This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/AorOXJjA6o7VIXG2KhmRn45N0UY.roa File: AorOXJjA6o7VIXG2KhmRn45N0UY.roa (raw, json) Hash identifier: opct1yXiFy361tzWw8bb0wIPcRKu5irJGelwFQC/fvQ= Subject key identifier: 02:8A:CE:5C:98:C0:EA:8E:D5:21:71:B6:2A:19:91:9F:8E:4D:D1:46 Certificate issuer: /CN=c58afa22f98a37f6d8d0293a9b319416ec94d386 Certificate serial: 019B7D5D3133B05B6E9A20CD9C1C67139042 Authority key identifier: C5:8A:FA:22:F9:8A:37:F6:D8:D0:29:3A:9B:31:94:16:EC:94:D3:86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/AorOXJjA6o7VIXG2KhmRn45N0UY.roa Signing time: Fri 02 Jan 2026 06:20:17 +0000 ROA not before: Fri 02 Jan 2026 06:20:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15435 IP address blocks: 194.13.240.0/20 maxlen: 24 2001:67c:2b0c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.mft rsync://rpki.ripe.net/repository/DEFAULT/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 18:01:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:31:33:b0:5b:6e:9a:20:cd:9c:1c:67:13:90:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c58afa22f98a37f6d8d0293a9b319416ec94d386 Validity Not Before: Jan 2 06:20:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=028ace5c98c0ea8ed52171b62a19919f8e4dd146 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:18:29:75:e3:f7:f6:5e:12:69:7b:c6:be:97: 1f:0c:96:f0:7a:d4:47:a4:ef:ba:85:68:71:8c:09: b1:c6:44:21:9e:d3:f2:cb:27:aa:85:f4:3f:05:6e: ee:b5:dd:c9:3e:b8:75:a2:1f:bf:6d:95:63:3d:9e: c5:c7:f4:c8:65:c2:2b:ca:bd:a4:7d:a5:c8:15:44: f6:c3:14:1b:9b:cf:fc:12:72:7f:f6:06:01:4a:cb: de:0a:72:77:5c:81:42:c9:01:b6:c4:a9:dd:1c:e6: 47:95:66:bc:cc:1c:26:4e:3e:41:71:3f:a7:58:d1: e8:b6:a9:8b:c4:07:2f:96:ea:ca:77:e7:60:61:59: 41:90:0e:80:4e:13:37:8f:5d:11:b0:31:0c:0e:52: 23:ae:af:91:fa:2e:67:ef:62:de:90:54:d8:ff:83: a2:48:44:fd:ec:10:2c:48:22:c1:90:09:76:0e:2d: 5a:20:a6:64:21:f9:1c:77:3e:00:2a:89:3d:33:b9: 53:e9:e2:db:6b:66:93:b8:a4:39:be:8c:5b:07:cb: 1d:27:9c:21:4a:ee:56:64:1d:d1:f6:99:c9:b5:84: d8:53:a6:48:2f:0a:66:16:6c:cd:ad:cf:dc:e4:f1: e3:b3:93:cc:c4:df:15:21:18:ea:bf:5c:ec:3e:53: e8:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:8A:CE:5C:98:C0:EA:8E:D5:21:71:B6:2A:19:91:9F:8E:4D:D1:46 X509v3 Authority Key Identifier: keyid:C5:8A:FA:22:F9:8A:37:F6:D8:D0:29:3A:9B:31:94:16:EC:94:D3:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/AorOXJjA6o7VIXG2KhmRn45N0UY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.13.240.0/20 IPv6: 2001:67c:2b0c::/48 Signature Algorithm: sha256WithRSAEncryption