This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/84cd4e-142c-4268-bef6-6ec9d988a408/1/20k_piblwEYsVd_YiDJCaz9Ey54.roa File: 20k_piblwEYsVd_YiDJCaz9Ey54.roa (raw, json) Hash identifier: 4RIWua1sQFhhYH4ddyZN8LNm60NZVa4EtH71m0R8zfU= Subject key identifier: DB:49:3F:A6:26:E5:C0:46:2C:55:DF:D8:88:32:42:6B:3F:44:CB:9E Certificate issuer: /CN=1698df0300aab5e2a6f1ac78e593ecc9740daadb Certificate serial: 019BE52AF48BE0AFB90F512E78AB639E3602 Authority key identifier: 16:98:DF:03:00:AA:B5:E2:A6:F1:AC:78:E5:93:EC:C9:74:0D:AA:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpjfAwCqteKm8ax45ZPsyXQNqts.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/84cd4e-142c-4268-bef6-6ec9d988a408/1/20k_piblwEYsVd_YiDJCaz9Ey54.roa Signing time: Thu 22 Jan 2026 10:05:56 +0000 ROA not before: Thu 22 Jan 2026 10:05:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202509 IP address blocks: 185.220.76.0/22 maxlen: 22 194.107.113.0/24 maxlen: 24 2a0b:f240::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/84cd4e-142c-4268-bef6-6ec9d988a408/1/FpjfAwCqteKm8ax45ZPsyXQNqts.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/84cd4e-142c-4268-bef6-6ec9d988a408/1/FpjfAwCqteKm8ax45ZPsyXQNqts.mft rsync://rpki.ripe.net/repository/DEFAULT/FpjfAwCqteKm8ax45ZPsyXQNqts.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e5:2a:f4:8b:e0:af:b9:0f:51:2e:78:ab:63:9e:36:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1698df0300aab5e2a6f1ac78e593ecc9740daadb Validity Not Before: Jan 22 10:05:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=db493fa626e5c0462c55dfd88832426b3f44cb9e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:c7:15:c8:6a:41:ba:60:a3:82:9e:cc:4b:88: 6f:db:9f:c3:b2:62:6b:cb:37:96:db:51:4d:e4:41: de:37:86:64:73:31:1a:74:83:dc:c4:fc:38:92:af: df:e7:65:4c:c9:58:e1:4b:ea:9f:0d:17:d1:e1:37: 5f:90:ce:8d:f8:7f:cc:3e:e6:fc:cd:23:74:01:77: da:44:c5:ca:7a:4c:a0:17:98:c7:66:66:08:ed:6b: 2e:13:a6:94:c0:81:0e:96:5b:87:2c:59:48:28:b4: aa:54:90:b2:51:5b:75:c1:ab:02:78:96:d3:e6:2b: 87:12:2a:e4:ef:5a:45:56:6d:8c:bc:f9:d7:79:e8: 52:86:9d:b8:2f:07:c9:61:a7:32:2e:8b:e4:1a:92: bb:4b:56:0e:63:9c:99:66:c0:44:5e:d3:ae:2b:d0: 18:60:45:f5:f1:13:e0:cd:2a:2c:1f:91:3c:e5:52: c6:12:04:da:77:ac:ed:1a:50:73:95:81:70:dc:e9: e8:f0:e4:7d:83:29:b1:31:0c:be:41:d2:a6:19:a4: e6:a7:02:3e:d2:81:62:49:6c:2a:af:e3:eb:df:1c: 8f:be:01:c7:78:c2:78:19:cd:20:f9:4f:1e:d3:1b: 9c:37:31:7a:fd:5e:08:fb:cd:f5:c8:42:5d:b5:6d: 37:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:49:3F:A6:26:E5:C0:46:2C:55:DF:D8:88:32:42:6B:3F:44:CB:9E X509v3 Authority Key Identifier: keyid:16:98:DF:03:00:AA:B5:E2:A6:F1:AC:78:E5:93:EC:C9:74:0D:AA:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpjfAwCqteKm8ax45ZPsyXQNqts.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/84cd4e-142c-4268-bef6-6ec9d988a408/1/20k_piblwEYsVd_YiDJCaz9Ey54.