This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/5d8cd1-cf51-4c16-a386-7f504271cf90/1/pfh1mEMWGqfMBsjXKJm7o71cR4U.roa File: pfh1mEMWGqfMBsjXKJm7o71cR4U.roa (raw, json) Hash identifier: +3H4MNFNTpOXbo6c9xASz6EPy+aohNw/Bgmf/lrX1YA= Subject key identifier: A5:F8:75:98:43:16:1A:A7:CC:06:C8:D7:28:99:BB:A3:BD:5C:47:85 Certificate issuer: /CN=0d18ca9c8b3d7de6aacc3d142c77def65d9d9a13 Certificate serial: 019BE26073DDBFB08AF819B5C2EFD933D963 Authority key identifier: 0D:18:CA:9C:8B:3D:7D:E6:AA:CC:3D:14:2C:77:DE:F6:5D:9D:9A:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DRjKnIs9feaqzD0ULHfe9l2dmhM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/5d8cd1-cf51-4c16-a386-7f504271cf90/1/pfh1mEMWGqfMBsjXKJm7o71cR4U.roa Signing time: Wed 21 Jan 2026 21:05:30 +0000 ROA not before: Wed 21 Jan 2026 21:05:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39889 IP address blocks: 185.173.220.0/22 maxlen: 22 195.189.26.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/5d8cd1-cf51-4c16-a386-7f504271cf90/1/DRjKnIs9feaqzD0ULHfe9l2dmhM.crl rsync://rpki.ripe.net/repository/DEFAULT/71/5d8cd1-cf51-4c16-a386-7f504271cf90/1/DRjKnIs9feaqzD0ULHfe9l2dmhM.mft rsync://rpki.ripe.net/repository/DEFAULT/DRjKnIs9feaqzD0ULHfe9l2dmhM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 03:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e2:60:73:dd:bf:b0:8a:f8:19:b5:c2:ef:d9:33:d9:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d18ca9c8b3d7de6aacc3d142c77def65d9d9a13 Validity Not Before: Jan 21 21:05:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a5f8759843161aa7cc06c8d72899bba3bd5c4785 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:91:05:43:03:7a:c9:03:ca:b3:ce:09:37:10: e4:f7:43:a6:47:08:3c:ff:14:6d:be:87:e1:d0:07: d2:2d:78:1c:3e:6f:bf:29:bb:67:ee:b8:b6:5c:b8: 44:06:61:69:c5:2e:2c:a0:4a:59:75:a0:e6:b3:ec: 2b:f2:3e:50:64:ca:1f:a0:12:3e:ab:e3:64:96:01: 65:2e:52:3e:d8:1e:61:f5:b1:2c:92:12:03:c5:50: 37:8f:50:70:d0:7d:59:0c:21:7f:00:59:5b:c2:eb: a6:94:79:57:0c:02:63:f4:62:26:e8:4b:af:e1:2b: 39:31:d3:fb:6b:41:66:b8:99:4b:59:06:b9:5d:12: 13:66:50:dd:4d:c5:2e:4e:37:e3:17:31:0f:b9:16: bc:63:ac:f4:eb:5a:da:e9:5c:6c:16:d6:d9:f5:72: ff:7e:d5:36:b1:fe:93:18:7d:76:2b:c6:38:19:13: cb:9a:38:db:26:d0:54:05:2b:34:92:f1:31:e9:bb: d0:8a:ab:20:11:30:3d:b2:79:b2:d0:87:cd:1d:91: 84:fb:9b:ae:31:a0:66:da:ab:ee:21:da:43:cc:7f: 28:ac:7b:85:19:b6:99:3e:c4:7c:ce:d4:a4:f8:7c: 13:2f:56:fa:a7:9f:f0:a2:44:f4:ec:b1:4e:07:9b: ee:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:F8:75:98:43:16:1A:A7:CC:06:C8:D7:28:99:BB:A3:BD:5C:47:85 X509v3 Authority Key Identifier: