This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/fXSStTtN6IqbqkCD3E5j3kC-YHI.roa File: fXSStTtN6IqbqkCD3E5j3kC-YHI.roa (raw, json) Hash identifier: zVgHJh9lJVijMpBB+dDgMK+AGLHEUW+Je1xWignFzIM= Subject key identifier: 7D:74:92:B5:3B:4D:E8:8A:9B:AA:40:83:DC:4E:63:DE:40:BE:60:72 Certificate issuer: /CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2 Certificate serial: 019B7DCB676665B4FA5EDC31877FF3D923CA Authority key identifier: F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/fXSStTtN6IqbqkCD3E5j3kC-YHI.roa Signing time: Fri 02 Jan 2026 08:20:40 +0000 ROA not before: Fri 02 Jan 2026 08:20:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 40021 IP address blocks: 176.57.165.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.mft rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:67:66:65:b4:fa:5e:dc:31:87:7f:f3:d9:23:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2 Validity Not Before: Jan 2 08:20:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7d7492b53b4de88a9baa4083dc4e63de40be6072 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:8d:cf:b0:07:e0:d0:e9:57:c7:a7:d5:14:f3: 11:08:ae:a5:da:7b:e5:24:22:bd:3a:e7:97:12:05: f9:4e:88:8c:32:cc:86:0e:9c:75:e0:da:4f:66:b5: ff:d2:be:ba:45:e2:20:52:f7:73:ab:d8:d2:3a:02: f7:6e:8a:47:b3:81:86:9d:17:2b:bb:53:1f:f0:03: cf:36:f3:f0:31:3f:97:86:91:cf:8e:6a:1f:71:4a: a5:59:50:12:34:47:56:34:74:91:51:37:02:2b:70: f5:f0:fb:13:e2:8e:83:e7:ed:d7:95:5f:06:1c:d5: 2a:22:c8:51:b5:a2:e0:fb:ba:18:7d:dd:4b:d6:db: e9:fb:f5:d1:94:1f:0b:68:ed:d6:e7:b2:29:e8:a2: cc:98:8b:86:2d:40:1e:1a:53:b1:45:6f:09:c8:ab: 8a:76:7e:7c:ad:24:14:1b:0c:bf:40:8e:d3:19:7c: 50:40:a3:0b:79:1b:21:e7:46:37:c1:76:f3:dc:ad: d7:83:11:d2:77:ba:3b:e0:bb:68:43:71:fe:d6:5b: 79:ab:64:b5:c4:c1:06:06:07:ca:47:e1:1d:4f:d3: 5e:a2:29:16:3d:a0:c4:cd:53:9c:be:64:1a:ce:fb: 6a:8b:e3:69:8c:93:b4:30:0c:6f:61:b8:13:d0:12: 7b:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:74:92:B5:3B:4D:E8:8A:9B:AA:40:83:DC:4E:63:DE:40:BE:60:72 X509v3 Authority Key Identifier: keyid:F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/fXSStTtN6IqbqkCD3E5j3kC-YHI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.57.165.0/24 Signature Algorithm: sha256WithRSAEncryption 07:5d:d5:e6:69:2e:96:71:46:f9:ca:df:cf:60:48:fc:ea:fb: 35:ac:71:ad:61:97:1c:54:17:eb:f0:3f:6b:1f:e8:00:74:66: 69:0b:1c:4f:81:a2:62:50:6f:76:3d:35:a2:5c:d2:21:0a:b0: fc:53:67:dc:8c:6f:37:d7:23:02:aa:4b:ca:61:94:f5:06:dd: 94:31:c4:a5:28:13:e5:12:b9:5d:f9:60:c5:23:eb:69:b7:4a: 6c:6b:f2:8d:c4:3e:3e:4c:1e:8a:41:8b:dc:dc:d0:1e:da:54: 87:1d:53:46:b7:2c:2e:bc:6d:54:58:24:75:f9:f1:cb:9c:51: 35:eb:84:86:0d:b1:cc:0b:84:cb:21:3b:c5:fc:65:d2:84:fe: 3b:e3:e9:0e:23:58:46:e9:1e:84:cb:49:95:36:85:26:db:fe: 9e:58:c7:8f:71:b8:01:59:22:ff:b8:97:86:b0:ed:25:d1:47: 02:f6:30:fb:fc:e8:f0:bc:44:a9:7e:eb:b9:f5:d9:32:30:11: fb:e3:41:97:7e:76:4a:78:59:07:2b:7a:de:5e:e0:26:6e:40: 38:a1:f7:00:59:5d:cf:d4:a9:a0:77:b9:c3:47:40:51:33:8b: 99:8c:88:0c:d6:09:c6:e8:1d:fd:be:05:68:c8:da:58:a1:be: be:6a:c7:10 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt9y2dmZbT6Xtwxh3/z2SPKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4ODU3ZWNmNDQxZTVlYTFkNzE4MWZlYzdlOTdlNmRiYzEy MjBmYzIwHhcNMjYwMTAyMDgyMDQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZDc0OTJiNTNiNGRlODhhOWJhYTQwODNkYzRlNjNkZTQwYmU2MDcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtY3PsAfg0OlXx6fVFPMRCK6l2nvl JCK9OueXEgX5ToiMMsyGDpx14NpPZrX/0r66ReIgUvdzq9jSOgL3bopHs4GGnRcr u1Mf8APPNvPwMT+XhpHPjmofcUqlWVASNEdWNHSRUTcCK3D18PsT4o6D5+3XlV8G HNUqIshRtaLg+7oYfd1L1tvp+/XRlB8LaO3W57Ip6KLMmIuGLUAeGlOxRW8JyKuK dn58rSQUGwy/QI7TGXxQQKMLeRsh50Y3wXbz3K3XgxHSd7o74LtoQ3H+1lt5q2S1 xMEGBgfKR+EdT9NeoikWPaDEzVOcvmQazvtqi+NpjJO0MAxvYbgT0BJ7RwIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFH10krU7TeiKm6pAg9xOY95AvmByMB8GA1UdIwQY MBaAFPiFfs9EHl6h1xgf7H6X5tvBIg/CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1JVi16MFFlWHFIWEdCX3NmcGZtMjhFaUQ4SS5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQz LWE4OWY4MTc3NjQwNi8xL2ZYU1N0VHRONklxYnFrQ0QzRTVqM2tDLVlISS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQzLWE4OWY4MTc3NjQw Ni8xLzEtSVYtejBRZVhxSFhHQl9zZnBmbTI4RWlEOEkuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACwOaUw DQYJKoZIhvcNAQELBQADggEBAAdd1eZpLpZxRvnK389gSPzq+zWsca1hlxxUF+vw P2sf6AB0ZmkLHE+BomJQb3Y9NaJc0iEKsPxTZ9yMbzfXIwKqS8phlPUG3ZQxxKUo E+USuV35YMUj62m3Smxr8o3EPj5MHopBi9zc0B7aVIcdU0a3LC68bVRYJHX58cuc UTXrhIYNscwLhMshO8X8ZdKE/jvj6Q4jWEbpHoTLSZU2hSbb/p5Yx49xuAFZIv+4 l4aw7SXRRwL2MPv86PC8RKl+67n12TIwEfvjQZd+dkp4WQcret5e4CZuQDih9wBZ Xc/UqaB3ucNHQFEzi5mMiAzWCcboHf2+BWjI2lihvr5qxxA= -----END CERTIFICATE-----Generated at Mon Jan 19 17:29:56 2026 by rpki-client