This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/FAvhW8sWKAscHGAU3zgxhLTugZQ.roa File: FAvhW8sWKAscHGAU3zgxhLTugZQ.roa (raw, json) Hash identifier: X1WXq/o7P8HF12gEZBw3GGE/Mbe7dHMWJeZRsRBeNTQ= Subject key identifier: 14:0B:E1:5B:CB:16:28:0B:1C:1C:60:14:DF:38:31:84:B4:EE:81:94 Certificate issuer: /CN=e52d8b5cba7c2d2b8af046eb7f310105ac0c09ac Certificate serial: 019B7EA4D9AE0756CBB13B41E9393B750DE0 Authority key identifier: E5:2D:8B:5C:BA:7C:2D:2B:8A:F0:46:EB:7F:31:01:05:AC:0C:09:AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5S2LXLp8LSuK8EbrfzEBBawMCaw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/FAvhW8sWKAscHGAU3zgxhLTugZQ.roa Signing time: Fri 02 Jan 2026 12:18:11 +0000 ROA not before: Fri 02 Jan 2026 12:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42442 IP address blocks: 185.19.172.0/22 maxlen: 24 2a00:4720::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/5S2LXLp8LSuK8EbrfzEBBawMCaw.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/5S2LXLp8LSuK8EbrfzEBBawMCaw.mft rsync://rpki.ripe.net/repository/DEFAULT/5S2LXLp8LSuK8EbrfzEBBawMCaw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:d9:ae:07:56:cb:b1:3b:41:e9:39:3b:75:0d:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e52d8b5cba7c2d2b8af046eb7f310105ac0c09ac Validity Not Before: Jan 2 12:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=140be15bcb16280b1c1c6014df383184b4ee8194 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:15:d0:44:ae:ae:02:22:7b:21:8b:7b:0a:1b: d2:51:c5:b8:ac:f3:79:49:45:d4:9e:8d:39:12:ad: 19:6c:4b:09:a8:31:c1:f1:e5:c8:21:92:67:bb:53: d2:08:4a:89:96:c7:92:ba:de:ad:52:5e:08:6f:97: f2:d6:bf:fa:c8:5e:1f:1e:6b:7c:cc:65:d5:1a:3e: 2e:00:14:19:b9:1f:87:0b:f3:7f:7d:b1:89:4e:b5: 80:f7:75:bb:b9:47:c4:6e:bf:48:39:34:40:da:d8: c8:62:0f:b5:4d:da:c7:93:30:fd:6c:7a:97:54:5b: 64:08:84:35:c4:17:ee:8e:a6:9a:41:56:01:30:03: 8a:80:ae:63:97:b6:71:2e:2b:89:93:bc:02:e6:48: f2:4f:d1:bc:fa:d1:20:2c:b9:e5:2a:88:e9:2b:99: 63:54:e8:ed:40:2b:85:ed:96:d8:5f:87:62:43:a4: 74:08:f4:76:8f:1e:7b:b1:b4:3f:38:59:ce:3a:29: 86:67:30:7c:17:8a:b4:f6:5b:d8:79:4b:31:64:f7: ff:34:cb:06:1e:8d:59:af:1a:0d:4a:0e:80:1a:46: e6:e6:3f:43:8c:4e:d3:89:87:2b:43:a3:2a:8c:8a: 4e:4f:c8:ac:4a:23:86:89:a4:b0:82:00:81:c5:c9: 31:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:0B:E1:5B:CB:16:28:0B:1C:1C:60:14:DF:38:31:84:B4:EE:81:94 X509v3 Authority Key Identifier: keyid:E5:2D:8B:5C:BA:7C:2D:2B:8A:F0:46:EB:7F:31:01:05:AC:0C:09:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5S2LXLp8LSuK8EbrfzEBBawMCaw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/FAvhW8sWKAscHGAU3zgxhLTugZQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d4f83d-fb53-424f-851d-c0d062a75354/1/5S2LXLp8LSuK8EbrfzEBBawMCaw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.19.172.0/22 