This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/foWBRrwQ_J-5QZyjYh0-06D2Jgg.roa File: foWBRrwQ_J-5QZyjYh0-06D2Jgg.roa (raw, json) Hash identifier: F50Zb/hD5QHDYX5caLDSp9PIYVBJP0rELAuJY0qPe6U= Subject key identifier: 7E:85:81:46:BC:10:FC:9F:B9:41:9C:A3:62:1D:3E:D3:A0:F6:26:08 Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731 Certificate serial: 019B7C135C4FC98FFE78A6D692E04DD31D7E Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/foWBRrwQ_J-5QZyjYh0-06D2Jgg.roa Signing time: Fri 02 Jan 2026 00:20:02 +0000 ROA not before: Fri 02 Jan 2026 00:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20668 IP address blocks: 89.35.0.0/23 maxlen: 24 89.40.42.0/24 maxlen: 24 194.26.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.mft rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:5c:4f:c9:8f:fe:78:a6:d6:92:e0:4d:d3:1d:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731 Validity Not Before: Jan 2 00:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7e858146bc10fc9fb9419ca3621d3ed3a0f62608 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:0d:cf:d9:49:80:e0:1b:d0:49:c0:c2:da:6a: 1c:4c:74:71:a5:30:09:33:32:fc:5b:a0:48:34:89: 16:5f:68:32:4f:b3:6e:2c:39:7e:4c:9b:53:e7:a3: 14:d2:bf:95:e5:59:45:c5:4b:ce:4c:7c:ae:8e:48: 96:69:da:54:92:40:19:9f:b4:aa:9a:84:7f:fc:de: d3:9b:95:df:1a:73:9a:16:f5:89:f8:59:4c:37:13: 3b:2c:6f:bb:55:c1:a0:0a:4b:29:c0:98:0b:04:61: 55:7f:65:3c:1c:9a:83:d8:14:96:4e:05:b7:a3:ef: 5f:62:13:2e:c5:f3:44:99:54:3e:42:3b:39:2f:e2: 8c:16:e5:bf:6e:d2:44:60:8e:63:2b:4a:53:b9:f7: e1:92:3b:c4:0d:b7:b5:ec:05:a7:eb:8f:b6:47:82: 82:98:09:df:37:c0:95:72:b5:14:a9:e1:53:ec:9b: 7f:11:a3:d3:7c:3a:2c:96:c5:96:e2:18:81:f4:d9: e9:ea:33:98:65:9e:b4:b1:5d:0d:65:78:92:d4:12: 95:69:d4:18:34:fd:a2:7d:ac:8c:9e:e8:72:fe:c1: 8d:dc:f7:5a:36:02:42:d7:b7:19:1e:18:84:3a:17: 9c:d9:41:b0:3d:81:f4:67:7a:35:ad:40:be:2c:1d: 33:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:85:81:46:BC:10:FC:9F:B9:41:9C:A3:62:1D:3E:D3:A0:F6:26:08 X509v3 Authority Key Identifier: keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/foWBRrwQ_J-5QZyjYh0-06D2Jgg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.35.0.0/23 89.40.42.0/24 194.26.128.0/24 Signature Algorithm: sha256WithRSAEncryption 84:8a:2d:cc:1c:f0:12:6b:f6:c9:c6:7c:47:e4:03:d9:80:6b: 7c:e5:0d:7f:0c:a2:80:4b:f0:2b:aa:0f:4c:0f:b8:78:da:60: f6:98:2e:bb:50:a9:0b:26:00:87:dc:a8:e7:cb:19:30:57:08: c8:4a:4d:6a:55:5f:3d:4b:ba:91:83:6b:3c:9e:a6:74:cd:c1: e8:84:a8:ab:ae:9b:b1:cb:4e:6f:6b:af:07:06:37:95:a8:f8: be:05:07:22:cd:7c:47:d9:45:ed:7e:51:a9:dd:04:54:82:7c: b3:0f:80:4b:d1:07:ac:cd:85:63:4c:e5:e3:e1:7a:f9:bd:ce: 24:eb:e3:24:e4:82:2a:20:d4:7c:2a:61:2e:f5:53:85:d3:04: f8:f9:f6:8e:b0:a7:4d:dd:11:48:5f:14:c6:a6:13:e8:b4:38: ed:69:b0:0a:12:28:9d:49:d2:1c:97:34:f5:56:81:18:03:7c: 11:47:71:af:26:59:5d:f7:99:8d:fd:7e:c5:2a:e6:a2:fd:a9: fb:98:fe:c2:ba:6f:6e:54:7f:b0:81:7d:55:2a:cd:76:6c:9a: 4f:68:41:65:3c:40:4f:6d:65:2a:21:4b:ab:8e:37:ed:93:8d: b0:4b:e6:cf:8a:b6:fe:66:58:1f:43:da:05:d5:b7:1b:2c:d3: d1:8a:80:b6 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt8E1xPyY/+eKbWkuBN0x1+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz NjE3MzEwHhcNMjYwMTAyMDAyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZTg1ODE0NmJjMTBmYzlmYjk0MTljYTM2MjFkM2VkM2EwZjYyNjA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw3P2UmA4BvQScDC2mocTHRxpTAJ MzL8W6BINIkWX2gyT7NuLDl+TJtT56MU0r+V5VlFxUvOTHyujkiWadpUkkAZn7Sq moR//N7Tm5XfGnOaFvWJ+FlMNxM7LG+7VcGgCkspwJgLBGFVf2U8HJqD2BSWTgW3 o+9fYhMuxfNEmVQ+Qjs5L+KMFuW/btJEYI5jK0pTuffhkjvEDbe17AWn64+2R4KC mAnfN8CVcrUUqeFT7Jt/EaPTfDoslsWW4hiB9Nnp6jOYZZ60sV0NZXiS1BKVadQY NP2ifayMnuhy/sGN3PdaNgJC17cZHhiEOhec2UGwPYH0Z3o1rUC+LB0zlQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFH6FgUa8EPyfuUGco2IdPtOg9iYIMB8GA1UdIwQY MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt ODQyODU4MTIyYmJjLzEvZm9XQlJyd1FfSi01UVp5alloMC0wNkQySmdnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWSMAAwQA WSgqAwQAwhqAMA0GCSqGSIb3DQEBCwUAA4IBAQCEii3MHPASa/bJxnxH5APZgGt8 5Q1/DKKAS/Arqg9MD7h42mD2mC67UKkLJgCH3KjnyxkwVwjISk1qVV89S7qRg2s8 nqZ0zcHohKirrpuxy05va68HBjeVqPi+BQcizXxH2UXtflGp3QRUgnyzD4BL0Qes zYVjTOXj4Xr5vc4k6+Mk5IIqINR8KmEu9VOF0wT4+faOsKdN3RFIXxTGphPotDjt abAKEiidSdIclzT1VoEYA3wRR3GvJlld95mN/X7FKuai/an7mP7Cum9uVH+wgX1V Ks12bJpPaEFlPEBPbWUqIUurjjftk42wS+bPirb+ZlgfQ9oF1bcbLNPRioC2 -----END CERTIFICATE-----Generated at Wed Jan 7 22:30:54 2026 by rpki-client