cf:9f:21:f8:51:c6:20:59:92:5e:22:7c:fb:55:9d:bc:e8:e4: af:c7:43:ac:c7:48:da:11:b0:bf:af:17:ff:33:4d:76:b5:49: 23:ea:7b:f0:0b:37:cd:ea:57:4c:77:1b:aa:ce:ea:79:42:be: b9:b3:fb:a5:ee:e2:df:f0:b3:84:8d:a5:e7:c2:68:47:f6:d4: 73:8f:e6:9e:94:c0:ef:b9:5d:e7:ed:c4:d3:05:98:fb:68:48: 3f:3f:d3:24:15:c1:c5:d1:7d:5b:57:7b:5e:3b:aa:1d:32:1b: cb:bd:f3:d4:0f:3d:ed:d0:e9:06:3e:c7:60:9d:7e:42:2a:2b: db:3b:35:ce:2e:75:b5:0d:fa:e8:78:3a:43:2b:2f:04:f9:f7: cd:bc:bf:db:50:a0:01:08:a8:e4:ee:85:35:c7:f8:3b:a1:80: bd:22:72:c5:e6:b0:84:06:55:0e:d5:23:9a:89:26:00:ac:48: f5:70:6a:90:9a:cc:a9:c6:a5:d8:9f:18:9b:06:92:5d:51:b6: 60:58:12:4e:4c:36:b7:5d:eb:0f:dc:aa:57:29:9c:e1:af:5d: 7f:a1:8b:19:2a:b3:2f:85:91:9f:dd:f3:27:34:be:4a:81:42: bb:fc:1b:f1:ab:a5:bf:96:6c:0c:85:88:ac:eb:eb:51:8e:13: 6e:b5:91:9b -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt9XTEzsFtumiDNnBxnE5BCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1OGFmYTIyZjk4YTM3ZjZkOGQwMjkzYTliMzE5NDE2ZWM5 NGQzODYwHhcNMjYwMTAyMDYyMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMjhhY2U1Yzk4YzBlYThlZDUyMTcxYjYyYTE5OTE5ZjhlNGRkMTQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBgpdeP39l4SaXvGvpcfDJbwetRH pO+6hWhxjAmxxkQhntPyyyeqhfQ/BW7utd3JPrh1oh+/bZVjPZ7Fx/TIZcIryr2k faXIFUT2wxQbm8/8EnJ/9gYBSsveCnJ3XIFCyQG2xKndHOZHlWa8zBwmTj5BcT+n WNHotqmLxAcvlurKd+dgYVlBkA6AThM3j10RsDEMDlIjrq+R+i5n72LekFTY/4Oi SET97BAsSCLBkAl2Di1aIKZkIfkcdz4AKok9M7lT6eLba2aTuKQ5voxbB8sdJ5wh Su5WZB3R9pnJtYTYU6ZILwpmFmzNrc/c5PHjs5PMxN8VIRjqv1zsPlPozQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFAKKzlyYwOqO1SFxtioZkZ+OTdFGMB8GA1UdIwQY MBaAFMWK+iL5ijf22NApOpsxlBbslNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveFlyNkl2bUtOX2JZMENrNm16R1VGdXlVMDRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NThjOGEtNjEzZS00ZTJhLThmZTEt OTEyMjg2MjA1NzBlLzEvQW9yT1hKakE2bzdWSVhHMktobVJuNDVOMFVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi83NThjOGEtNjEzZS00ZTJhLThmZTEtOTEyMjg2MjA1NzBl LzEveFlyNkl2bUtOX2JZMENrNm16R1VGdXlVMDRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEwg3wMA8E AgACMAkDBwAgAQZ8KwwwDQYJKoZIhvcNAQELBQADggEBAM+fIfhRxiBZkl4ifPtV nbzo5K/HQ6zHSNoRsL+vF/8zTXa1SSPqe/ALN83qV0x3G6rO6nlCvrmz+6Xu4t/w s4SNpefCaEf21HOP5p6UwO+5XeftxNMFmPtoSD8/0yQVwcXRfVtXe147qh0yG8u9 89QPPe3Q6QY+x2CdfkIqK9s7Nc4udbUN+uh4OkMrLwT59828v9tQoAEIqOTuhTXH +DuhgL0icsXmsIQGVQ7VI5qJJgCsSPVwapCazKnGpdifGJsGkl1RtmBYEk5MNrdd 6w/cqlcpnOGvXX+hixkqsy+FkZ/d8yc0vkqBQrv8G/Grpb+WbAyFiKzr61GOE261 kZs= -----END CERTIFICATE-----Generated at Tue Jan 13 04:15:37 2026 by rpki-client