This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/52cb8d-11d4-4f9c-8f92-26e64d78b0c6/1/fSqawDgohGpuSmZo75yc0WkYeBQ.roa File: fSqawDgohGpuSmZo75yc0WkYeBQ.roa (raw, json) Hash identifier: 8OxkTboICrI/6VG3FG9kRuzUoZMlBkjPOzPS7xwaWEU= Subject key identifier: 7D:2A:9A:C0:38:28:84:6A:6E:4A:66:68:EF:9C:9C:D1:69:18:78:14 Certificate issuer: /CN=19b105d148de996036fdf21cb208a338a158ceda Certificate serial: 019B7AC78603B35905E4D70CE4BA09C1E1F8 Authority key identifier: 19:B1:05:D1:48:DE:99:60:36:FD:F2:1C:B2:08:A3:38:A1:58:CE:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbEF0UjemWA2_fIcsgijOKFYzto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/52cb8d-11d4-4f9c-8f92-26e64d78b0c6/1/fSqawDgohGpuSmZo75yc0WkYeBQ.roa Signing time: Thu 01 Jan 2026 18:17:34 +0000 ROA not before: Thu 01 Jan 2026 18:17:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 185.138.242.0/24 maxlen: 24 2a07:10c0:c57::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/52cb8d-11d4-4f9c-8f92-26e64d78b0c6/1/GbEF0UjemWA2_fIcsgijOKFYzto.crl rsync://rpki.ripe.net/repository/DEFAULT/df/52cb8d-11d4-4f9c-8f92-26e64d78b0c6/1/GbEF0UjemWA2_fIcsgijOKFYzto.mft rsync://rpki.ripe.net/repository/DEFAULT/GbEF0UjemWA2_fIcsgijOKFYzto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:86:03:b3:59:05:e4:d7:0c:e4:ba:09:c1:e1:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=19b105d148de996036fdf21cb208a338a158ceda Validity Not Before: Jan 1 18:17:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7d2a9ac03828846a6e4a6668ef9c9cd169187814 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:2e:65:08:7a:5b:0d:c8:2e:42:52:d0:f9:3e: 70:6b:89:22:34:ac:cb:f6:0a:3d:47:9a:3e:2b:bb: 8d:11:cc:a3:0a:09:da:7d:c6:72:ad:8b:c3:98:15: dd:fe:fb:2f:7c:9a:c2:8f:43:40:3a:8e:17:6b:65: fe:dc:d5:3e:52:45:ef:2b:f0:2b:41:df:24:15:d8: ee:e7:ef:27:39:e6:ce:70:62:38:ae:50:fb:21:fd: 96:db:e8:a1:b3:24:f0:5a:8c:07:45:be:28:71:60: cb:0b:67:06:e9:ac:34:d5:04:b6:ad:6d:3c:40:86: f5:98:cd:a5:36:97:39:1f:af:b0:cd:c5:6e:8e:3b: 36:12:d9:96:d8:da:f9:8e:e8:11:50:73:3d:a7:2f: 71:ee:5d:9d:40:18:d5:c7:15:29:5d:4d:be:b1:4c: 77:9c:49:17:14:46:c4:e2:0f:3f:f8:f1:3d:88:9b: 12:e7:fb:2d:41:46:35:a5:39:5b:3b:f7:50:a1:62: 4c:59:d3:39:99:94:25:da:20:92:a3:fc:bb:1d:b2: 4c:b4:d6:8a:81:91:14:d1:6d:64:9c:11:d0:ef:5e: 58:26:e2:6e:92:78:77:aa:1e:22:6d:53:1a:20:bc: cb:df:8a:7b:c0:47:e2:9e:a3:2d:bb:4f:2b:a1:80: 99:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:2A:9A:C0:38:28:84:6A:6E:4A:66:68:EF:9C:9C:D1:69:18:78:14 X509v3 Authority Key Identifier: keyid:19:B1:05:D1:48:DE:99:60:36:FD:F2:1C:B2:08:A3:38:A1:58:CE:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbEF0UjemWA2_fIcsgijOKFYzto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/52cb8d-11d4-4f9c-8f92-26e64d78b0c6/1/fSqawDgohGpuSmZo75yc0WkYeBQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/52cb8d-11d4-4f9c-8f92-26e64d78b0c6/1/GbEF0UjemWA2_fIcsgijOKFYzto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.138.242.0/24 