This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/FN70esTZXn5X2vP3ZcEnYIks9AM.roa File: FN70esTZXn5X2vP3ZcEnYIks9AM.roa (raw, json) Hash identifier: 1ow9uwWZ1DORgXwnTVw8JvTT23AJVzQa+9quYRVEN6M= Subject key identifier: 14:DE:F4:7A:C4:D9:5E:7E:57:DA:F3:F7:65:C1:27:60:89:2C:F4:03 Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1 Certificate serial: 019B7E3806D5351BD37D158B7EB10A85F812 Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/FN70esTZXn5X2vP3ZcEnYIks9AM.roa Signing time: Fri 02 Jan 2026 10:19:19 +0000 ROA not before: Fri 02 Jan 2026 10:19:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43350 IP address blocks: 83.171.241.0/24 maxlen: 24 83.171.242.0/24 maxlen: 24 83.171.243.0/24 maxlen: 24 84.54.38.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:06:d5:35:1b:d3:7d:15:8b:7e:b1:0a:85:f8:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1 Validity Not Before: Jan 2 10:19:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=14def47ac4d95e7e57daf3f765c12760892cf403 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:94:6d:3b:98:c5:14:8b:95:b2:f1:b5:32:4e: 41:09:a0:8e:ad:36:10:49:ba:34:49:aa:86:d4:49: cd:01:f0:e8:1e:17:57:17:4d:fc:74:04:f8:eb:0c: 85:cb:5d:3f:2f:9a:71:4e:af:3a:36:3d:b6:6f:7d: 00:ae:28:a0:fd:51:27:ec:29:93:02:30:6d:80:89: 12:31:44:fa:7e:e8:03:15:1b:ff:a5:03:b5:04:66: 6c:c7:65:ba:78:80:91:e4:c9:e3:55:38:fc:0e:5e: 3a:41:87:b7:26:cf:f0:d2:19:9c:be:55:52:6f:0e: fe:e6:ff:37:4b:a6:8d:80:06:07:18:66:c8:5f:0a: 3b:87:36:16:d8:5b:6e:92:d0:f3:84:3b:bc:8a:62: e0:87:42:16:3e:eb:a5:3a:80:20:50:1e:32:20:be: e9:07:2b:ce:50:64:45:00:66:b9:87:b3:22:00:51: ea:19:50:62:2f:d7:25:27:90:bd:39:27:42:71:32: 15:29:56:5c:b4:f2:17:4e:5a:f6:eb:01:66:e1:b6: fc:60:e8:57:44:3f:bf:1a:ff:a7:b3:90:dc:85:a4: 47:f1:6b:2d:68:c7:39:4c:84:a5:69:9b:12:86:bc: 91:0c:92:64:ec:02:4e:de:bb:17:d0:31:7f:65:86: bc:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:DE:F4:7A:C4:D9:5E:7E:57:DA:F3:F7:65:C1:27:60:89:2C:F4:03 X509v3 Authority Key Identifier: keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/FN70esTZXn5X2vP3ZcEnYIks9AM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.171.241.0-83.171.243.255 84.54.38.0/24 Signature Algorithm: sha256WithRSAEncryption 13:16:1e:4f:7d:95:6a:b1:61:4b:1b:c8:dd:ad:79:71:56:ab: 15:5d:db:fb:c7:3b:63:95:6a:43:58:98:a2:cb:49:53:ff:e3: fb:92:c4:0a:66:4d:53:2e:83:6e:be:a1:a0:92:7f:c2:5f:c3: 40:04:18:3f:6c:59:ad:29:b6:82:31:3f:04:34:67:85:b0:62: 16:b5:84:1b:78:92:e4:b2:66:4f:97:2b:d8:84:e3:9d:8d:3e: 49:04:95:84:a2:af:db:1e:29:70:94:f4:f6:e6:8f:ef:c7:b2: 18:d5:ab:4d:8f:a4:24:b0:7b:da:9d:b1:d5:a7:dc:65:7d:3d: b8:c5:ef:b3:02:1e:01:d4:52:41:be:92:a8:97:eb:e9:ca:c6: 6a:19:58:33:06:36:73:b8:37:aa:2d:1d:17:2d:97:97:4e:14: d2:d9:f5:5b:94:8f:de:d4:a9:77:7b:cd:83:dc:36:26:d4:9f: 10:b2:e3:0e:4f:31:89:d4:a8:aa:d2:f5:8e:72:2d:02:1c:e0: ac:99:10:fd:fd:bc:64:ed:91:7c:f8:f0:9a:8d:0f:67:df:36: f2:cd:87:b8:b1:2f:dc:a2:83:0e:a5:79:62:68:30:3b:30:ca: da:a9:1d:01:45:e7:0b:24:82:8b:2d:23:11:1f:ae:52:a8:1a: 4b:d8:13:e0 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt+OAbVNRvTfRWLfrEKhfgSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3 NzliYjEwHhcNMjYwMTAyMTAxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNGRlZjQ3YWM0ZDk1ZTdlNTdkYWYzZjc2NWMxMjc2MDg5MmNmNDAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJRtO5jFFIuVsvG1Mk5BCaCOrTYQ Sbo0SaqG1EnNAfDoHhdXF038dAT46wyFy10/L5pxTq86Nj22b30Ariig/VEn7CmT AjBtgIkSMUT6fugDFRv/pQO1BGZsx2W6eICR5MnjVTj8Dl46QYe3Js/w0hmcvlVS bw7+5v83S6aNgAYHGGbIXwo7hzYW2FtuktDzhDu8imLgh0IWPuulOoAgUB4yIL7p ByvOUGRFAGa5h7MiAFHqGVBiL9clJ5C9OSdCcTIVKVZctPIXTlr26wFm4bb8YOhX RD+/Gv+ns5DchaRH8WstaMc5TISlaZsShryRDJJk7AJO3rsX0DF/ZYa84wIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFBTe9HrE2V5+V9rz92XBJ2CJLPQDMB8GA1UdIwQY MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt NmI0MzcyNjAyMDk2LzEvRk43MGVzVFpYbjVYMnZQM1pjRW5ZSWtzOUFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2 LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABTq/ED BAJTq/ADBABUNiYwDQYJKoZIhvcNAQELBQADggEBABMWHk99lWqxYUsbyN2teXFW qxVd2/vHO2OVakNYmKLLSVP/4/uSxApmTVMug26+oaCSf8Jfw0AEGD9sWa0ptoIx PwQ0Z4WwYha1hBt4kuSyZk+XK9iE452NPkkElYSir9seKXCU9Pbmj+/HshjVq02P pCSwe9qdsdWn3GV9PbjF77MCHgHUUkG+kqiX6+nKxmoZWDMGNnO4N6otHRctl5dO FNLZ9VuUj97UqXd7zYPcNibUnxCy4w5PMYnUqKrS9Y5yLQIc4KyZEP39vGTtkXz4 8JqND2ffNvLNh7ixL9yigw6leWJoMDswytqpHQFF5wskgostIxEfrlKoGkvYE+A= -----END CERTIFICATE-----Generated at Sat Jan 3 03:23:12 2026 by rpki-client