IPv6: 2a00:4720::/32 Signature Algorithm: sha256WithRSAEncryption bd:48:c3:b9:98:ea:92:af:3c:4a:ba:ff:13:39:3a:ff:0c:51: 70:5f:5c:bf:80:71:c3:09:79:89:66:33:d2:fb:0e:21:ef:48: a4:58:09:e8:34:71:18:e7:25:19:87:da:d8:46:2e:8c:08:1c: 0b:d7:a1:42:98:6f:54:dd:09:25:17:6c:11:88:26:32:d5:7e: fa:4c:83:ad:20:87:4a:82:b2:4b:27:08:36:5a:1c:4d:cb:3b: 9c:da:77:66:23:71:65:62:56:d9:28:ef:71:0b:3f:f1:fd:e0: 6b:69:66:9d:27:aa:2d:ba:2a:2e:35:49:5d:43:81:ac:96:5a: 4c:75:66:26:8d:36:47:7f:cb:12:8e:cd:44:00:90:d7:72:d0: 68:57:06:a7:3e:96:77:b4:74:99:5c:e6:13:dc:df:34:ee:d4: d5:d9:dc:4b:02:23:ef:41:96:2a:62:20:ff:44:51:b0:8d:1e: d7:09:98:57:20:b6:28:91:5f:c2:ff:87:14:75:4f:91:fa:bf: f4:a9:b9:23:22:41:c1:0c:d5:a7:2d:0e:a7:98:3e:9a:2a:26: e4:6f:f6:92:6f:12:73:79:b0:d1:fa:59:ab:0a:b8:27:93:da: 28:a5:62:28:8c:eb:c3:9b:72:b9:9c:e6:93:6d:7d:98:24:e3: 62:91:1b:49 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+pNmuB1bLsTtB6Tk7dQ3gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1MmQ4YjVjYmE3YzJkMmI4YWYwNDZlYjdmMzEwMTA1YWMw YzA5YWMwHhcNMjYwMTAyMTIxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNDBiZTE1YmNiMTYyODBiMWMxYzYwMTRkZjM4MzE4NGI0ZWU4MTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hXQRK6uAiJ7IYt7ChvSUcW4rPN5 SUXUno05Eq0ZbEsJqDHB8eXIIZJnu1PSCEqJlseSut6tUl4Ib5fy1r/6yF4fHmt8 zGXVGj4uABQZuR+HC/N/fbGJTrWA93W7uUfEbr9IOTRA2tjIYg+1TdrHkzD9bHqX VFtkCIQ1xBfujqaaQVYBMAOKgK5jl7ZxLiuJk7wC5kjyT9G8+tEgLLnlKojpK5lj VOjtQCuF7ZbYX4diQ6R0CPR2jx57sbQ/OFnOOimGZzB8F4q09lvYeUsxZPf/NMsG Ho1ZrxoNSg6AGkbm5j9DjE7TiYcrQ6MqjIpOT8isSiOGiaSwggCBxckx6QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFBQL4VvLFigLHBxgFN84MYS07oGUMB8GA1UdIwQY MBaAFOUti1y6fC0rivBG638xAQWsDAmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNVMyTFhMcDhMU3VLOEVicmZ6RUJCYXdNQ2F3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kNGY4M2QtZmI1My00MjRmLTg1MWQt YzBkMDYyYTc1MzU0LzEvRkF2aFc4c1dLQXNjSEdBVTN6Z3hoTFR1Z1pRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9kNGY4M2QtZmI1My00MjRmLTg1MWQtYzBkMDYyYTc1MzU0 LzEvNVMyTFhMcDhMU3VLOEVicmZ6RUJCYXdNQ2F3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuROsMA0E AgACMAcDBQAqAEcgMA0GCSqGSIb3DQEBCwUAA4IBAQC9SMO5mOqSrzxKuv8TOTr/ DFFwX1y/gHHDCXmJZjPS+w4h70ikWAnoNHEY5yUZh9rYRi6MCBwL16FCmG9U3Qkl F2wRiCYy1X76TIOtIIdKgrJLJwg2WhxNyzuc2ndmI3FlYlbZKO9xCz/x/eBraWad J6otuiouNUldQ4GsllpMdWYmjTZHf8sSjs1EAJDXctBoVwanPpZ3tHSZXOYT3N80 7tTV2dxLAiPvQZYqYiD/RFGwjR7XCZhXILYokV/C/4cUdU+R+r/0qbkjIkHBDNWn LQ6nmD6aKibkb/aSbxJzebDR+lmrCrgnk9oopWIojOvDm3K5nOaTbX2YJONikRtJ -----END CERTIFICATE-----Generated at Mon Jan 12 01:33:29 2026 by rpki-client