This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/b525eb-cea4-47fd-8f7d-68e949082f9b/1/fgHkP2YUSzuNyvGW8zK9eGXNEYY.roa File: fgHkP2YUSzuNyvGW8zK9eGXNEYY.roa (raw, json) Hash identifier: SUqfyWSJbDnWk7tr9aXaMYt6tAtE7VJWtQ/R4/BKvSk= Subject key identifier: 7E:01:E4:3F:66:14:4B:3B:8D:CA:F1:96:F3:32:BD:78:65:CD:11:86 Certificate issuer: /CN=ec1d7290bfd1be123fbe0b075fd50dcf646c4f76 Certificate serial: 019B7C12A9987358CC37AE5DB76F859C9AF7 Authority key identifier: EC:1D:72:90:BF:D1:BE:12:3F:BE:0B:07:5F:D5:0D:CF:64:6C:4F:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7B1ykL_RvhI_vgsHX9UNz2RsT3Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/b525eb-cea4-47fd-8f7d-68e949082f9b/1/fgHkP2YUSzuNyvGW8zK9eGXNEYY.roa Signing time: Fri 02 Jan 2026 00:19:16 +0000 ROA not before: Fri 02 Jan 2026 00:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44934 IP address blocks: 91.203.56.0/22 maxlen: 24 2001:67c:6f0::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/b525eb-cea4-47fd-8f7d-68e949082f9b/1/7B1ykL_RvhI_vgsHX9UNz2RsT3Y.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/b525eb-cea4-47fd-8f7d-68e949082f9b/1/7B1ykL_RvhI_vgsHX9UNz2RsT3Y.mft rsync://rpki.ripe.net/repository/DEFAULT/7B1ykL_RvhI_vgsHX9UNz2RsT3Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:a9:98:73:58:cc:37:ae:5d:b7:6f:85:9c:9a:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ec1d7290bfd1be123fbe0b075fd50dcf646c4f76 Validity Not Before: Jan 2 00:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7e01e43f66144b3b8dcaf196f332bd7865cd1186 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:5c:9c:08:65:9b:43:f0:df:98:d5:4c:22:47: f6:3a:2a:33:32:ac:49:5e:eb:4f:a9:f4:d8:a3:56: 17:b2:c7:21:8e:db:4c:73:1b:cb:b3:3c:d3:8b:af: e7:78:fe:c1:e6:c9:21:be:af:e0:09:56:a8:85:14: 16:11:5a:b8:e7:09:21:8e:8f:f8:30:2f:58:07:62: ae:c9:ce:f4:fb:af:51:a3:c8:28:25:bb:f1:0f:93: 11:96:bc:5c:f7:2b:3d:e1:62:47:d0:89:b6:7c:ea: b3:d8:87:e1:c4:17:0d:ee:a8:95:a0:de:6d:66:23: 4c:2c:ac:7e:8b:26:00:82:89:ae:a3:f7:51:3c:b3: e7:3f:d8:83:4f:18:28:d3:88:bb:ef:b0:70:10:0c: 1b:8b:15:d4:1a:19:8e:fb:f0:0d:5f:2e:bd:19:9d: fe:05:20:33:c0:f4:a8:9f:b2:74:1f:81:d4:8e:6e: 7a:28:88:01:9b:44:71:9a:4e:c9:54:c9:a7:a5:47: cc:d3:65:35:9d:8f:6b:6e:fb:54:3f:f8:28:cc:99: cf:97:6c:e2:7c:16:b0:45:c0:b2:93:ab:7c:b3:50: d4:09:cd:1f:50:f3:f3:81:5e:ac:08:26:83:31:80: 13:5b:58:ec:1b:87:5e:f6:2d:1c:f1:f9:fe:0b:7f: ac:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:01:E4:3F:66:14:4B:3B:8D:CA:F1:96:F3:32:BD:78:65:CD:11:86 X509v3 Authority Key Identifier: keyid:EC:1D:72:90:BF:D1:BE:12:3F:BE:0B:07:5F:D5:0D:CF:64:6C:4F:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7B1ykL_RvhI_vgsHX9UNz2RsT3Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b525eb-cea4-47fd-8f7d-68e949082f9b/1/fgHkP2YUSzuNyvGW8zK9eGXNEYY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b525eb-cea4-47fd-8f7d-68e949082f9b/1/7B1ykL_RvhI_vgsHX9UNz2RsT3Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.203.56.0/22 