This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/FitNVwmkb-__h9PO6L10GhPup_E.roa File: FitNVwmkb-__h9PO6L10GhPup_E.roa (raw, json) Hash identifier: ddZD9lDpQD4dBKWa3tVdSEZbNMB8R3IK9ZzbEU7iNSg= Subject key identifier: 16:2B:4D:57:09:A4:6F:EF:FF:87:D3:CE:E8:BD:74:1A:13:EE:A7:F1 Certificate issuer: /CN=39911375fcc4859612190ebecc7ae371a01a6a6d Certificate serial: 019B790FF65AEA768A32DC245CA3C5D8D8B5 Authority key identifier: 39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/FitNVwmkb-__h9PO6L10GhPup_E.roa Signing time: Thu 01 Jan 2026 10:17:27 +0000 ROA not before: Thu 01 Jan 2026 10:17:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210111 IP address blocks: 185.88.72.0/22 maxlen: 22 2a0d:b0c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.mft rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:0f:f6:5a:ea:76:8a:32:dc:24:5c:a3:c5:d8:d8:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39911375fcc4859612190ebecc7ae371a01a6a6d Validity Not Before: Jan 1 10:17:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=162b4d5709a46fefff87d3cee8bd741a13eea7f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:6d:25:44:ee:b4:c3:e2:7e:e6:1c:0c:a3:ef: c7:65:84:51:f4:81:b1:00:a0:36:d0:d7:be:bb:d4: 6e:80:ad:11:02:36:0c:b2:5b:66:f6:d3:b0:9e:fe: ca:73:ae:64:21:ad:ae:22:e5:3b:2f:c5:c7:ef:ff: 53:a5:c1:af:ca:d9:2f:d1:34:ca:f2:25:83:f6:c1: b9:50:12:66:17:8f:8c:06:bf:81:8f:d5:82:d4:2f: 17:ed:61:e9:15:c0:b6:da:4e:86:16:12:6d:2e:17: 2c:b0:7d:6e:b5:14:e7:ad:d7:c2:76:7c:79:69:00: 76:8f:7c:91:a2:18:2f:19:cb:e5:71:72:f9:61:b4: 17:f9:27:d0:82:b3:94:bc:1c:0a:70:6a:d9:b3:72: da:32:80:21:fc:ad:21:2b:cd:d7:03:2d:40:c2:c6: b4:02:75:14:aa:a6:cb:eb:b1:09:b2:57:c3:7e:43: be:16:45:2b:b3:b4:1a:c7:5d:78:31:81:0e:53:73: 34:ed:a1:50:10:c3:9d:a9:60:8b:84:80:15:40:8b: b8:44:fb:8e:7f:f8:1c:60:68:27:38:cf:ff:de:7e: f1:9a:38:cd:7a:fa:aa:8a:73:9c:1b:61:4a:72:5c: 27:9a:1f:95:4a:d0:38:4f:2a:3b:85:a7:2c:e3:73: 76:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:2B:4D:57:09:A4:6F:EF:FF:87:D3:CE:E8:BD:74:1A:13:EE:A7:F1 X509v3 Authority Key Identifier: keyid:39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/FitNVwmkb-__h9PO6L10GhPup_E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.88.72.0/22 IPv6: 2a0d:b0c0::/29 Signature Algorithm: sha256WithRSAEncryption 6e:53:ab:18:6d:18:98:10:b7:f4:e5:70:aa:7c:46:c9:91:a9: 