This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/1fQajHTJp0S8KUunDd6YeyFtENM.roa File: 1fQajHTJp0S8KUunDd6YeyFtENM.roa (raw, json) Hash identifier: mmAzmTwR/ELzJWO/mTGxkNnXnKiWntSSUF9kf4/Kzb4= Subject key identifier: D5:F4:1A:8C:74:C9:A7:44:BC:29:4B:A7:0D:DE:98:7B:21:6D:10:D3 Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217 Certificate serial: 019B78A3127A2DEFFB577398CEFCA619BE6B Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/1fQajHTJp0S8KUunDd6YeyFtENM.roa Signing time: Thu 01 Jan 2026 08:18:31 +0000 ROA not before: Thu 01 Jan 2026 08:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41480 IP address blocks: 89.20.64.0/19 maxlen: 19 89.20.64.0/20 maxlen: 20 89.20.80.0/20 maxlen: 20 212.124.64.0/19 maxlen: 19 212.124.64.0/20 maxlen: 20 212.124.64.0/22 maxlen: 22 212.124.80.0/20 maxlen: 20 2a02:2170::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:12:7a:2d:ef:fb:57:73:98:ce:fc:a6:19:be:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217 Validity Not Before: Jan 1 08:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d5f41a8c74c9a744bc294ba70dde987b216d10d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ee:66:a9:59:c7:7b:55:78:d2:c3:01:a2:b5: 94:3a:8b:64:da:b5:bb:be:8f:16:26:ec:de:a3:dc: d0:db:9b:32:c9:78:36:c4:b3:c3:b6:2a:87:8f:08: a7:8d:ef:df:a9:77:42:66:0c:fb:15:8e:00:58:cc: 1d:60:17:3a:e5:d7:29:18:d8:2c:55:01:26:4c:d4: b6:2d:0e:6a:21:cc:5c:73:21:14:b2:29:58:65:99: 54:30:af:28:dd:e6:56:8e:24:16:6b:57:41:27:1d: d4:86:01:d7:43:b2:19:76:59:61:05:de:8e:25:9f: 14:ce:57:cf:d1:f1:ee:d7:93:df:bf:cc:7a:20:e9: 46:3b:83:32:0f:49:9c:9b:93:b3:a1:01:56:b4:d1: ce:63:74:28:5b:57:86:6b:f7:cb:32:4e:f7:1d:da: b5:6b:c3:a9:4b:93:db:84:16:b7:4f:5f:3f:47:fc: 20:8e:6a:b7:56:11:34:0a:ca:bd:52:0b:fc:69:cc: d9:79:04:e9:5c:5f:a4:67:11:de:b7:dd:cb:cb:dd: c4:e6:3e:10:51:d1:27:fa:0a:ad:c8:44:9c:84:e9: 97:2f:6d:09:59:26:9b:88:14:f9:65:d5:9b:17:0f: 88:4d:b1:53:5c:40:c5:20:2c:0e:af:95:02:c3:97: f7:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:F4:1A:8C:74:C9:A7:44:BC:29:4B:A7:0D:DE:98:7B:21:6D:10:D3 X509v3 Authority Key Identifier: keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/1fQajHTJp0S8KUunDd6YeyFtENM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.20.64.0/19 212.124.64.0/19 IPv6: 2a02:2170::/32 Signature Algorithm: sha256WithRSAEncryption 20:fc:1d:7c:ba:e1:e0:83:9e:3f:e7:d5:ca:73:6d:31:d8:4a: 98:2b:05:62:5b:df:e5:1d:09:b0:9b:c7:f5:fd:e3:5c:38:d9: 92:95:80:62:f1:eb:10:e7:28:75:93:fb:b0:ec:1e:c1:da:a3: 22:8a:90:be:6b:a3:f9:9f:54:48:bf:83:51:4e:1b:d6:b4:a6: ae:b6:60:67:10:fa:71:59:d8:8f:be:14:6d:d0:de:60:ac:f1: 83:25:fb:64:62:9f:6a:3b:08:47:de:d4:2c:d5:8b:a4:37:c5: 6e:a2:b1:f7:c8:34:d5:35:ff:6f:fa:30:4c:20:60:da:73:cd: 88:9d:64:0d:32:23:95:58:1b:4d:20:08:8a:91:2f:36:82:2f: f0:8a:3b:24:ea:36:2a:37:d7:0c:46:15:da:fb:a7:5f:f2:99: 25:df:c2:a2:a4:44:a9:5f:b7:6e:fa:62:9d:37:af:84:65:f1: 8d:3b:af:9d:9a:71:6b:70:00:81:0f:3f:e4:98:53:48:19:d9: de:1f:5a:3b:a0:18:be:60:c9:27:77:d3:f5:9d:13:4c:30:cf: f2:4b:58:11:4f:58:25:11:98:de:83:df:bf:15:d5:92:e6:a7: f7:f2:ce:32:c6:e4:9a:49:b6:0f:77:d3:67:54:a2:65:43:27: 81:60:53:eb -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt4oxJ6Le/7V3OYzvymGb5rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm MGEyMTcwHhcNMjYwMTAxMDgxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNWY0MWE4Yzc0YzlhNzQ0YmMyOTRiYTcwZGRlOTg3YjIxNmQxMGQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0O5mqVnHe1V40sMBorWUOotk2rW7 vo8WJuzeo9zQ25syyXg2xLPDtiqHjwinje/fqXdCZgz7FY4AWMwdYBc65dcpGNgs VQEmTNS2LQ5qIcxccyEUsilYZZlUMK8o3eZWjiQWa1dBJx3UhgHXQ7IZdllhBd6O JZ8UzlfP0fHu15Pfv8x6IOlGO4MyD0mcm5OzoQFWtNHOY3QoW1eGa/fLMk73Hdq1 a8OpS5PbhBa3T18/R/wgjmq3VhE0Csq9Ugv8aczZeQTpXF+kZxHet93Ly93E5j4Q UdEn+gqtyESchOmXL20JWSabiBT5ZdWbFw+ITbFTXEDFICwOr5UCw5f3DQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNX0Gox0yadEvClLpw3emHshbRDTMB8GA1UdIwQY MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt MjhkNzhlYjlmMmRjLzEvMWZRYWpIVEpwMFM4S1V1bkRkNllleUZ0RU5NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFWRRAAwQF 1HxAMA0EAgACMAcDBQAqAiFwMA0GCSqGSIb3DQEBCwUAA4IBAQAg/B18uuHgg54/ 59XKc20x2EqYKwViW9/lHQmwm8f1/eNcONmSlYBi8esQ5yh1k/uw7B7B2qMiipC+ a6P5n1RIv4NRThvWtKautmBnEPpxWdiPvhRt0N5grPGDJftkYp9qOwhH3tQs1Yuk N8VuorH3yDTVNf9v+jBMIGDac82InWQNMiOVWBtNIAiKkS82gi/wijsk6jYqN9cM RhXa+6df8pkl38KipESpX7du+mKdN6+EZfGNO6+dmnFrcACBDz/kmFNIGdneH1o7 oBi+YMknd9P1nRNMMM/yS1gRT1glEZjeg9+/FdWS5qf38s4yxuSaSbYPd9NnVKJl QyeBYFPr -----END CERTIFICATE-----Generated at Wed Jan 21 09:22:09 2026 by rpki-client