This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b5fa3e-a218-4a91-bf88-cc8ec6f3d875/1/fvEGDe7L4eyfYeTloDB8NGfq6kE.roa File: fvEGDe7L4eyfYeTloDB8NGfq6kE.roa (raw, json) Hash identifier: +BFNfplEGW/w3LiEtyddTsqn+tuxzUHtBZCu52T2rMw= Subject key identifier: 7E:F1:06:0D:EE:CB:E1:EC:9F:61:E4:E5:A0:30:7C:34:67:EA:EA:41 Certificate issuer: /CN=ba4a0d1d80ff1eecd3659074a497bfbe8c5543f6 Certificate serial: 019B7AC7A3019521951B396B0418ED72D92D Authority key identifier: BA:4A:0D:1D:80:FF:1E:EC:D3:65:90:74:A4:97:BF:BE:8C:55:43:F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ukoNHYD_HuzTZZB0pJe_voxVQ_Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/b5fa3e-a218-4a91-bf88-cc8ec6f3d875/1/fvEGDe7L4eyfYeTloDB8NGfq6kE.roa Signing time: Thu 01 Jan 2026 18:17:42 +0000 ROA not before: Thu 01 Jan 2026 18:17:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12843 IP address blocks: 185.53.204.0/22 maxlen: 22 185.53.204.0/23 maxlen: 23 185.53.206.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/b5fa3e-a218-4a91-bf88-cc8ec6f3d875/1/ukoNHYD_HuzTZZB0pJe_voxVQ_Y.crl rsync://rpki.ripe.net/repository/DEFAULT/55/b5fa3e-a218-4a91-bf88-cc8ec6f3d875/1/ukoNHYD_HuzTZZB0pJe_voxVQ_Y.mft rsync://rpki.ripe.net/repository/DEFAULT/ukoNHYD_HuzTZZB0pJe_voxVQ_Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 12:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:a3:01:95:21:95:1b:39:6b:04:18:ed:72:d9:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba4a0d1d80ff1eecd3659074a497bfbe8c5543f6 Validity Not Before: Jan 1 18:17:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7ef1060deecbe1ec9f61e4e5a0307c3467eaea41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e5:ea:83:a9:fc:3c:6f:16:85:4c:db:2e:79: a5:8d:79:87:85:3a:b3:7b:dc:b2:d8:03:ec:1f:cb: ef:11:52:58:6f:fa:a5:ba:08:a0:73:d8:d5:42:31: f8:34:1f:69:ae:ce:0f:cb:41:e3:c8:cb:f3:bd:80: 40:4f:90:cb:be:95:01:ca:32:c3:5e:b9:dc:c9:e9: 89:0f:74:32:31:3d:5b:0c:94:59:3c:a5:7f:85:e9: 08:4d:d3:a6:b5:f6:c2:89:ab:fe:13:00:fc:fa:5f: e3:61:da:47:9d:a5:96:27:2a:f4:5d:7d:bc:0e:f1: 46:a1:c4:24:1a:49:32:ce:5a:38:b1:95:a4:b2:cd: 53:87:ae:c4:60:58:57:8e:ba:37:ee:71:f0:9a:a1: d0:64:2d:96:b0:07:a8:07:d7:01:b5:8a:0e:76:99: 19:b8:c9:06:82:10:ed:df:79:c1:e6:b1:d2:b5:36: 58:8a:75:49:77:c7:c0:93:31:ca:2b:d8:6a:7a:90: 08:60:65:c5:8d:2b:48:fd:e6:7b:92:72:b8:be:b3: d0:ac:85:05:28:20:77:aa:3b:da:84:3f:3b:09:c0: a1:f3:51:8a:eb:5e:a0:7d:6d:7a:fb:08:e8:14:57: 45:33:9e:ce:3f:e7:fe:da:57:76:96:5a:a3:c8:39: 8b:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:F1:06:0D:EE:CB:E1:EC:9F:61:E4:E5:A0:30:7C:34:67:EA:EA:41 X509v3 Authority Key Identifier: