This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/F7EHLevqhIbYmfRWGh8ETrgh3yU.roa File: F7EHLevqhIbYmfRWGh8ETrgh3yU.roa (raw, json) Hash identifier: 0+kmPqOA1TrwEUsZC2FJDlWO1mQqSKgrQDKmrU5ENvM= Subject key identifier: 17:B1:07:2D:EB:EA:84:86:D8:99:F4:56:1A:1F:04:4E:B8:21:DF:25 Certificate issuer: /CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e Certificate serial: 019B7E387D7783BED033AC2A00C06E7B1348 Authority key identifier: 76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/F7EHLevqhIbYmfRWGh8ETrgh3yU.roa Signing time: Fri 02 Jan 2026 10:19:49 +0000 ROA not before: Fri 02 Jan 2026 10:19:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207227 IP address blocks: 95.128.154.0/24 maxlen: 24 185.74.36.0/22 maxlen: 22 185.74.36.0/24 maxlen: 24 185.74.37.0/24 maxlen: 24 185.74.38.0/24 maxlen: 24 185.74.39.0/24 maxlen: 24 2a05:48c0::/29 maxlen: 29 2a13:1f40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.mft rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:7d:77:83:be:d0:33:ac:2a:00:c0:6e:7b:13:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e Validity Not Before: Jan 2 10:19:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=17b1072debea8486d899f4561a1f044eb821df25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:7a:c4:2e:90:2f:3c:55:38:c6:40:f9:64:9b: 41:60:01:50:2b:0c:cb:80:d2:a8:5e:47:a5:95:c9: 03:60:83:23:1a:80:26:34:99:a8:93:a2:85:1e:53: 7b:8a:18:28:0a:d5:6c:81:63:ae:60:c3:4d:28:a7: 9b:68:59:33:a3:6c:05:54:73:39:ae:98:61:96:0f: c6:2e:75:f8:19:7c:09:b7:6a:74:4e:dc:60:e4:d0: 33:1b:0c:86:40:b2:a2:3f:e2:56:ac:05:46:10:f7: 37:e2:1c:31:27:a0:bf:a2:47:a7:72:cc:88:52:d9: 5f:8e:50:a8:4f:e6:59:e6:c4:34:fd:8b:8b:52:c6: dd:07:87:f5:c4:fe:d6:04:e9:25:66:02:fa:01:63: 25:37:9b:4a:c9:44:13:6c:1f:4b:02:da:ff:e4:79: 46:14:42:3c:c0:42:ef:5f:a4:3a:de:bb:27:ca:d5: 52:6b:47:e2:61:d3:04:15:50:fb:be:64:6a:a3:a2: 67:5c:cd:29:9d:1b:8b:61:df:2b:5a:2b:44:25:1d: 85:34:f2:f9:66:93:8d:29:71:8c:54:27:84:5e:5f: 9a:c0:0c:2a:5d:6b:54:36:d2:5b:7e:6b:7f:1b:c9: 34:a3:0e:7d:2c:4c:8f:07:50:88:13:11:83:51:d9: 35:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:B1:07:2D:EB:EA:84:86:D8:99:F4:56:1A:1F:04:4E:B8:21:DF:25 X509v3 Authority Key Identifier: keyid:76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/F7EHLevqhIbYmfRWGh8ETrgh3yU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.128.154.0/24 185.74.36.0/22 IPv6: 2a05:48c0::/29 2a13:1f40::/29 