This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/eb7dd4-fc8f-4937-8db0-a665db22ef72/1/RfKXkstXHL4Kc9qax_2Ju3v4QnE.roa File: RfKXkstXHL4Kc9qax_2Ju3v4QnE.roa (raw, json) Hash identifier: btYMECJQLRg+6slKb1DBm+HR1AQrJHLgN0aMeeAr7nQ= Subject key identifier: 45:F2:97:92:CB:57:1C:BE:0A:73:DA:9A:C7:FD:89:BB:7B:F8:42:71 Certificate issuer: /CN=1caf2fa38e1d1a4d0e06609bf2976e81c50aad0a Certificate serial: 019B797E80AE964517BF13F522D15397A6BA Authority key identifier: 1C:AF:2F:A3:8E:1D:1A:4D:0E:06:60:9B:F2:97:6E:81:C5:0A:AD:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK8vo44dGk0OBmCb8pdugcUKrQo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/eb7dd4-fc8f-4937-8db0-a665db22ef72/1/RfKXkstXHL4Kc9qax_2Ju3v4QnE.roa Signing time: Thu 01 Jan 2026 12:18:12 +0000 ROA not before: Thu 01 Jan 2026 12:18:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209116 IP address blocks: 5.181.248.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/eb7dd4-fc8f-4937-8db0-a665db22ef72/1/HK8vo44dGk0OBmCb8pdugcUKrQo.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/eb7dd4-fc8f-4937-8db0-a665db22ef72/1/HK8vo44dGk0OBmCb8pdugcUKrQo.mft rsync://rpki.ripe.net/repository/DEFAULT/HK8vo44dGk0OBmCb8pdugcUKrQo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:80:ae:96:45:17:bf:13:f5:22:d1:53:97:a6:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1caf2fa38e1d1a4d0e06609bf2976e81c50aad0a Validity Not Before: Jan 1 12:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=45f29792cb571cbe0a73da9ac7fd89bb7bf84271 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:99:3c:16:bf:f2:dc:71:48:a2:d9:1f:e1:fc: b4:cf:39:cc:ac:25:52:70:5b:ca:09:df:d1:f2:86: b4:10:13:1d:14:8f:64:a2:b3:d9:6c:ac:da:4a:b6: 96:3e:a4:c2:7b:08:75:b4:0a:bd:0e:e1:e8:db:61: 14:c9:94:fe:20:c2:b2:2b:bd:1e:e8:35:aa:c9:3d: f0:68:24:1a:7b:75:1d:78:c0:6c:4a:d4:73:e1:8a: de:be:64:5c:48:e2:c3:3d:83:8c:e2:e5:7b:c3:39: dd:a2:c7:7d:be:a2:9b:f3:db:46:17:d2:8a:00:30: 82:2f:14:79:44:0d:28:5e:22:71:50:c3:4e:44:d0: 6f:6e:a9:f5:23:d9:1b:92:79:ea:08:4b:c7:02:6d: 8b:16:00:76:05:09:f5:c1:bd:da:06:6a:d3:6e:d7: 12:23:f8:68:d5:2c:24:fc:d7:f6:a8:f3:64:33:16: 12:69:cc:13:40:66:e2:50:e3:4a:71:ea:00:f1:3e: eb:57:29:69:db:7d:98:64:b7:06:7a:cc:c1:1d:fd: b5:de:97:77:7a:48:d5:3b:e0:51:63:06:f4:17:1a: 2c:f7:54:77:15:93:f5:cc:8b:fc:1e:64:3d:fe:c4: e0:68:81:5f:6b:7a:0a:1c:11:ae:6d:b1:27:a4:69: ab:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:F2:97:92:CB:57:1C:BE:0A:73:DA:9A:C7:FD:89:BB:7B:F8:42:71 X509v3 Authority Key Identifier: keyid:1C:AF:2F:A3:8E:1D:1A:4D:0E:06:60:9B:F2:97:6E:81:C5:0A:AD:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK8vo44dGk0OBmCb8pdugcUKrQo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/eb7dd4-fc8f-4937-8db0-a665db22ef72/1/RfKXkstXHL4Kc9qax_2Ju3v4QnE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/eb7dd4-fc8f-4937-8db0-a665db22ef72/1/HK8vo44dGk0OBmCb8pdugcUKrQo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.181.248.0/22 