This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/1-Xka6nhHlTAY0IkAtp7cisl4Q0o.roa File: 1-Xka6nhHlTAY0IkAtp7cisl4Q0o.roa (raw, json) Hash identifier: cYSQflXuM4PG35Mh50PGE2nbDxv/tnzYwdWGgGNp7kU= Subject key identifier: F9:79:1A:EA:78:47:95:30:18:D0:89:00:B6:9E:DC:8A:C9:78:43:4A Certificate issuer: /CN=a316c7659af1d56bc718faf614f092758f5edc7f Certificate serial: 019B7AC89DB29DCF55BC61F75F695AE5AA9C Authority key identifier: A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/1-Xka6nhHlTAY0IkAtp7cisl4Q0o.roa Signing time: Thu 01 Jan 2026 18:18:46 +0000 ROA not before: Thu 01 Jan 2026 18:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 185.221.84.0/24 maxlen: 24 212.32.0.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.mft rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:9d:b2:9d:cf:55:bc:61:f7:5f:69:5a:e5:aa:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a316c7659af1d56bc718faf614f092758f5edc7f Validity Not Before: Jan 1 18:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f9791aea7847953018d08900b69edc8ac978434a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d1:3f:89:53:fc:ff:87:4b:4b:cf:5c:cd:ea: 26:6f:09:e0:23:a7:36:6c:a4:e1:93:b4:e1:4e:af: 05:04:7f:39:9c:75:89:be:0a:3f:be:ba:2b:b4:68: 61:54:ba:ef:6f:a2:28:41:cc:fb:07:da:01:ce:b2: f0:4b:e4:bd:7f:23:8e:86:bd:d7:74:6d:c7:b6:3e: f7:a6:97:3a:8c:03:40:df:66:c5:e8:12:dc:f7:31: 63:01:2c:16:a8:3d:24:92:81:49:5a:27:bd:f5:ca: 85:83:d5:13:57:b1:33:66:6a:3f:07:23:4f:ff:6b: b2:71:25:a3:e3:8a:4f:fd:45:79:3d:7a:de:85:0b: b2:17:94:19:ea:5c:9e:d7:17:d4:34:d4:bd:30:97: b1:c8:4a:f5:70:4f:cc:c3:79:be:de:9e:63:1e:96: 9a:a9:e9:92:72:92:fa:33:fc:b4:06:07:6c:c5:d8: 43:50:8f:4a:3c:19:4c:32:33:4e:8c:49:b1:70:65: 23:0e:1f:00:28:06:cb:8d:4d:9b:4c:27:36:da:cb: 51:23:b2:fd:5a:1f:99:f4:82:f3:97:18:4f:95:73: 68:80:37:4f:9b:1d:14:db:1d:3e:e1:a9:91:8b:15: 91:ab:9b:2a:9e:4c:ee:95:b9:40:b8:36:7e:0e:2d: d6:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:79:1A:EA:78:47:95:30:18:D0:89:00:B6:9E:DC:8A:C9:78:43:4A X509v3 Authority Key Identifier: keyid:A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/1-Xka6nhHlTAY0IkAtp7cisl4Q0o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.221.84.0/24 212.32.0.0/21 Signature Algorithm: sha256WithRSAEncryption ad:8f:fe:86:8f:7a:12:e3:ec:ba:bc:73:7c:98:45:5d:c5:fc: 