This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/0e20Vnm0C5gqevgZraEdYYQvC2k.roa File: 0e20Vnm0C5gqevgZraEdYYQvC2k.roa (raw, json) Hash identifier: 6onisxkqwNjHYYcPnOhg1nsEQp++MNFfPSzmz8SXV28= Subject key identifier: D1:ED:B4:56:79:B4:0B:98:2A:7A:F8:19:AD:A1:1D:61:84:2F:0B:69 Certificate issuer: /CN=35b03ec85d08607a6b1ddf1fe79dc651ccfe3f37 Certificate serial: 019B76EAAC694AFADC6891716BDAFF5A097F Authority key identifier: 35:B0:3E:C8:5D:08:60:7A:6B:1D:DF:1F:E7:9D:C6:51:CC:FE:3F:37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NbA-yF0IYHprHd8f553GUcz-Pzc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/0e20Vnm0C5gqevgZraEdYYQvC2k.roa Signing time: Thu 01 Jan 2026 00:17:29 +0000 ROA not before: Thu 01 Jan 2026 00:17:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44134 IP address blocks: 79.142.224.0/20 maxlen: 20 217.71.0.0/20 maxlen: 20 2a02:2190::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/NbA-yF0IYHprHd8f553GUcz-Pzc.crl rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/NbA-yF0IYHprHd8f553GUcz-Pzc.mft rsync://rpki.ripe.net/repository/DEFAULT/NbA-yF0IYHprHd8f553GUcz-Pzc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:ac:69:4a:fa:dc:68:91:71:6b:da:ff:5a:09:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35b03ec85d08607a6b1ddf1fe79dc651ccfe3f37 Validity Not Before: Jan 1 00:17:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d1edb45679b40b982a7af819ada11d61842f0b69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:83:95:9b:30:05:43:dc:1a:84:28:e0:1e:c7: 2e:7d:2e:b3:9e:b3:d1:5a:fa:32:f2:98:44:bb:63: 91:42:0c:12:df:cd:d2:fa:14:bc:f0:02:e9:ca:1f: 58:9e:3a:de:0f:da:60:1a:17:63:43:b9:c7:74:d7: 71:a5:a1:48:69:29:fb:fe:5c:fa:cf:51:57:e4:db: d4:e6:1c:a6:11:6d:0b:05:ce:fb:0d:0e:cb:96:33: b4:dc:7d:da:72:0a:dd:eb:e3:f3:6c:24:06:21:f5: ba:41:e0:73:a8:f5:34:ad:04:b5:66:3b:58:3e:9f: ba:35:dd:27:5c:ec:24:8b:fa:40:0f:fa:2a:40:46: 6d:63:33:7f:56:99:85:a1:6a:5c:67:b4:6c:01:5d: 48:d1:fe:0e:53:6f:0c:db:e0:c8:7f:9d:b3:17:c5: 51:52:cc:49:be:be:9e:8c:b8:4e:d1:7d:d2:34:91: 6d:ad:7f:55:c3:c9:5b:d7:5a:11:c2:f5:b2:4d:6e: fb:74:fa:8e:13:18:9f:3a:c9:54:84:bb:d2:00:b7: 2e:43:28:e2:1b:f7:03:cf:62:27:31:22:05:73:5a: 46:3b:f1:b8:de:5d:20:fc:75:9f:83:f6:1a:47:f1: 3d:7c:5c:3e:37:61:02:25:ea:4a:cf:ac:34:a1:51: be:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:ED:B4:56:79:B4:0B:98:2A:7A:F8:19:AD:A1:1D:61:84:2F:0B:69 X509v3 Authority Key Identifier: keyid:35:B0:3E:C8:5D:08:60:7A:6B:1D:DF:1F:E7:9D:C6:51:CC:FE:3F:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NbA-yF0IYHprHd8f553GUcz-Pzc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/0e20Vnm0C5gqevgZraEdYYQvC2k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/NbA-yF0IYHprHd8f553GUcz-Pzc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.142.224.0/20 