This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/VPsOpQzvuZLSVdRpUbPccqsH0HI.roa File: VPsOpQzvuZLSVdRpUbPccqsH0HI.roa (raw, json) Hash identifier: LNvdod+2moYgqIRIXig9MujeQAei+hV7OeUdz/G9T2c= Subject key identifier: 54:FB:0E:A5:0C:EF:B9:92:D2:55:D4:69:51:B3:DC:72:AB:07:D0:72 Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c Certificate serial: 019B7DCB271EE7F9DA12EBBF9F74DBC71350 Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/VPsOpQzvuZLSVdRpUbPccqsH0HI.roa Signing time: Fri 02 Jan 2026 08:20:24 +0000 ROA not before: Fri 02 Jan 2026 08:20:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25459 IP address blocks: 217.170.1.0/24 maxlen: 24 217.170.12.0/23 maxlen: 23 217.170.14.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:27:1e:e7:f9:da:12:eb:bf:9f:74:db:c7:13:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c Validity Not Before: Jan 2 08:20:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=54fb0ea50cefb992d255d46951b3dc72ab07d072 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:65:aa:5a:ac:dd:8f:5a:38:6d:f7:38:ef:5c: d3:61:85:c8:b3:79:b2:64:64:cd:ff:71:3b:4f:52: 83:4b:10:a8:45:8d:a3:d7:b0:29:8a:0d:62:36:82: 45:67:d1:d5:bc:8a:45:d9:a8:f9:06:4b:f7:89:3b: dd:8e:5a:2d:3a:db:22:ae:e2:8e:03:21:c0:de:a0: 8c:35:86:e5:56:90:cf:98:47:f2:b5:7a:9f:ab:a7: c4:ba:a3:4e:7d:57:fa:d8:50:28:61:17:1b:f2:56: 0c:e0:c3:4e:bf:eb:81:6d:f2:e7:41:b5:c1:bb:01: 91:fe:3b:b4:fe:e8:0d:ef:45:55:bd:e4:1b:8f:01: 4c:d6:62:53:22:c0:9c:c5:cb:70:b1:cf:b8:70:f4: 2c:eb:99:8e:f4:e9:8d:19:99:8a:bd:3b:b1:99:a0: 8d:f0:50:2a:0b:0c:84:ba:41:06:44:de:6a:bd:51: 2f:eb:cf:47:c3:a8:6f:ba:88:c4:2a:0b:f6:21:4e: 85:98:e5:b0:7d:70:22:f9:d0:c9:c3:4b:80:ff:4b: 16:52:70:e3:26:bb:b5:43:b7:0b:4c:71:44:77:e7: 21:38:c7:0b:79:13:13:8c:74:3e:f9:c6:94:22:4b: 54:a7:2f:49:29:b0:5a:70:0f:14:fd:ba:5b:73:7d: b6:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:FB:0E:A5:0C:EF:B9:92:D2:55:D4:69:51:B3:DC:72:AB:07:D0:72 X509v3 Authority Key Identifier: keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/VPsOpQzvuZLSVdRpUbPccqsH0HI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.170.1.0/24 217.170.12.0-217.170.14.255 Signature Algorithm: sha256WithRSAEncryption 14:51:4a:e0:92:b3:d5:de:da:8a:c0:47:8d:25:1e:85:36:0e: 76:8c:2d:0f:10:96:65:bb:09:f3:e4:a5:40:c7:af:69:59:ad: 61:eb:b2:0c:b4:d8:bb:6f:78:6c:55:8c:9e:d0:ce:93:2d:9e: 21:20:f5:8d:c7:3b:52:1c:50:88:97:62:64:d3:a8:58:ba:c9: 87:86:31:2f:20:2b:a0:7e:d5:a7:9a:88:06:db:0b:c9:0a:65: ac:a7:d7:b1:68:86:25:ba:75:18:18:5d:cd:79:dd:fe:de:9f: 5b:ef:ee:28:b8:8d:03:32:25:99:2c:c3:f1:3a:16:6b:70:97: 28:17:82:f5:72:66:8e:64:30:bd:71:59:f3:a4:e0:59:73:b7: 40:14:fb:2d:fd:fa:1f:93:c7:75:5b:8b:c5:e0:9a:b0:3d:ed: c8:51:ef:8c:b3:80:d5:53:5c:08:50:70:61:42:52:12:ab:dd: 1c:f2:3a:9d:a2:6d:e4:7e:52:00:5d:a0:02:d0:db:37:af:04: 6f:be:2e:18:12:11:0b:e1:5d:d4:fd:1f:2c:ac:bd:57:55:31: e4:d9:b6:ee:27:a9:7e:42:79:ec:3d:13:7b:b4:cf:0f:d9:6e: 38:30:d3:32:fc:aa:db:c6:b3:cd:ba:95:86:15:83:f5:84:cd: 85:ae:d2:28 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt9yyce5/naEuu/n3TbxxNQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj YTU3NWMwHhcNMjYwMTAyMDgyMDI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NGZiMGVhNTBjZWZiOTkyZDI1NWQ0Njk1MWIzZGM3MmFiMDdkMDcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumWqWqzdj1o4bfc471zTYYXIs3my ZGTN/3E7T1KDSxCoRY2j17Apig1iNoJFZ9HVvIpF2aj5Bkv3iTvdjlotOtsiruKO AyHA3qCMNYblVpDPmEfytXqfq6fEuqNOfVf62FAoYRcb8lYM4MNOv+uBbfLnQbXB uwGR/ju0/ugN70VVveQbjwFM1mJTIsCcxctwsc+4cPQs65mO9OmNGZmKvTuxmaCN 8FAqCwyEukEGRN5qvVEv689Hw6hvuojEKgv2IU6FmOWwfXAi+dDJw0uA/0sWUnDj Jru1Q7cLTHFEd+chOMcLeRMTjHQ++caUIktUpy9JKbBacA8U/bpbc322XQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFFT7DqUM77mS0lXUaVGz3HKrB9ByMB8GA1UdIwQY MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt ZmMxMjFjODAwYjMwLzEvVlBzT3BRenZ1WkxTVmRScFViUGNjcXNIMEhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA2aoBMAwD BALZqgwDBADZqg4wDQYJKoZIhvcNAQELBQADggEBABRRSuCSs9Xe2orAR40lHoU2 DnaMLQ8QlmW7CfPkpUDHr2lZrWHrsgy02LtveGxVjJ7QzpMtniEg9Y3HO1IcUIiX YmTTqFi6yYeGMS8gK6B+1aeaiAbbC8kKZayn17FohiW6dRgYXc153f7en1vv7ii4 jQMyJZksw/E6FmtwlygXgvVyZo5kML1xWfOk4Flzt0AU+y39+h+Tx3Vbi8XgmrA9 7chR74yzgNVTXAhQcGFCUhKr3RzyOp2ibeR+UgBdoALQ2zevBG++LhgSEQvhXdT9 HyysvVdVMeTZtu4nqX5Ceew9E3u0zw/Zbjgw0zL8qtvGs826lYYVg/WEzYWu0ig= -----END CERTIFICATE-----Generated at Mon Jan 26 20:25:37 2026 by rpki-client