This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/pXi_lWorquYMeFo_GByXEjAC2iQ.roa File: pXi_lWorquYMeFo_GByXEjAC2iQ.roa (raw, json) Hash identifier: C5ppARZwdDpqOjifyYQPpcbZiTRFDLNkGmS29XOlq5w= Subject key identifier: A5:78:BF:95:6A:2B:AA:E6:0C:78:5A:3F:18:1C:97:12:30:02:DA:24 Certificate issuer: /CN=d45a8d91fe44f1a9639aed561c1bcafcbf10b25d Certificate serial: 019B7BA42FA39054017BD06384BC12B3693E Authority key identifier: D4:5A:8D:91:FE:44:F1:A9:63:9A:ED:56:1C:1B:CA:FC:BF:10:B2:5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FqNkf5E8aljmu1WHBvK_L8Qsl0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/pXi_lWorquYMeFo_GByXEjAC2iQ.roa Signing time: Thu 01 Jan 2026 22:18:36 +0000 ROA not before: Thu 01 Jan 2026 22:18:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24956 IP address blocks: 194.120.234.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/1FqNkf5E8aljmu1WHBvK_L8Qsl0.crl rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/1FqNkf5E8aljmu1WHBvK_L8Qsl0.mft rsync://rpki.ripe.net/repository/DEFAULT/1FqNkf5E8aljmu1WHBvK_L8Qsl0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:2f:a3:90:54:01:7b:d0:63:84:bc:12:b3:69:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d45a8d91fe44f1a9639aed561c1bcafcbf10b25d Validity Not Before: Jan 1 22:18:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a578bf956a2baae60c785a3f181c97123002da24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:48:fa:1e:ab:f0:9d:1f:04:84:a1:c3:bf:31: 07:0e:34:6b:8a:f0:79:7d:59:7d:9a:e0:65:f8:19: 12:2c:00:a7:89:bc:97:d7:2e:e8:9e:01:9c:3c:8d: b2:4a:df:6c:8a:0f:0c:02:5a:e7:a2:c2:68:43:ba: 8b:15:ca:71:fb:08:eb:05:bd:a9:a2:3c:97:ed:4b: 52:f8:46:30:a6:37:d4:69:d8:cf:f5:6e:03:87:88: a1:f4:8b:b2:06:62:ad:5a:49:69:0f:03:ae:5c:35: 38:a3:c1:0a:3d:bc:6a:91:0a:89:36:2d:3a:86:d9: 73:72:99:61:56:1f:2f:17:ec:e2:1f:06:dc:f6:aa: 0a:32:42:83:ee:f6:f8:4f:f3:96:ef:f0:7e:ed:fd: 75:09:31:60:3e:dc:f7:9a:ba:6b:3f:25:83:3c:7f: 0c:8a:97:8a:5d:fe:bc:4e:01:ca:c4:dd:ef:2e:08: b8:72:35:2a:4e:ee:de:94:b6:8b:25:45:83:75:5a: 44:46:36:51:49:1b:52:cb:fb:e3:35:f4:45:b3:a8: e8:49:4b:ec:b8:3b:5a:ca:60:2c:99:f7:19:d1:33: d4:1c:50:d9:d9:e0:a7:bd:b9:58:a3:13:f3:46:30: 88:5f:f9:ef:6f:98:0e:ee:d2:20:77:38:a3:81:a1: 28:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:78:BF:95:6A:2B:AA:E6:0C:78:5A:3F:18:1C:97:12:30:02:DA:24 X509v3 Authority Key Identifier: keyid:D4:5A:8D:91:FE:44:F1:A9:63:9A:ED:56:1C:1B:CA:FC:BF:10:B2:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FqNkf5E8aljmu1WHBvK_L8Qsl0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/pXi_lWorquYMeFo_GByXEjAC2iQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/1FqNkf5E8aljmu1WHBvK_L8Qsl0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.120.234.0/24 