This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/RFEKzhn-pHan5b3ES1uTHS32Yf0.roa File: RFEKzhn-pHan5b3ES1uTHS32Yf0.roa (raw, json) Hash identifier: BUdHJjCTC35G+E5RK3wJNAdK3qHwCYOchA/eJ1lutxw= Subject key identifier: 44:51:0A:CE:19:FE:A4:76:A7:E5:BD:C4:4B:5B:93:1D:2D:F6:61:FD Certificate issuer: /CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8 Certificate serial: 019B7DCB56220705AB199D150949A5BC5041 Authority key identifier: 97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/RFEKzhn-pHan5b3ES1uTHS32Yf0.roa Signing time: Fri 02 Jan 2026 08:20:36 +0000 ROA not before: Fri 02 Jan 2026 08:20:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41040 IP address blocks: 194.127.180.0/24 maxlen: 24 195.189.92.0/24 maxlen: 24 195.189.93.0/24 maxlen: 24 195.189.94.0/24 maxlen: 24 195.189.95.0/24 maxlen: 24 2001:67c:2da8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.mft rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:56:22:07:05:ab:19:9d:15:09:49:a5:bc:50:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8 Validity Not Before: Jan 2 08:20:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=44510ace19fea476a7e5bdc44b5b931d2df661fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:da:d4:d2:1e:92:11:d0:68:c1:45:18:a9:b1: ff:09:8e:8b:66:4e:9d:26:d9:60:5b:b3:cd:c1:4b: 3f:32:df:8f:63:d6:81:85:d2:e3:b6:6d:dd:f7:24: 00:2c:18:4a:78:a5:11:72:51:cf:ce:fc:59:04:5b: bc:c1:9b:0b:88:dc:fb:ad:55:d6:79:4c:af:0d:ca: d6:41:52:24:47:8a:ea:02:40:d3:f6:44:eb:e6:3f: 45:7f:6e:5c:cc:9d:4e:f0:18:97:2e:4b:1f:da:51: dd:0a:22:e7:c8:0b:9e:d9:14:d9:6e:25:c3:22:d6: 3e:a9:2d:cf:d0:6a:7f:38:30:5a:0f:d0:ad:b5:3d: c7:ce:09:e5:ec:73:1a:93:25:33:9a:84:4a:fe:7d: 07:32:c0:c4:f6:19:64:98:3a:d6:d4:61:80:0d:ae: e6:28:d9:d7:95:3b:88:4c:74:da:c3:3d:dd:32:e8: 57:78:02:ae:76:16:59:80:dc:a0:d9:9e:d2:9a:15: de:84:f3:ee:ac:8f:69:3a:60:e0:6e:f5:92:0a:72: 62:25:3a:78:1b:2c:c8:7b:0d:db:8c:8a:32:f2:c8: 42:cf:5b:d8:43:95:01:3a:30:7e:65:36:ad:24:b3: 48:a4:81:27:b3:45:df:f0:82:50:cf:e7:a8:1b:24: e0:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:51:0A:CE:19:FE:A4:76:A7:E5:BD:C4:4B:5B:93:1D:2D:F6:61:FD X509v3 Authority Key Identifier: keyid:97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/RFEKzhn-pHan5b3ES1uTHS32Yf0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.127.180.0/24 195.189.92.0/22 IPv6: 2001:67c:2da8::/48 Signature Algorithm: sha256WithRSAEncryption 17:52:27:23:22:a7:38:f2:e8:a4:29:22:69:a2:a5:ba:e8:68: a2:dd:21:a2:dc:43:60:3a:7f:7b:2c:a4:82:d2:2c:c7:93:bd: e7:8c:a8:2b:cc:e0:da:de:c2:a0:30:48:a2:50:f1:a7:37:71: aa:b2:18:cf:27:e6:b5:65:25:37:80:9a:5e:79:48:5a:93:d1: 28:62:ad:41:ff:bb:51:63:3b:3d:f9:32:d3:14:e0:91:4b:5b: 37:51:9b:36:b5:2f:29:50:9c:b3:05:89:89:2a:74:48:ce:be: a1:02:55:91:95:32:9f:9c:59:10:32:3b:64:42:fe:4b:c7:e6: 2e:77:54:d6:0f:e6:5d:59:80:81:6d:a3:5f:bc:c1:dc:a9:22: 31:1e:4d:91:18:bb:c8:83:6d:34:09:66:50:0a:fd:b0:72:cf: 15:f3:b2:13:5b:4a:c0:72:67:2a:92:14:4b:fe:b8:e7:15:27: 31:84:e7:69:85:f7:46:1b:21:65:bc:cf:16:5c:a3:1d:5c:09: aa:aa:f8:8d:62:c2:53:ea:69:b9:88:a5:06:28:1c:cf:d4:59: 9c:64:a8:8e:60:b0:79:e9:b3:fb:5a:7f:8f:d2:a6:6b:07:e4: 69:bd:00:1a:94:30:07:8c:2e:2a:ac:29:1d:b9:f3:f1:54:48: ea:71:1b:b7 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt9y1YiBwWrGZ0VCUmlvFBBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3NzBiZjIzNzVkNTliYTgxYTk5NTVjMDdhMmYwYTIzMjY0 YjYxYTgwHhcNMjYwMTAyMDgyMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NDUxMGFjZTE5ZmVhNDc2YTdlNWJkYzQ0YjViOTMxZDJkZjY2MWZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdrU0h6SEdBowUUYqbH/CY6LZk6d JtlgW7PNwUs/Mt+PY9aBhdLjtm3d9yQALBhKeKURclHPzvxZBFu8wZsLiNz7rVXW eUyvDcrWQVIkR4rqAkDT9kTr5j9Ff25czJ1O8BiXLksf2lHdCiLnyAue2RTZbiXD ItY+qS3P0Gp/ODBaD9CttT3Hzgnl7HMakyUzmoRK/n0HMsDE9hlkmDrW1GGADa7m KNnXlTuITHTawz3dMuhXeAKudhZZgNyg2Z7SmhXehPPurI9pOmDgbvWSCnJiJTp4 GyzIew3bjIoy8shCz1vYQ5UBOjB+ZTatJLNIpIEns0Xf8IJQz+eoGyTgtQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFERRCs4Z/qR2p+W9xEtbkx0t9mH9MB8GA1UdIwQY MBaAFJdwvyN11ZuoGplVwHovCiMmS2GoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWIt OGQzNGY1NTc4MjJhLzEvUkZFS3pobi1wSGFuNWIzRVMxdVRIUzMyWWYwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWItOGQzNGY1NTc4MjJh LzEvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwn+0AwQC w71cMA8EAgACMAkDBwAgAQZ8LagwDQYJKoZIhvcNAQELBQADggEBABdSJyMipzjy 6KQpImmipbroaKLdIaLcQ2A6f3sspILSLMeTveeMqCvM4NrewqAwSKJQ8ac3caqy GM8n5rVlJTeAml55SFqT0ShirUH/u1FjOz35MtMU4JFLWzdRmza1LylQnLMFiYkq dEjOvqECVZGVMp+cWRAyO2RC/kvH5i53VNYP5l1ZgIFto1+8wdypIjEeTZEYu8iD bTQJZlAK/bByzxXzshNbSsByZyqSFEv+uOcVJzGE52mF90YbIWW8zxZcox1cCaqq +I1iwlPqabmIpQYoHM/UWZxkqI5gsHnps/taf4/SpmsH5Gm9ABqUMAeMLiqsKR25 8/FUSOpxG7c= -----END CERTIFICATE-----Generated at Tue Feb 10 04:32:09 2026 by rpki-client