This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/rTo0UEeW4WSn2MjXsG-3uABsPfY.roa File: rTo0UEeW4WSn2MjXsG-3uABsPfY.roa (raw, json) Hash identifier: Imb7IO3Q8rHzQrWinxJegVt8mzKf4/246lxnQ0sa3no= Subject key identifier: AD:3A:34:50:47:96:E1:64:A7:D8:C8:D7:B0:6F:B7:B8:00:6C:3D:F6 Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e Certificate serial: 019B7E389FD93DDB62465591F063838CCA1B Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/rTo0UEeW4WSn2MjXsG-3uABsPfY.roa Signing time: Fri 02 Jan 2026 10:19:58 +0000 ROA not before: Fri 02 Jan 2026 10:19:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200131 IP address blocks: 194.143.206.0/24 maxlen: 24 213.220.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:9f:d9:3d:db:62:46:55:91:f0:63:83:8c:ca:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e Validity Not Before: Jan 2 10:19:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ad3a34504796e164a7d8c8d7b06fb7b8006c3df6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:e3:39:b7:a9:c8:2c:6e:b9:ce:5e:bf:ab:fa: 00:5c:dc:99:76:de:f7:01:3a:1e:31:8d:91:fc:96: 5f:29:f0:11:03:02:10:9e:ed:ea:2d:ad:6b:dc:b8: ce:f5:a9:8f:fa:1f:21:92:e6:bd:2d:9d:33:89:f3: eb:82:a1:7b:e5:14:20:4b:6d:b7:f7:1c:f1:5f:76: 40:ed:8b:35:dc:87:52:00:0f:d2:6e:27:68:91:29: 1d:4f:21:47:7a:2a:96:67:72:0d:80:06:f8:7a:f5: 7e:dd:92:5f:0f:16:dc:ee:0b:fa:04:b4:0e:2d:99: 71:5f:c0:43:15:a1:a0:57:21:7e:9e:94:fe:cc:ec: e1:2b:43:bc:40:15:5c:07:f8:0d:52:8c:1c:3a:1f: 29:aa:b1:59:a7:c1:42:e8:aa:f7:9b:4a:f8:bf:5c: 6c:0f:2f:4f:18:3e:75:56:13:3a:bb:73:68:c5:71: ce:61:b8:db:ec:9c:94:ca:9b:69:3d:71:45:80:ed: 16:94:f0:24:4e:02:23:cb:cc:9a:13:06:26:5b:98: 74:12:eb:0b:6c:0c:03:ad:99:62:16:90:db:11:c1: d0:90:94:56:1a:36:90:12:fe:8a:05:bb:ba:5a:30: f9:af:69:b8:2b:ea:70:d6:ee:60:af:22:a0:01:e7: 24:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:3A:34:50:47:96:E1:64:A7:D8:C8:D7:B0:6F:B7:B8:00:6C:3D:F6 X509v3 Authority Key Identifier: keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/rTo0UEeW4WSn2MjXsG-3uABsPfY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.143.206.0/24 213.220.3.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:07:a7:2c:ed:9e:66:8d:fc:44:bb:b5:65:8d:4d:69:73:6e: 0b:b4:28:54:8b:86:06:ab:fe:f3:b5:ae:a6:7a:ed:b7:11:e5: cb:46:9c:40:51:f2:52:d7:35:80:59:49:04:c0:df:cb:62:80: be:0b:a8:99:b6:4a:9c:fa:76:aa:2e:ef:a5:d0:84:37:a4:14: 27:26:3f:e9:d9:90:fd:39:82:bc:b8:63:c5:62:11:f9:f2:cc: 02:9b:ac:e8:63:ff:a4:7a:01:72:24:f0:36:00:e9:bd:0e:d7: 4a:70:11:32:3c:42:54:d4:9f:de:d8:c3:2e:31:40:72:94:01: 54:b2:81:78:3f:71:9e:50:9e:a8:bd:7c:7c:b4:1d:2a:c7:f9: 00:2c:58:38:f5:a2:e5:f4:90:6b:48:de:9b:b6:8a:e1:1e:ce: 9d:34:a7:d1:d2:16:5a:0f:d7:f3:f4:5a:34:94:41:f9:ff:6a: 77:86:c6:02:8f:1d:c7:9d:74:67:87:e3:10:94:3b:11:a7:9c: 61:d6:15:3f:8a:c2:5f:1b:69:f2:4b:12:fc:bf:3e:38:7b:4f: ea:71:58:e4:5c:52:9f:e1:34:14:07:c3:8e:fa:5e:59:f7:af: b2:77:f3:7e:a3:67:5d:2b:5f:a2:9a:c5:46:44:41:54:6c:24: d0:cf:40:0e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+OJ/ZPdtiRlWR8GODjMobMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy MGFlMmUwHhcNMjYwMTAyMTAxOTU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZDNhMzQ1MDQ3OTZlMTY0YTdkOGM4ZDdiMDZmYjdiODAwNmMzZGY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruM5t6nILG65zl6/q/oAXNyZdt73 AToeMY2R/JZfKfARAwIQnu3qLa1r3LjO9amP+h8hkua9LZ0zifPrgqF75RQgS223 9xzxX3ZA7Ys13IdSAA/SbidokSkdTyFHeiqWZ3INgAb4evV+3ZJfDxbc7gv6BLQO LZlxX8BDFaGgVyF+npT+zOzhK0O8QBVcB/gNUowcOh8pqrFZp8FC6Kr3m0r4v1xs Dy9PGD51VhM6u3NoxXHOYbjb7JyUyptpPXFFgO0WlPAkTgIjy8yaEwYmW5h0EusL bAwDrZliFpDbEcHQkJRWGjaQEv6KBbu6WjD5r2m4K+pw1u5gryKgAeckxwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFK06NFBHluFkp9jI17Bvt7gAbD32MB8GA1UdIwQY MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt MWRkZWM0Y2NlMjRjLzEvclRvMFVFZVc0V1NuMk1qWHNHLTN1QUJzUGZZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwo/OAwQA 1dwDMA0GCSqGSIb3DQEBCwUAA4IBAQAcB6cs7Z5mjfxEu7VljU1pc24LtChUi4YG q/7zta6meu23EeXLRpxAUfJS1zWAWUkEwN/LYoC+C6iZtkqc+naqLu+l0IQ3pBQn Jj/p2ZD9OYK8uGPFYhH58swCm6zoY/+kegFyJPA2AOm9DtdKcBEyPEJU1J/e2MMu MUBylAFUsoF4P3GeUJ6ovXx8tB0qx/kALFg49aLl9JBrSN6btorhHs6dNKfR0hZa D9fz9Fo0lEH5/2p3hsYCjx3HnXRnh+MQlDsRp5xh1hU/isJfG2nySxL8vz44e0/q cVjkXFKf4TQUB8OO+l5Z96+yd/N+o2ddK1+imsVGREFUbCTQz0AO -----END CERTIFICATE-----Generated at Tue Jan 20 02:46:13 2026 by rpki-client