This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/4KIKtiZx4olfKJeL5OUtDWjAXy0.roa File: 4KIKtiZx4olfKJeL5OUtDWjAXy0.roa (raw, json) Hash identifier: xFv84inMCI3OI1weiiDL5A+3hBK6NXECfuHlJb+lAgU= Subject key identifier: E0:A2:0A:B6:26:71:E2:89:5F:28:97:8B:E4:E5:2D:0D:68:C0:5F:2D Certificate issuer: /CN=f79c7c1a1baed3260d950d4cfce9a897cc97fa30 Certificate serial: 019B7E3926F5F5E3644B53CBBA7F92DD9C0C Authority key identifier: F7:9C:7C:1A:1B:AE:D3:26:0D:95:0D:4C:FC:E9:A8:97:CC:97:FA:30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/95x8Ghuu0yYNlQ1M_Omol8yX-jA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/4KIKtiZx4olfKJeL5OUtDWjAXy0.roa Signing time: Fri 02 Jan 2026 10:20:33 +0000 ROA not before: Fri 02 Jan 2026 10:20:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203587 IP address blocks: 217.20.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/95x8Ghuu0yYNlQ1M_Omol8yX-jA.crl rsync://rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/95x8Ghuu0yYNlQ1M_Omol8yX-jA.mft rsync://rpki.ripe.net/repository/DEFAULT/95x8Ghuu0yYNlQ1M_Omol8yX-jA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:26:f5:f5:e3:64:4b:53:cb:ba:7f:92:dd:9c:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f79c7c1a1baed3260d950d4cfce9a897cc97fa30 Validity Not Before: Jan 2 10:20:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e0a20ab62671e2895f28978be4e52d0d68c05f2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:1c:4a:88:4e:44:8f:a0:43:50:e2:01:bf:84: ff:e7:21:93:c0:f0:96:e8:79:37:f5:8d:53:d5:46: 4f:d1:2d:8f:47:bf:5a:7e:4a:b1:95:4d:62:ae:8b: bd:83:e2:a7:cf:90:7c:c1:ae:25:6d:a9:db:5f:cb: 3c:41:82:c8:f8:90:76:02:a4:73:c3:5d:41:0b:f2: d9:0b:2f:55:a1:da:b3:c8:58:7d:89:f9:f3:1e:f2: 74:91:df:29:fe:53:9f:bd:31:7c:3c:14:00:8a:ab: bf:6a:76:1f:28:ad:74:3d:69:7d:a2:11:c6:05:e9: 28:7e:3c:c7:39:bc:cc:15:bc:ba:bf:fd:20:b5:b6: 6c:7c:78:60:ef:5c:e0:78:52:81:8b:98:e6:04:b9: 05:ae:df:26:35:ca:8e:06:7a:da:43:fa:66:da:2c: 70:65:75:bc:56:c9:73:58:04:6d:55:8b:f6:fe:d5: 31:2c:28:08:c2:a6:1e:39:13:0a:08:b9:11:75:34: f3:ea:c3:70:f0:69:5a:f3:74:41:8c:43:ae:86:e5: 5f:ce:a7:c6:97:bb:69:6b:6a:97:d9:ac:5c:2e:d1: 2c:00:01:02:20:c2:6f:ae:68:b3:db:48:b4:1a:2f: e3:a2:a4:85:17:94:bf:f3:fc:6c:83:53:08:15:10: 96:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:A2:0A:B6:26:71:E2:89:5F:28:97:8B:E4:E5:2D:0D:68:C0:5F:2D X509v3 Authority Key Identifier: keyid:F7:9C:7C:1A:1B:AE:D3:26:0D:95:0D:4C:FC:E9:A8:97:CC:97:FA:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/95x8Ghuu0yYNlQ1M_Omol8yX-jA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/4KIKtiZx4olfKJeL5OUtDWjAXy0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/95x8Ghuu0yYNlQ1M_Omol8yX-jA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.20.255.0/24 