdcfdf/1/1OfpxNPFwqp9XMtv17DCToBd3A0.roa Signing time: Thu 01 Jan 2026 04:17:32 +0000 ROA not before: Thu 01 Jan 2026 04:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33915 IP address blocks: 185.72.124.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/591a46-1e21-4590-874c-58c7bfcdcfdf/1/FNsE-ckjF-zHoqr_LKTXCY0b0mo.crl rsync://rpki.ripe.net/repository/DEFAULT/13/591a46-1e21-4590-874c-58c7bfcdcfdf/1/FNsE-ckjF-zHoqr_LKTXCY0b0mo.mft rsync://rpki.ripe.net/repository/DEFAULT/FNsE-ckjF-zHoqr_LKTXCY0b0mo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:71:80:08:17:8d:bf:4b:46:6d:fb:e7:7c:47:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=14db04f9c92317ecc7a2aaff2ca4d7098d1bd26a Validity Not Before: Jan 1 04:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d4e7e9c4d3c5c2aa7d5ccb6fd7b0c24e805ddc0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:6c:f6:73:c8:54:3d:94:74:b9:71:b1:be:9e: a3:c9:36:02:c3:34:b4:fe:86:0b:9b:fc:aa:b9:34: 53:64:2a:f8:8b:5a:0c:86:e4:3a:69:2c:9d:3e:76: 6f:6b:05:3f:a9:02:a3:15:23:e4:d9:25:17:94:ba: 40:a4:27:a5:0b:6e:0c:c4:7f:1e:ea:d8:36:fb:1c: de:66:51:72:dc:71:a4:21:d1:8c:f1:d0:ce:af:c5: 37:71:dd:4e:bc:fa:04:ce:4e:c6:99:eb:b5:a0:43: a9:68:81:60:92:1a:45:c7:b7:e6:e9:37:d9:79:fe: 86:fa:9a:78:fd:b5:58:cc:4f:62:11:24:b4:f8:aa: 51:42:c6:ba:f2:b1:ce:0c:f5:9e:f1:4b:74:e6:95: 7d:36:42:03:f6:10:47:4b:83:9d:6b:18:e1:0a:b7: fc:bf:87:48:75:0d:71:1a:9c:b0:53:0e:8e:8b:7b: 0f:29:b9:d2:ca:99:66:5c:eb:8b:c0:3c:dd:35:a8: bd:bb:44:c7:97:41:f8:aa:a3:bd:b0:c9:99:94:93: 28:8a:2d:46:9f:f4:80:5e:cd:eb:08:ab:24:12:1d: 83:cf:d5:35:1e:2d:26:55:73:e8:fd:be:74:e3:fa: c5:78:f0:f9:73:2f:83:bf:c5:44:55:54:27:d9:47: c1:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:E7:E9:C4:D3:C5:C2:AA:7D:5C:CB:6F:D7:B0:C2:4E:80:5D:DC:0D X509v3 Authority Key Identifier: keyid:14:DB:04:F9:C9:23:17:EC:C7:A2:AA:FF:2C:A4:D7:09:8D:1B:D2:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FNsE-ckjF-zHoqr_LKTXCY0b0mo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/591a46-1e21-4590-874c-58c7bfcdcfdf/1/1OfpxNPFwqp9XMtv17DCToBd3A0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/591a46-1e21-4590-874c-58c7bfcdcfdf/1/FNsE-ckjF-zHoqr_LKTXCY0b0mo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.72.124.0/22 Signature Algorithm: sha256WithRSAEncryption 0b:5d:61:d3:48:fb:f2:5a:fc:db:c9:80:bd:5b:51:2d:ba:cc: 70:29:54:eb:e6:6d:bf:20:06:0b:0d:4d:99:ba:7b:16:09:a8: