This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/FT_Otv36fbgX0-E_yYp2jsjacC8.roa File: FT_Otv36fbgX0-E_yYp2jsjacC8.roa (raw, json) Hash identifier: iWvTgXBRg5gSlKF04ojnmMHFrOSejZ8j4d3v48KQleg= Subject key identifier: 15:3F:CE:B6:FD:FA:7D:B8:17:D3:E1:3F:C9:8A:76:8E:C8:DA:70:2F Certificate issuer: /CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931 Certificate serial: 019B7B35E643BABEC42162AD38E26A192CC7 Authority key identifier: 58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/FT_Otv36fbgX0-E_yYp2jsjacC8.roa Signing time: Thu 01 Jan 2026 20:18:08 +0000 ROA not before: Thu 01 Jan 2026 20:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47578 IP address blocks: 185.109.139.0/24 maxlen: 24 2001:1424::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.mft rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 08:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:e6:43:ba:be:c4:21:62:ad:38:e2:6a:19:2c:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931 Validity Not Before: Jan 1 20:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=153fceb6fdfa7db817d3e13fc98a768ec8da702f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:9c:44:06:8c:74:c0:f9:f6:cf:35:c6:62:b0: 79:97:e3:8e:0f:d4:d3:54:da:74:06:ee:b0:ff:e5: 71:7f:b2:1b:9d:c1:54:2e:68:41:08:82:f5:5e:12: 95:b6:e5:a2:e2:aa:2b:12:23:04:e2:27:c7:3c:bf: 33:cd:9d:7f:20:7a:5e:1d:0c:c7:10:0b:8e:0d:de: 9f:ab:43:89:a4:ae:68:3b:5a:98:14:2d:82:95:cc: c2:e7:cb:9b:63:48:af:7e:98:4a:f2:26:0a:d8:ee: 6f:da:5e:9e:2e:9b:8f:7f:a1:22:1c:32:51:35:94: cc:f9:3f:d8:29:d7:7f:9c:60:89:be:dc:a5:0a:84: ab:40:46:a5:e0:48:c4:bb:1a:d1:3b:0b:9a:e7:b5: 00:ae:81:5d:97:81:b6:a0:af:d6:46:73:be:b5:50: 31:1b:93:ac:af:45:3d:95:fd:af:c5:83:8b:27:3b: 77:c4:62:28:36:f0:a8:fc:b0:04:dd:72:1f:84:16: 0b:ec:97:cf:bc:f8:22:f2:e4:f1:75:97:a1:0f:ea: 12:71:ac:b3:6c:62:c0:c3:50:c0:7e:28:0d:a9:dd: 78:8c:c6:db:44:cd:5f:be:83:0c:d2:fc:0b:dd:ee: be:cf:b1:ba:3e:58:af:88:d0:c9:e8:d4:1b:1c:88: 1d:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:3F:CE:B6:FD:FA:7D:B8:17:D3:E1:3F:C9:8A:76:8E:C8:DA:70:2F X509v3 Authority Key Identifier: keyid:58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/FT_Otv36fbgX0-E_yYp2jsjacC8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.109.139.0/24 IPv6: 2001:1424::/48 Signature Algorithm: sha256WithRSAEncryption 49:a5:49:bb:27:48:b2:db:74:e3:28:e8:c4:86:b2:bc:f1:75: 85:6c:73:6a:fe:86:9c:a2:7e:9c:4d:41:00:42:47:e5:73:2c: ff:35:d1:25:45:5d:cc:56:ca:a1:2f:cf:b1:7a:f3:a2:08:d3: da:d2:3b:a3:b9:8a:11:34:6f:93:75:d0:d7:64:fc:99:9b:5d: f4:87:11:8c:48:1e:c0:45:d6:a2:66:ce:31:a3:dd:0e:4e:20: 88:0a:04:01:ee:e3:fd:50:33:41:28:5c:64:be:7c:e1:95:83: fa:56:52:4c:61:62:90:21:7b:96:2d:eb:8e:c6:06:df:41:57: d3:4e:19:34:cd:00:09:f1:65:5c:34:83:90:51:cc:d7:6d:0e: 3c:6f:c7:01:28:3f:e9:10:f8:ed:77:8d:be:ec:b6:33:b7:a4: 47:e2:2b:f1:91:19:46:5c:06:17:c8:e2:34:17:87:e2:5a:c6: 04:03:c1:06:4f:e2:78:48:73:f1:5b:79:02:7b:fa:07:0d:d3: 1e:a7:bd:c8:98:69:54:b2:e3:64:0e:23:1f:0e:d9:2d:68:52: 76:a5:2a:26:a8:90:2e:57:e1:49:2e:11:aa:61:31:39:e3:d7: bf:bf:10:2d:85:83:e5:af:35:36:6d:9f:c5:79:0d:90:5b:df: 60:90:93:ef -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt7NeZDur7EIWKtOOJqGSzHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU4YmI4ZWUzYTc0N2VkOGI1Nzg2NTdjZGQ0NzM3NTg2ZjVm ZGI5MzEwHhcNMjYwMTAxMjAxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNTNmY2ViNmZkZmE3ZGI4MTdkM2UxM2ZjOThhNzY4ZWM4ZGE3MDJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJxEBox0wPn2zzXGYrB5l+OOD9TT VNp0Bu6w/+Vxf7IbncFULmhBCIL1XhKVtuWi4qorEiME4ifHPL8zzZ1/IHpeHQzH EAuODd6fq0OJpK5oO1qYFC2ClczC58ubY0ivfphK8iYK2O5v2l6eLpuPf6EiHDJR NZTM+T/YKdd/nGCJvtylCoSrQEal4EjEuxrROwua57UAroFdl4G2oK/WRnO+tVAx G5Osr0U9lf2vxYOLJzt3xGIoNvCo/LAE3XIfhBYL7JfPvPgi8uTxdZehD+oScayz bGLAw1DAfigNqd14jMbbRM1fvoMM0vwL3e6+z7G6PliviNDJ6NQbHIgdAwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFBU/zrb9+n24F9PhP8mKdo7I2nAvMB8GA1UdIwQY MBaAFFi7juOnR+2LV4ZXzdRzdYb1/bkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDkt YTgzZjkxNDAzNWIzLzEvRlRfT3R2MzZmYmdYMC1FX3lZcDJqc2phY0M4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDktYTgzZjkxNDAzNWIz LzEvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuW2LMA8E AgACMAkDBwAgARQkAAAwDQYJKoZIhvcNAQELBQADggEBAEmlSbsnSLLbdOMo6MSG srzxdYVsc2r+hpyifpxNQQBCR+VzLP810SVFXcxWyqEvz7F686II09rSO6O5ihE0 b5N10Ndk/JmbXfSHEYxIHsBF1qJmzjGj3Q5OIIgKBAHu4/1QM0EoXGS+fOGVg/pW UkxhYpAhe5Yt647GBt9BV9NOGTTNAAnxZVw0g5BRzNdtDjxvxwEoP+kQ+O13jb7s tjO3pEfiK/GRGUZcBhfI4jQXh+JaxgQDwQZP4nhIc/FbeQJ7+gcN0x6nvciYaVSy 42QOIx8O2S1oUnalKiaokC5X4UkuEaphMTnj17+/EC2Fg+WvNTZtn8V5DZBb32CQ k+8= -----END CERTIFICATE-----Generated at Mon Feb 2 17:30:24 2026 by rpki-client