Signature Algorithm: sha256WithRSAEncryption 33:e5:45:ab:17:7f:c9:9e:f2:61:89:bc:a7:44:f6:ec:8f:2b: a2:f4:40:47:32:5b:ad:dc:83:2c:34:61:c5:d9:19:8f:66:6d: 2d:24:aa:02:a8:7d:c2:6f:24:1a:79:2a:9e:14:52:30:73:80: e8:56:65:8f:a8:03:86:de:85:e7:c7:68:6f:19:2a:19:9e:cc: 68:1e:a4:4a:64:cb:8e:a1:46:db:e5:f1:06:51:db:52:72:04: ab:af:5b:90:80:00:17:40:bf:82:3a:ce:8f:7a:76:36:34:9c: d7:ee:8a:0a:51:cd:69:25:f5:f8:82:73:92:83:f6:20:81:d1: a7:d2:7d:37:21:6e:3e:e4:de:90:18:a4:89:e0:ef:58:cd:78: 7d:77:17:c3:86:3b:7c:76:97:17:f6:c6:9a:e7:79:ce:2e:66: 3e:a4:6d:7a:d5:b3:ee:00:84:6f:39:e4:bb:13:fc:da:d3:ad: fe:49:d3:21:28:10:91:a7:94:e8:e4:bc:48:96:b3:60:44:56: 0e:6b:84:4e:a5:84:c6:9c:81:46:ce:40:e9:5d:1e:cf:ac:af: 63:91:53:47:4d:8f:67:65:7b:35:44:7b:1c:8f:9e:79:94:a7: a1:55:44:51:7a:0b:9c:44:b9:14:52:83:f8:7b:59:ef:8f:05: d1:42:5f:28 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7pC+jkFQBe9BjhLwSs2k+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0NWE4ZDkxZmU0NGYxYTk2MzlhZWQ1NjFjMWJjYWZjYmYx MGIyNWQwHhcNMjYwMTAxMjIxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNTc4YmY5NTZhMmJhYWU2MGM3ODVhM2YxODFjOTcxMjMwMDJkYTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUj6HqvwnR8EhKHDvzEHDjRrivB5 fVl9muBl+BkSLACnibyX1y7ongGcPI2ySt9sig8MAlrnosJoQ7qLFcpx+wjrBb2p ojyX7UtS+EYwpjfUadjP9W4Dh4ih9IuyBmKtWklpDwOuXDU4o8EKPbxqkQqJNi06 htlzcplhVh8vF+ziHwbc9qoKMkKD7vb4T/OW7/B+7f11CTFgPtz3mrprPyWDPH8M ipeKXf68TgHKxN3vLgi4cjUqTu7elLaLJUWDdVpERjZRSRtSy/vjNfRFs6joSUvs uDtaymAsmfcZ0TPUHFDZ2eCnvblYoxPzRjCIX/nvb5gO7tIgdzijgaEofwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKV4v5VqK6rmDHhaPxgclxIwAtokMB8GA1UdIwQY MBaAFNRajZH+RPGpY5rtVhwbyvy/ELJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUZxTmtmNUU4YWxqbXUxV0hCdktfTDhRc2wwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mYWM0MDYtMWQ5Yi00NjFkLTg1NWIt NTg4NjVkMWUxNGUwLzEvcFhpX2xXb3JxdVlNZUZvX0dCeVhFakFDMmlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZS9mYWM0MDYtMWQ5Yi00NjFkLTg1NWItNTg4NjVkMWUxNGUw LzEvMUZxTmtmNUU4YWxqbXUxV0hCdktfTDhRc2wwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnjqMA0G CSqGSIb3DQEBCwUAA4IBAQAz5UWrF3/JnvJhibynRPbsjyui9EBHMlut3IMsNGHF 2RmPZm0tJKoCqH3CbyQaeSqeFFIwc4DoVmWPqAOG3oXnx2hvGSoZnsxoHqRKZMuO oUbb5fEGUdtScgSrr1uQgAAXQL+COs6PenY2NJzX7ooKUc1pJfX4gnOSg/YggdGn 0n03IW4+5N6QGKSJ4O9YzXh9dxfDhjt8dpcX9saa53nOLmY+pG161bPuAIRvOeS7 E/za063+SdMhKBCRp5To5LxIlrNgRFYOa4ROpYTGnIFGzkDpXR7PrK9jkVNHTY9n ZXs1RHscj555lKehVURRegucRLkUUoP4e1nvjwXRQl8o -----END CERTIFICATE-----Generated at Mon Feb 9 21:01:41 2026 by rpki-client