This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/pDsTCJPX6I7CTPbbV1F-Yk_RqdI.roa File: pDsTCJPX6I7CTPbbV1F-Yk_RqdI.roa (raw, json) Hash identifier: k6qre4EFHCNOu0yYjc+l0cPyKi7Hs3Gqi9mcxhitEa4= Subject key identifier: A4:3B:13:08:93:D7:E8:8E:C2:4C:F6:DB:57:51:7E:62:4F:D1:A9:D2 Certificate issuer: /CN=42217a2d513a9fb0fce1a1cfc2b3c05c018bd8c1 Certificate serial: 019B7B36E897A6B3309340121969D81E029E Authority key identifier: 42:21:7A:2D:51:3A:9F:B0:FC:E1:A1:CF:C2:B3:C0:5C:01:8B:D8:C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiF6LVE6n7D84aHPwrPAXAGL2ME.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/pDsTCJPX6I7CTPbbV1F-Yk_RqdI.roa Signing time: Thu 01 Jan 2026 20:19:14 +0000 ROA not before: Thu 01 Jan 2026 20:19:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3320 IP address blocks: 193.188.196.0/24 maxlen: 24 2001:67c:b80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/QiF6LVE6n7D84aHPwrPAXAGL2ME.crl rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/QiF6LVE6n7D84aHPwrPAXAGL2ME.mft rsync://rpki.ripe.net/repository/DEFAULT/QiF6LVE6n7D84aHPwrPAXAGL2ME.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 02:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:e8:97:a6:b3:30:93:40:12:19:69:d8:1e:02:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42217a2d513a9fb0fce1a1cfc2b3c05c018bd8c1 Validity Not Before: Jan 1 20:19:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a43b130893d7e88ec24cf6db57517e624fd1a9d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:26:cc:cd:14:cc:75:e6:27:3c:ee:43:ca:40: 88:88:b5:44:f6:55:0b:da:50:8d:a0:b2:08:97:b0: 90:32:37:4b:13:83:04:41:16:7d:5a:9b:3b:4f:d5: b9:05:0b:df:b3:ea:8d:9b:3d:16:74:ea:a8:90:64: 5d:45:fe:9b:6c:da:c6:38:bc:08:30:84:73:31:19: c5:a1:d0:6b:9d:21:52:4f:c9:93:b0:76:b0:4e:0c: ed:f8:f0:1f:99:7b:98:18:6b:19:64:7f:0c:c0:a8: f9:71:d3:82:f7:1b:5e:87:3b:48:36:18:ff:7f:6e: 48:c0:e5:36:75:cb:f4:e0:e4:59:90:96:76:cb:08: 17:1d:28:f3:17:b4:9b:6d:a4:8d:58:df:d6:15:92: 5f:d8:35:41:19:a9:c3:69:57:a7:f1:b9:aa:ba:b6: 41:50:32:39:cc:75:f6:ba:2d:25:f9:a8:81:16:48: 2d:db:56:ec:e5:53:d5:e9:9b:c7:c6:fb:3c:9a:2f: c4:dd:2d:3e:56:cf:0e:6e:ac:01:71:01:40:42:86: ab:95:ef:42:14:65:e9:27:c0:91:42:c1:0c:55:34: 43:6d:80:24:9f:15:44:ed:e8:45:9b:be:ed:6c:3b: 8f:09:fd:c9:4d:f7:4e:77:6c:ab:0b:54:3d:4d:a1: a6:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:3B:13:08:93:D7:E8:8E:C2:4C:F6:DB:57:51:7E:62:4F:D1:A9:D2 X509v3 Authority Key Identifier: keyid:42:21:7A:2D:51:3A:9F:B0:FC:E1:A1:CF:C2:B3:C0:5C:01:8B:D8:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiF6LVE6n7D84aHPwrPAXAGL2ME.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/pDsTCJPX6I7CTPbbV1F-Yk_RqdI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/QiF6LVE6n7D84aHPwrPAXAGL2ME.