This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/PgXrvWBADSv7xH4LgHKpTQQ0144.roa File: PgXrvWBADSv7xH4LgHKpTQQ0144.roa (raw, json) Hash identifier: rmC8h6+zobbErP+gvycV1mNmmNbI0Zsk3t4WrqWuDNo= Subject key identifier: 3E:05:EB:BD:60:40:0D:2B:FB:C4:7E:0B:80:72:A9:4D:04:34:D7:8E Certificate issuer: /CN=018b20ff098e6b7cbc8b6af0d680065e6b90600b Certificate serial: 019B7C127C40BCA78F01ABCD78A36397AF34 Authority key identifier: 01:8B:20:FF:09:8E:6B:7C:BC:8B:6A:F0:D6:80:06:5E:6B:90:60:0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYsg_wmOa3y8i2rw1oAGXmuQYAs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/PgXrvWBADSv7xH4LgHKpTQQ0144.roa Signing time: Fri 02 Jan 2026 00:19:04 +0000 ROA not before: Fri 02 Jan 2026 00:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210598 IP address blocks: 109.107.152.0/24 maxlen: 24 2a11:d2c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/AYsg_wmOa3y8i2rw1oAGXmuQYAs.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/AYsg_wmOa3y8i2rw1oAGXmuQYAs.mft rsync://rpki.ripe.net/repository/DEFAULT/AYsg_wmOa3y8i2rw1oAGXmuQYAs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:7c:40:bc:a7:8f:01:ab:cd:78:a3:63:97:af:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=018b20ff098e6b7cbc8b6af0d680065e6b90600b Validity Not Before: Jan 2 00:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3e05ebbd60400d2bfbc47e0b8072a94d0434d78e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:0a:fa:72:10:6f:53:39:e7:38:f1:64:98:4d: 77:48:8d:9f:5a:d5:b3:82:48:c8:82:05:66:5e:98: 3c:8f:0e:99:3c:a8:5a:fc:d1:18:cd:c0:8a:84:a7: 01:6f:48:15:a2:7d:a4:22:42:41:c1:71:4e:ec:79: f1:76:6b:bd:a9:c9:83:ca:7e:03:e1:13:4b:0a:6a: d8:d6:60:ca:16:c2:0f:1d:5f:94:12:8c:f4:6b:9f: e7:91:64:f4:2e:ab:e4:48:96:4a:d2:5e:4c:f7:1c: 7b:a8:9a:52:bb:af:34:cc:7e:4e:15:30:4e:61:50: c8:cd:f4:4b:84:37:3e:d1:15:6b:3e:e5:9d:3c:68: c4:b9:c8:37:1d:79:29:ec:1d:ad:92:0f:65:52:14: f1:c4:c8:f7:67:e5:26:5d:c9:82:10:4e:5f:a3:6f: 1e:b6:b9:6d:98:3d:e9:16:4e:13:db:7f:27:51:78: 74:6c:bc:db:ca:93:ac:fb:4f:2f:bf:ca:65:53:7c: cd:30:81:c1:3f:6b:1c:32:67:50:41:ac:34:cf:ec: db:b1:6e:13:9c:42:bb:82:80:1c:6d:02:e8:e7:c2: 37:1d:2e:f7:92:29:0c:76:52:81:56:33:7d:0f:17: ad:a4:cf:4e:4b:72:fe:49:43:61:08:a9:56:cb:d1: c5:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:05:EB:BD:60:40:0D:2B:FB:C4:7E:0B:80:72:A9:4D:04:34:D7:8E X509v3 Authority Key Identifier: keyid:01:8B:20:FF:09:8E:6B:7C:BC:8B:6A:F0:D6:80:06:5E:6B:90:60:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYsg_wmOa3y8i2rw1oAGXmuQYAs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/PgXrvWBADSv7xH4LgHKpTQQ0144.