This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1-gX6qbETIIttBQf3NGjlhSo5a40.roa File: 1-gX6qbETIIttBQf3NGjlhSo5a40.roa (raw, json) Hash identifier: UW2uFSR1KC4UlPwX8F178+KvKc01uMjxgEJ5QQoAtmc= Subject key identifier: FA:05:FA:A9:B1:13:20:8B:6D:05:07:F7:34:68:E5:85:2A:39:6B:8D Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Certificate serial: 019B76EB7C3FA6054AC063E311F6A3482BA5 Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1-gX6qbETIIttBQf3NGjlhSo5a40.roa Signing time: Thu 01 Jan 2026 00:18:22 +0000 ROA not before: Thu 01 Jan 2026 00:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6453 IP address blocks: 89.39.6.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 06:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:7c:3f:a6:05:4a:c0:63:e3:11:f6:a3:48:2b:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Validity Not Before: Jan 1 00:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fa05faa9b113208b6d0507f73468e5852a396b8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:e1:a3:d8:28:f2:a3:ea:09:9d:bc:5c:c4:f3: 79:62:31:ce:6b:9c:3a:60:72:09:80:e2:2d:a7:2d: 1d:09:06:58:9a:51:6e:73:84:51:78:a5:d2:3b:76: 07:2f:5c:81:ac:2d:2b:04:cc:92:b4:e2:dd:c6:e5: 08:f3:21:6f:f1:cd:eb:1c:84:8c:31:a6:d1:56:cb: 2e:28:16:0f:a2:2f:7b:a4:46:49:a1:7c:80:f0:10: f2:e4:10:97:52:f1:22:15:d1:b9:b0:07:9a:28:0d: 32:d6:ce:9f:fb:3d:a4:3c:8d:e7:35:eb:41:8f:8d: 3d:58:ac:6c:f9:f1:e8:7e:e7:68:ae:8c:fa:4f:1f: 31:13:06:57:a4:a5:65:c2:22:fd:f7:89:f4:40:a3: 63:8f:9b:56:20:0c:9c:61:8c:2f:f2:1c:e1:38:af: 70:48:fc:39:76:b2:5a:98:61:fa:49:3e:8d:17:3b: e2:97:5e:2f:1e:4a:6c:0b:bd:8c:83:09:e4:f3:f8: bc:0f:20:42:11:a4:96:93:89:79:e6:dc:1c:a0:3c: d8:ce:16:7b:fd:44:b6:19:00:74:1e:df:bd:d4:61: 33:e4:53:be:1b:c4:83:90:b9:0e:ae:41:32:1a:09: 7f:c6:3c:60:d6:39:d4:fe:01:e4:2b:c4:d2:8c:e2: b8:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:05:FA:A9:B1:13:20:8B:6D:05:07:F7:34:68:E5:85:2A:39:6B:8D X509v3 Authority Key Identifier: keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1-gX6qbETIIttBQf3NGjlhSo5a40.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.39.6.0/24 Signature Algorithm: sha256WithRSAEncryption de:a0:36:ae:37:ef:3a:77:61:b4:1c:d0:25:5f:a9:f5:c0:ef: 90:f6:94:42:58:73:d9:4d:e0:6f:ff:68:4e:f2:c3:d7:85:95: ca:01:c0:85:6c:ac:53:93:5c:49:ad:cf:7e:36:98:77:6b:7f: ab:8a:4b:d8:31:b2:66:23:b1:dd:a6:05:6f:c2:43:4d:fa:be: 2a:a9:a0:ef:49:6b:02:a7:ac:19:3d:23:1c:2c:90:84:f0:71: b9:50:25:46:bb:70:39:ee:0b:74:74:0d:59:f5:79:ce:27:e4: 3d:9f:56:55:98:33:89:fb:c0:ee:05:e3:37:a6:cc:7f:36:59: a6:7e:66:52:93:ec:0b:37:0a:12:82:d8:58:3d:e4:11:df:8e: 06:75:c9:17:92:5d:6b:12:57:a6:ff:8e:2d:a8:01:c1:9a:28: 7a:2c:ba:36:d3:e0:d2:e7:6c:27:d0:e8:0a:cc:0d:d0:26:63: f1:74:b4:48:00:04:a3:b7:97:39:15:d4:ca:eb:41:c3:42:a4: 2c:c6:e5:9c:3a:0b:60:73:a5:bc:2b:f2:40:c0:b0:b5:87:22: 7e:5e:76:d8:8f:98:ae:cf:d8:70:9e:41:a1:3f:e8:77:88:75: 91:d9:1d:2c:c5:ab:fa:ae:21:26:66:26:ec:87:c6:9f:5b:61: 29:c6:5c:91 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt263w/pgVKwGPjEfajSCulMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3 YjQ1ODkwHhcNMjYwMTAxMDAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYTA1ZmFhOWIxMTMyMDhiNmQwNTA3ZjczNDY4ZTU4NTJhMzk2YjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8uGj2Cjyo+oJnbxcxPN5YjHOa5w6 YHIJgOItpy0dCQZYmlFuc4RReKXSO3YHL1yBrC0rBMyStOLdxuUI8yFv8c3rHISM MabRVssuKBYPoi97pEZJoXyA8BDy5BCXUvEiFdG5sAeaKA0y1s6f+z2kPI3nNetB j409WKxs+fHofudoroz6Tx8xEwZXpKVlwiL994n0QKNjj5tWIAycYYwv8hzhOK9w SPw5drJamGH6ST6NFzvil14vHkpsC72Mgwnk8/i8DyBCEaSWk4l55twcoDzYzhZ7 /US2GQB0Ht+91GEz5FO+G8SDkLkOrkEyGgl/xjxg1jnU/gHkK8TSjOK4bQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFPoF+qmxEyCLbQUH9zRo5YUqOWuNMB8GA1UdIwQY MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt MmVjZTA0ZTE4NWMyLzEvMS1nWDZxYkVUSUl0dEJRZjNOR2psaFNvNWE0MC5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvYWEvZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVj Mi8xLzNPOVkxTS1qVlVQNFNJb25WdWFTVG1SN1JZay5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFknBjAN BgkqhkiG9w0BAQsFAAOCAQEA3qA2rjfvOndhtBzQJV+p9cDvkPaUQlhz2U3gb/9o TvLD14WVygHAhWysU5NcSa3PfjaYd2t/q4pL2DGyZiOx3aYFb8JDTfq+Kqmg70lr AqesGT0jHCyQhPBxuVAlRrtwOe4LdHQNWfV5zifkPZ9WVZgzifvA7gXjN6bMfzZZ pn5mUpPsCzcKEoLYWD3kEd+OBnXJF5JdaxJXpv+OLagBwZooeiy6NtPg0udsJ9Do CswN0CZj8XS0SAAEo7eXORXUyutBw0KkLMblnDoLYHOlvCvyQMCwtYcifl522I+Y rs/YcJ5BoT/od4h1kdkdLMWr+q4hJmYm7IfGn1thKcZckQ== -----END CERTIFICATE-----Generated at Wed Jan 21 11:08:30 2026 by rpki-client