This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/1-xQpxgbsAccfNR_RPwpELLBga3Q.roa File: 1-xQpxgbsAccfNR_RPwpELLBga3Q.roa (raw, json) Hash identifier: O9JFLbnCzJwjSJV7ChA49hvf5EARsdHIdJti0Ql7a20= Subject key identifier: FB:14:29:C6:06:EC:01:C7:1F:35:1F:D1:3F:0A:44:2C:B0:60:6B:74 Certificate issuer: /CN=d7c60a54e03c9f815cc33afd45d3c4db9af76f16 Certificate serial: 019B7DC9D9ACC4E355BB1FE96E0D18ACBA1C Authority key identifier: D7:C6:0A:54:E0:3C:9F:81:5C:C3:3A:FD:45:D3:C4:DB:9A:F7:6F:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/1-xQpxgbsAccfNR_RPwpELLBga3Q.roa Signing time: Fri 02 Jan 2026 08:18:59 +0000 ROA not before: Fri 02 Jan 2026 08:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6453 IP address blocks: 185.33.114.0/24 maxlen: 24 202.162.49.0/24 maxlen: 24 202.162.52.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.mft rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:d9:ac:c4:e3:55:bb:1f:e9:6e:0d:18:ac:ba:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d7c60a54e03c9f815cc33afd45d3c4db9af76f16 Validity Not Before: Jan 2 08:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fb1429c606ec01c71f351fd13f0a442cb0606b74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:ed:43:ee:52:99:95:62:25:40:f0:65:a6:5f: c2:39:ca:c0:49:c8:9a:df:53:85:46:8e:6c:16:f1: 28:84:4c:14:d2:4c:ef:4d:80:d6:7f:df:35:a6:19: 18:40:ea:83:71:84:da:46:52:21:c6:fa:24:a5:95: 24:8a:d2:20:21:d2:2b:f1:ec:a8:b5:0c:c7:26:87: 7e:28:69:57:93:f8:34:a9:a4:74:05:18:69:36:f0: 64:b7:23:8d:24:33:96:f9:81:0f:1a:95:62:86:a8: f5:79:ab:23:79:98:f2:67:69:dc:ae:1d:3a:16:d9: f2:cc:a4:d2:96:9b:a5:a3:b4:8a:5d:0d:57:59:3c: 41:be:f7:22:96:4c:ef:1e:06:f1:6d:71:0d:66:5c: b0:38:71:74:dd:ca:50:b1:c4:b6:5b:59:eb:3b:e7: aa:13:68:77:96:8b:35:8d:46:db:ff:e4:2b:03:ed: 54:6c:de:73:c1:48:9d:62:b7:5f:dc:4b:c5:36:1f: d4:c8:9c:44:c4:a1:0d:80:7d:70:75:55:0c:1e:e5: 91:0a:c7:52:36:91:37:78:90:0e:48:9c:36:c5:9b: 2f:bf:d0:9c:77:4f:a9:31:56:f9:ac:18:55:03:87: c0:2b:28:20:0d:af:09:be:52:68:94:c8:df:d1:67: 8d:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:14:29:C6:06:EC:01:C7:1F:35:1F:D1:3F:0A:44:2C:B0:60:6B:74 X509v3 Authority Key Identifier: keyid:D7:C6:0A:54:E0:3C:9F:81:5C:C3:3A:FD:45:D3:C4:DB:9A:F7:6F:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/1-xQpxgbsAccfNR_RPwpELLBga3Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.33.114.0/24 202.162.49.0/24 202.162.52.0/24 Signature Algorithm: sha256WithRSAEncryption 63:c5:1b:f4:43:7c:9f:75:e1:48:99:2e:b2:9d:4e:e2:ef:35: 