This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/cSElFw2-npFTxsWdmh_TS_DX1JM.roa File: cSElFw2-npFTxsWdmh_TS_DX1JM.roa (raw, json) Hash identifier: uQXzfb9jOFxKjYKBJjLHpQzon0I+K9i1XFfrYpIMvJY= Subject key identifier: 71:21:25:17:0D:BE:9E:91:53:C6:C5:9D:9A:1F:D3:4B:F0:D7:D4:93 Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093 Certificate serial: 019B7B35ADD7BC1218E109186CC6E6732484 Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/cSElFw2-npFTxsWdmh_TS_DX1JM.roa Signing time: Thu 01 Jan 2026 20:17:54 +0000 ROA not before: Thu 01 Jan 2026 20:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34343 IP address blocks: 81.171.32.0/20 maxlen: 24 81.171.64.0/20 maxlen: 20 81.171.64.0/23 maxlen: 24 81.171.67.0/24 maxlen: 24 81.171.72.0/24 maxlen: 24 81.171.73.0/24 maxlen: 24 81.171.74.0/24 maxlen: 24 81.171.83.0/24 maxlen: 24 81.171.88.0/21 maxlen: 24 81.171.88.0/22 maxlen: 24 81.171.92.0/23 maxlen: 24 81.171.96.0/24 maxlen: 24 81.171.100.0/22 maxlen: 24 185.90.196.0/22 maxlen: 22 193.108.27.0/24 maxlen: 24 2001:4de0::/32 maxlen: 48 2001:4de0::/46 maxlen: 48 2001:4de0:1::/48 maxlen: 48 2001:4de0:2::/48 maxlen: 48 2001:4de0:3::/48 maxlen: 48 2001:4de0:101::/48 maxlen: 48 2001:4de0:1004::/48 maxlen: 48 2001:4de0:1005::/48 maxlen: 48 2001:4de0:aaa0::/44 maxlen: 48 2001:4de0:aaa2::/48 maxlen: 48 2001:4de0:aaad::/48 maxlen: 48 2001:4de0:aaae::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.mft rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:ad:d7:bc:12:18:e1:09:18:6c:c6:e6:73:24:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093 Validity Not Before: Jan 1 20:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=712125170dbe9e9153c6c59d9a1fd34bf0d7d493 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:a7:e4:d5:7d:c7:3b:4f:87:e2:71:11:7c:20: 00:94:6c:bd:b2:aa:d6:df:94:c5:1c:3e:8e:aa:bc: 7f:7b:34:c3:5f:8a:3e:4e:39:e8:a3:09:d9:bc:0d: f9:fd:7f:eb:21:16:30:f7:2f:6b:0f:34:18:76:ac: 07:a9:b3:14:f4:81:c7:e7:f5:3e:d2:bc:b2:4c:4a: 83:46:d6:63:15:5e:e7:9e:f2:09:76:f7:c3:73:22: 45:85:4f:44:5e:b5:e5:15:ce:9a:c0:e3:7b:70:ed: e7:cb:43:d5:07:c2:82:2f:05:2e:cf:6b:6b:e4:84: 6f:af:bf:07:24:de:b5:9a:b5:a8:3c:34:08:18:84: d9:6f:27:36:ff:08:ef:d9:3e:6b:01:af:ff:be:73: e4:4c:05:28:0d:aa:18:cf:d7:b1:06:9c:52:cb:ac: f7:7f:36:5d:cb:c4:b2:cd:9b:72:e8:f4:b0:8f:dd: f2:1f:6f:93:34:c6:99:73:0a:be:72:4b:cc:b4:b7: fc:9e:8b:bc:43:03:f9:38:cd:20:ee:be:1f:76:24: 28:3f:5f:8a:71:55:13:41:41:f5:2b:81:93:75:2b: 71:16:9a:21:c9:c0:9d:65:3b:fe:76:be:86:34:71: dc:e0:a0:29:31:00:95:37:33:f8:9b:a3:4b:f9:91: 84:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:21:25:17:0D:BE:9E:91:53:C6:C5:9D:9A:1F:D3:4B:F0:D7:D4:93 