217.71.0.0/20 IPv6: 2a02:2190::/29 Signature Algorithm: sha256WithRSAEncryption 6a:7a:1d:e0:ad:90:5b:09:84:43:cb:20:a8:2a:da:9e:4a:0a: e1:b2:56:d0:71:0b:0b:5d:0d:bc:77:26:4d:e7:ce:d4:43:92: d1:1b:7c:da:95:c2:27:64:d4:00:03:f9:8e:38:59:b6:8c:0e: 6e:d3:2c:e3:79:2a:55:db:08:2d:95:4e:9a:3c:dc:cc:92:78: 98:da:59:59:96:86:fa:6a:5b:aa:fb:ea:b0:74:62:34:0a:2c: 7e:b0:92:aa:1d:38:c6:ce:b3:84:39:19:dc:1b:43:19:71:db: 35:86:7b:dd:78:0d:40:6f:bf:f9:68:ff:46:5e:c2:a5:9a:b0: 0a:75:f3:2a:fe:e7:fb:e1:69:17:50:0a:e9:f3:14:d5:23:a0: a5:c5:60:5d:3e:d9:70:ae:78:79:60:d4:70:d4:c8:c2:fc:0f: ee:8e:30:b9:78:9f:e9:c9:a0:e0:58:cd:61:21:ee:37:39:b6: 5f:23:f0:20:45:b8:80:91:28:b9:50:8e:aa:cf:55:be:c9:dc: c5:6c:90:10:70:bf:38:a6:e6:c9:d5:e7:3a:4e:8b:16:af:0e: a3:cb:e7:8e:09:e3:cd:a0:c6:75:7f:40:c2:22:49:11:a1:bd: 20:6a:4d:80:85:0c:21:66:2f:8b:8f:21:60:47:bf:e8:cc:62: b0:0f:a2:e2 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt26qxpSvrcaJFxa9r/Wgl/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1YjAzZWM4NWQwODYwN2E2YjFkZGYxZmU3OWRjNjUxY2Nm ZTNmMzcwHhcNMjYwMTAxMDAxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMWVkYjQ1Njc5YjQwYjk4MmE3YWY4MTlhZGExMWQ2MTg0MmYwYjY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoOVmzAFQ9wahCjgHscufS6znrPR Wvoy8phEu2ORQgwS383S+hS88ALpyh9YnjreD9pgGhdjQ7nHdNdxpaFIaSn7/lz6 z1FX5NvU5hymEW0LBc77DQ7LljO03H3acgrd6+PzbCQGIfW6QeBzqPU0rQS1ZjtY Pp+6Nd0nXOwki/pAD/oqQEZtYzN/VpmFoWpcZ7RsAV1I0f4OU28M2+DIf52zF8VR UsxJvr6ejLhO0X3SNJFtrX9Vw8lb11oRwvWyTW77dPqOExifOslUhLvSALcuQyji G/cDz2InMSIFc1pGO/G43l0g/HWfg/YaR/E9fFw+N2ECJepKz6w0oVG+HwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNHttFZ5tAuYKnr4Ga2hHWGELwtpMB8GA1UdIwQY MBaAFDWwPshdCGB6ax3fH+edxlHM/j83MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmJBLXlGMElZSHBySGQ4ZjU1M0dVY3otUHpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jYzRmZTktZTQ4Yy00MmRhLTk3ZWEt YWI1N2NhYmMxOGY3LzEvMGUyMFZubTBDNWdxZXZnWnJhRWRZWVF2QzJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS9jYzRmZTktZTQ4Yy00MmRhLTk3ZWEtYWI1N2NhYmMxOGY3 LzEvTmJBLXlGMElZSHBySGQ4ZjU1M0dVY3otUHpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQET47gAwQE 2UcAMA0EAgACMAcDBQMqAiGQMA0GCSqGSIb3DQEBCwUAA4IBAQBqeh3grZBbCYRD yyCoKtqeSgrhslbQcQsLXQ28dyZN587UQ5LRG3zalcInZNQAA/mOOFm2jA5u0yzj eSpV2wgtlU6aPNzMkniY2llZlob6aluq++qwdGI0Cix+sJKqHTjGzrOEORncG0MZ cds1hnvdeA1Ab7/5aP9GXsKlmrAKdfMq/uf74WkXUArp8xTVI6ClxWBdPtlwrnh5 YNRw1MjC/A/ujjC5eJ/pyaDgWM1hIe43ObZfI/AgRbiAkSi5UI6qz1W+ydzFbJAQ cL84pubJ1ec6TosWrw6jy+eOCePNoMZ1f0DCIkkRob0gak2AhQwhZi+LjyFgR7/o zGKwD6Li -----END CERTIFICATE-----Generated at Tue Feb 10 04:48:58 2026 by rpki-client