This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/r5h7ruFvhJsuD7J8OUk1-vn3q88.roa File: r5h7ruFvhJsuD7J8OUk1-vn3q88.roa (raw, json) Hash identifier: I4bKCAT+IE6ObCvpX9HNYNvEnnDXSrifQq4q4NebNTw= Subject key identifier: AF:98:7B:AE:E1:6F:84:9B:2E:0F:B2:7C:39:49:35:FA:F9:F7:AB:CF Certificate issuer: /CN=bdf7a0a048b68eccfa4d49eab4f16dc792c0d318 Certificate serial: 019B7F81FED21D899B46D5596404466CC1B2 Authority key identifier: BD:F7:A0:A0:48:B6:8E:CC:FA:4D:49:EA:B4:F1:6D:C7:92:C0:D3:18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfegoEi2jsz6TUnqtPFtx5LA0xg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/r5h7ruFvhJsuD7J8OUk1-vn3q88.roa Signing time: Fri 02 Jan 2026 16:19:44 +0000 ROA not before: Fri 02 Jan 2026 16:19:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41887 IP address blocks: 194.140.230.0/24 maxlen: 24 2001:67c:144::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/vfegoEi2jsz6TUnqtPFtx5LA0xg.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/vfegoEi2jsz6TUnqtPFtx5LA0xg.mft rsync://rpki.ripe.net/repository/DEFAULT/vfegoEi2jsz6TUnqtPFtx5LA0xg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 13:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:81:fe:d2:1d:89:9b:46:d5:59:64:04:46:6c:c1:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bdf7a0a048b68eccfa4d49eab4f16dc792c0d318 Validity Not Before: Jan 2 16:19:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af987baee16f849b2e0fb27c394935faf9f7abcf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:3d:de:3e:5b:57:fa:82:54:28:a2:ee:ff:45: 8d:a6:b1:55:fb:61:07:e0:43:70:f7:a5:8e:2b:4e: a2:c0:a9:29:51:2d:f6:6c:13:81:82:bc:98:7d:25: a2:3c:79:81:60:57:46:77:ca:74:48:bf:55:a3:6c: e4:2c:fa:8a:35:be:33:e9:1f:90:1b:4b:34:f4:cd: 37:af:46:4f:70:ec:c1:46:62:97:66:8d:a1:93:b6: d3:5f:30:db:8a:16:9d:d7:b3:dc:28:39:4e:af:b9: c1:bd:7c:ad:2f:ac:57:1c:58:7b:a2:42:37:78:18: 7a:09:00:2b:b8:c1:25:7c:d1:80:c8:09:46:f3:c3: 48:fd:33:e0:4f:7a:b5:21:2f:d9:7f:73:de:24:9b: 8c:db:75:10:64:69:af:40:aa:01:72:80:77:8b:29: b7:34:4b:3e:01:98:16:9e:ef:55:ef:22:2f:2a:5d: c4:13:5a:d0:2e:7c:cc:54:cb:ca:15:1d:99:58:3d: 99:af:c2:cb:04:14:87:6e:2f:46:6e:22:78:5b:30: ca:63:11:c1:ed:f8:9f:f0:17:bf:eb:fd:10:35:d2: 0f:fd:39:ed:d7:a3:34:ae:de:37:27:ae:3a:8f:67: 5e:6d:6f:cc:b0:83:31:1d:90:8c:da:a5:34:43:3c: 69:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:98:7B:AE:E1:6F:84:9B:2E:0F:B2:7C:39:49:35:FA:F9:F7:AB:CF X509v3 Authority Key Identifier: keyid:BD:F7:A0:A0:48:B6:8E:CC:FA:4D:49:EA:B4:F1:6D:C7:92:C0:D3:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfegoEi2jsz6TUnqtPFtx5LA0xg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/r5h7ruFvhJsuD7J8OUk1-vn3q88.