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/84cd4e-142c-4268-bef6-6ec9d988a408/1/FpjfAwCqteKm8ax45ZPsyXQNqts.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.220.76.0/22 194.107.113.0/24 IPv6: 2a0b:f240::/29 Signature Algorithm: sha256WithRSAEncryption 1f:ee:e1:fd:cd:49:49:d3:61:6c:b4:c9:58:94:e1:ed:7a:d2: 31:0b:38:11:26:d2:8f:6c:6d:01:a9:f5:d7:bf:10:d2:c6:42: 9a:0f:46:a8:f6:91:db:b0:99:2c:1b:f0:49:32:bb:6b:82:a8: b2:74:07:77:a6:24:11:15:21:d9:69:f1:02:62:bc:42:44:96: 0a:2c:35:9b:31:a7:bd:3e:c5:5e:9b:15:b1:48:a0:6b:cc:cc: d9:f4:14:43:ad:05:60:e6:52:2a:31:ed:3f:a2:71:4e:18:01: bc:b5:61:72:d2:49:4c:d7:d6:d0:49:49:74:95:9b:6e:f1:17: 61:4a:43:ee:94:2f:e6:6c:b7:54:90:96:68:f1:19:ee:12:34: a8:b0:f3:d3:ec:65:97:6a:af:02:fb:7d:e3:ff:ba:ea:f6:f4: 66:1f:3f:d1:f9:36:eb:04:fc:6b:b8:b3:af:6d:76:75:3e:58: 90:63:97:dc:b6:56:20:6d:15:87:87:11:94:a0:0e:e6:69:af: ad:b0:b0:0d:cb:89:74:66:2f:96:2c:1f:f5:ca:86:a2:b3:c0: 7f:33:63:e4:d5:d1:61:7a:c5:2f:a2:ec:6b:bb:e3:84:42:93: f2:f1:a4:ed:63:98:1c:af:4e:04:6c:99:18:0f:24:5b:c8:0a: d7:b7:81:6b -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZvlKvSL4K+5D1EueKtjnjYCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE2OThkZjAzMDBhYWI1ZTJhNmYxYWM3OGU1OTNlY2M5NzQw ZGFhZGIwHhcNMjYwMTIyMTAwNTU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYjQ5M2ZhNjI2ZTVjMDQ2MmM1NWRmZDg4ODMyNDI2YjNmNDRjYjllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8cVyGpBumCjgp7MS4hv25/DsmJr yzeW21FN5EHeN4ZkczEadIPcxPw4kq/f52VMyVjhS+qfDRfR4TdfkM6N+H/MPub8 zSN0AXfaRMXKekygF5jHZmYI7WsuE6aUwIEOlluHLFlIKLSqVJCyUVt1wasCeJbT 5iuHEirk71pFVm2MvPnXeehShp24LwfJYacyLovkGpK7S1YOY5yZZsBEXtOuK9AY YEX18RPgzSosH5E85VLGEgTad6ztGlBzlYFw3Ono8OR9gymxMQy+QdKmGaTmpwI+ 0oFiSWwqr+Pr3xyPvgHHeMJ4Gc0g+U8e0xucNzF6/V4I+831yEJdtW035wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNtJP6Ym5cBGLFXf2IgyQms/RMueMB8GA1UdIwQY MBaAFBaY3wMAqrXipvGseOWT7Ml0DarbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRnBqZkF3Q3F0ZUttOGF4NDVaUHN5WFFOcXRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84NGNkNGUtMTQyYy00MjY4LWJlZjYt NmVjOWQ5ODhhNDA4LzEvMjBrX3BpYmx3RVlzVmRfWWlESkNhejlFeTU0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi84NGNkNGUtMTQyYy00MjY4LWJlZjYtNmVjOWQ5ODhhNDA4 LzEvRnBqZkF3Q3F0ZUttOGF4NDVaUHN5WFFOcXRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudxMAwQA wmtxMA0EAgACMAcDBQMqC/JAMA0GCSqGSIb3DQEBCwUAA4IBAQAf7uH9zUlJ02Fs tMlYlOHtetIxCzgRJtKPbG0BqfXXvxDSxkKaD0ao9pHbsJksG/BJMrtrgqiydAd3 piQRFSHZafECYrxCRJYKLDWbMae9PsVemxWxSKBrzMzZ9BRDrQVg5lIqMe0/onFO GAG8tWFy0klM19bQSUl0lZtu8RdhSkPulC/mbLdUkJZo8RnuEjSosPPT7GWXaq8C +33j/7rq9vRmHz/R+TbrBPxruLOvbXZ1PliQY5fctlYgbRWHhxGUoA7maa+tsLAN y4l0Zi+WLB/1yoais8B/M2Pk1dFhesUvouxru+OEQpPy8aTtY5gcr04EbJkYDyRb yArXt4Fr -----END CERTIFICATE-----Generated at Mon Feb 9 23:45:13 2026 by rpki-client