This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/1-gfSrWkkPBhxthfW3JrHoJC9spI.roa File: 1-gfSrWkkPBhxthfW3JrHoJC9spI.roa (raw, json) Hash identifier: Rnl0mmrjcLaqzVvTvP650dcar9MAaD9eI+jcraf6cdQ= Subject key identifier: FA:07:D2:AD:69:24:3C:18:71:B6:17:D6:DC:9A:C7:A0:90:BD:B2:92 Certificate issuer: /CN=7b24358c4f16c19ffad37f3cafe0c8f6acbf65b1 Certificate serial: 019B7759244224DE2DF9CE8E0319FDDD5E28 Authority key identifier: 7B:24:35:8C:4F:16:C1:9F:FA:D3:7F:3C:AF:E0:C8:F6:AC:BF:65:B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eyQ1jE8WwZ_60388r-DI9qy_ZbE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/1-gfSrWkkPBhxthfW3JrHoJC9spI.roa Signing time: Thu 01 Jan 2026 02:18:09 +0000 ROA not before: Thu 01 Jan 2026 02:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210339 IP address blocks: 213.178.148.0/22 maxlen: 24 2a07:3940::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/eyQ1jE8WwZ_60388r-DI9qy_ZbE.crl rsync://rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/eyQ1jE8WwZ_60388r-DI9qy_ZbE.mft rsync://rpki.ripe.net/repository/DEFAULT/eyQ1jE8WwZ_60388r-DI9qy_ZbE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:24:42:24:de:2d:f9:ce:8e:03:19:fd:dd:5e:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7b24358c4f16c19ffad37f3cafe0c8f6acbf65b1 Validity Not Before: Jan 1 02:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fa07d2ad69243c1871b617d6dc9ac7a090bdb292 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:cf:f3:82:87:0d:35:f4:db:ea:23:56:97:10: 85:b1:e4:a0:7b:a2:e0:b1:ba:2f:04:ff:26:4a:86: 81:45:ab:df:37:72:b0:83:d8:e7:85:43:f2:18:24: 59:e3:84:11:7e:db:3f:72:81:5c:22:ed:ba:6b:f6: 40:d1:59:9f:97:72:41:d8:63:1a:a4:ca:fc:44:58: 30:23:71:fe:76:cc:27:43:7a:1a:45:1b:d3:10:85: ce:e7:49:25:ab:e9:7c:69:c9:b1:8f:72:e4:b0:1d: e0:49:d3:55:c4:c7:13:57:4f:ba:ee:f8:29:9d:58: 91:a0:50:9c:d9:f4:91:a8:30:dd:40:32:40:ea:12: d5:3f:23:de:ad:01:29:56:d8:29:9e:65:13:56:9e: df:d6:ff:0e:13:1d:25:c1:2e:62:6d:22:82:e4:bb: 78:be:ba:e6:6a:13:f1:40:1f:e0:d3:9b:bb:c1:b0: 95:2e:e7:e3:6f:1f:ee:07:ce:a3:5c:51:c0:bb:c2: 15:1c:ae:76:89:59:50:bd:5a:84:d9:b0:2c:50:3e: cd:31:6f:60:6f:8e:ec:05:09:8f:1b:ac:87:c7:31: 15:75:61:b5:a5:33:ca:09:e1:c1:83:3f:f0:63:0c: 6b:4a:7e:ac:9d:bc:b9:17:b8:67:67:c2:d9:34:6c: e5:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:07:D2:AD:69:24:3C:18:71:B6:17:D6:DC:9A:C7:A0:90:BD:B2:92 X509v3 Authority Key Identifier: keyid:7B:24:35:8C:4F:16:C1:9F:FA:D3:7F:3C:AF:E0:C8:F6:AC:BF:65:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eyQ1jE8WwZ_60388r-DI9qy_ZbE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/1-gfSrWkkPBhxthfW3JrHoJC9spI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/eyQ1jE8WwZ_60388r-DI9qy_ZbE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.178.148.0/22 