00:52:dd:88:31:0d:2d:2a:e9:f8:3d:c5:4a:29:55:11:1c:11: 78:97:55:d9:db:08:9b:52:27:62:cd:30:58:6e:01:e4:69:de: a3:ea:ba:25:02:31:f2:de:bf:d5:bf:4b:d1:b4:4b:a1:7e:ee: 7b:4a:29:0e:e2:44:78:18:7b:1a:12:dd:08:54:6b:c0:50:69: 86:aa:3e:94:88:53:46:ea:51:f6:1c:88:10:aa:fd:f9:01:c3: 80:f2:f7:ff:db:76:05:bf:75:16:6e:98:ac:c8:02:4e:6c:3f: 78:cc:24:43:68:ab:3c:12:46:57:59:f4:ff:8d:18:03:f7:2e: c9:13:6e:44:c7:f9:9e:ae:79:fa:25:bb:da:81:12:48:ce:f2: f1:a2:56:ee:14:06:44:9c:a1:5a:bc:d6:4c:11:9d:88:2c:3b: b7:a3:c7:e4:89:6f:c4:4a:69:76:98:3f:f3:bd:fd:3d:3f:7a: dd:0a:b0:91:33:0e:6c:f7:a7:05:ac:14:18:22:91:cb:11:b1: 64:f9:d7:29:61:8a:50:ee:03:a7:1d:40:c8:93:4d:ec:8a:05: 7f:7e:c1:f5:b0:c6:26:38:94:36:38:55:71:d0:6c:57:96:62: 0f:f9:cc:4a -----BEGIN CERTIFICATE----- MIIFBDCCA+ygAwIBAgISAZt6yJ2ync9VvGH3X2la5aqcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzMTZjNzY1OWFmMWQ1NmJjNzE4ZmFmNjE0ZjA5Mjc1OGY1 ZWRjN2YwHhcNMjYwMTAxMTgxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOTc5MWFlYTc4NDc5NTMwMThkMDg5MDBiNjllZGM4YWM5Nzg0MzRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNE/iVP8/4dLS89czeombwngI6c2 bKThk7ThTq8FBH85nHWJvgo/vrortGhhVLrvb6IoQcz7B9oBzrLwS+S9fyOOhr3X dG3Htj73ppc6jANA32bF6BLc9zFjASwWqD0kkoFJWie99cqFg9UTV7EzZmo/ByNP /2uycSWj44pP/UV5PXrehQuyF5QZ6lye1xfUNNS9MJexyEr1cE/Mw3m+3p5jHpaa qemScpL6M/y0BgdsxdhDUI9KPBlMMjNOjEmxcGUjDh8AKAbLjU2bTCc22stRI7L9 Wh+Z9ILzlxhPlXNogDdPmx0U2x0+4amRixWRq5sqnkzulblAuDZ+Di3WsQIDAQAB o4ICEDCCAgwwHQYDVR0OBBYEFPl5Gup4R5UwGNCJALae3IrJeENKMB8GA1UdIwQY MBaAFKMWx2Wa8dVrxxj69hTwknWPXtx/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUt MzY4N2M4MThlZGU1LzEvMS1Ya2E2bmhIbFRBWTBJa0F0cDdjaXNsNFEwby5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvY2MvMzBkNGU4LWUwOTAtNGJmMi04MTg1LTM2ODdjODE4ZWRl NS8xL294YkhaWnJ4MVd2SEdQcjJGUENTZFk5ZTNIOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALndVAME A9QgADANBgkqhkiG9w0BAQsFAAOCAQEArY/+ho96EuPsurxzfJhFXcX8AFLdiDEN LSrp+D3FSilVERwReJdV2dsIm1InYs0wWG4B5Gneo+q6JQIx8t6/1b9L0bRLoX7u e0opDuJEeBh7GhLdCFRrwFBphqo+lIhTRupR9hyIEKr9+QHDgPL3/9t2Bb91Fm6Y rMgCTmw/eMwkQ2irPBJGV1n0/40YA/cuyRNuRMf5nq55+iW72oESSM7y8aJW7hQG RJyhWrzWTBGdiCw7t6PH5IlvxEppdpg/8739PT963QqwkTMObPenBawUGCKRyxGx ZPnXKWGKUO4Dpx1AyJNN7IoFf37B9bDGJjiUNjhVcdBsV5ZiD/nMSg== -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:56 2026 by rpki-client