This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/8641rsKg9fD7lx-GPNjbC4vuzsc.roa File: 8641rsKg9fD7lx-GPNjbC4vuzsc.roa (raw, json) Hash identifier: Vka8GFo29c9tBpzyWSVh9ZUdbW2Ls5cI8qhExZNURvw= Subject key identifier: F3:AE:35:AE:C2:A0:F5:F0:FB:97:1F:86:3C:D8:DB:0B:8B:EE:CE:C7 Certificate issuer: /CN=512b7ba91dc30ebb413cd055bd43292e2d14018f Certificate serial: 019B78A35791919EC206A77B855A44DB9651 Authority key identifier: 51:2B:7B:A9:1D:C3:0E:BB:41:3C:D0:55:BD:43:29:2E:2D:14:01:8F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/USt7qR3DDrtBPNBVvUMpLi0UAY8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/8641rsKg9fD7lx-GPNjbC4vuzsc.roa Signing time: Thu 01 Jan 2026 08:18:49 +0000 ROA not before: Thu 01 Jan 2026 08:18:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30803 IP address blocks: 89.20.192.0/19 maxlen: 24 2a00:1bf0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/USt7qR3DDrtBPNBVvUMpLi0UAY8.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/USt7qR3DDrtBPNBVvUMpLi0UAY8.mft rsync://rpki.ripe.net/repository/DEFAULT/USt7qR3DDrtBPNBVvUMpLi0UAY8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 08:19:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:57:91:91:9e:c2:06:a7:7b:85:5a:44:db:96:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=512b7ba91dc30ebb413cd055bd43292e2d14018f Validity Not Before: Jan 1 08:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f3ae35aec2a0f5f0fb971f863cd8db0b8beecec7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:97:dc:82:8c:6c:2d:06:8a:56:d0:bb:86:3a: 4d:a0:44:2b:e0:35:3f:e0:0b:f4:83:e5:b3:b6:d5: 70:29:0e:b5:30:2b:19:44:16:8a:b4:df:5e:56:ae: 58:16:e7:54:2e:37:81:94:36:83:0d:63:ce:e9:d2: b7:37:13:2d:94:42:a7:26:bc:e3:b8:6f:3b:f9:7c: ef:19:9a:33:fa:8f:d4:30:b9:06:e4:59:c5:d3:38: 61:a5:e0:d8:9a:39:b0:d5:d4:5a:70:58:ba:50:f8: 5b:bb:ed:0e:74:40:72:e8:68:3e:fd:bb:fa:0f:59: b8:a3:f9:65:5c:ac:61:fc:69:7f:38:04:71:7e:3d: b1:10:ac:03:ef:de:49:51:93:ba:e6:55:3b:f5:f1: 4c:5c:ab:0f:69:6b:94:68:4e:9f:72:09:c6:94:5c: 4a:8d:d7:bd:94:1b:04:a0:b7:c9:ce:1d:84:a7:0d: 8b:cf:2e:e8:52:fc:f0:90:eb:cf:06:c5:53:a6:08: 5c:02:bf:b0:30:c8:ee:f9:5a:4d:eb:b3:40:ae:ea: a8:cb:2c:e2:cc:d7:a8:a0:97:ba:25:f4:a5:60:8f: 66:67:74:95:e9:5f:c8:f7:84:60:9d:a7:ec:88:97: 10:34:3d:e1:2e:39:1f:3c:d7:52:e9:0f:0a:b7:b1: 24:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:AE:35:AE:C2:A0:F5:F0:FB:97:1F:86:3C:D8:DB:0B:8B:EE:CE:C7 X509v3 Authority Key Identifier: keyid:51:2B:7B:A9:1D:C3:0E:BB:41:3C:D0:55:BD:43:29:2E:2D:14:01:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USt7qR3DDrtBPNBVvUMpLi0UAY8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/8641rsKg9fD7lx-GPNjbC4vuzsc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/USt7qR3DDrtBPNBVvUMpLi0UAY8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.20.192.0/19 