This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/KEfhpSYDTcA_WVzzetkfLEElZqA.roa File: KEfhpSYDTcA_WVzzetkfLEElZqA.roa (raw, json) Hash identifier: HDmoLstVaitK+4XS6Am6UgsI3Y71lEzDuRcwxhiLGMY= Subject key identifier: 28:47:E1:A5:26:03:4D:C0:3F:59:5C:F3:7A:D9:1F:2C:41:25:66:A0 Certificate issuer: /CN=1a9154e1c5578b0fef8abb779f8117e64e884d18 Certificate serial: 019B7E389823B1C6150BA536A318F84E6374 Authority key identifier: 1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/KEfhpSYDTcA_WVzzetkfLEElZqA.roa Signing time: Fri 02 Jan 2026 10:19:56 +0000 ROA not before: Fri 02 Jan 2026 10:19:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13347 IP address blocks: 193.176.98.0/24 maxlen: 24 2a12:f3c0::/29 maxlen: 29 2a12:f3c7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/GpFU4cVXiw_virt3n4EX5k6ITRg.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/GpFU4cVXiw_virt3n4EX5k6ITRg.mft rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 15:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:98:23:b1:c6:15:0b:a5:36:a3:18:f8:4e:63:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a9154e1c5578b0fef8abb779f8117e64e884d18 Validity Not Before: Jan 2 10:19:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2847e1a526034dc03f595cf37ad91f2c412566a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:05:9a:21:63:df:20:e2:fc:6b:04:04:ae:18: 27:5a:64:da:d5:59:be:53:e6:de:74:99:8c:ee:c7: ed:62:1c:e7:b1:b5:d3:66:48:2c:be:12:c6:ba:e5: 6b:8b:78:11:60:a1:76:53:da:e2:41:49:47:bb:52: 00:65:85:dd:bf:a5:2d:f9:90:a6:10:99:18:2d:5f: 87:fc:be:a5:cc:d0:cc:4e:f6:76:14:27:d5:44:7f: 73:3d:a3:8b:8a:6a:20:50:ae:f3:8c:79:71:79:ea: e6:ad:5c:5a:46:ea:64:a1:74:fd:bc:55:30:df:72: eb:17:88:03:2c:7e:42:ed:58:40:52:f7:9f:4e:5d: 6b:59:42:43:95:d1:45:1b:d9:93:7b:51:de:e6:d4: 3c:46:29:b0:f3:23:03:0c:59:b4:7e:4d:3d:9a:13: 1c:44:d6:83:66:1f:b2:f1:df:2b:75:5c:fa:05:63: d0:4f:59:42:6b:eb:5f:6e:49:c3:80:73:67:5d:c2: ef:43:70:eb:60:01:3c:ac:67:49:d2:de:1f:dd:e4: 0d:4f:f5:e9:0d:b0:bd:22:75:81:51:fc:6a:7c:55: 5b:b3:78:c7:8e:4f:3e:0a:41:54:d0:58:41:28:c6: cc:9d:2e:90:f3:6d:ba:fa:ff:b0:5f:c5:61:83:69: 00:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:47:E1:A5:26:03:4D:C0:3F:59:5C:F3:7A:D9:1F:2C:41:25:66:A0 X509v3 Authority Key Identifier: keyid:1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/KEfhpSYDTcA_WVzzetkfLEElZqA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/GpFU4cVXiw_virt3n4EX5k6ITRg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.176.98.0/24 