This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/FnnFa3pMmqf3MiWUuKMyoAVWg-s.roa File: FnnFa3pMmqf3MiWUuKMyoAVWg-s.roa (raw, json) Hash identifier: 6fPOtoWUy4XsTgZEttrlKq8GChMydmNHVVGJEIcxPdY= Subject key identifier: 16:79:C5:6B:7A:4C:9A:A7:F7:32:25:94:B8:A3:32:A0:05:56:83:EB Certificate issuer: /CN=9256ebf66b80f08135858d144ced6f785834f5f4 Certificate serial: 019B79109F05EAB18D180E6E25B5167E0376 Authority key identifier: 92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/FnnFa3pMmqf3MiWUuKMyoAVWg-s.roa Signing time: Thu 01 Jan 2026 10:18:10 +0000 ROA not before: Thu 01 Jan 2026 10:18:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3257 IP address blocks: 185.168.160.0/22 maxlen: 24 185.168.160.0/24 maxlen: 24 185.168.161.0/24 maxlen: 24 185.168.162.0/24 maxlen: 24 185.168.163.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/klbr9muA8IE1hY0UTO1veFg09fQ.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/klbr9muA8IE1hY0UTO1veFg09fQ.mft rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:9f:05:ea:b1:8d:18:0e:6e:25:b5:16:7e:03:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9256ebf66b80f08135858d144ced6f785834f5f4 Validity Not Before: Jan 1 10:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1679c56b7a4c9aa7f7322594b8a332a0055683eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:49:c0:c9:d9:74:8b:00:f1:9b:b6:a9:41:39: 3b:55:96:4c:59:6b:1c:9e:e8:8d:76:9b:88:36:6c: 09:a6:f5:fb:16:46:b2:ba:41:79:2d:30:46:db:6a: e7:55:fd:1b:c5:20:2a:ff:82:d2:59:2e:78:ef:1f: 75:ff:4d:87:61:5b:ff:a5:c4:e8:4d:d3:28:d7:11: e9:b8:2f:bb:f2:f4:af:13:e7:7a:e3:60:56:bb:d6: 27:03:ad:82:f7:20:d5:a1:45:f5:20:c0:8e:64:20: d1:b4:fa:c6:31:37:26:63:16:df:8f:43:d0:81:e9: 44:35:db:f9:cf:a1:81:2c:b7:e8:c1:2f:ab:f5:25: 40:ab:3c:58:05:28:81:09:c6:d1:f6:90:8a:f2:da: 86:98:75:29:d7:19:a1:60:02:3b:a8:71:eb:ee:5c: bb:bb:a6:b7:65:40:6c:f8:9e:ff:ac:0f:8f:4d:aa: 9a:93:e7:97:a6:9f:fa:d9:3c:08:70:22:d9:1c:84: 6c:f1:20:1b:10:c9:30:63:eb:c8:7a:b9:40:69:c0: ef:3e:9f:23:99:99:8f:39:0e:dc:9d:34:55:a1:ac: 8f:7a:cf:9f:50:20:9d:81:ec:54:29:a7:4f:3c:90: a9:f6:d2:a5:b4:cc:3a:a8:20:f0:38:d8:d3:77:e2: 42:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:79:C5:6B:7A:4C:9A:A7:F7:32:25:94:B8:A3:32:A0:05:56:83:EB X509v3 Authority Key Identifier: keyid:92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/FnnFa3pMmqf3MiWUuKMyoAVWg-s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/klbr9muA8IE1hY0UTO1veFg09fQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.168.160.0/22 Signature