Signature Algorithm: sha256WithRSAEncryption 5c:10:fc:16:44:ba:6a:5c:19:12:e2:09:45:af:71:d0:f2:c8: aa:a1:c0:25:c8:b3:35:b7:f7:3a:12:ee:1a:06:62:95:ec:b6: 09:32:c4:40:05:40:21:df:0b:88:17:5f:b6:0c:13:7d:cd:c9: 76:4d:34:e3:44:f7:27:a4:22:d6:12:0b:a9:44:91:46:a3:af: 69:e1:cf:d9:e5:05:f6:1a:a9:d8:d1:79:b3:26:15:ce:d0:c8: 7b:83:12:04:93:1c:e6:86:0d:12:ee:ef:9c:5c:1c:56:e2:ce: 3f:50:7f:fc:5a:af:de:16:bc:bd:b0:ee:22:08:83:69:28:f3: 84:bb:43:ac:71:e1:27:79:cc:eb:c5:3a:2f:39:ae:5a:5f:b9: 8f:84:00:1a:06:66:14:fb:15:c8:78:03:47:29:7e:54:98:8d: c0:8c:3d:70:e4:92:9b:1a:ef:a4:0b:51:52:1e:17:96:c1:a5: df:1f:72:f5:22:14:c9:28:42:58:79:f5:55:c8:35:f1:87:3b: 34:9d:9b:3c:37:06:d9:90:53:05:39:56:1f:5b:e0:f8:99:49: 63:62:1a:b2:93:83:77:e6:ad:b5:6d:42:3d:84:0a:d4:8a:7e: 7a:c4:8e:29:f1:f1:82:a0:4d:1f:77:f2:a2:6a:14:7b:fb:d3: 4d:36:c1:ba -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5foCulkUXvxP1ItFTl6a6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYWYyZmEzOGUxZDFhNGQwZTA2NjA5YmYyOTc2ZTgxYzUw YWFkMGEwHhcNMjYwMTAxMTIxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NWYyOTc5MmNiNTcxY2JlMGE3M2RhOWFjN2ZkODliYjdiZjg0MjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Zk8Fr/y3HFIotkf4fy0zznMrCVS cFvKCd/R8oa0EBMdFI9korPZbKzaSraWPqTCewh1tAq9DuHo22EUyZT+IMKyK70e 6DWqyT3waCQae3UdeMBsStRz4YrevmRcSOLDPYOM4uV7wzndosd9vqKb89tGF9KK ADCCLxR5RA0oXiJxUMNORNBvbqn1I9kbknnqCEvHAm2LFgB2BQn1wb3aBmrTbtcS I/ho1Swk/Nf2qPNkMxYSacwTQGbiUONKceoA8T7rVylp232YZLcGeszBHf213pd3 ekjVO+BRYwb0Fxos91R3FZP1zIv8HmQ9/sTgaIFfa3oKHBGubbEnpGmruQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEXyl5LLVxy+CnPamsf9ibt7+EJxMB8GA1UdIwQY MBaAFByvL6OOHRpNDgZgm/KXboHFCq0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEs4dm80NGRHazBPQm1DYjhwZHVnY1VLclFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9lYjdkZDQtZmM4Zi00OTM3LThkYjAt YTY2NWRiMjJlZjcyLzEvUmZLWGtzdFhITDRLYzlxYXhfMkp1M3Y0UW5FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9lYjdkZDQtZmM4Zi00OTM3LThkYjAtYTY2NWRiMjJlZjcy LzEvSEs4dm80NGRHazBPQm1DYjhwZHVnY1VLclFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbX4MA0G CSqGSIb3DQEBCwUAA4IBAQBcEPwWRLpqXBkS4glFr3HQ8siqocAlyLM1t/c6Eu4a BmKV7LYJMsRABUAh3wuIF1+2DBN9zcl2TTTjRPcnpCLWEgupRJFGo69p4c/Z5QX2 GqnY0XmzJhXO0Mh7gxIEkxzmhg0S7u+cXBxW4s4/UH/8Wq/eFry9sO4iCINpKPOE u0OsceEneczrxTovOa5aX7mPhAAaBmYU+xXIeANHKX5UmI3AjD1w5JKbGu+kC1FS HheWwaXfH3L1IhTJKEJYefVVyDXxhzs0nZs8NwbZkFMFOVYfW+D4mUljYhqyk4N3 5q21bUI9hArUin56xI4p8fGCoE0fd/KiahR7+9NNNsG6 -----END CERTIFICATE-----Generated at Mon Feb 9 18:44:16 2026 by rpki-client