IPv6: 2a07:10c0:c57::/48 Signature Algorithm: sha256WithRSAEncryption 6c:75:df:42:8d:02:90:d0:07:7a:a7:e0:81:e6:bd:69:b2:c1: 19:9c:cb:d0:fe:b6:cd:44:19:bb:b0:1c:06:92:6f:a5:d0:e2: 98:5e:c7:13:36:77:54:16:14:12:b2:2e:f0:3c:31:4f:02:3a: 1f:c2:16:74:17:8d:52:d6:f3:79:b3:19:c8:6d:27:e8:69:f3: 3e:72:22:19:6c:dc:61:1d:0c:72:10:3e:82:27:62:df:4b:eb: a6:d9:68:58:92:9a:00:94:99:d7:72:71:ff:7a:92:29:4f:70: 52:a3:09:c0:87:f3:c0:fd:fa:fb:af:66:91:da:13:46:7f:9e: 25:2d:b3:ff:1c:b5:36:d7:62:da:69:c4:67:8d:0e:2b:b4:0c: 4d:58:ed:c2:31:90:8e:89:b7:f0:2d:1b:25:fc:95:5a:a3:9b: 39:d4:69:d0:6a:b5:b9:68:19:1b:c0:1e:d0:02:bd:6c:f3:e0: ce:4d:41:d5:59:24:ab:3c:b0:6d:63:35:43:90:73:b7:9c:4f: 5e:47:69:f6:df:85:45:62:b7:58:a6:96:67:18:86:63:c7:7b: 05:97:1d:c8:d2:93:a8:03:e3:25:38:0c:a0:57:cd:d1:b1:69: da:d5:cd:f5:1f:83:cf:4a:fc:a1:6d:85:50:dc:2f:31:ec:62: 44:9f:87:b5 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt6x4YDs1kF5NcM5LoJweH4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE5YjEwNWQxNDhkZTk5NjAzNmZkZjIxY2IyMDhhMzM4YTE1 OGNlZGEwHhcNMjYwMTAxMTgxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZDJhOWFjMDM4Mjg4NDZhNmU0YTY2NjhlZjljOWNkMTY5MTg3ODE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8S5lCHpbDcguQlLQ+T5wa4kiNKzL 9go9R5o+K7uNEcyjCgnafcZyrYvDmBXd/vsvfJrCj0NAOo4Xa2X+3NU+UkXvK/Ar Qd8kFdju5+8nOebOcGI4rlD7If2W2+ihsyTwWowHRb4ocWDLC2cG6aw01QS2rW08 QIb1mM2lNpc5H6+wzcVujjs2EtmW2Nr5jugRUHM9py9x7l2dQBjVxxUpXU2+sUx3 nEkXFEbE4g8/+PE9iJsS5/stQUY1pTlbO/dQoWJMWdM5mZQl2iCSo/y7HbJMtNaK gZEU0W1knBHQ715YJuJuknh3qh4ibVMaILzL34p7wEfinqMtu08roYCZoQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFH0qmsA4KIRqbkpmaO+cnNFpGHgUMB8GA1UdIwQY MBaAFBmxBdFI3plgNv3yHLIIozihWM7aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR2JFRjBVamVtV0EyX2ZJY3NnaWpPS0ZZenRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi81MmNiOGQtMTFkNC00ZjljLThmOTIt MjZlNjRkNzhiMGM2LzEvZlNxYXdEZ29oR3B1U21abzc1eWMwV2tZZUJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi81MmNiOGQtMTFkNC00ZjljLThmOTItMjZlNjRkNzhiMGM2 LzEvR2JFRjBVamVtV0EyX2ZJY3NnaWpPS0ZZenRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYryMA8E AgACMAkDBwAqBxDADFcwDQYJKoZIhvcNAQELBQADggEBAGx130KNApDQB3qn4IHm vWmywRmcy9D+ts1EGbuwHAaSb6XQ4phexxM2d1QWFBKyLvA8MU8COh/CFnQXjVLW 83mzGchtJ+hp8z5yIhls3GEdDHIQPoInYt9L66bZaFiSmgCUmddycf96kilPcFKj CcCH88D9+vuvZpHaE0Z/niUts/8ctTbXYtppxGeNDiu0DE1Y7cIxkI6Jt/AtGyX8 lVqjmznUadBqtbloGRvAHtACvWzz4M5NQdVZJKs8sG1jNUOQc7ecT15HafbfhUVi t1imlmcYhmPHewWXHcjSk6gD4yU4DKBXzdGxadrVzfUfg89K/KFthVDcLzHsYkSf h7U= -----END CERTIFICATE-----Generated at Fri Jan 9 17:06:06 2026 by rpki-client