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.188.196.0/24 IPv6: 2001:67c:b80::/48 Signature Algorithm: sha256WithRSAEncryption 5f:7d:f5:ce:0c:62:f0:f7:5c:66:55:c2:31:68:34:d7:99:95: 92:31:04:da:af:0e:8c:bc:06:b6:7c:51:eb:c9:62:27:7f:14: ce:0a:b2:a7:57:08:c8:24:c3:98:a0:cb:4f:8c:b3:8d:7c:05: 96:4e:f9:c1:7f:6c:a9:2c:f8:3f:fa:42:c6:2f:30:f8:f2:4f: bd:06:5c:13:c9:8c:de:6f:4d:bf:6b:73:18:30:7e:0c:87:9f: d5:52:18:19:d8:1b:aa:a5:2a:94:e1:72:18:2c:e8:35:c0:74: cd:65:30:c7:b8:5f:ee:81:af:0b:51:f5:16:c4:e5:49:e7:71: d5:de:62:49:ef:64:1f:ba:01:a6:d3:eb:f2:fc:c6:fc:6e:1f: 9a:b4:62:70:fd:27:5c:0f:bd:98:6a:7d:11:55:a0:f8:31:66: 45:e0:be:f0:78:be:86:12:1d:e8:a5:44:fc:5b:8d:05:ec:f7: 60:ed:1c:29:8c:50:8b:44:6a:31:96:c4:a6:57:db:07:d8:f3: a3:28:4a:2d:01:7b:f3:47:fd:34:fa:7e:4a:5a:9b:5a:8d:a7: fa:cc:19:04:54:3e:bd:f6:03:a1:05:eb:ba:53:7b:f2:f4:0d: b2:ca:34:9c:0b:27:b5:d5:a1:e2:b5:3a:2f:12:74:1d:02:8b: c1:01:06:d3 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt7NuiXprMwk0ASGWnYHgKeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyMjE3YTJkNTEzYTlmYjBmY2UxYTFjZmMyYjNjMDVjMDE4 YmQ4YzEwHhcNMjYwMTAxMjAxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNDNiMTMwODkzZDdlODhlYzI0Y2Y2ZGI1NzUxN2U2MjRmZDFhOWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ybMzRTMdeYnPO5DykCIiLVE9lUL 2lCNoLIIl7CQMjdLE4MEQRZ9Wps7T9W5BQvfs+qNmz0WdOqokGRdRf6bbNrGOLwI MIRzMRnFodBrnSFST8mTsHawTgzt+PAfmXuYGGsZZH8MwKj5cdOC9xtehztINhj/ f25IwOU2dcv04ORZkJZ2ywgXHSjzF7SbbaSNWN/WFZJf2DVBGanDaVen8bmqurZB UDI5zHX2ui0l+aiBFkgt21bs5VPV6ZvHxvs8mi/E3S0+Vs8ObqwBcQFAQoarle9C FGXpJ8CRQsEMVTRDbYAknxVE7ehFm77tbDuPCf3JTfdOd2yrC1Q9TaGm9wIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFKQ7EwiT1+iOwkz221dRfmJP0anSMB8GA1UdIwQY MBaAFEIhei1ROp+w/OGhz8KzwFwBi9jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWlGNkxWRTZuN0Q4NGFIUHdyUEFYQUdMMk1FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9mMTI1NTEtMjBjYy00MjE4LWE0MjYt ZjQxZDZjMGM4NGI2LzEvcERzVENKUFg2STdDVFBiYlYxRi1Za19ScWRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS9mMTI1NTEtMjBjYy00MjE4LWE0MjYtZjQxZDZjMGM4NGI2 LzEvUWlGNkxWRTZuN0Q4NGFIUHdyUEFYQUdMMk1FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwbzEMA8E AgACMAkDBwAgAQZ8C4AwDQYJKoZIhvcNAQELBQADggEBAF999c4MYvD3XGZVwjFo NNeZlZIxBNqvDoy8BrZ8UevJYid/FM4KsqdXCMgkw5igy0+Ms418BZZO+cF/bKks +D/6QsYvMPjyT70GXBPJjN5vTb9rcxgwfgyHn9VSGBnYG6qlKpThchgs6DXAdM1l MMe4X+6BrwtR9RbE5UnncdXeYknvZB+6AabT6/L8xvxuH5q0YnD9J1wPvZhqfRFV oPgxZkXgvvB4voYSHeilRPxbjQXs92DtHCmMUItEajGWxKZX2wfY86MoSi0Be/NH /TT6fkpam1qNp/rMGQRUPr32A6EF67pTe/L0DbLKNJwLJ7XVoeK1Oi8SdB0Ci8EB BtM= -----END CERTIFICATE-----Generated at Mon Jan 19 11:50:04 2026 by rpki-client