This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/FMCqJNQTOMjaNFoue6MLyy65-IY.roa File: FMCqJNQTOMjaNFoue6MLyy65-IY.roa (raw, json) Hash identifier: dWhIfiSz7mw510jwPLqEz2PeZlaamZppQkqsswdoF6o= Subject key identifier: 14:C0:AA:24:D4:13:38:C8:DA:34:5A:2E:7B:A3:0B:CB:2E:B9:F8:86 Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4 Certificate serial: 019B77C6B27E57331770D8AE971F5966C677 Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/FMCqJNQTOMjaNFoue6MLyy65-IY.roa Signing time: Thu 01 Jan 2026 04:17:49 +0000 ROA not before: Thu 01 Jan 2026 04:17:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207986 IP address blocks: 188.130.150.0/23 maxlen: 23 188.130.150.0/24 maxlen: 24 188.130.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:b2:7e:57:33:17:70:d8:ae:97:1f:59:66:c6:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4 Validity Not Before: Jan 1 04:17:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=14c0aa24d41338c8da345a2e7ba30bcb2eb9f886 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:e5:0d:c1:de:57:16:7d:7a:d2:bf:82:1c:50: 8e:41:78:18:7d:74:1f:bc:3f:18:08:1b:1d:ea:41: 3e:96:41:ac:a9:1a:e9:09:1e:48:17:bc:22:98:4b: e5:0c:33:f7:a3:ad:b6:0f:b6:d1:c1:a0:44:18:46: 40:ea:e3:f2:73:6c:50:db:0f:87:8a:da:d7:ca:bd: 62:a6:33:43:c3:eb:31:bf:57:26:8c:09:a9:f4:e0: e0:77:98:d8:99:94:25:80:a5:48:29:f9:ea:a6:b6: 48:96:8c:6b:61:d2:2f:3b:7d:00:4f:39:5a:b4:45: 42:b6:28:d3:74:63:43:e6:c9:5d:8b:b3:68:b6:c8: 31:85:f9:19:75:6d:a7:05:c1:d5:1e:7c:b0:d2:76: 92:c9:c9:01:9d:4b:cc:7b:0c:83:f0:f5:7d:76:ea: ce:1a:6b:51:09:3f:bd:c7:9a:4d:72:39:07:13:24: 35:de:ea:66:5a:0f:c3:e4:10:d7:e5:67:8f:25:a3: 95:f8:36:a8:6d:a2:51:75:a8:48:f3:82:e2:fb:2c: de:75:1e:ef:bc:93:13:5d:1f:29:25:ed:a1:4f:33: df:32:75:05:26:17:29:45:8b:ba:cf:08:ab:d2:1a: 00:f6:eb:ad:69:aa:b0:51:2b:56:dc:0d:a5:1d:55: 4d:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:C0:AA:24:D4:13:38:C8:DA:34:5A:2E:7B:A3:0B:CB:2E:B9:F8:86 X509v3 Authority Key Identifier: keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/FMCqJNQTOMjaNFoue6MLyy65-IY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.130.150.0/23 Signature Algorithm: sha256WithRSAEncryption 79:7f:1d:ed:c8:ec:5a:f0:2d:dd:51:72:e9:13:13:d1:c4:84: 6a:d7:64:36:30:8e:01:ac:60:55:83:d1:af:59:92:63:dd:17: c8:39:e7:38:ce:b7:22:ab:16:cc:07:82:67:9a:71:91:75:a6: b0:20:ce:14:09:38:5c:91:8f:17:cb:2d:87:ec:2a:8b:62:7e: 9d:65:da:9a:8a:14:98:f1:97:58:e8:aa:7b:fe:02:ef:68:e7: 5a:76:46:dc:40:9c:00:46:98:4a:ad:cb:f8:86:d2:c8:24:b2: c5:4f:14:df:93:2b:83:4a:90:c3:f2:cd:9d:2a:3a:07:b5:d8: 99:92:b3:15:e3:57:16:72:c3:79:df:d2:29:2b:bb:9d:47:ed: 22:42:be:c0:f0:98:67:8f:6a:f4:80:7e:81:09:b4:8a:b1:d4: 5f:f4:c9:5f:6b:4d:82:3c:c6:4d:dd:44:58:b5:fb:b9:ea:89: 8c:75:10:f3:ac:aa:bc:71:e8:06:de:b4:c2:90:cf:f2:ce:e2: b4:aa:a6:bc:7c:94:7c:b3:66:48:4f:42:1d:16:cf:6f:68:85: 34:14:9e:da:78:3d:55:ac:a4:75:96:6b:5a:41:2e:92:cf:a8: ee:8e:6f:ce:f7:fe:46:e7:62:56:db:d5:70:48:6b:16:af:66: 10:9b:67:9d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3xrJ+VzMXcNiulx9ZZsZ3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0 MjAzYjQwHhcNMjYwMTAxMDQxNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNGMwYWEyNGQ0MTMzOGM4ZGEzNDVhMmU3YmEzMGJjYjJlYjlmODg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeUNwd5XFn160r+CHFCOQXgYfXQf vD8YCBsd6kE+lkGsqRrpCR5IF7wimEvlDDP3o622D7bRwaBEGEZA6uPyc2xQ2w+H itrXyr1ipjNDw+sxv1cmjAmp9ODgd5jYmZQlgKVIKfnqprZIloxrYdIvO30ATzla tEVCtijTdGND5sldi7NotsgxhfkZdW2nBcHVHnyw0naSyckBnUvMewyD8PV9durO GmtRCT+9x5pNcjkHEyQ13upmWg/D5BDX5WePJaOV+DaobaJRdahI84Li+yzedR7v vJMTXR8pJe2hTzPfMnUFJhcpRYu6zwir0hoA9uutaaqwUStW3A2lHVVNwQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFBTAqiTUEzjI2jRaLnujC8suufiGMB8GA1UdIwQY MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt MTY2OTljOTZkZDVlLzEvRk1DcUpOUVRPTWphTkZvdWU2TUx5eTY1LUlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvIKWMA0G CSqGSIb3DQEBCwUAA4IBAQB5fx3tyOxa8C3dUXLpExPRxIRq12Q2MI4BrGBVg9Gv WZJj3RfIOec4zrciqxbMB4JnmnGRdaawIM4UCThckY8Xyy2H7CqLYn6dZdqaihSY 8ZdY6Kp7/gLvaOdadkbcQJwARphKrcv4htLIJLLFTxTfkyuDSpDD8s2dKjoHtdiZ krMV41cWcsN539IpK7udR+0iQr7A8Jhnj2r0gH6BCbSKsdRf9Mlfa02CPMZN3URY tfu56omMdRDzrKq8cegG3rTCkM/yzuK0qqa8fJR8s2ZIT0IdFs9vaIU0FJ7aeD1V rKR1lmtaQS6Sz6jujm/O9/5G52JW29VwSGsWr2YQm2ed -----END CERTIFICATE-----Generated at Sun Jan 25 22:47:00 2026 by rpki-client