aa:c8:a6:58:15:07:d2:ec:9c:84:94:3f:73:6e:33:a3:af:9e: 62:0e:f1:a1:2f:84:3a:f9:9c:84:d6:38:a7:a7:bd:04:2d:b5: 91:82:33:1b:22:0b:4a:59:ac:69:b9:36:90:e9:91:db:62:c7: b4:9c:d3:36:09:16:c3:31:a0:b0:c9:4b:20:92:2a:ff:f3:bc: a6:4d:c1:6d:48:a7:8f:69:32:f8:8a:2d:23:fe:83:80:eb:21: db:d3:6b:b3:72:4d:ea:90:f8:41:1d:03:fe:33:e0:3a:38:4d: 22:df:52:3a:ff:f3:20:49:b7:b9:a6:f2:93:82:d1:a3:c2:3e: 95:0a:79:10:ee:2a:91:5c:02:5c:08:38:73:38:21:55:06:45: 8a:79:f4:bc:93:0e:14:82:c1:f7:3b:04:59:f1:f9:65:83:e7: 37:43:c9:33:56:2b:3f:3a:1d:64:f9:72:fe:08:59:c9:5e:31: 62:a7:3b:76:9d:d7:9d:52:5c:5c:14:e4:18:a2:51:db:7c:8b: 20:f1:97:47:36:ff:5f:c6:18:01:b6:b3:9b:c5:1e:81:a1:9e: 9b:21:ad:36 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3xnGACBeNv0tGbfvnfEd3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE0ZGIwNGY5YzkyMzE3ZWNjN2EyYWFmZjJjYTRkNzA5OGQx YmQyNmEwHhcNMjYwMTAxMDQxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNGU3ZTljNGQzYzVjMmFhN2Q1Y2NiNmZkN2IwYzI0ZTgwNWRkYzBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWz2c8hUPZR0uXGxvp6jyTYCwzS0 /oYLm/yquTRTZCr4i1oMhuQ6aSydPnZvawU/qQKjFSPk2SUXlLpApCelC24MxH8e 6tg2+xzeZlFy3HGkIdGM8dDOr8U3cd1OvPoEzk7Gmeu1oEOpaIFgkhpFx7fm6TfZ ef6G+pp4/bVYzE9iESS0+KpRQsa68rHODPWe8Ut05pV9NkID9hBHS4OdaxjhCrf8 v4dIdQ1xGpywUw6Oi3sPKbnSyplmXOuLwDzdNai9u0THl0H4qqO9sMmZlJMoii1G n/SAXs3rCKskEh2Dz9U1Hi0mVXPo/b504/rFePD5cy+Dv8VEVVQn2UfBrwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNTn6cTTxcKqfVzLb9ewwk6AXdwNMB8GA1UdIwQY MBaAFBTbBPnJIxfsx6Kq/yyk1wmNG9JqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRk5zRS1ja2pGLXpIb3FyX0xLVFhDWTBiMG1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy81OTFhNDYtMWUyMS00NTkwLTg3NGMt NThjN2JmY2RjZmRmLzEvMU9mcHhOUEZ3cXA5WE10djE3RENUb0JkM0EwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy81OTFhNDYtMWUyMS00NTkwLTg3NGMtNThjN2JmY2RjZmRm LzEvRk5zRS1ja2pGLXpIb3FyX0xLVFhDWTBiMG1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUh8MA0G CSqGSIb3DQEBCwUAA4IBAQALXWHTSPvyWvzbyYC9W1EtusxwKVTr5m2/IAYLDU2Z unsWCaiqyKZYFQfS7JyElD9zbjOjr55iDvGhL4Q6+ZyE1jinp70ELbWRgjMbIgtK WaxpuTaQ6ZHbYse0nNM2CRbDMaCwyUsgkir/87ymTcFtSKePaTL4ii0j/oOA6yHb 02uzck3qkPhBHQP+M+A6OE0i31I6//MgSbe5pvKTgtGjwj6VCnkQ7iqRXAJcCDhz OCFVBkWKefS8kw4UgsH3OwRZ8fllg+c3Q8kzVis/Oh1k+XL+CFnJXjFipzt2nded UlxcFOQYolHbfIsg8ZdHNv9fxhgBtrObxR6BoZ6bIa02 -----END CERTIFICATE-----Generated at Mon Jan 26 22:36:12 2026 by rpki-client