IPv6: 2a00:1bf0::/32 Signature Algorithm: sha256WithRSAEncryption 55:7e:74:93:5b:aa:a7:fc:2f:0c:c5:ef:f3:c4:11:53:4f:2b: ac:cb:ac:05:d9:4e:e3:e8:b4:25:16:25:d1:d5:8a:be:52:06: 4e:7e:73:4e:df:99:c3:62:f4:17:09:55:2a:75:d6:ae:a2:45: 5b:f2:11:f9:b0:d7:98:36:90:22:49:b0:31:fe:c1:d2:25:1c: b1:9a:6e:ed:9c:69:ee:03:1f:35:3e:81:c6:cc:9a:34:59:04: 88:af:30:39:ee:de:d6:1d:d1:38:fe:81:3b:54:56:09:69:dc: 2a:42:bd:aa:db:9d:23:9a:e5:c9:31:0a:99:d5:8d:63:2e:96: 4b:c3:8d:05:ce:ba:6e:1d:54:4e:6c:24:85:0e:aa:fb:ce:8c: 67:da:24:a3:f5:a5:09:10:58:80:61:4d:31:d0:38:22:1c:1f: b1:42:56:2f:e6:fd:94:3e:d4:73:42:9b:8f:fc:73:a6:4f:f3: e4:1d:73:53:9c:38:c1:28:df:c7:36:05:97:7d:95:24:ed:d1: 44:5c:e8:f8:48:91:9f:82:52:ab:b7:fe:05:67:cd:e8:a3:d7: d4:7e:e8:0d:ac:b0:53:95:9e:bb:50:2b:ec:c9:6c:a0:43:6a: 59:a5:0b:76:2c:4c:80:46:e6:73:df:81:10:24:1a:91:b9:5d: a5:b9:a4:d9 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4o1eRkZ7CBqd7hVpE25ZRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxMmI3YmE5MWRjMzBlYmI0MTNjZDA1NWJkNDMyOTJlMmQx NDAxOGYwHhcNMjYwMTAxMDgxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmM2FlMzVhZWMyYTBmNWYwZmI5NzFmODYzY2Q4ZGIwYjhiZWVjZWM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JfcgoxsLQaKVtC7hjpNoEQr4DU/ 4Av0g+WzttVwKQ61MCsZRBaKtN9eVq5YFudULjeBlDaDDWPO6dK3NxMtlEKnJrzj uG87+XzvGZoz+o/UMLkG5FnF0zhhpeDYmjmw1dRacFi6UPhbu+0OdEBy6Gg+/bv6 D1m4o/llXKxh/Gl/OARxfj2xEKwD795JUZO65lU79fFMXKsPaWuUaE6fcgnGlFxK jde9lBsEoLfJzh2Epw2Lzy7oUvzwkOvPBsVTpghcAr+wMMju+VpN67NAruqoyyzi zNeooJe6JfSlYI9mZ3SV6V/I94RgnafsiJcQND3hLjkfPNdS6Q8Kt7Ek1QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFPOuNa7CoPXw+5cfhjzY2wuL7s7HMB8GA1UdIwQY MBaAFFEre6kdww67QTzQVb1DKS4tFAGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVVN0N3FSM0REcnRCUE5CVnZVTXBMaTBVQVk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82M2ZlOWUtNjBhMC00ZjgwLThjMDEt MTY3Mzc0OWJjZWVjLzEvODY0MXJzS2c5ZkQ3bHgtR1BOamJDNHZ1enNjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi82M2ZlOWUtNjBhMC00ZjgwLThjMDEtMTY3Mzc0OWJjZWVj LzEvVVN0N3FSM0REcnRCUE5CVnZVTXBMaTBVQVk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFWRTAMA0E AgACMAcDBQAqABvwMA0GCSqGSIb3DQEBCwUAA4IBAQBVfnSTW6qn/C8Mxe/zxBFT Tyusy6wF2U7j6LQlFiXR1Yq+UgZOfnNO35nDYvQXCVUqddauokVb8hH5sNeYNpAi SbAx/sHSJRyxmm7tnGnuAx81PoHGzJo0WQSIrzA57t7WHdE4/oE7VFYJadwqQr2q 250jmuXJMQqZ1Y1jLpZLw40FzrpuHVRObCSFDqr7zoxn2iSj9aUJEFiAYU0x0Dgi HB+xQlYv5v2UPtRzQpuP/HOmT/PkHXNTnDjBKN/HNgWXfZUk7dFEXOj4SJGfglKr t/4FZ83oo9fUfugNrLBTlZ67UCvsyWygQ2pZpQt2LEyARuZz34EQJBqRuV2luaTZ -----END CERTIFICATE-----Generated at Thu Jan 1 14:06:42 2026 by rpki-client