This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/aprsdgtKeFBW6dMDyLpO37V7sYU.roa File: aprsdgtKeFBW6dMDyLpO37V7sYU.roa (raw, json) Hash identifier: 04ZHgWeGk6onOBVuETq5g7lFyguxKvrGp3YmU7j5C7o= Subject key identifier: 6A:9A:EC:76:0B:4A:78:50:56:E9:D3:03:C8:BA:4E:DF:B5:7B:B1:85 Certificate issuer: /CN=b1940f000996ebfd2dab71c469cc51ee881b3f5e Certificate serial: 019B7C80069E6AFB75D0C09D76181E68C939 Authority key identifier: B1:94:0F:00:09:96:EB:FD:2D:AB:71:C4:69:CC:51:EE:88:1B:3F:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZQPAAmW6_0tq3HEacxR7ogbP14.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/aprsdgtKeFBW6dMDyLpO37V7sYU.roa Signing time: Fri 02 Jan 2026 02:18:43 +0000 ROA not before: Fri 02 Jan 2026 02:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 194.42.96.0/23 maxlen: 24 194.42.104.0/23 maxlen: 24 2a0f:340::/29 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/sZQPAAmW6_0tq3HEacxR7ogbP14.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/sZQPAAmW6_0tq3HEacxR7ogbP14.mft rsync://rpki.ripe.net/repository/DEFAULT/sZQPAAmW6_0tq3HEacxR7ogbP14.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 02:20:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:06:9e:6a:fb:75:d0:c0:9d:76:18:1e:68:c9:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1940f000996ebfd2dab71c469cc51ee881b3f5e Validity Not Before: Jan 2 02:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a9aec760b4a785056e9d303c8ba4edfb57bb185 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:04:d9:41:77:f1:3c:5e:9d:c3:3e:95:ca:16: ad:27:4a:f6:4f:50:ef:09:41:50:1e:85:9e:ff:59: 29:f5:d4:2a:d0:c1:24:43:ea:00:b2:a0:ec:4c:ec: df:2e:29:35:c2:75:d1:71:8f:5f:74:2d:f1:cc:d4: 06:ff:18:35:27:66:e3:ef:e2:5c:16:20:e5:c7:9e: d8:62:88:3b:96:43:8c:a1:0b:fe:0c:d4:4f:70:32: 8f:5c:ca:16:89:a0:87:83:1c:eb:37:24:7a:8d:e5: 0a:8a:a7:4d:04:38:ea:43:17:2c:b1:c4:ea:9a:0a: b6:7a:a3:77:13:90:33:24:69:47:a6:f2:a8:94:73: dc:65:7b:bb:15:32:f9:41:df:cb:ce:67:20:1c:ab: 78:26:d4:6a:2e:7a:3f:ec:98:35:71:6c:8d:75:fe: 5c:83:90:15:fb:10:c0:07:d5:88:10:ae:c1:5d:40: 76:5b:fc:c0:a4:25:67:54:71:37:ae:1f:3e:af:f8: 55:b4:a8:fb:fc:d0:7c:ae:c7:6e:2e:54:69:16:a5: 45:b1:65:37:8b:47:f4:1e:3d:80:83:cd:69:19:44: 0c:c6:65:a4:b3:44:a5:c6:e9:40:65:60:f3:7b:db: 3a:ce:7c:06:db:6c:c1:d5:dc:5c:33:1e:be:3e:ea: db:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:9A:EC:76:0B:4A:78:50:56:E9:D3:03:C8:BA:4E:DF:B5:7B:B1:85 X509v3 Authority Key Identifier: keyid:B1:94:0F:00:09:96:EB:FD:2D:AB:71:C4:69:CC:51:EE:88:1B:3F:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZQPAAmW6_0tq3HEacxR7ogbP14.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/aprsdgtKeFBW6dMDyLpO37V7sYU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/sZQPAAmW6_0tq3HEacxR7ogbP14.