IPv6: 2a07:3940::/29 Signature Algorithm: sha256WithRSAEncryption b0:16:88:e4:3c:d6:2b:1d:20:73:6b:ec:53:f0:d8:2f:1f:a0: f8:42:36:e5:ca:d3:5f:97:82:29:77:3e:4d:3f:4a:ee:28:46: 03:1a:81:ed:21:0d:d9:5b:14:f4:5f:58:3b:44:3c:85:a7:fa: ef:43:ee:5d:0b:f7:db:f7:ca:f4:d4:f6:59:dd:be:8f:05:01: ce:97:46:62:2b:2a:9b:ea:6a:46:5a:bc:38:e0:df:dc:60:ff: 22:1d:93:c1:f9:ec:e9:b5:78:e4:43:2f:a7:4c:56:fc:b2:34: c6:4e:f1:08:c0:42:85:11:17:f7:f5:ed:08:70:54:5c:fe:fa: 9e:85:75:8c:62:47:f0:a8:73:56:5b:e0:38:d7:bd:3b:ff:88: e0:03:f2:0a:2d:74:30:1a:51:fe:24:eb:8c:ea:38:9e:73:5a: cd:3b:e5:41:37:d3:45:66:28:3d:41:45:51:23:16:55:ad:42: 4a:07:28:5d:cb:29:5b:c3:c3:61:8c:e0:32:93:d7:5e:34:c4: da:0e:be:fc:b1:c3:45:f5:77:f1:7a:be:16:09:ee:44:d0:5a: 1c:71:a1:5b:82:d2:3b:5a:e9:5d:e0:75:ea:4b:b3:eb:f0:3b: a7:d7:97:a5:aa:3d:52:4c:aa:39:ff:2b:a1:89:bc:f1:d5:01: ae:75:08:0d -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt3WSRCJN4t+c6OAxn93V4oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdiMjQzNThjNGYxNmMxOWZmYWQzN2YzY2FmZTBjOGY2YWNi ZjY1YjEwHhcNMjYwMTAxMDIxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYTA3ZDJhZDY5MjQzYzE4NzFiNjE3ZDZkYzlhYzdhMDkwYmRiMjkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc/zgocNNfTb6iNWlxCFseSge6Lg sbovBP8mSoaBRavfN3Kwg9jnhUPyGCRZ44QRfts/coFcIu26a/ZA0Vmfl3JB2GMa pMr8RFgwI3H+dswnQ3oaRRvTEIXO50klq+l8acmxj3LksB3gSdNVxMcTV0+67vgp nViRoFCc2fSRqDDdQDJA6hLVPyPerQEpVtgpnmUTVp7f1v8OEx0lwS5ibSKC5Lt4 vrrmahPxQB/g05u7wbCVLufjbx/uB86jXFHAu8IVHK52iVlQvVqE2bAsUD7NMW9g b47sBQmPG6yHxzEVdWG1pTPKCeHBgz/wYwxrSn6snby5F7hnZ8LZNGzlZQIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFPoH0q1pJDwYcbYX1tyax6CQvbKSMB8GA1UdIwQY MBaAFHskNYxPFsGf+tN/PK/gyPasv2WxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZXlRMWpFOFd3Wl82MDM4OHItREk5cXlfWmJFLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85YWE2M2ItNzY0Ny00MDczLTllNjYt MGQ3YzUyMTU0MTgzLzEvMS1nZlNyV2trUEJoeHRoZlczSnJIb0pDOXNwSS5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMjEvOWFhNjNiLTc2NDctNDA3My05ZTY2LTBkN2M1MjE1NDE4 My8xL2V5UTFqRThXd1pfNjAzODhyLURJOXF5X1piRS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAtWylDAN BAIAAjAHAwUDKgc5QDANBgkqhkiG9w0BAQsFAAOCAQEAsBaI5DzWKx0gc2vsU/DY Lx+g+EI25crTX5eCKXc+TT9K7ihGAxqB7SEN2VsU9F9YO0Q8haf670PuXQv32/fK 9NT2Wd2+jwUBzpdGYisqm+pqRlq8OODf3GD/Ih2Twfns6bV45EMvp0xW/LI0xk7x CMBChREX9/XtCHBUXP76noV1jGJH8KhzVlvgONe9O/+I4APyCi10MBpR/iTrjOo4 nnNazTvlQTfTRWYoPUFFUSMWVa1CSgcoXcspW8PDYYzgMpPXXjTE2g6+/LHDRfV3 8Xq+FgnuRNBaHHGhW4LSO1rpXeB16kuz6/A7p9eXpao9UkyqOf8roYm88dUBrnUI DQ== -----END CERTIFICATE-----Generated at Tue Jan 20 06:02:38 2026 by rpki-client