This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/9007dc-2354-4e1b-87e5-bc180dacdf05/1/AFAhK4RjN_tCaCuKPQ6S294APKY.roa File: AFAhK4RjN_tCaCuKPQ6S294APKY.roa (raw, json) Hash identifier: Bh304+c1jskIegs4ufHvSWn2atzw/YKrzOn26bB1JF8= Subject key identifier: 00:50:21:2B:84:63:37:FB:42:68:2B:8A:3D:0E:92:DB:DE:00:3C:A6 Certificate issuer: /CN=efd9191978631fc955ac0f51062d5ce9844eae03 Certificate serial: 019B797F0CEC128D25CAAB5DAAC489630552 Authority key identifier: EF:D9:19:19:78:63:1F:C9:55:AC:0F:51:06:2D:5C:E9:84:4E:AE:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/79kZGXhjH8lVrA9RBi1c6YROrgM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/9007dc-2354-4e1b-87e5-bc180dacdf05/1/AFAhK4RjN_tCaCuKPQ6S294APKY.roa Signing time: Thu 01 Jan 2026 12:18:48 +0000 ROA not before: Thu 01 Jan 2026 12:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12762 IP address blocks: 185.210.12.0/22 maxlen: 22 212.51.224.0/19 maxlen: 19 2a00:40c0::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/9007dc-2354-4e1b-87e5-bc180dacdf05/1/79kZGXhjH8lVrA9RBi1c6YROrgM.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/9007dc-2354-4e1b-87e5-bc180dacdf05/1/79kZGXhjH8lVrA9RBi1c6YROrgM.mft rsync://rpki.ripe.net/repository/DEFAULT/79kZGXhjH8lVrA9RBi1c6YROrgM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 06:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:0c:ec:12:8d:25:ca:ab:5d:aa:c4:89:63:05:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=efd9191978631fc955ac0f51062d5ce9844eae03 Validity Not Before: Jan 1 12:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0050212b846337fb42682b8a3d0e92dbde003ca6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:dc:67:b0:08:5f:fd:62:68:b5:8e:23:24:16: c2:35:6d:16:e1:1b:1d:a2:2e:51:b5:9d:54:a3:3a: db:34:4c:09:33:10:6b:31:17:54:f9:cf:48:1c:3e: 3a:84:32:1e:a8:21:bf:d1:11:08:da:45:0e:f4:c9: 22:2c:2a:41:43:0b:c5:e3:ae:1a:0b:b1:e7:0d:44: b6:2d:95:55:fd:80:ba:d5:99:1d:b8:cb:61:dc:52: 38:1e:7f:b0:88:31:ba:89:7c:b4:ef:78:14:8c:1a: de:56:02:ad:8a:d8:20:c8:73:13:c4:52:e5:ec:87: e5:77:9a:d0:25:52:b8:2c:89:7c:e0:02:7a:06:51: 83:fc:d2:88:5a:72:49:e7:ea:5e:ab:5d:e4:ae:fc: 30:43:1d:f1:8a:36:1d:c8:7f:19:dd:17:14:2e:01: 7e:0c:76:0a:9c:c6:38:73:e7:4a:4d:0f:6f:19:93: be:ae:35:93:90:b5:88:31:10:f1:ef:3f:89:a1:21: 80:70:85:ca:dc:3f:d8:16:44:46:36:3d:a0:2e:29: 3e:3d:c5:bb:54:45:5c:42:c1:5f:02:02:58:31:ca: 19:2c:53:84:6e:06:43:b3:61:13:50:ec:52:8d:77: 3d:5d:0e:b6:69:65:d8:b9:9f:a6:e9:53:ac:64:91: f5:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:50:21:2B:84:63:37:FB:42:68:2B:8A:3D:0E:92:DB:DE:00:3C:A6 X509v3 Authority Key Identifier: keyid:EF:D9:19:19:78:63:1F:C9:55:AC:0F:51:06:2D:5C:E9:84:4E:AE:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/79kZGXhjH8lVrA9RBi1c6YROrgM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9007dc-2354-4e1b-87e5-bc180dacdf05/1/AFAhK4RjN_tCaCuKPQ6S294APKY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9007dc-2354-4e1b-87e5-bc180dacdf05/1/79kZGXhjH8lVrA9RBi1c6YROrgM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.210.12.0/22 212.51.224.0/19 IPv6: 2a00:40c0::/29 Signature Algorithm: sha256WithRSAEncryption 52:bd:57:bb:1e:6e:15:16:86:fd:00:ee:1f:3d:5b:bd:d4:e5: 87:b9:2f:77:ef:84:c0:9a:2b:94:7b:8d:05:75:6a:e7:87:b2: f4:31:58:df:34:bd:bf:3f:64:df:c6:ac:fd:a4:ac:a1:3c:7c: 4e:e1:0e:42:a6:86:78:05:7f:48:5d:01:e1:76:69:6f:ce:7f: 61:25:b4:53:76:ab:c3:d8:08:6a:f9:83:38:ef:36:34:6e:c0: f8:4e:a0:7c:e7:de:36:e4:f8:25:41:ae:f6:8f:bd:71:11:1e: d1:5f:55:27:14:c0:c2:8c:36:a5:79:ec:75:1e:bb:80:60:21: 3f:1c:4e:51:da:e0:70:42:04:eb:8b:03:08:bd:3c:2e:ff:f8: cb:0a:a8:4f:32:3a:60:2b:68:d7:9d:87:c7:c5:99:cd:82:6d: 57:7b:8b:21:7f:e3:1d:28:37:a9:d2:41:c7:ae:04:00:58:37: d0:74:1f:90:e0:0b:bb:9a:cf:07:50:57:e7:d6:64:1b:ab:7f: 33:f1:d8:22:66:44:25:c9:3a:44:81:9f:6f:f2:06:8d:2e:48: 9a:db:93:86:c7:1a:12:6e:a4:1c:28:45:45:9a:5f:96:7b:38: 0e:97:3d:a2:5f:e0:d4:8e:2b:06:23:bc:59:1c:29:8f:3a:6d: 8e:26:1a:5f -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5fwzsEo0lyqtdqsSJYwVSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVmZDkxOTE5Nzg2MzFmYzk1NWFjMGY1MTA2MmQ1Y2U5ODQ0 ZWFlMDMwHhcNMjYwMTAxMTIxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMDUwMjEyYjg0NjMzN2ZiNDI2ODJiOGEzZDBlOTJkYmRlMDAzY2E2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdxnsAhf/WJotY4jJBbCNW0W4Rsd oi5RtZ1UozrbNEwJMxBrMRdU+c9IHD46hDIeqCG/0REI2kUO9MkiLCpBQwvF464a C7HnDUS2LZVV/YC61ZkduMth3FI4Hn+wiDG6iXy073gUjBreVgKtitggyHMTxFLl 7Ifld5rQJVK4LIl84AJ6BlGD/NKIWnJJ5+peq13krvwwQx3xijYdyH8Z3RcULgF+ DHYKnMY4c+dKTQ9vGZO+rjWTkLWIMRDx7z+JoSGAcIXK3D/YFkRGNj2gLik+PcW7 VEVcQsFfAgJYMcoZLFOEbgZDs2ETUOxSjXc9XQ62aWXYuZ+m6VOsZJH1pwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFABQISuEYzf7Qmgrij0OktveADymMB8GA1UdIwQY MBaAFO/ZGRl4Yx/JVawPUQYtXOmETq4DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNzlrWkdYaGpIOGxWckE5UkJpMWM2WVJPcmdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85MDA3ZGMtMjM1NC00ZTFiLTg3ZTUt YmMxODBkYWNkZjA1LzEvQUZBaEs0UmpOX3RDYUN1S1BRNlMyOTRBUEtZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC85MDA3ZGMtMjM1NC00ZTFiLTg3ZTUtYmMxODBkYWNkZjA1 LzEvNzlrWkdYaGpIOGxWckE5UkJpMWM2WVJPcmdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudIMAwQF 1DPgMA0EAgACMAcDBQMqAEDAMA0GCSqGSIb3DQEBCwUAA4IBAQBSvVe7Hm4VFob9 AO4fPVu91OWHuS9374TAmiuUe40FdWrnh7L0MVjfNL2/P2Tfxqz9pKyhPHxO4Q5C poZ4BX9IXQHhdmlvzn9hJbRTdqvD2Ahq+YM47zY0bsD4TqB859425PglQa72j71x ER7RX1UnFMDCjDaleex1HruAYCE/HE5R2uBwQgTriwMIvTwu//jLCqhPMjpgK2jX nYfHxZnNgm1Xe4shf+MdKDep0kHHrgQAWDfQdB+Q4Au7ms8HUFfn1mQbq38z8dgi ZkQlyTpEgZ9v8gaNLkia25OGxxoSbqQcKEVFml+WezgOlz2iX+DUjisGI7xZHCmP Om2OJhpf -----END CERTIFICATE-----Generated at Mon Jan 26 16:21:52 2026 by rpki-client