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.42.96.0/23 194.42.104.0/23 IPv6: 2a0f:340::/29 Signature Algorithm: sha256WithRSAEncryption 29:d2:72:1d:50:e9:a8:9c:76:fb:4c:ce:da:26:bb:e4:67:98: d6:56:4a:59:0c:bb:5e:a5:3e:c7:b9:91:49:e8:2a:9a:e4:f7: 26:84:f9:6f:e5:65:ee:00:9f:6c:95:69:3c:43:f6:7d:7b:3e: c0:3a:06:6d:2e:f9:07:c1:1b:44:a5:e0:95:b3:0c:df:ac:ce: a5:8d:80:2e:33:cd:35:0d:ad:f0:83:92:38:e0:a6:2d:7a:f5: 04:b2:a0:1b:d2:1b:6c:43:25:44:49:63:c6:8a:eb:28:f3:d5: 00:39:9b:1c:01:75:5c:1b:50:c7:a8:a9:d2:dc:1a:a8:b6:25: 8c:8a:59:de:dd:64:2b:d4:1c:6e:92:5e:e7:93:89:a5:13:84: 74:f8:be:60:2d:6b:aa:e7:33:0e:2e:c7:e2:32:a9:73:ec:76: eb:50:36:ba:db:cd:ee:35:f1:5c:e8:17:0a:9e:cb:76:14:fb: 97:d6:87:d1:15:e2:0a:21:fe:c6:8a:65:1d:48:4f:ac:cf:01: f8:d9:4d:75:4f:09:38:af:45:a9:b8:e1:ea:d5:90:77:67:f2: e7:12:ff:81:ba:82:24:6d:a1:2c:2b:2c:05:2e:70:12:7e:df: d2:0b:d2:b1:fc:fc:a6:a4:fa:da:45:8b:ba:62:b6:30:2b:5c: aa:cb:3d:a5 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8gAaeavt10MCddhgeaMk5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxOTQwZjAwMDk5NmViZmQyZGFiNzFjNDY5Y2M1MWVlODgx YjNmNWUwHhcNMjYwMTAyMDIxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YTlhZWM3NjBiNGE3ODUwNTZlOWQzMDNjOGJhNGVkZmI1N2JiMTg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoATZQXfxPF6dwz6VyhatJ0r2T1Dv CUFQHoWe/1kp9dQq0MEkQ+oAsqDsTOzfLik1wnXRcY9fdC3xzNQG/xg1J2bj7+Jc FiDlx57YYog7lkOMoQv+DNRPcDKPXMoWiaCHgxzrNyR6jeUKiqdNBDjqQxcsscTq mgq2eqN3E5AzJGlHpvKolHPcZXu7FTL5Qd/LzmcgHKt4JtRqLno/7Jg1cWyNdf5c g5AV+xDAB9WIEK7BXUB2W/zApCVnVHE3rh8+r/hVtKj7/NB8rsduLlRpFqVFsWU3 i0f0Hj2Ag81pGUQMxmWks0SlxulAZWDze9s6znwG22zB1dxcMx6+PurbeQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFGqa7HYLSnhQVunTA8i6Tt+1e7GFMB8GA1UdIwQY MBaAFLGUDwAJluv9LatxxGnMUe6IGz9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1pRUEFBbVc2XzB0cTNIRWFjeFI3b2diUDE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xYzEzZDktODFkNS00Y2RiLWEyZTEt YTVhYmIyMGQyNDYyLzEvYXByc2RndEtlRkJXNmRNRHlMcE8zN1Y3c1lVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS8xYzEzZDktODFkNS00Y2RiLWEyZTEtYTVhYmIyMGQyNDYy LzEvc1pRUEFBbVc2XzB0cTNIRWFjeFI3b2diUDE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwipgAwQB wipoMA0EAgACMAcDBQMqDwNAMA0GCSqGSIb3DQEBCwUAA4IBAQAp0nIdUOmonHb7 TM7aJrvkZ5jWVkpZDLtepT7HuZFJ6Cqa5PcmhPlv5WXuAJ9slWk8Q/Z9ez7AOgZt LvkHwRtEpeCVswzfrM6ljYAuM801Da3wg5I44KYtevUEsqAb0htsQyVESWPGiuso 89UAOZscAXVcG1DHqKnS3BqotiWMilne3WQr1Bxukl7nk4mlE4R0+L5gLWuq5zMO LsfiMqlz7HbrUDa6283uNfFc6BcKnst2FPuX1ofRFeIKIf7GimUdSE+szwH42U11 Twk4r0WpuOHq1ZB3Z/LnEv+BuoIkbaEsKywFLnASft/SC9Kx/PympPraRYu6YrYw K1yqyz2l -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:22 2026 by rpki-client