X509v3 Authority Key Identifier: keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/cSElFw2-npFTxsWdmh_TS_DX1JM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.171.32.0/20 81.171.64.0/20 81.171.83.0/24 81.171.88.0-81.171.96.255 81.171.100.0/22 185.90.196.0/22 193.108.27.0/24 IPv6: 2001:4de0::/32 Signature Algorithm: sha256WithRSAEncryption 45:41:18:0c:8c:13:47:55:46:bc:7a:3f:09:fb:f3:3e:44:bf: c9:f7:7a:b1:c9:c6:c6:3e:d7:a3:45:cd:bc:0d:05:f9:71:b8: 06:67:7e:6a:fd:53:dd:99:aa:14:33:80:ac:03:42:36:76:20: 21:33:a5:5c:84:b4:6b:9a:53:d5:da:a8:d2:02:af:90:af:d6: e8:06:a3:10:85:50:b9:b9:cb:9d:71:fc:e9:60:9d:ab:5d:ee: 7f:12:03:8d:b4:05:29:2f:18:c6:98:74:98:55:1d:3e:26:42: f4:a5:75:a9:73:92:7b:c3:95:e6:0b:bd:91:97:bd:ac:98:a8: 77:94:c7:26:ab:dd:89:f7:14:7b:62:1a:57:79:f2:17:ab:98: 55:47:ed:b0:07:c8:de:6a:a7:29:27:ba:5d:f6:cb:0b:de:d8: b9:1e:7d:83:f7:e5:ee:8d:93:50:84:4d:6c:34:d8:bc:42:2f: 60:8b:ae:66:15:ab:82:f1:ce:bb:49:89:f2:ce:0b:d1:3a:4a: 70:33:88:c3:bd:b7:80:92:94:f5:d5:5f:42:fe:20:c1:12:af: 05:8e:6d:e8:18:1c:fa:77:97:f4:8d:4b:e6:01:98:08:8f:ea: 1c:98:92:d5:c6:1d:fe:b4:fd:d6:c9:6e:d4:fc:cf:4e:e6:0e: 73:1c:7f:d1 -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgISAZt7Na3XvBIY4QkYbMbmcySEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5 ZTcwOTMwHhcNMjYwMTAxMjAxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MTIxMjUxNzBkYmU5ZTkxNTNjNmM1OWQ5YTFmZDM0YmYwZDdkNDkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqfk1X3HO0+H4nERfCAAlGy9sqrW 35TFHD6Oqrx/ezTDX4o+TjnoownZvA35/X/rIRYw9y9rDzQYdqwHqbMU9IHH5/U+ 0ryyTEqDRtZjFV7nnvIJdvfDcyJFhU9EXrXlFc6awON7cO3ny0PVB8KCLwUuz2tr 5IRvr78HJN61mrWoPDQIGITZbyc2/wjv2T5rAa//vnPkTAUoDaoYz9exBpxSy6z3 fzZdy8SyzZty6PSwj93yH2+TNMaZcwq+ckvMtLf8nou8QwP5OM0g7r4fdiQoP1+K cVUTQUH1K4GTdStxFpohycCdZTv+dr6GNHHc4KApMQCVNzP4m6NL+ZGEXQIDAQAB o4ICRDCCAkAwHQYDVR0OBBYEFHEhJRcNvp6RU8bFnZof00vw19STMB8GA1UdIwQY MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt ZTFlZDlkZDJhMDJhLzEvY1NFbEZ3Mi1ucEZUeHNXZG1oX1RTX0RYMUpNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQEUasgAwQE UatAAwQAUatTMAwDBANRq1gDBABRq2ADBAJRq2QDBAK5WsQDBADBbBswDQQCAAIw BwMFACABTeAwDQYJKoZIhvcNAQELBQADggEBAEVBGAyME0dVRrx6Pwn78z5Ev8n3 erHJxsY+16NFzbwNBflxuAZnfmr9U92ZqhQzgKwDQjZ2ICEzpVyEtGuaU9XaqNIC r5Cv1ugGoxCFULm5y51x/Olgnatd7n8SA420BSkvGMaYdJhVHT4mQvSldalzknvD leYLvZGXvayYqHeUxyar3Yn3FHtiGld58hermFVH7bAHyN5qpyknul32ywve2Lke fYP35e6Nk1CETWw02LxCL2CLrmYVq4LxzrtJifLOC9E6SnAziMO9t4CSlPXVX0L+ IMESrwWObegYHPp3l/SNS+YBmAiP6hyYktXGHf60/dbJbtT8z07mDnMcf9E= -----END CERTIFICATE-----Generated at Mon Jan 12 02:17:13 2026 by rpki-client