01:f9:ff:93:ef:f7:2d:1e:4d:a7:d6:4a:c1:f2:4d:5a:c5:63: a5:6e:c0:30:54:b1:5e:cf:74:15:3e:68:c6:b9:53:f5:56:55: 14:9f:08:30:a6:ba:2f:38:a3:af:5e:94:07:e6:58:42:11:be: f9:b4:0a:ab:b9:03:c8:2b:ce:3d:ec:7b:27:16:bd:26:ca:22: 56:aa:39:fc:e9:76:f9:d1:b2:74:89:7b:9e:e2:44:cb:ed:cb: 1a:e3:a7:38:30:d2:3c:db:ff:db:3e:ce:5e:f1:7a:45:53:cc: 33:96:5c:ac:f5:a7:41:09:68:e1:c9:e1:51:1a:87:26:42:f1: 8a:7d:13:26:20:9e:74:96:cc:44:d1:fc:26:13:a0:c5:92:40: 7c:32:bf:c3:13:10:8a:3e:ed:63:92:db:24:29:b9:d5:36:f6: 02:4e:e1:c9:69:a0:7a:db:9f:23:30:f7:44:1f:54:0b:1e:05: ad:35:08:0a:79:24:c8:25:10:36:34:97:b4:38:63:34:19:68: 24:28:dc:02:e0:3f:35:2b:97:90:19:27:8d:1d:bf:60:07:ae: 19:7d:37:b1:c2:44:53:24:56:c5:77:c9:50:fc:32:c2:14:ab: a9:8f:a8:52 -----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgISAZt9ydmsxONVux/pbg0YrLocMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3YzYwYTU0ZTAzYzlmODE1Y2MzM2FmZDQ1ZDNjNGRiOWFm NzZmMTYwHhcNMjYwMTAyMDgxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYjE0MjljNjA2ZWMwMWM3MWYzNTFmZDEzZjBhNDQyY2IwNjA2Yjc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+1D7lKZlWIlQPBlpl/COcrAScia 31OFRo5sFvEohEwU0kzvTYDWf981phkYQOqDcYTaRlIhxvokpZUkitIgIdIr8eyo tQzHJod+KGlXk/g0qaR0BRhpNvBktyONJDOW+YEPGpVihqj1easjeZjyZ2ncrh06 FtnyzKTSlpulo7SKXQ1XWTxBvvcilkzvHgbxbXENZlywOHF03cpQscS2W1nrO+eq E2h3los1jUbb/+QrA+1UbN5zwUidYrdf3EvFNh/UyJxExKENgH1wdVUMHuWRCsdS NpE3eJAOSJw2xZsvv9Ccd0+pMVb5rBhVA4fAKyggDa8JvlJolMjf0WeN9QIDAQAB o4ICFjCCAhIwHQYDVR0OBBYEFPsUKcYG7AHHHzUf0T8KRCywYGt0MB8GA1UdIwQY MBaAFNfGClTgPJ+BXMM6/UXTxNua928WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMThZS1ZPQThuNEZjd3pyOVJkUEUyNXIzYnhZLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84OTA5MGMtNTNiMS00MWJlLWEzMzgt MzgzMWYzZWQxY2E4LzEvMS14UXB4Z2JzQWNjZk5SX1JQd3BFTExCZ2EzUS5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvYjAvODkwOTBjLTUzYjEtNDFiZS1hMzM4LTM4MzFmM2VkMWNh OC8xLzE4WUtWT0E4bjRGY3d6cjlSZFBFMjVyM2J4WS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALkhcgME AMqiMQMEAMqiNDANBgkqhkiG9w0BAQsFAAOCAQEAY8Ub9EN8n3XhSJkusp1O4u81 Afn/k+/3LR5Np9ZKwfJNWsVjpW7AMFSxXs90FT5oxrlT9VZVFJ8IMKa6Lzijr16U B+ZYQhG++bQKq7kDyCvOPex7Jxa9JsoiVqo5/Ol2+dGydIl7nuJEy+3LGuOnODDS PNv/2z7OXvF6RVPMM5ZcrPWnQQlo4cnhURqHJkLxin0TJiCedJbMRNH8JhOgxZJA fDK/wxMQij7tY5LbJCm51Tb2Ak7hyWmgetufIzD3RB9UCx4FrTUICnkkyCUQNjSX tDhjNBloJCjcAuA/NSuXkBknjR2/YAeuGX03scJEUyRWxXfJUPwywhSrqY+oUg== -----END CERTIFICATE-----Generated at Wed Jan 21 13:17:00 2026 by rpki-client