keyid:BA:4A:0D:1D:80:FF:1E:EC:D3:65:90:74:A4:97:BF:BE:8C:55:43:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ukoNHYD_HuzTZZB0pJe_voxVQ_Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b5fa3e-a218-4a91-bf88-cc8ec6f3d875/1/fvEGDe7L4eyfYeTloDB8NGfq6kE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b5fa3e-a218-4a91-bf88-cc8ec6f3d875/1/ukoNHYD_HuzTZZB0pJe_voxVQ_Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.53.204.0/22 Signature Algorithm: sha256WithRSAEncryption 39:74:52:1d:61:c7:c8:be:18:67:bf:62:5a:34:5e:40:59:06: 9e:c7:1a:75:d5:dd:8e:2a:29:ba:cb:1b:b2:89:11:ad:4b:ae: ce:26:0c:81:63:65:fa:b6:0a:74:bd:75:0b:2d:5a:11:b9:90: aa:48:64:b0:f8:ca:77:26:c9:bc:76:08:4f:9d:27:a6:de:a6: f0:ac:ab:99:6d:b2:ef:a2:9e:6a:c2:f0:4e:82:a8:dd:f9:7c: 8b:24:5e:04:2b:ca:35:bb:a0:21:14:1b:a5:c6:f8:9a:2c:e8: 1d:ec:c5:ba:a2:34:c6:0d:11:b7:ff:66:f5:4f:bb:ba:81:c0: 66:b5:e6:70:15:13:ad:9d:8d:06:f0:0c:a9:9a:ed:6b:b4:8f: 44:29:f5:ce:bd:26:34:af:92:e0:ff:1e:c3:8b:c8:12:49:54: 18:ee:de:46:07:9d:8c:0d:62:5c:d8:23:7c:d8:e0:f7:f5:3c: ec:9e:da:70:ed:fa:f0:5d:d6:a4:dd:90:e8:ed:09:93:b5:9c: 1c:f7:05:ac:95:8d:4d:01:a3:76:6c:fb:d8:ce:d5:3c:ed:a8: 22:eb:fe:51:6a:29:7f:b8:5a:09:e5:f5:31:ee:85:1e:2d:8a: bf:26:14:4f:e2:76:2e:a9:43:1b:5e:85:59:71:bb:b9:8b:cd: 10:25:cd:8b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6x6MBlSGVGzlrBBjtctktMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNGEwZDFkODBmZjFlZWNkMzY1OTA3NGE0OTdiZmJlOGM1 NTQzZjYwHhcNMjYwMTAxMTgxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZWYxMDYwZGVlY2JlMWVjOWY2MWU0ZTVhMDMwN2MzNDY3ZWFlYTQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveXqg6n8PG8WhUzbLnmljXmHhTqz e9yy2APsH8vvEVJYb/qlugigc9jVQjH4NB9prs4Py0HjyMvzvYBAT5DLvpUByjLD XrncyemJD3QyMT1bDJRZPKV/hekITdOmtfbCiav+EwD8+l/jYdpHnaWWJyr0XX28 DvFGocQkGkkyzlo4sZWkss1Th67EYFhXjro37nHwmqHQZC2WsAeoB9cBtYoOdpkZ uMkGghDt33nB5rHStTZYinVJd8fAkzHKK9hqepAIYGXFjStI/eZ7knK4vrPQrIUF KCB3qjvahD87CcCh81GK616gfW16+wjoFFdFM57OP+f+2ld2llqjyDmLVQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFH7xBg3uy+Hsn2Hk5aAwfDRn6upBMB8GA1UdIwQY MBaAFLpKDR2A/x7s02WQdKSXv76MVUP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWtvTkhZRF9IdXpUWlpCMHBKZV92b3hWUV9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iNWZhM2UtYTIxOC00YTkxLWJmODgt Y2M4ZWM2ZjNkODc1LzEvZnZFR0RlN0w0ZXlmWWVUbG9EQjhOR2ZxNmtFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9iNWZhM2UtYTIxOC00YTkxLWJmODgtY2M4ZWM2ZjNkODc1 LzEvdWtvTkhZRF9IdXpUWlpCMHBKZV92b3hWUV9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTXMMA0G CSqGSIb3DQEBCwUAA4IBAQA5dFIdYcfIvhhnv2JaNF5AWQaexxp11d2OKim6yxuy iRGtS67OJgyBY2X6tgp0vXULLVoRuZCqSGSw+Mp3Jsm8dghPnSem3qbwrKuZbbLv op5qwvBOgqjd+XyLJF4EK8o1u6AhFBulxviaLOgd7MW6ojTGDRG3/2b1T7u6gcBm teZwFROtnY0G8Aypmu1rtI9EKfXOvSY0r5Lg/x7Di8gSSVQY7t5GB52MDWJc2CN8 2OD39Tzsntpw7frwXdak3ZDo7QmTtZwc9wWslY1NAaN2bPvYztU87agi6/5Rail/ uFoJ5fUx7oUeLYq/JhRP4nYuqUMbXoVZcbu5i80QJc2L -----END CERTIFICATE-----Generated at Mon Jan 26 19:33:28 2026 by rpki-client