This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/359179-4ac2-431c-9531-0b7a33dd5b56/1/wFIxH6rmc0pTO3lHbm1q54JXQUw.roa File: wFIxH6rmc0pTO3lHbm1q54JXQUw.roa (raw, json) Hash identifier: LdJ/iIkB/Qkjc76ikiZz0rGCtU2IPzIjdQ2qezYDSK0= Subject key identifier: C0:52:31:1F:AA:E6:73:4A:53:3B:79:47:6E:6D:6A:E7:82:57:41:4C Certificate issuer: /CN=b45064c1ac8690e2c77a959a502546e98bcd3727 Certificate serial: 019B7B35C34A02C182C3C789D4E7DC59FA7B Authority key identifier: B4:50:64:C1:AC:86:90:E2:C7:7A:95:9A:50:25:46:E9:8B:CD:37:27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFBkwayGkOLHepWaUCVG6YvNNyc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/359179-4ac2-431c-9531-0b7a33dd5b56/1/wFIxH6rmc0pTO3lHbm1q54JXQUw.roa Signing time: Thu 01 Jan 2026 20:17:59 +0000 ROA not before: Thu 01 Jan 2026 20:17:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204928 IP address blocks: 194.153.216.0/24 maxlen: 24 2a12:e540::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/359179-4ac2-431c-9531-0b7a33dd5b56/1/tFBkwayGkOLHepWaUCVG6YvNNyc.crl rsync://rpki.ripe.net/repository/DEFAULT/ec/359179-4ac2-431c-9531-0b7a33dd5b56/1/tFBkwayGkOLHepWaUCVG6YvNNyc.mft rsync://rpki.ripe.net/repository/DEFAULT/tFBkwayGkOLHepWaUCVG6YvNNyc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:c3:4a:02:c1:82:c3:c7:89:d4:e7:dc:59:fa:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b45064c1ac8690e2c77a959a502546e98bcd3727 Validity Not Before: Jan 1 20:17:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c052311faae6734a533b79476e6d6ae78257414c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:45:67:90:11:77:fb:8e:fc:04:bd:c5:5f:fd: 86:cc:2f:69:86:26:49:b5:f2:5e:20:c2:00:97:4b: ae:1f:6b:dd:6f:4f:6e:35:21:47:e7:52:eb:a2:ec: 05:8d:b5:2e:b2:dc:90:30:58:76:7e:37:4b:bf:a2: fb:80:87:90:09:c8:7c:8a:a4:9a:05:99:1b:ce:60: 47:3b:21:80:d0:8b:87:04:f7:6b:6e:e1:13:f4:c6: da:20:8f:6c:23:70:63:91:fe:91:53:8a:1c:bf:de: c0:da:0c:0c:72:41:d7:4e:17:c0:d4:e0:9e:51:9f: ed:1d:7f:3b:f4:15:45:c2:3a:7f:5d:2a:86:17:b6: 6e:76:26:10:73:57:fd:9c:48:25:72:ff:70:21:5e: db:29:aa:e1:8c:49:95:d4:87:b1:7c:6f:e5:df:8c: 3e:02:8e:85:6c:80:f3:bd:0e:69:f3:85:46:c5:0d: 7c:1a:62:45:4f:7b:4a:f1:01:3a:84:5f:a9:c8:ca: a2:5c:79:2e:a1:2d:c2:af:d1:72:ab:68:72:dd:32: 7a:c5:32:ee:28:ed:bb:f1:c7:3d:a8:ca:c5:63:9d: 0c:90:2f:82:3e:3f:e2:1d:24:ae:7a:59:b9:3c:ad: 6d:b3:56:de:ab:f0:b3:99:6a:5a:0e:e7:81:22:b7: 43:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:52:31:1F:AA:E6:73:4A:53:3B:79:47:6E:6D:6A:E7:82:57:41:4C X509v3 Authority Key Identifier: keyid:B4:50:64:C1:AC:86:90:E2:C7:7A:95:9A:50:25:46:E9:8B:CD:37:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFBkwayGkOLHepWaUCVG6YvNNyc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/359179-4ac2-431c-9531-0b7a33dd5b56/1/wFIxH6rmc0pTO3lHbm1q54JXQUw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/359179-4ac2-431c-9531-0b7a33dd5b56/1/tFBkwayGkOLHepWaUCVG6YvNNyc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.153.216.0/24 