IPv6: 2001:67c:6f0::/48 Signature Algorithm: sha256WithRSAEncryption 0f:b9:bd:d0:d9:f7:77:15:27:44:bf:15:ac:32:46:42:29:ca: 44:0c:38:01:47:f2:a3:14:e7:8d:b9:1e:70:32:8e:6c:cd:1f: f5:ee:8f:f1:09:71:84:70:8c:c9:6d:7d:f1:3f:ee:c3:66:b4: 88:e1:6d:9b:f1:93:e1:93:f5:b6:cf:78:ff:74:10:8f:6d:cf: 54:14:1f:2b:5f:f7:8a:5d:18:ca:5f:eb:8d:59:8a:53:e6:91: 75:35:af:89:ca:b7:f1:42:e1:ed:27:ea:69:95:20:bb:36:c3: 62:ed:0a:91:07:31:b6:4c:2c:81:b4:35:45:d9:af:64:df:79: a6:74:24:3a:c1:80:9a:6d:0d:dd:28:1b:9a:fd:16:ec:41:55: 52:20:2d:36:be:23:66:c1:b5:98:d9:a8:fe:7a:c7:5f:d6:d0: a6:a2:a9:9b:8b:da:c9:7f:79:86:93:50:6b:bf:57:df:27:11: 89:a4:65:26:b5:16:d4:de:f7:d8:c1:d0:86:4a:86:cb:41:bb: 4e:0d:a3:e2:fe:66:44:a7:ee:70:26:c5:87:db:a5:ee:de:9c: b5:3b:a8:bd:03:17:d0:c3:7f:16:16:fc:00:33:b0:20:8f:1c: 9d:c7:3c:35:5e:16:19:bb:91:6e:7f:65:40:e6:e1:51:63:82: f5:ba:e9:39 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt8EqmYc1jMN65dt2+FnJr3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVjMWQ3MjkwYmZkMWJlMTIzZmJlMGIwNzVmZDUwZGNmNjQ2 YzRmNzYwHhcNMjYwMTAyMDAxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZTAxZTQzZjY2MTQ0YjNiOGRjYWYxOTZmMzMyYmQ3ODY1Y2QxMTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1ycCGWbQ/DfmNVMIkf2OiozMqxJ XutPqfTYo1YXsschjttMcxvLszzTi6/neP7B5skhvq/gCVaohRQWEVq45wkhjo/4 MC9YB2Kuyc70+69Ro8goJbvxD5MRlrxc9ys94WJH0Im2fOqz2IfhxBcN7qiVoN5t ZiNMLKx+iyYAgomuo/dRPLPnP9iDTxgo04i777BwEAwbixXUGhmO+/ANXy69GZ3+ BSAzwPSon7J0H4HUjm56KIgBm0Rxmk7JVMmnpUfM02U1nY9rbvtUP/gozJnPl2zi fBawRcCyk6t8s1DUCc0fUPPzgV6sCCaDMYATW1jsG4de9i0c8fn+C3+snwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFH4B5D9mFEs7jcrxlvMyvXhlzRGGMB8GA1UdIwQY MBaAFOwdcpC/0b4SP74LB1/VDc9kbE92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN0IxeWtMX1J2aElfdmdzSFg5VU56MlJzVDNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iNTI1ZWItY2VhNC00N2ZkLThmN2Qt NjhlOTQ5MDgyZjliLzEvZmdIa1AyWVVTenVOeXZHVzh6SzllR1hORVlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9iNTI1ZWItY2VhNC00N2ZkLThmN2QtNjhlOTQ5MDgyZjli LzEvN0IxeWtMX1J2aElfdmdzSFg5VU56MlJzVDNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW8s4MA8E AgACMAkDBwAgAQZ8BvAwDQYJKoZIhvcNAQELBQADggEBAA+5vdDZ93cVJ0S/Fawy RkIpykQMOAFH8qMU5425HnAyjmzNH/Xuj/EJcYRwjMltffE/7sNmtIjhbZvxk+GT 9bbPeP90EI9tz1QUHytf94pdGMpf641ZilPmkXU1r4nKt/FC4e0n6mmVILs2w2Lt CpEHMbZMLIG0NUXZr2TfeaZ0JDrBgJptDd0oG5r9FuxBVVIgLTa+I2bBtZjZqP56 x1/W0KaiqZuL2sl/eYaTUGu/V98nEYmkZSa1FtTe99jB0IZKhstBu04No+L+ZkSn 7nAmxYfbpe7enLU7qL0DF9DDfxYW/AAzsCCPHJ3HPDVeFhm7kW5/ZUDm4VFjgvW6 6Tk= -----END CERTIFICATE-----Generated at Tue Feb 10 07:29:11 2026 by rpki-client