Signature Algorithm: sha256WithRSAEncryption b5:96:96:df:24:1f:59:72:52:ce:2c:7e:fd:2b:12:61:4c:73: 84:2a:33:10:c3:ea:86:39:c3:89:f0:37:1f:7f:7f:6c:72:85: 07:65:33:41:05:30:90:5b:f8:ca:09:2a:72:ab:61:45:bc:9e: 4f:ac:ed:eb:f7:3b:c4:81:87:58:4b:cb:97:bb:1f:e1:20:14: 16:bc:15:40:69:f4:1a:cb:26:eb:53:a3:ee:58:49:d6:2f:bc: 22:6d:81:21:a0:38:96:85:68:d8:ed:d7:2c:38:a1:db:74:2b: 75:ac:53:ab:c5:90:90:b5:1b:31:f2:56:1b:42:bc:bc:35:0e: 3e:46:b8:75:fc:a2:d6:3b:23:54:7b:ef:9a:99:77:af:51:76: 8b:3a:3a:98:72:3c:20:3e:9d:4f:b9:60:80:e4:57:80:ac:cb: 70:0f:c1:13:d4:7d:dd:79:c8:64:12:4d:7e:2f:5d:52:ca:bd: 17:80:36:8e:e5:84:53:82:8a:8f:84:3d:7f:b6:9d:9f:74:96: e8:4e:04:cc:37:f3:f5:15:5f:ad:8e:4a:f1:ff:58:d7:bc:bf: 3e:d3:d3:96:54:d2:c5:57:a1:8d:79:22:7f:73:d4:ed:06:5a: d7:f7:20:10:7d:75:30:9f:66:5c:95:0b:dc:da:c3:1b:ca:0b: f6:ed:d5:be -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt+OH13g77QM6wqAMBuexNIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2MjIzOGEzM2M1NTBjYzVkZjAyNDRmM2ZjNmUzZGJkOTFl NGMzOWUwHhcNMjYwMTAyMTAxOTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxN2IxMDcyZGViZWE4NDg2ZDg5OWY0NTYxYTFmMDQ0ZWI4MjFkZjI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43rELpAvPFU4xkD5ZJtBYAFQKwzL gNKoXkellckDYIMjGoAmNJmok6KFHlN7ihgoCtVsgWOuYMNNKKebaFkzo2wFVHM5 rphhlg/GLnX4GXwJt2p0Ttxg5NAzGwyGQLKiP+JWrAVGEPc34hwxJ6C/okencsyI UtlfjlCoT+ZZ5sQ0/YuLUsbdB4f1xP7WBOklZgL6AWMlN5tKyUQTbB9LAtr/5HlG FEI8wELvX6Q63rsnytVSa0fiYdMEFVD7vmRqo6JnXM0pnRuLYd8rWitEJR2FNPL5 ZpONKXGMVCeEXl+awAwqXWtUNtJbfmt/G8k0ow59LEyPB1CIExGDUdk1ywIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFBexBy3r6oSG2Jn0VhofBE64Id8lMB8GA1UdIwQY MBaAFHYiOKM8VQzF3wJE8/xuPb2R5MOeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2Qt MWIxZmM3OWQwNTUxLzEvRjdFSExldnFoSWJZbWZSV0doOEVUcmdoM3lVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2QtMWIxZmM3OWQwNTUx LzEvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAX4CaAwQC uUokMBQEAgACMA4DBQMqBUjAAwUDKhMfQDANBgkqhkiG9w0BAQsFAAOCAQEAtZaW 3yQfWXJSzix+/SsSYUxzhCozEMPqhjnDifA3H39/bHKFB2UzQQUwkFv4ygkqcqth RbyeT6zt6/c7xIGHWEvLl7sf4SAUFrwVQGn0Gssm61Oj7lhJ1i+8Im2BIaA4loVo 2O3XLDih23QrdaxTq8WQkLUbMfJWG0K8vDUOPka4dfyi1jsjVHvvmpl3r1F2izo6 mHI8ID6dT7lggORXgKzLcA/BE9R93XnIZBJNfi9dUsq9F4A2juWEU4KKj4Q9f7ad n3SW6E4EzDfz9RVfrY5K8f9Y17y/PtPTllTSxVehjXkif3PU7QZa1/cgEH11MJ9m XJUL3NrDG8oL9u3Vvg== -----END CERTIFICATE-----Generated at Mon Feb 9 19:38:26 2026 by rpki-client