IPv6: 2a12:f3c0::/29 Signature Algorithm: sha256WithRSAEncryption 78:3c:7c:ff:0a:32:33:75:b4:e9:3a:75:cf:64:06:bc:1b:ef: e3:08:0c:68:28:a9:74:bd:59:b3:11:dd:23:44:16:dd:d3:66: 65:12:ed:b6:ec:0a:97:b1:cf:f9:b9:54:8a:fe:e2:e3:bd:19: 62:6b:6f:ad:98:22:4f:99:a0:47:96:16:6e:91:65:3b:73:69: 96:db:64:93:5b:a2:fe:e0:bc:0e:3d:e7:d4:35:85:22:b3:a3: fb:11:cb:c2:74:49:40:f5:94:c7:e1:8f:ea:5a:7e:85:38:70: 21:15:d7:64:94:64:21:65:c6:96:3f:52:8a:ae:90:fc:a6:d6: df:d7:d1:96:b4:74:b1:fb:6e:2f:80:cb:57:64:1e:15:a3:87: 86:cd:3a:3f:c8:b9:36:98:47:10:f8:ce:1a:25:e1:e4:81:b5: f3:b6:d3:2d:0c:80:a7:5e:64:8d:c2:18:c4:ac:21:7d:9f:c6: 43:36:c2:c6:58:63:3a:40:61:af:70:f2:d9:f0:f1:c1:f0:b3: f7:ec:e8:ff:bf:03:60:40:7c:61:75:c4:d4:19:b8:39:23:6a: 21:1a:31:f4:32:dd:ca:ef:59:73:5b:9b:25:ed:76:42:12:3a: 55:20:6c:c1:dc:c4:10:14:8d:09:c2:34:3b:d3:b9:50:ff:f0: 81:68:40:00 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OJgjscYVC6U2oxj4TmN0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhOTE1NGUxYzU1NzhiMGZlZjhhYmI3NzlmODExN2U2NGU4 ODRkMTgwHhcNMjYwMTAyMTAxOTU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODQ3ZTFhNTI2MDM0ZGMwM2Y1OTVjZjM3YWQ5MWYyYzQxMjU2NmEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQWaIWPfIOL8awQErhgnWmTa1Vm+ U+bedJmM7sftYhznsbXTZkgsvhLGuuVri3gRYKF2U9riQUlHu1IAZYXdv6Ut+ZCm EJkYLV+H/L6lzNDMTvZ2FCfVRH9zPaOLimogUK7zjHlxeermrVxaRupkoXT9vFUw 33LrF4gDLH5C7VhAUvefTl1rWUJDldFFG9mTe1He5tQ8Rimw8yMDDFm0fk09mhMc RNaDZh+y8d8rdVz6BWPQT1lCa+tfbknDgHNnXcLvQ3DrYAE8rGdJ0t4f3eQNT/Xp DbC9InWBUfxqfFVbs3jHjk8+CkFU0FhBKMbMnS6Q8226+v+wX8Vhg2kARQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFChH4aUmA03AP1lc83rZHyxBJWagMB8GA1UdIwQY MBaAFBqRVOHFV4sP74q7d5+BF+ZOiE0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDIt Mzg4ZDhhZDJhNWJiLzEvS0VmaHBTWURUY0FfV1Z6emV0a2ZMRUVsWnFBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJi LzEvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwbBiMA0E AgACMAcDBQMqEvPAMA0GCSqGSIb3DQEBCwUAA4IBAQB4PHz/CjIzdbTpOnXPZAa8 G+/jCAxoKKl0vVmzEd0jRBbd02ZlEu227AqXsc/5uVSK/uLjvRlia2+tmCJPmaBH lhZukWU7c2mW22STW6L+4LwOPefUNYUis6P7EcvCdElA9ZTH4Y/qWn6FOHAhFddk lGQhZcaWP1KKrpD8ptbf19GWtHSx+24vgMtXZB4Vo4eGzTo/yLk2mEcQ+M4aJeHk gbXzttMtDICnXmSNwhjErCF9n8ZDNsLGWGM6QGGvcPLZ8PHB8LP37Oj/vwNgQHxh dcTUGbg5I2ohGjH0Mt3K71lzW5sl7XZCEjpVIGzB3MQQFI0JwjQ707lQ//CBaEAA -----END CERTIFICATE-----Generated at Tue Jan 20 22:47:36 2026 by rpki-client