11:87:6a:6d:a5:d6:a9:90:74:b7:d4:26:39:44:69:53:3b:8b: d5:c2:cb:03:98:55:c6:ee:06:66:9e:02:d4:59:87:0a:e1:d9: c7:ca:4a:f2:3f:07:b2:15:ae:2d:98:be:05:db:9a:35:16:64: 28:76:92:06:7a:5c:cf:82:c5:31:9d:04:8a:77:cb:1d:f1:d1: 1f:56:5a:10:68:7a:57:b1:ca:1e:94:65:c0:6f:3e:11:18:90: 4f:df:cf:4d:c9:10:47:75:c1:c1:16:ac:43:7b:64:1b:5e:45: 9b:8a:a4:5e:19:f9:d9:74:14:9e:29:64:a3:37:02:d1:19:6a: a0:a8:60:1e:69:03:31:0d:b5:51:59:4f:53:29:c3:24:06:a7: f9:9f:b0:81:2f:35:82:76:8d:cd:03:78:5a:c9:e9:21:40:2f: 39:c0:3d:ed:93:64:a0:b7:70:9a:59:04:b1:05:a0:e3:d5:99: a1:1e:71:00:92:af:19:b9:92:e5:54:6b:16:eb:3f:d6:85:86: cb:a7:16:35:cd:0e:29:e8:6e:47:13:89:3b:a1:5f:25:ae:f5: c4:41:6d:3c:1c:75:d3:05:7d:7d:5b:00:a7:19:87:ce:ea:7c: d5:c7:58:7c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5D/Za6naKMtwkXKPF2Ni1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5OTExMzc1ZmNjNDg1OTYxMjE5MGViZWNjN2FlMzcxYTAx YTZhNmQwHhcNMjYwMTAxMTAxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNjJiNGQ1NzA5YTQ2ZmVmZmY4N2QzY2VlOGJkNzQxYTEzZWVhN2YxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG0lRO60w+J+5hwMo+/HZYRR9IGx AKA20Ne+u9RugK0RAjYMsltm9tOwnv7Kc65kIa2uIuU7L8XH7/9TpcGvytkv0TTK 8iWD9sG5UBJmF4+MBr+Bj9WC1C8X7WHpFcC22k6GFhJtLhcssH1utRTnrdfCdnx5 aQB2j3yRohgvGcvlcXL5YbQX+SfQgrOUvBwKcGrZs3LaMoAh/K0hK83XAy1Awsa0 AnUUqqbL67EJslfDfkO+FkUrs7Qax114MYEOU3M07aFQEMOdqWCLhIAVQIu4RPuO f/gcYGgnOM//3n7xmjjNevqqinOcG2FKclwnmh+VStA4Tyo7hacs43N2IwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFBYrTVcJpG/v/4fTzui9dBoT7qfxMB8GA1UdIwQY MBaAFDmRE3X8xIWWEhkOvsx643GgGmptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQt OTMzZDkyZDAwMDBjLzEvRml0TlZ3bWtiLV9faDlQTzZMMTBHaFB1cF9FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC82MWMwYzUtNTI1Ny00NTNjLThlNzQtOTMzZDkyZDAwMDBj LzEvT1pFVGRmekVoWllTR1E2LXpIcmpjYUFhYW0wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVhIMA0E AgACMAcDBQMqDbDAMA0GCSqGSIb3DQEBCwUAA4IBAQBuU6sYbRiYELf05XCqfEbJ kakRh2ptpdapkHS31CY5RGlTO4vVwssDmFXG7gZmngLUWYcK4dnHykryPweyFa4t mL4F25o1FmQodpIGelzPgsUxnQSKd8sd8dEfVloQaHpXscoelGXAbz4RGJBP389N yRBHdcHBFqxDe2QbXkWbiqReGfnZdBSeKWSjNwLRGWqgqGAeaQMxDbVRWU9TKcMk Bqf5n7CBLzWCdo3NA3hayekhQC85wD3tk2Sgt3CaWQSxBaDj1ZmhHnEAkq8ZuZLl VGsW6z/WhYbLpxY1zQ4p6G5HE4k7oV8lrvXEQW08HHXTBX19WwCnGYfO6nzVx1h8 -----END CERTIFICATE-----Generated at Mon Feb 9 19:55:01 2026 by rpki-client