Algorithm: sha256WithRSAEncryption 05:61:d8:01:e7:6c:85:06:57:e1:fd:cd:7c:0a:c4:6d:94:6d: 5c:19:dd:13:f4:8f:04:09:c4:c3:96:ec:2c:9c:09:00:36:d9: 21:c0:19:b3:92:8a:f1:65:5f:11:de:b5:da:81:18:42:e5:7a: 70:5e:53:98:bc:71:4b:08:cf:3e:ae:da:4b:f0:c9:22:cd:84: ba:4f:90:30:57:35:af:bd:fc:38:78:dc:91:9d:e3:0f:0e:45: d2:02:c4:c2:51:7c:7a:09:c2:3b:7d:d3:d7:b0:97:49:2f:48: 18:36:15:fa:14:95:8c:e9:a0:5f:71:a9:e7:ec:87:4a:56:dd: e6:5c:71:72:65:34:84:86:b9:a2:00:17:61:58:0c:6e:3a:85: bb:07:a0:36:5b:17:30:c7:5c:3b:95:76:35:41:01:87:7c:8a: 3b:10:bc:ff:47:59:2d:ec:11:66:4b:0e:73:bd:56:ce:2e:b9: 7a:e1:65:6b:32:fd:29:7d:1f:4d:77:76:34:a2:65:49:82:fe: 4a:69:1d:8f:d5:21:20:20:04:12:27:f5:e9:05:4c:05:2e:56: 58:e4:f6:cb:7b:e1:e2:ed:58:8b:39:3a:0d:9d:da:73:4c:30: 71:5d:6b:12:dd:d4:ad:74:d1:ef:2e:32:5a:c2:eb:9e:86:14: f3:b3:bf:46 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5EJ8F6rGNGA5uJbUWfgN2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyNTZlYmY2NmI4MGYwODEzNTg1OGQxNDRjZWQ2Zjc4NTgz NGY1ZjQwHhcNMjYwMTAxMTAxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNjc5YzU2YjdhNGM5YWE3ZjczMjI1OTRiOGEzMzJhMDA1NTY4M2ViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0nAydl0iwDxm7apQTk7VZZMWWsc nuiNdpuINmwJpvX7FkayukF5LTBG22rnVf0bxSAq/4LSWS547x91/02HYVv/pcTo TdMo1xHpuC+78vSvE+d642BWu9YnA62C9yDVoUX1IMCOZCDRtPrGMTcmYxbfj0PQ gelENdv5z6GBLLfowS+r9SVAqzxYBSiBCcbR9pCK8tqGmHUp1xmhYAI7qHHr7ly7 u6a3ZUBs+J7/rA+PTaqak+eXpp/62TwIcCLZHIRs8SAbEMkwY+vIerlAacDvPp8j mZmPOQ7cnTRVoayPes+fUCCdgexUKadPPJCp9tKltMw6qCDwONjTd+JCLwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFBZ5xWt6TJqn9zIllLijMqAFVoPrMB8GA1UdIwQY MBaAFJJW6/ZrgPCBNYWNFEztb3hYNPX0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2xicjltdUE4SUUxaFkwVVRPMXZlRmcwOWZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9iNzE3YzUtYTY0Yi00NDc1LWJlM2Ut NWRhOGQ2NzdkODQ3LzEvRm5uRmEzcE1tcWYzTWlXVXVLTXlvQVZXZy1zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9iNzE3YzUtYTY0Yi00NDc1LWJlM2UtNWRhOGQ2NzdkODQ3 LzEva2xicjltdUE4SUUxaFkwVVRPMXZlRmcwOWZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaigMA0G CSqGSIb3DQEBCwUAA4IBAQAFYdgB52yFBlfh/c18CsRtlG1cGd0T9I8ECcTDluws nAkANtkhwBmzkorxZV8R3rXagRhC5XpwXlOYvHFLCM8+rtpL8MkizYS6T5AwVzWv vfw4eNyRneMPDkXSAsTCUXx6CcI7fdPXsJdJL0gYNhX6FJWM6aBfcann7IdKVt3m XHFyZTSEhrmiABdhWAxuOoW7B6A2Wxcwx1w7lXY1QQGHfIo7ELz/R1kt7BFmSw5z vVbOLrl64WVrMv0pfR9Nd3Y0omVJgv5KaR2P1SEgIAQSJ/XpBUwFLlZY5PbLe+Hi 7ViLOToNndpzTDBxXWsS3dStdNHvLjJawuuehhTzs79G -----END CERTIFICATE-----Generated at Fri Jan 2 16:22:41 2026 by rpki-client