This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/P89VxKlNGfRRMcSuDRi9zH0r-u4.roa File: P89VxKlNGfRRMcSuDRi9zH0r-u4.roa (raw, json) Hash identifier: m3Eb7tBEhi4jXpT2iac2bbRuZRo0+dNZTqs68H5Q/F8= Subject key identifier: 3F:CF:55:C4:A9:4D:19:F4:51:31:C4:AE:0D:18:BD:CC:7D:2B:FA:EE Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Certificate serial: 019B76EB7EE4149B15BE067193C90238481B Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/P89VxKlNGfRRMcSuDRi9zH0r-u4.roa Signing time: Thu 01 Jan 2026 00:18:23 +0000 ROA not before: Thu 01 Jan 2026 00:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15395 IP address blocks: 193.138.122.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 06:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:7e:e4:14:9b:15:be:06:71:93:c9:02:38:48:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Validity Not Before: Jan 1 00:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3fcf55c4a94d19f45131c4ae0d18bdcc7d2bfaee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:f2:b8:53:d2:72:8e:ed:45:b2:e7:d1:05:74: d7:d9:51:95:e9:87:ae:b6:27:ea:d5:83:87:bd:8b: 4f:c1:62:6a:43:15:81:73:95:7b:9b:4b:92:83:1a: 66:ee:1b:cd:e9:e2:bc:28:1f:43:e2:13:17:9a:82: 27:76:ec:21:18:ac:5b:09:2f:c9:a6:94:92:b2:9b: 4f:df:09:41:69:9c:1d:4d:94:4c:be:b9:72:36:5f: 53:1e:29:75:38:af:7f:c3:02:7b:74:aa:b0:10:f4: 5d:65:d7:13:9c:65:30:b4:ca:9b:52:87:8a:a0:95: 37:3b:27:2a:bb:ea:7c:b7:7c:82:e5:31:93:d8:eb: b1:6d:ee:1b:1b:44:ad:31:d9:3b:d9:c2:e9:a7:c7: 49:b2:e3:d0:87:f0:bc:4b:bd:f1:19:c9:43:6a:ff: ee:ec:56:0d:41:3f:84:51:1f:74:87:af:2f:6e:cf: e8:71:db:82:60:0d:d3:4b:2f:b2:28:4d:55:ba:88: c3:13:b2:4d:ac:33:a0:94:1c:8b:8c:bd:60:92:26: 9f:2f:c2:61:8f:07:8a:31:b3:a8:fd:e6:ef:9d:35: ad:d8:db:9c:eb:07:99:d9:fe:d0:4a:c0:72:9e:53: 1a:ef:09:14:d1:63:a5:4a:59:a5:ac:4b:e4:71:84: e5:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:CF:55:C4:A9:4D:19:F4:51:31:C4:AE:0D:18:BD:CC:7D:2B:FA:EE X509v3 Authority Key Identifier: keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/P89VxKlNGfRRMcSuDRi9zH0r-u4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.138.122.0/24 Signature Algorithm: sha256WithRSAEncryption b7:aa:8a:72:e8:0a:55:69:8c:b2:52:a3:bd:84:1a:d3:c3:3f: b7:7c:9d:62:18:fb:ad:86:aa:73:f7:11:b1:a5:2e:79:4b:4a: b2:25:e5:23:d6:43:44:60:b1:69:6d:46:b8:13:55:20:e5:ad: 83:17:ae:68:88:c8:1f:c3:15:c4:13:a0:13:d0:66:04:0d:86: 5a:ea:5f:b8:c9:d2:ae:0e:df:cc:35:11:1e:28:fb:1c:6f:f5: 1a:6e:37:85:88:41:3a:6c:79:b1:f3:d5:49:4e:62:35:a4:19: 22:7a:5c:e8:0a:da:8a:84:fb:69:90:c3:d3:2f:cd:82:da:7f: 21:2a:8f:5d:53:d4:41:09:fd:d8:aa:7a:25:8d:a6:98:ca:cb: 57:5d:4b:fa:4c:9e:ba:a2:4b:39:7a:d8:3f:8b:00:84:f2:1b: 63:97:0b:07:b4:a3:5e:a2:f8:44:d3:e9:4d:6f:dd:e1:ae:32: 81:74:d1:99:f4:9f:21:cd:35:f0:5c:1e:1e:e9:92:4c:db:71: 6c:cc:da:ad:0c:3d:11:92:6e:41:c2:8f:71:57:ff:10:fc:6f: b0:af:8e:4b:5d:1f:f3:de:05:ae:84:f7:e0:92:7c:84:3e:45: cb:15:95:48:f8:62:93:2f:00:39:59:6f:c5:e9:cb:93:54:fc: 90:42:c7:bd -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt2637kFJsVvgZxk8kCOEgbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3 YjQ1ODkwHhcNMjYwMTAxMDAxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZmNmNTVjNGE5NGQxOWY0NTEzMWM0YWUwZDE4YmRjYzdkMmJmYWVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfK4U9Jyju1FsufRBXTX2VGV6Yeu tifq1YOHvYtPwWJqQxWBc5V7m0uSgxpm7hvN6eK8KB9D4hMXmoInduwhGKxbCS/J ppSSsptP3wlBaZwdTZRMvrlyNl9THil1OK9/wwJ7dKqwEPRdZdcTnGUwtMqbUoeK oJU3Oycqu+p8t3yC5TGT2Ouxbe4bG0StMdk72cLpp8dJsuPQh/C8S73xGclDav/u 7FYNQT+EUR90h68vbs/ocduCYA3TSy+yKE1VuojDE7JNrDOglByLjL1gkiafL8Jh jweKMbOo/ebvnTWt2Nuc6weZ2f7QSsBynlMa7wkU0WOlSlmlrEvkcYTlbQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFD/PVcSpTRn0UTHErg0Yvcx9K/ruMB8GA1UdIwQY MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt MmVjZTA0ZTE4NWMyLzEvUDg5VnhLbE5HZlJSTWNTdURSaTl6SDByLXU0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYp6MA0G CSqGSIb3DQEBCwUAA4IBAQC3qopy6ApVaYyyUqO9hBrTwz+3fJ1iGPuthqpz9xGx pS55S0qyJeUj1kNEYLFpbUa4E1Ug5a2DF65oiMgfwxXEE6AT0GYEDYZa6l+4ydKu Dt/MNREeKPscb/UabjeFiEE6bHmx89VJTmI1pBkielzoCtqKhPtpkMPTL82C2n8h Ko9dU9RBCf3YqnoljaaYystXXUv6TJ66oks5etg/iwCE8htjlwsHtKNeovhE0+lN b93hrjKBdNGZ9J8hzTXwXB4e6ZJM23FszNqtDD0Rkm5Bwo9xV/8Q/G+wr45LXR/z 3gWuhPfgknyEPkXLFZVI+GKTLwA5WW/F6cuTVPyQQse9 -----END CERTIFICATE-----Generated at Wed Jan 21 11:08:29 2026 by rpki-client