IPv6: 2a12:e540::/32 Signature Algorithm: sha256WithRSAEncryption 9c:a7:c8:74:59:ff:c7:7a:62:81:02:d7:f7:76:29:67:0a:2b: 3a:d9:70:1e:84:95:85:02:ec:dc:45:31:0d:7d:dd:ea:82:9f: 5e:e2:f4:93:35:90:13:4c:00:29:2c:46:7d:92:fe:55:8f:72: 8b:d3:42:d6:2c:a5:38:b7:f9:bd:87:f3:31:d1:dd:57:0f:e0: 73:21:65:ee:0a:f1:a9:53:a5:ae:84:b4:b4:b4:0a:83:03:cd: a2:58:da:74:df:bc:7c:73:58:e9:b9:44:d4:d7:ec:44:84:48: 02:a5:53:fd:3f:4f:3d:f8:3f:f6:c7:19:e4:8f:cc:a6:d3:33: ee:7a:27:14:99:7a:2c:27:c7:f0:85:07:6d:7c:3a:4e:4e:cc: f4:84:45:1f:ac:d5:d2:58:ec:7b:2c:b3:ad:7a:f4:40:1b:5e: f5:1d:2e:b6:8e:cb:77:f2:f2:ac:1b:33:7f:7e:af:05:7f:ae: dd:84:58:b8:57:7a:25:4c:4f:6b:a2:75:b2:51:b2:6e:e4:76: f1:86:df:9f:07:03:4e:cf:65:a6:9d:55:0b:a3:44:85:e3:ea: ce:96:49:8d:30:44:85:64:e4:6e:67:5d:57:74:51:ff:54:7d: 35:a0:99:52:7d:97:73:1c:8a:e8:2e:31:5b:16:21:9e:5c:f1: 32:a3:1b:21 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NcNKAsGCw8eJ1OfcWfp7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NTA2NGMxYWM4NjkwZTJjNzdhOTU5YTUwMjU0NmU5OGJj ZDM3MjcwHhcNMjYwMTAxMjAxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMDUyMzExZmFhZTY3MzRhNTMzYjc5NDc2ZTZkNmFlNzgyNTc0MTRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskVnkBF3+478BL3FX/2GzC9phiZJ tfJeIMIAl0uuH2vdb09uNSFH51LrouwFjbUustyQMFh2fjdLv6L7gIeQCch8iqSa BZkbzmBHOyGA0IuHBPdrbuET9MbaII9sI3Bjkf6RU4ocv97A2gwMckHXThfA1OCe UZ/tHX879BVFwjp/XSqGF7ZudiYQc1f9nEglcv9wIV7bKarhjEmV1IexfG/l34w+ Ao6FbIDzvQ5p84VGxQ18GmJFT3tK8QE6hF+pyMqiXHkuoS3Cr9Fyq2hy3TJ6xTLu KO278cc9qMrFY50MkC+CPj/iHSSuelm5PK1ts1beq/CzmWpaDueBIrdDnQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMBSMR+q5nNKUzt5R25taueCV0FMMB8GA1UdIwQY MBaAFLRQZMGshpDix3qVmlAlRumLzTcnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEZCa3dheUdrT0xIZXBXYVVDVkc2WXZOTnljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8zNTkxNzktNGFjMi00MzFjLTk1MzEt MGI3YTMzZGQ1YjU2LzEvd0ZJeEg2cm1jMHBUTzNsSGJtMXE1NEpYUVV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYy8zNTkxNzktNGFjMi00MzFjLTk1MzEtMGI3YTMzZGQ1YjU2 LzEvdEZCa3dheUdrT0xIZXBXYVVDVkc2WXZOTnljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwpnYMA0E AgACMAcDBQAqEuVAMA0GCSqGSIb3DQEBCwUAA4IBAQCcp8h0Wf/HemKBAtf3diln Cis62XAehJWFAuzcRTENfd3qgp9e4vSTNZATTAApLEZ9kv5Vj3KL00LWLKU4t/m9 h/Mx0d1XD+BzIWXuCvGpU6WuhLS0tAqDA82iWNp037x8c1jpuUTU1+xEhEgCpVP9 P089+D/2xxnkj8ym0zPueicUmXosJ8fwhQdtfDpOTsz0hEUfrNXSWOx7LLOtevRA G171HS62jst38vKsGzN/fq8Ff67dhFi4V3olTE9ronWyUbJu5Hbxht+fBwNOz2Wm nVULo0SF4+rOlkmNMESFZORuZ11XdFH/VH01oJlSfZdzHIroLjFbFiGeXPEyoxsh -----END CERTIFICATE-----Generated at Tue Jan 27 09:57:39 2026 by rpki-client