This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/aRFa0aicATO9EZ84Sd0rRZqpUDM.roa File: aRFa0aicATO9EZ84Sd0rRZqpUDM.roa (raw, json) Hash identifier: 3/X7mlyrk9jnsPYw8nohsn6KsOPiCxOy8zcW+IBYz8s= Subject key identifier: 69:11:5A:D1:A8:9C:01:33:BD:11:9F:38:49:DD:2B:45:9A:A9:50:33 Certificate issuer: /CN=dcf85c36c696d5db2cbb48fd43e821737ee34227 Certificate serial: 019B797F3B862117F545B9ADA0217A53F32A Authority key identifier: DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/aRFa0aicATO9EZ84Sd0rRZqpUDM.roa Signing time: Thu 01 Jan 2026 12:19:00 +0000 ROA not before: Thu 01 Jan 2026 12:19:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207174 IP address blocks: 5.181.240.0/22 maxlen: 24 185.49.192.0/22 maxlen: 24 185.211.212.0/22 maxlen: 24 185.249.108.0/22 maxlen: 24 2a01:a260::/32 maxlen: 48 2a0b:6b40::/29 maxlen: 48 2a0c:240::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:00:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:3b:86:21:17:f5:45:b9:ad:a0:21:7a:53:f3:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcf85c36c696d5db2cbb48fd43e821737ee34227 Validity Not Before: Jan 1 12:19:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69115ad1a89c0133bd119f3849dd2b459aa95033 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:78:20:31:d5:1e:14:81:c3:2f:43:af:c3:11: 30:59:99:69:1a:f7:28:2c:1b:2d:de:b9:45:58:2e: 42:05:03:3e:ea:78:c3:05:bf:ae:3b:5d:9e:82:8e: b2:33:a3:68:be:bf:f0:d1:e4:d4:fe:69:0f:d6:f4: b2:83:fe:eb:24:9d:9d:83:c7:45:2f:0c:26:32:94: 6d:15:87:d1:38:fa:a1:56:09:8a:67:76:75:94:70: cc:ed:26:97:04:f3:ba:80:d5:b0:3c:69:9f:80:b2: 97:ef:99:fb:b8:11:a6:46:98:6b:d0:18:c3:f3:fa: 8a:61:69:e1:aa:18:a0:22:ce:3f:2f:74:a8:08:17: 7b:7c:58:b6:2c:db:ea:4a:66:6c:91:9f:54:df:f6: f1:b3:54:86:b1:40:39:5b:cc:80:bf:ca:7c:5f:78: e4:a3:7a:be:5d:b9:32:e4:34:46:9d:57:75:af:a4: 18:c2:3a:c5:6c:88:d6:4d:24:a2:04:0d:e4:86:3a: df:d1:ea:51:19:1b:8a:0d:5b:eb:8b:1e:a0:e3:9b: f5:c4:79:68:19:78:d4:b6:f0:aa:12:10:8d:48:c7: 89:ad:2a:02:67:63:44:79:22:2f:19:2e:39:e1:83: b3:86:08:c5:f0:98:07:74:88:5d:5c:08:1c:93:19: 10:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:11:5A:D1:A8:9C:01:33:BD:11:9F:38:49:DD:2B:45:9A:A9:50:33 X509v3 Authority Key Identifier: keyid:DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/aRFa0aicATO9EZ84Sd0rRZqpUDM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.181.240.0/22 185.49.192.0/22 185.211.212.0/22 185.249.108.0/22 IPv6: 2a01:a260::/32 2a0b:6b40::/29 