This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/_KBQXB2Ok6DxzjcnIQISyeFSnpM.roa File: _KBQXB2Ok6DxzjcnIQISyeFSnpM.roa (raw, json) Hash identifier: 9HopsVKQdGio4tWIg9WjN9YxEsegpCgT2SWiuwriul0= Subject key identifier: FC:A0:50:5C:1D:8E:93:A0:F1:CE:37:27:21:02:12:C9:E1:52:9E:93 Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7 Certificate serial: 019B7EA7373B922C2A25EEA509061FB991C6 Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/_KBQXB2Ok6DxzjcnIQISyeFSnpM.roa Signing time: Fri 02 Jan 2026 12:20:46 +0000 ROA not before: Fri 02 Jan 2026 12:20:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215455 IP address blocks: 31.130.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.mft rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 06:01:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:37:3b:92:2c:2a:25:ee:a5:09:06:1f:b9:91:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7 Validity Not Before: Jan 2 12:20:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fca0505c1d8e93a0f1ce3727210212c9e1529e93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:aa:d0:98:dd:14:7d:fe:4a:6f:16:0d:7d:a7: 9c:15:f4:0b:85:3c:f8:58:aa:dc:e0:3b:8e:8d:e1: fb:f0:a1:53:c5:09:9c:65:01:77:db:34:c6:c8:52: a8:93:30:20:0c:89:02:e2:20:a8:f4:ad:1e:9f:d3: 35:04:76:12:b9:79:e0:ea:b8:ef:4c:09:7c:d6:9f: 4b:81:ac:cf:85:b3:ff:62:01:47:01:50:b4:85:eb: fc:7c:54:ab:90:96:2f:ae:f7:5d:33:f1:54:75:3f: 05:6b:71:f6:2d:d1:50:65:01:63:64:e6:1e:d5:7e: 64:ac:a0:49:20:09:ba:31:3c:25:85:76:ca:e0:39: cf:51:85:00:94:70:43:cd:2c:4c:d1:11:d2:b7:96: ed:f8:e1:a0:8f:74:3d:2c:7e:3d:2d:07:b1:71:fb: 00:62:58:b5:6d:81:c7:29:64:a8:6a:c5:8c:b2:1d: 54:cb:dd:73:15:9c:85:d7:a1:7a:b6:1b:3c:73:e2: ea:66:e5:33:a5:c1:6f:d0:83:22:90:d9:2b:16:e9: 79:44:8e:fa:35:59:4b:63:e3:65:ea:e5:bf:69:fd: c4:4b:9b:03:f3:88:a1:d3:29:2b:a6:e4:09:ab:79: 7f:35:44:a5:e7:e6:46:8d:00:01:46:cc:9d:d4:ff: 48:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:A0:50:5C:1D:8E:93:A0:F1:CE:37:27:21:02:12:C9:E1:52:9E:93 X509v3 Authority Key Identifier: keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/_KBQXB2Ok6DxzjcnIQISyeFSnpM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.130.138.0/24 Signature Algorithm: sha256WithRSAEncryption 10:15:b2:4f:cd:72:fd:cb:87:0c:50:c5:11:2d:46:b0:06:f3: 8a:84:6d:55:56:b5:8e:b3:6e:f4:cf:5a:8f:a6:3d:44:9e:a6: 8a:3c:67:d6:dc:4b:3d:77:e1:96:c9:4e:f0:5d:1f:df:d8:92: 83:a5:e4:b4:e6:6c:b1:e5:48:5f:ed:97:4f:06:ba:86:02:5b: 0d:c9:cc:7c:11:10:07:e8:d1:4d:47:65:16:d3:57:de:54:69: fb:7a:c1:4b:87:54:1b:74:85:2e:ea:6e:51:a5:09:9d:e4:6e: 36:c2:41:4e:0f:d1:a1:f5:c2:a1:6c:62:14:58:45:a6:66:41: 19:24:25:05:2d:58:b0:2a:bb:47:08:b6:20:76:34:30:a4:ac: c7:98:bf:5e:96:60:06:3f:c2:1a:23:24:f5:4c:b5:d8:23:c0: b2:c7:91:8d:9d:68:d2:f9:64:c6:5e:f1:76:3d:08:f2:53:1a: da:93:68:5e:ea:17:6e:0e:fb:09:58:d1:3e:4a:57:fb:71:93: 7a:b3:64:a8:ed:66:c3:40:71:ef:fd:17:21:8c:a5:17:e0:50: 0f:76:45:41:99:b2:22:85:a8:5e:c2:4e:55:93:b5:f5:02:43: 9c:2d:68:d5:20:92:0d:cf:e1:02:97:15:a1:c1:33:de:f0:b7: 7b:a3:e2:3f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pzc7kiwqJe6lCQYfuZHGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2 ZTMxYTcwHhcNMjYwMTAyMTIyMDQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmY2EwNTA1YzFkOGU5M2EwZjFjZTM3MjcyMTAyMTJjOWUxNTI5ZTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1arQmN0Uff5KbxYNfaecFfQLhTz4 WKrc4DuOjeH78KFTxQmcZQF32zTGyFKokzAgDIkC4iCo9K0en9M1BHYSuXng6rjv TAl81p9LgazPhbP/YgFHAVC0hev8fFSrkJYvrvddM/FUdT8Fa3H2LdFQZQFjZOYe 1X5krKBJIAm6MTwlhXbK4DnPUYUAlHBDzSxM0RHSt5bt+OGgj3Q9LH49LQexcfsA Yli1bYHHKWSoasWMsh1Uy91zFZyF16F6ths8c+LqZuUzpcFv0IMikNkrFul5RI76 NVlLY+Nl6uW/af3ES5sD84ih0ykrpuQJq3l/NUSl5+ZGjQABRsyd1P9IiQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFPygUFwdjpOg8c43JyECEsnhUp6TMB8GA1UdIwQY MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt N2EyOGFmMjljZGMyLzEvX0tCUVhCMk9rNkR4empjbklRSVN5ZUZTbnBNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH4KKMA0G CSqGSIb3DQEBCwUAA4IBAQAQFbJPzXL9y4cMUMURLUawBvOKhG1VVrWOs270z1qP pj1EnqaKPGfW3Es9d+GWyU7wXR/f2JKDpeS05myx5Uhf7ZdPBrqGAlsNycx8ERAH 6NFNR2UW01feVGn7esFLh1QbdIUu6m5RpQmd5G42wkFOD9Gh9cKhbGIUWEWmZkEZ JCUFLViwKrtHCLYgdjQwpKzHmL9elmAGP8IaIyT1TLXYI8Cyx5GNnWjS+WTGXvF2 PQjyUxrak2he6hduDvsJWNE+Slf7cZN6s2So7WbDQHHv/RchjKUX4FAPdkVBmbIi hahewk5Vk7X1AkOcLWjVIJINz+EClxWhwTPe8Ld7o+I/ -----END CERTIFICATE-----Generated at Wed Jan 21 14:10:56 2026 by rpki-client