This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/fnxekr8hjBPYztHEpriyNTg-w1c.roa File: fnxekr8hjBPYztHEpriyNTg-w1c.roa (raw, json) Hash identifier: Yw6ebR/XuI9yJ6QrRRVgWW8yPZGg+etxygR5z7m4D2g= Subject key identifier: 7E:7C:5E:92:BF:21:8C:13:D8:CE:D1:C4:A6:B8:B2:35:38:3E:C3:57 Certificate issuer: /CN=327ce64ace02ccd330ceef98d05df0fb20317a91 Certificate serial: 019B7CEE3F1457AF8FA550DC932C6257546F Authority key identifier: 32:7C:E6:4A:CE:02:CC:D3:30:CE:EF:98:D0:5D:F0:FB:20:31:7A:91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MnzmSs4CzNMwzu-Y0F3w-yAxepE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/fnxekr8hjBPYztHEpriyNTg-w1c.roa Signing time: Fri 02 Jan 2026 04:19:06 +0000 ROA not before: Fri 02 Jan 2026 04:19:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198024 IP address blocks: 45.88.44.0/22 maxlen: 22 2a07:3b00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/MnzmSs4CzNMwzu-Y0F3w-yAxepE.crl rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/MnzmSs4CzNMwzu-Y0F3w-yAxepE.mft rsync://rpki.ripe.net/repository/DEFAULT/MnzmSs4CzNMwzu-Y0F3w-yAxepE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:3f:14:57:af:8f:a5:50:dc:93:2c:62:57:54:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=327ce64ace02ccd330ceef98d05df0fb20317a91 Validity Not Before: Jan 2 04:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7e7c5e92bf218c13d8ced1c4a6b8b235383ec357 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:cb:07:fc:81:ef:74:5c:ad:46:e5:b8:bb:49: 3a:0d:7b:f2:50:32:24:4b:c3:55:22:3c:41:31:02: dc:eb:c8:23:f6:4a:90:3e:01:81:6d:3a:fe:43:58: 1e:b2:e5:7f:36:37:c1:d2:05:52:a2:89:2f:26:b5: 73:21:9b:62:2c:e7:bc:99:fb:fe:58:9a:0d:76:e7: 30:a0:1b:43:d2:a9:90:89:c6:87:fe:20:d8:42:dd: ea:af:24:f3:cf:89:20:08:68:d4:aa:f6:d8:0a:b7: 62:69:e5:e5:a9:8d:9a:68:3e:39:f9:77:cd:2c:3c: 93:92:2f:4b:b8:e2:8a:7c:89:72:94:5e:be:72:96: 2d:ba:4d:fe:b7:14:d6:83:fa:14:0e:4b:96:d6:5b: 0b:68:20:8f:4d:69:05:02:1f:eb:53:6b:69:c8:d1: 7e:22:0d:f1:6d:cf:7b:00:47:af:89:49:0a:3d:ce: fc:45:76:6e:ef:42:8f:2b:74:64:32:3a:77:21:a3: c5:e9:b5:49:d3:96:c7:a3:be:b0:56:f3:a9:8a:5b: 3b:05:98:e8:7e:30:7f:77:22:8d:58:49:f0:da:25: fc:97:f8:66:df:35:0e:ee:bb:de:af:fe:e4:ca:40: ac:d5:f0:ea:b1:c7:6a:7d:ab:6b:7f:0c:5a:b0:eb: 3f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:7C:5E:92:BF:21:8C:13:D8:CE:D1:C4:A6:B8:B2:35:38:3E:C3:57 X509v3 Authority Key Identifier: keyid:32:7C:E6:4A:CE:02:CC:D3:30:CE:EF:98:D0:5D:F0:FB:20:31:7A:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MnzmSs4CzNMwzu-Y0F3w-yAxepE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/fnxekr8hjBPYztHEpriyNTg-w1c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/MnzmSs4CzNMwzu-Y0F3w-yAxepE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.88.44.0/22 