This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Xf46Pw2tgmQ6pve1qLg9BZ7i_dI.roa File: Xf46Pw2tgmQ6pve1qLg9BZ7i_dI.roa (raw, json) Hash identifier: D+T6tWOFOaWIc3tUG494jBawlfeKBbjhnuioC/+eLKw= Subject key identifier: 5D:FE:3A:3F:0D:AD:82:64:3A:A6:F7:B5:A8:B8:3D:05:9E:E2:FD:D2 Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Certificate serial: 019B7D5CD160A90050E281F12CD7010AA7A7 Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Xf46Pw2tgmQ6pve1qLg9BZ7i_dI.roa Signing time: Fri 02 Jan 2026 06:19:53 +0000 ROA not before: Fri 02 Jan 2026 06:19:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62091 IP address blocks: 192.162.64.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:d1:60:a9:00:50:e2:81:f1:2c:d7:01:0a:a7:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Validity Not Before: Jan 2 06:19:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dfe3a3f0dad82643aa6f7b5a8b83d059ee2fdd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:fa:b9:fb:e4:51:8b:be:66:b0:41:02:69:46: ca:30:27:5e:b7:9a:60:70:a5:f5:8b:62:98:23:73: 51:ff:a9:23:09:de:b4:13:53:12:d4:96:8b:51:7e: a2:cb:7d:65:1f:13:21:c6:36:71:97:25:04:c1:98: 30:4d:bd:4f:f1:c1:76:be:b1:1c:1e:f2:3e:8e:b8: 29:72:eb:83:de:e7:b2:66:55:b7:95:d2:56:5e:f7: 1e:57:6b:04:e6:a9:8c:bc:9a:29:cf:28:7a:f2:c9: 83:bf:c2:0b:e3:ea:8e:9e:f8:e0:17:e4:b8:87:c2: 42:83:ac:5e:27:e9:ed:61:c6:39:5a:6a:f9:93:1f: 1a:01:78:76:b8:67:9d:49:ce:8c:80:11:d0:d5:42: bb:61:b1:6b:78:ca:5a:56:64:47:cf:20:f1:99:da: c2:51:61:ef:90:85:9b:c9:aa:c9:72:10:6d:1d:a9: 10:5d:2c:f9:22:f0:71:e5:7d:00:76:25:4b:c7:31: 42:18:cf:78:cd:32:8e:79:ab:8c:a6:79:04:dd:da: ff:74:4e:a7:bd:c4:a5:47:7e:e7:7d:a5:1b:4b:49: 00:f9:55:6c:b4:ac:09:d2:76:1c:bf:35:11:63:10: 35:d5:16:a9:c3:e4:65:8f:ac:62:98:86:fd:78:14: 43:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:FE:3A:3F:0D:AD:82:64:3A:A6:F7:B5:A8:B8:3D:05:9E:E2:FD:D2 X509v3 Authority Key Identifier: keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Xf46Pw2tgmQ6pve1qLg9BZ7i_dI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.162.64.0/24 Signature Algorithm: sha256WithRSAEncryption c2:2e:7c:11:0e:f7:f2:33:e8:c9:3d:2f:00:da:7e:d1:05:e6: c8:45:f2:19:f2:1b:75:90:49:10:03:49:1f:ed:7b:a3:60:4d: d3:0c:85:55:e6:9c:ea:23:d3:f9:9e:7c:28:c7:bf:6a:7c:de: 60:1b:cd:d0:9c:90:09:dd:5e:53:ce:54:88:02:9a:63:ef:92: 2a:75:cc:04:78:03:1e:5a:4d:15:74:cd:f2:4d:86:0d:2e:e7: ef:6d:cd:03:98:2e:30:0d:37:2e:ab:78:a3:8d:49:12:9c:12: ae:7c:77:fc:d1:1a:11:cf:a6:7f:64:c6:da:79:6c:23:1a:5b: 91:3f:9e:95:f2:5d:d8:02:1a:fe:7b:1d:05:3b:b9:ec:18:0d: 6f:58:c1:fe:8f:8a:a5:ae:9d:e3:90:c2:30:bd:69:50:52:50: b1:fc:3b:87:e4:e4:a9:9a:cc:49:fb:67:bd:74:06:ee:97:fe: 34:e5:18:6d:05:9c:12:e8:f7:8f:f3:ec:1e:1c:56:a0:a4:7c: 12:bd:58:c0:72:cd:cc:8b:4f:f8:eb:c4:37:db:ef:b1:ff:97: 7f:e2:49:fd:59:bd:bf:4e:5c:d6:34:40:3a:67:ef:a5:96:bb: 3a:a7:cf:bf:e3:56:cd:ca:00:dd:5b:28:42:12:78:cd:18:35: 37:eb:c1:0e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9XNFgqQBQ4oHxLNcBCqenMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl NWVjZjIwHhcNMjYwMTAyMDYxOTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGZlM2EzZjBkYWQ4MjY0M2FhNmY3YjVhOGI4M2QwNTllZTJmZGQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/q5++RRi75msEECaUbKMCdet5pg cKX1i2KYI3NR/6kjCd60E1MS1JaLUX6iy31lHxMhxjZxlyUEwZgwTb1P8cF2vrEc HvI+jrgpcuuD3ueyZlW3ldJWXvceV2sE5qmMvJopzyh68smDv8IL4+qOnvjgF+S4 h8JCg6xeJ+ntYcY5Wmr5kx8aAXh2uGedSc6MgBHQ1UK7YbFreMpaVmRHzyDxmdrC UWHvkIWbyarJchBtHakQXSz5IvBx5X0AdiVLxzFCGM94zTKOeauMpnkE3dr/dE6n vcSlR37nfaUbS0kA+VVstKwJ0nYcvzURYxA11Rapw+Rlj6ximIb9eBRDfQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFF3+Oj8NrYJkOqb3tai4PQWe4v3SMB8GA1UdIwQY MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt MTcxYzM2N2JlNzgyLzEvWGY0NlB3MnRnbVE2cHZlMXFMZzlCWjdpX2RJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKJAMA0G CSqGSIb3DQEBCwUAA4IBAQDCLnwRDvfyM+jJPS8A2n7RBebIRfIZ8ht1kEkQA0kf 7XujYE3TDIVV5pzqI9P5nnwox79qfN5gG83QnJAJ3V5TzlSIAppj75IqdcwEeAMe Wk0VdM3yTYYNLufvbc0DmC4wDTcuq3ijjUkSnBKufHf80RoRz6Z/ZMbaeWwjGluR P56V8l3YAhr+ex0FO7nsGA1vWMH+j4qlrp3jkMIwvWlQUlCx/DuH5OSpmsxJ+2e9 dAbul/405RhtBZwS6PeP8+weHFagpHwSvVjAcs3Mi0/468Q32++x/5d/4kn9Wb2/ TlzWNEA6Z++llrs6p8+/41bNygDdWyhCEnjNGDU368EO -----END CERTIFICATE-----Generated at Mon Jan 19 19:59:16 2026 by rpki-client