Signature Algorithm: sha256WithRSAEncryption 95:ad:e1:a8:44:fb:94:be:66:f3:d1:e1:7c:f4:32:70:2d:eb: dc:62:d6:b3:c6:a5:d6:e3:5e:1a:8b:cb:02:84:aa:07:a3:16: 21:5c:f4:6f:5f:c4:15:34:a6:05:ca:a2:01:29:69:96:66:7e: 45:cd:36:d4:b1:94:3e:68:f2:71:bb:3c:43:68:59:f5:3b:84: fd:50:6a:32:bb:2c:1a:de:39:40:a7:94:8f:6e:25:d7:d6:dc: b4:d4:82:40:80:58:06:6d:c9:23:88:05:29:89:f6:92:57:9f: 5d:16:2a:0b:f5:21:7f:36:6c:98:9b:ea:54:6a:34:70:a7:31: ee:a0:05:3a:99:af:a4:5d:e5:77:12:fd:39:38:2d:5a:7b:b2: 9e:71:36:99:da:79:52:b9:03:ca:33:bb:de:6a:f9:f5:5c:8e: 96:84:e3:7f:0d:6e:2d:3a:40:3a:d6:76:14:c1:c4:67:87:bf: e2:bc:65:1c:59:e8:c1:bd:56:60:4b:36:32:7a:12:cd:8e:73: 7a:00:86:8f:16:a2:bf:e0:c3:43:db:1b:15:d8:aa:81:da:c8: dd:24:77:71:a9:41:7a:a4:05:a8:43:30:d5:f1:b7:58:ed:69: 43:16:88:d7:6f:b8:e7:6c:d2:76:97:bc:9b:3e:0f:70:93:6e: 50:41:08:e3 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OSb19eNkS1PLun+S3ZwMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY3OWM3YzFhMWJhZWQzMjYwZDk1MGQ0Y2ZjZTlhODk3Y2M5 N2ZhMzAwHhcNMjYwMTAyMTAyMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMGEyMGFiNjI2NzFlMjg5NWYyODk3OGJlNGU1MmQwZDY4YzA1ZjJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBxKiE5Ej6BDUOIBv4T/5yGTwPCW 6Hk39Y1T1UZP0S2PR79afkqxlU1irou9g+Knz5B8wa4lbanbX8s8QYLI+JB2AqRz w11BC/LZCy9VodqzyFh9ifnzHvJ0kd8p/lOfvTF8PBQAiqu/anYfKK10PWl9ohHG BekofjzHObzMFby6v/0gtbZsfHhg71zgeFKBi5jmBLkFrt8mNcqOBnraQ/pm2ixw ZXW8VslzWARtVYv2/tUxLCgIwqYeORMKCLkRdTTz6sNw8Gla83RBjEOuhuVfzqfG l7tpa2qX2axcLtEsAAECIMJvrmiz20i0Gi/joqSFF5S/8/xsg1MIFRCW9QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOCiCrYmceKJXyiXi+TlLQ1owF8tMB8GA1UdIwQY MBaAFPecfBobrtMmDZUNTPzpqJfMl/owMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOTV4OEdodXUweVlObFExTV9PbW9sOHlYLWpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yZGQwM2ItNTg5Yi00NTFjLWI5ZWQt ZDEyYjU4Y2NiODdjLzEvNEtJS3RpWng0b2xmS0plTDVPVXREV2pBWHkwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZS8yZGQwM2ItNTg5Yi00NTFjLWI5ZWQtZDEyYjU4Y2NiODdj LzEvOTV4OEdodXUweVlObFExTV9PbW9sOHlYLWpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RT/MA0G CSqGSIb3DQEBCwUAA4IBAQCVreGoRPuUvmbz0eF89DJwLevcYtazxqXW414ai8sC hKoHoxYhXPRvX8QVNKYFyqIBKWmWZn5FzTbUsZQ+aPJxuzxDaFn1O4T9UGoyuywa 3jlAp5SPbiXX1ty01IJAgFgGbckjiAUpifaSV59dFioL9SF/NmyYm+pUajRwpzHu oAU6ma+kXeV3Ev05OC1ae7KecTaZ2nlSuQPKM7veavn1XI6WhON/DW4tOkA61nYU wcRnh7/ivGUcWejBvVZgSzYyehLNjnN6AIaPFqK/4MND2xsV2KqB2sjdJHdxqUF6 pAWoQzDV8bdY7WlDFojXb7jnbNJ2l7ybPg9wk25QQQjj -----END CERTIFICATE-----Generated at Mon Feb 2 07:57:15 2026 by rpki-client