IPv6: 2a07:3b00::/29 Signature Algorithm: sha256WithRSAEncryption 22:8e:68:4c:0f:00:c7:61:7b:8b:05:94:df:79:2e:a3:7d:a2: 57:30:36:d1:f1:38:1f:45:ad:b7:b3:b9:1f:bc:b1:6f:84:27: a5:46:bc:20:a3:a7:2c:22:e4:1b:08:19:2c:d8:ab:85:3d:db: 2a:b4:48:d6:a9:58:43:ca:5d:f0:b5:23:2a:d5:0a:32:cb:67: 24:8c:41:01:c2:b1:50:80:61:d6:52:0b:44:4e:7a:60:c0:02: 1a:87:7d:f3:26:f9:df:a6:cf:26:ff:7f:e6:de:64:51:4c:d7: a1:e0:51:c0:f9:df:d5:00:8e:9a:c4:b4:06:9a:8f:4a:e0:7d: ee:86:15:7c:3d:eb:21:d2:b8:33:37:37:5f:c2:d8:16:0b:9c: f8:ca:54:b4:7d:d6:08:0d:ec:d9:4a:7e:81:b0:2d:0c:71:b2: ab:0f:06:4e:12:45:d7:99:58:4f:4e:ee:f9:9b:dd:66:19:2a: 98:5a:ba:4b:c5:56:8d:fa:e0:53:5a:0d:b8:47:f7:c0:e2:37: 4d:4a:ea:2a:7b:69:8c:26:69:f1:5b:bd:e1:f8:3d:f7:65:81: cf:91:35:05:de:8a:d3:71:09:d3:b5:7a:55:2f:fe:46:c7:b1: 29:64:b8:06:5d:53:2e:03:36:36:5c:52:76:c4:d5:9b:5a:55: 12:88:e2:e5 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt87j8UV6+PpVDckyxiV1RvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyN2NlNjRhY2UwMmNjZDMzMGNlZWY5OGQwNWRmMGZiMjAz MTdhOTEwHhcNMjYwMTAyMDQxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZTdjNWU5MmJmMjE4YzEzZDhjZWQxYzRhNmI4YjIzNTM4M2VjMzU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvssH/IHvdFytRuW4u0k6DXvyUDIk S8NVIjxBMQLc68gj9kqQPgGBbTr+Q1gesuV/NjfB0gVSookvJrVzIZtiLOe8mfv+ WJoNducwoBtD0qmQicaH/iDYQt3qryTzz4kgCGjUqvbYCrdiaeXlqY2aaD45+XfN LDyTki9LuOKKfIlylF6+cpYtuk3+txTWg/oUDkuW1lsLaCCPTWkFAh/rU2tpyNF+ Ig3xbc97AEeviUkKPc78RXZu70KPK3RkMjp3IaPF6bVJ05bHo76wVvOpils7BZjo fjB/dyKNWEnw2iX8l/hm3zUO7rver/7kykCs1fDqscdqfatrfwxasOs/qQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFH58XpK/IYwT2M7RxKa4sjU4PsNXMB8GA1UdIwQY MBaAFDJ85krOAszTMM7vmNBd8PsgMXqRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTW56bVNzNEN6Tk13enUtWTBGM3cteUF4ZXBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS85ZGU1ZGEtMmRiMi00ZTA2LTg1NjMt YTNkOWQ2MTRmMTk3LzEvZm54ZWtyOGhqQlBZenRIRXByaXlOVGctdzFjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS85ZGU1ZGEtMmRiMi00ZTA2LTg1NjMtYTNkOWQ2MTRmMTk3 LzEvTW56bVNzNEN6Tk13enUtWTBGM3cteUF4ZXBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVgsMA0E AgACMAcDBQMqBzsAMA0GCSqGSIb3DQEBCwUAA4IBAQAijmhMDwDHYXuLBZTfeS6j faJXMDbR8TgfRa23s7kfvLFvhCelRrwgo6csIuQbCBks2KuFPdsqtEjWqVhDyl3w tSMq1Qoyy2ckjEEBwrFQgGHWUgtETnpgwAIah33zJvnfps8m/3/m3mRRTNeh4FHA +d/VAI6axLQGmo9K4H3uhhV8Pesh0rgzNzdfwtgWC5z4ylS0fdYIDezZSn6BsC0M cbKrDwZOEkXXmVhPTu75m91mGSqYWrpLxVaN+uBTWg24R/fA4jdNSuoqe2mMJmnx W73h+D33ZYHPkTUF3orTcQnTtXpVL/5Gx7EpZLgGXVMuAzY2XFJ2xNWbWlUSiOLl -----END CERTIFICATE-----Generated at Tue Jan 27 00:30:16 2026 by rpki-client