keyid:0D:18:CA:9C:8B:3D:7D:E6:AA:CC:3D:14:2C:77:DE:F6:5D:9D:9A:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRjKnIs9feaqzD0ULHfe9l2dmhM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5d8cd1-cf51-4c16-a386-7f504271cf90/1/pfh1mEMWGqfMBsjXKJm7o71cR4U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5d8cd1-cf51-4c16-a386-7f504271cf90/1/DRjKnIs9feaqzD0ULHfe9l2dmhM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.173.220.0/22 195.189.26.0/23 Signature Algorithm: sha256WithRSAEncryption 69:d0:ed:83:e9:56:a7:84:9c:e5:d7:a3:46:3b:7f:e7:f8:98: 88:0e:a6:12:ba:45:dd:3e:97:84:48:79:2f:a7:55:fe:f9:62: b5:80:e5:8a:b0:78:9a:50:cd:75:23:37:62:f2:ee:66:53:36: 77:22:19:65:fb:2b:aa:ce:14:5f:25:d2:d1:c1:16:29:f5:f3: 0c:9a:cb:6c:48:7e:34:b1:90:23:f3:eb:ef:7d:e0:a0:42:3e: 48:90:34:72:fd:67:35:d1:26:82:1c:e7:93:9f:3a:f5:1e:34: e7:2b:cb:75:f7:94:53:45:14:7b:d6:a7:c0:fa:65:ab:ad:4d: 95:c9:85:20:56:5c:d3:f3:73:95:83:ad:fa:41:4a:e8:5a:0d: e9:45:aa:88:7a:3e:d7:75:50:80:a4:3d:c4:e6:93:2f:26:94: 5e:85:65:21:94:e0:98:5e:7d:cb:c3:41:26:c2:09:06:6f:ad: a0:e6:f2:f8:3e:48:cc:ef:61:fe:a3:bc:02:65:37:e0:50:a9: d0:eb:ac:67:1d:df:d7:51:3b:ce:8e:50:87:40:45:73:86:76: 61:89:11:94:9a:c2:e1:d2:a1:fb:0b:c1:71:12:7b:5b:b4:59: 0a:ce:aa:83:a4:08:90:52:fd:08:94:ac:e0:46:f1:5d:38:f1: 5d:0e:bd:75 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZviYHPdv7CK+Bm1wu/ZM9ljMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkMThjYTljOGIzZDdkZTZhYWNjM2QxNDJjNzdkZWY2NWQ5 ZDlhMTMwHhcNMjYwMTIxMjEwNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNWY4NzU5ODQzMTYxYWE3Y2MwNmM4ZDcyODk5YmJhM2JkNWM0Nzg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZEFQwN6yQPKs84JNxDk90OmRwg8 /xRtvofh0AfSLXgcPm+/Kbtn7ri2XLhEBmFpxS4soEpZdaDms+wr8j5QZMofoBI+ q+NklgFlLlI+2B5h9bEskhIDxVA3j1Bw0H1ZDCF/AFlbwuumlHlXDAJj9GIm6Euv 4Ss5MdP7a0FmuJlLWQa5XRITZlDdTcUuTjfjFzEPuRa8Y6z061ra6VxsFtbZ9XL/ ftU2sf6TGH12K8Y4GRPLmjjbJtBUBSs0kvEx6bvQiqsgETA9snmy0IfNHZGE+5uu MaBm2qvuIdpDzH8orHuFGbaZPsR8ztSk+HwTL1b6p5/wokT07LFOB5vuywIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKX4dZhDFhqnzAbI1yiZu6O9XEeFMB8GA1UdIwQY MBaAFA0YypyLPX3mqsw9FCx33vZdnZoTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFJqS25JczlmZWFxekQwVUxIZmU5bDJkbWhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81ZDhjZDEtY2Y1MS00YzE2LWEzODYt N2Y1MDQyNzFjZjkwLzEvcGZoMW1FTVdHcWZNQnNqWEtKbTdvNzFjUjRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS81ZDhjZDEtY2Y1MS00YzE2LWEzODYtN2Y1MDQyNzFjZjkw LzEvRFJqS25JczlmZWFxekQwVUxIZmU5bDJkbWhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCua3cAwQB w70aMA0GCSqGSIb3DQEBCwUAA4IBAQBp0O2D6VanhJzl16NGO3/n+JiIDqYSukXd PpeESHkvp1X++WK1gOWKsHiaUM11Izdi8u5mUzZ3Ihll+yuqzhRfJdLRwRYp9fMM mstsSH40sZAj8+vvfeCgQj5IkDRy/Wc10SaCHOeTnzr1HjTnK8t195RTRRR71qfA +mWrrU2VyYUgVlzT83OVg636QUroWg3pRaqIej7XdVCApD3E5pMvJpRehWUhlOCY Xn3Lw0EmwgkGb62g5vL4PkjM72H+o7wCZTfgUKnQ66xnHd/XUTvOjlCHQEVzhnZh iRGUmsLh0qH7C8FxEntbtFkKzqqDpAiQUv0IlKzgRvFdOPFdDr11 -----END CERTIFICATE-----Generated at Mon Feb 2 09:39:15 2026 by rpki-client