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/vfegoEi2jsz6TUnqtPFtx5LA0xg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.140.230.0/24 IPv6: 2001:67c:144::/48 Signature Algorithm: sha256WithRSAEncryption 5e:75:06:57:6e:92:28:b6:b4:fb:97:06:8d:19:4e:15:8f:b8: 8a:0e:ee:df:ef:ff:c2:6a:8d:5e:ff:7f:7f:81:79:70:17:0d: 48:07:bd:8d:92:82:b8:dc:55:d2:2d:f4:58:81:94:df:f3:38: 67:14:9e:6a:38:98:9b:e1:3a:b8:7e:b3:14:fa:c6:5e:81:b2: 74:c0:1a:2a:8b:fc:80:a8:b5:c4:98:31:c8:e7:9d:c1:40:d7: ae:17:d0:7b:9d:5f:15:ca:d9:2f:af:ae:3c:0c:75:0a:14:2d: 49:c8:f0:af:04:36:37:3b:9b:78:96:48:a5:c5:43:4d:dd:49: 6a:6d:f6:87:21:d9:0a:7d:88:b6:3c:79:1a:10:f7:87:93:1f: 3e:3a:e4:71:01:9a:20:86:ff:d7:e5:b5:0a:7a:c5:32:9c:2c: e2:16:e5:2c:8f:26:29:e1:59:e3:f3:d2:f5:45:29:56:89:58: ec:21:44:db:e7:fc:4e:3e:10:7c:6d:a5:fa:d1:21:29:ac:a8: 68:be:d1:4c:80:0b:e4:52:69:c4:c0:11:d3:3b:44:86:97:c8: 24:d1:07:4b:47:e3:d7:4e:3c:d4:8c:92:b9:81:4c:fb:b9:b5: b6:2d:19:f2:61:8d:cc:33:38:d3:a0:35:e7:63:a7:f1:ca:d7: fe:39:a5:aa -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/gf7SHYmbRtVZZARGbMGyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkZjdhMGEwNDhiNjhlY2NmYTRkNDllYWI0ZjE2ZGM3OTJj MGQzMTgwHhcNMjYwMTAyMTYxOTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjk4N2JhZWUxNmY4NDliMmUwZmIyN2MzOTQ5MzVmYWY5ZjdhYmNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1T3ePltX+oJUKKLu/0WNprFV+2EH 4ENw96WOK06iwKkpUS32bBOBgryYfSWiPHmBYFdGd8p0SL9Vo2zkLPqKNb4z6R+Q G0s09M03r0ZPcOzBRmKXZo2hk7bTXzDbihad17PcKDlOr7nBvXytL6xXHFh7okI3 eBh6CQAruMElfNGAyAlG88NI/TPgT3q1IS/Zf3PeJJuM23UQZGmvQKoBcoB3iym3 NEs+AZgWnu9V7yIvKl3EE1rQLnzMVMvKFR2ZWD2Zr8LLBBSHbi9GbiJ4WzDKYxHB 7fif8Be/6/0QNdIP/Tnt16M0rt43J646j2debW/MsIMxHZCM2qU0QzxpkQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFK+Ye67hb4SbLg+yfDlJNfr596vPMB8GA1UdIwQY MBaAFL33oKBIto7M+k1J6rTxbceSwNMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmZlZ29FaTJqc3o2VFVucXRQRnR4NUxBMHhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9lMTZjYjYtYjQ1NC00OGQ2LWJkYzgt MzUxNjE5MWE5ZDY4LzEvcjVoN3J1RnZoSnN1RDdKOE9VazEtdm4zcTg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS9lMTZjYjYtYjQ1NC00OGQ2LWJkYzgtMzUxNjE5MWE5ZDY4 LzEvdmZlZ29FaTJqc3o2VFVucXRQRnR4NUxBMHhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwozmMA8E AgACMAkDBwAgAQZ8AUQwDQYJKoZIhvcNAQELBQADggEBAF51Bldukii2tPuXBo0Z ThWPuIoO7t/v/8JqjV7/f3+BeXAXDUgHvY2SgrjcVdIt9FiBlN/zOGcUnmo4mJvh Orh+sxT6xl6BsnTAGiqL/ICotcSYMcjnncFA164X0HudXxXK2S+vrjwMdQoULUnI 8K8ENjc7m3iWSKXFQ03dSWpt9och2Qp9iLY8eRoQ94eTHz465HEBmiCG/9fltQp6 xTKcLOIW5SyPJinhWePz0vVFKVaJWOwhRNvn/E4+EHxtpfrRISmsqGi+0UyAC+RS acTAEdM7RIaXyCTRB0tH49dOPNSMkrmBTPu5tbYtGfJhjcwzONOgNedjp/HK1/45 pao= -----END CERTIFICATE-----Generated at Sat Jan 10 20:49:48 2026 by rpki-client