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/AYsg_wmOa3y8i2rw1oAGXmuQYAs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.107.152.0/24 IPv6: 2a11:d2c0::/29 Signature Algorithm: sha256WithRSAEncryption 21:19:28:f0:cf:89:5a:16:71:05:96:aa:aa:72:26:21:06:90: c6:98:b6:e4:4d:7a:e2:04:ae:29:ac:3a:79:7a:13:70:e5:8b: 80:b7:ad:09:01:7b:b0:4e:cc:bf:88:8c:f9:f7:f9:8b:56:07: 56:9c:e0:1c:66:ed:08:28:f5:b8:d5:41:f0:d3:b6:b7:c2:a4: 3d:73:e2:81:c6:99:e7:40:56:42:ac:8a:58:5a:18:f6:60:9e: 39:3a:8f:74:ef:00:6b:bf:f9:cc:2c:c6:55:fd:9c:58:4e:4e: 83:1b:bd:a7:83:6d:91:71:4a:24:14:6e:66:69:0f:03:f8:bb: 80:f0:03:e9:f2:58:f9:79:5b:e2:d2:f5:7a:42:e2:e2:94:1c: 75:ec:b2:96:64:d0:38:7d:41:75:ca:03:80:e5:15:b3:bc:89: 08:d7:25:b0:a1:d0:df:7c:3b:1e:9f:cc:4c:83:39:47:f5:99: 47:ab:75:43:c6:1c:21:d1:52:5d:b5:33:8b:d5:6a:6c:10:b1: c6:62:97:98:ee:b9:86:ea:82:b9:8b:ef:6e:b5:36:f5:5d:50: ba:2b:3f:aa:7b:3e:06:2a:21:e8:d7:97:1e:f0:7a:89:0b:b2: 10:cb:b6:63:f6:01:03:e8:6a:6b:57:5f:3e:99:ee:3a:b0:6d: 05:89:e4:70 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8EnxAvKePAavNeKNjl680MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxOGIyMGZmMDk4ZTZiN2NiYzhiNmFmMGQ2ODAwNjVlNmI5 MDYwMGIwHhcNMjYwMTAyMDAxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZTA1ZWJiZDYwNDAwZDJiZmJjNDdlMGI4MDcyYTk0ZDA0MzRkNzhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQr6chBvUznnOPFkmE13SI2fWtWz gkjIggVmXpg8jw6ZPKha/NEYzcCKhKcBb0gVon2kIkJBwXFO7Hnxdmu9qcmDyn4D 4RNLCmrY1mDKFsIPHV+UEoz0a5/nkWT0LqvkSJZK0l5M9xx7qJpSu680zH5OFTBO YVDIzfRLhDc+0RVrPuWdPGjEucg3HXkp7B2tkg9lUhTxxMj3Z+UmXcmCEE5fo28e trltmD3pFk4T238nUXh0bLzbypOs+08vv8plU3zNMIHBP2scMmdQQaw0z+zbsW4T nEK7goAcbQLo58I3HS73kikMdlKBVjN9DxetpM9OS3L+SUNhCKlWy9HFqwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFD4F671gQA0r+8R+C4ByqU0ENNeOMB8GA1UdIwQY MBaAFAGLIP8Jjmt8vItq8NaABl5rkGALMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQVlzZ193bU9hM3k4aTJydzFvQUdYbXVRWUFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9hNjliNDItMGY5ZC00ZjNjLWE5MzEt OTEyN2Y0MjlhNDhkLzEvUGdYcnZXQkFEU3Y3eEg0TGdIS3BUUVEwMTQ0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS9hNjliNDItMGY5ZC00ZjNjLWE5MzEtOTEyN2Y0MjlhNDhk LzEvQVlzZ193bU9hM3k4aTJydzFvQUdYbXVRWUFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAbWuYMA0E AgACMAcDBQMqEdLAMA0GCSqGSIb3DQEBCwUAA4IBAQAhGSjwz4laFnEFlqqqciYh BpDGmLbkTXriBK4prDp5ehNw5YuAt60JAXuwTsy/iIz59/mLVgdWnOAcZu0IKPW4 1UHw07a3wqQ9c+KBxpnnQFZCrIpYWhj2YJ45Oo907wBrv/nMLMZV/ZxYTk6DG72n g22RcUokFG5maQ8D+LuA8APp8lj5eVvi0vV6QuLilBx17LKWZNA4fUF1ygOA5RWz vIkI1yWwodDffDsen8xMgzlH9ZlHq3VDxhwh0VJdtTOL1WpsELHGYpeY7rmG6oK5 i+9utTb1XVC6Kz+qez4GKiHo15ce8HqJC7IQy7Zj9gED6GprV18+me46sG0FieRw -----END CERTIFICATE-----Generated at Mon Feb 9 22:23:13 2026 by rpki-client