2a0c:240::/29 Signature Algorithm: sha256WithRSAEncryption d1:fe:71:30:46:a0:c8:2a:98:db:0d:49:b7:dd:53:c7:5a:2d: 5a:7d:a3:ba:53:3b:16:d1:37:dc:fd:eb:1c:64:54:fa:15:03: ab:71:4d:52:4a:10:a8:41:c6:8f:97:28:61:b0:d4:6f:1b:83: 19:aa:0a:16:63:0c:46:ec:fe:1c:4a:b7:81:22:4f:ed:b6:29: 38:58:26:43:18:7e:72:d4:ce:c1:34:33:68:19:f2:c3:5f:f2: 80:d5:45:3b:ca:f0:94:7e:60:e0:f3:ae:b4:6d:8b:14:40:31: b9:1f:63:98:30:d9:02:8c:5e:07:fa:6b:63:6b:b0:cd:99:3a: d8:94:b0:17:d3:0a:99:45:bd:af:f1:da:6b:6a:70:e6:cc:72: f5:4c:fe:60:33:2c:08:9d:a1:90:39:d0:a4:8d:30:6a:59:a5: 5b:27:54:e0:f9:9c:5e:c9:e6:3c:e4:ca:bd:b5:55:d2:7b:d9: 4f:01:9a:bd:f9:dd:41:c0:ad:56:18:66:84:cf:b4:70:75:26: a9:bc:e7:95:21:9e:8d:ce:e8:12:12:03:d1:76:a9:e9:ed:8b: 3c:0c:cd:ee:64:18:8b:c3:0d:89:69:81:1a:52:b8:0b:3a:f9: ce:bb:d0:6d:d8:6b:4c:d9:0e:ba:77:c5:d6:18:13:8f:d6:2e: 82:89:e6:c0 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt5fzuGIRf1RbmtoCF6U/MqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZjg1YzM2YzY5NmQ1ZGIyY2JiNDhmZDQzZTgyMTczN2Vl MzQyMjcwHhcNMjYwMTAxMTIxOTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OTExNWFkMWE4OWMwMTMzYmQxMTlmMzg0OWRkMmI0NTlhYTk1MDMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynggMdUeFIHDL0OvwxEwWZlpGvco LBst3rlFWC5CBQM+6njDBb+uO12ego6yM6Novr/w0eTU/mkP1vSyg/7rJJ2dg8dF LwwmMpRtFYfROPqhVgmKZ3Z1lHDM7SaXBPO6gNWwPGmfgLKX75n7uBGmRphr0BjD 8/qKYWnhqhigIs4/L3SoCBd7fFi2LNvqSmZskZ9U3/bxs1SGsUA5W8yAv8p8X3jk o3q+Xbky5DRGnVd1r6QYwjrFbIjWTSSiBA3khjrf0epRGRuKDVvrix6g45v1xHlo GXjUtvCqEhCNSMeJrSoCZ2NEeSIvGS454YOzhgjF8JgHdIhdXAgckxkQSQIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFGkRWtGonAEzvRGfOEndK0WaqVAzMB8GA1UdIwQY MBaAFNz4XDbGltXbLLtI/UPoIXN+40InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzIt MGY1MmY4NjcxNzhkLzEvYVJGYTBhaWNBVE85RVo4NFNkMHJSWnFwVURNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzItMGY1MmY4NjcxNzhk LzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCBbXwAwQC uTHAAwQCudPUAwQCuflsMBsEAgACMBUDBQAqAaJgAwUDKgtrQAMFAyoMAkAwDQYJ KoZIhvcNAQELBQADggEBANH+cTBGoMgqmNsNSbfdU8daLVp9o7pTOxbRN9z96xxk VPoVA6txTVJKEKhBxo+XKGGw1G8bgxmqChZjDEbs/hxKt4EiT+22KThYJkMYfnLU zsE0M2gZ8sNf8oDVRTvK8JR+YODzrrRtixRAMbkfY5gw2QKMXgf6a2NrsM2ZOtiU sBfTCplFva/x2mtqcObMcvVM/mAzLAidoZA50KSNMGpZpVsnVOD5nF7J5jzkyr21 VdJ72U8Bmr353UHArVYYZoTPtHB1Jqm855Uhno3O6BISA9F2qentizwMze5kGIvD DYlpgRpSuAs6+c670G3Ya0zZDrp3xdYYE4/WLoKJ5sA= -----END CERTIFICATE-----Generated at Tue Feb 10 04:15:06 2026 by rpki-client