This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/PSfeFOCMS0X0DbK201fv7mhOqbQ.roa File: PSfeFOCMS0X0DbK201fv7mhOqbQ.roa (raw, json) Hash identifier: WJgLDQpReiQHOtzp+BWaEyBhXQtmTrQB0VphBgJmuek= Subject key identifier: 3D:27:DE:14:E0:8C:4B:45:F4:0D:B2:B6:D3:57:EF:EE:68:4E:A9:B4 Certificate issuer: /CN=ad109dee6fbdc256df911460ccc915d066a8ff8b Certificate serial: 019B78A33709BA6B2E2E8683750BD8395DA3 Authority key identifier: AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/PSfeFOCMS0X0DbK201fv7mhOqbQ.roa Signing time: Thu 01 Jan 2026 08:18:40 +0000 ROA not before: Thu 01 Jan 2026 08:18:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5414 IP address blocks: 84.20.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/rRCd7m-9wlbfkRRgzMkV0Gao_4s.crl rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/rRCd7m-9wlbfkRRgzMkV0Gao_4s.mft rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 08:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:37:09:ba:6b:2e:2e:86:83:75:0b:d8:39:5d:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad109dee6fbdc256df911460ccc915d066a8ff8b Validity Not Before: Jan 1 08:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3d27de14e08c4b45f40db2b6d357efee684ea9b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:fb:f7:ec:fb:76:f9:07:15:3b:cb:ad:ec:94: 07:fa:9d:4e:40:92:33:7f:62:c3:e4:c2:af:0b:71: 4d:33:64:d6:96:e5:24:0e:d0:63:5b:88:b7:c6:27: 35:fc:26:9c:0f:c2:9e:8d:30:d3:e2:7b:cc:fd:20: 2a:ed:04:88:cc:52:29:b0:7b:82:1a:02:79:0c:71: 41:5a:91:30:6c:b7:28:d4:cd:7b:ac:7f:81:10:56: a7:9d:31:e3:f4:de:2a:9a:98:a7:63:cd:b0:81:35: bd:b5:8d:4b:29:a5:9e:fc:9e:64:f4:a6:e5:83:62: 76:79:f7:22:66:7a:db:4b:cf:af:61:02:f6:17:57: c7:05:00:c1:5f:ef:3b:4e:5c:d3:59:7d:cb:f5:ee: d4:2e:93:e3:ec:a6:94:fc:0a:74:34:14:a2:49:c5: 84:ca:9d:dd:9a:89:53:b3:82:5c:b3:c8:7b:ff:c6: be:da:b2:6e:ce:07:8e:ef:21:b0:ea:1f:c5:ef:f5: 67:fc:3d:5e:e7:db:69:6d:07:cd:b4:47:14:67:f4: 69:fa:dd:d0:ea:b2:bd:0b:89:af:13:0a:bf:17:52: 94:82:4b:10:11:11:14:ed:4d:07:01:a1:6d:cb:55: 76:08:0d:bb:3d:a2:26:7e:64:69:c9:14:e8:45:fc: f5:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:27:DE:14:E0:8C:4B:45:F4:0D:B2:B6:D3:57:EF:EE:68:4E:A9:B4 X509v3 Authority Key Identifier: keyid:AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/PSfeFOCMS0X0DbK201fv7mhOqbQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/rRCd7m-9wlbfkRRgzMkV0Gao_4s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.20.93.0/24 Signature Algorithm: sha256WithRSAEncryption af:a1:ae:f1:66:d3:d6:10:b1:84:b9:02:2f:94:4d:b1:b9:23: 99:f2:15:62:cf:42:2a:2f:4e:90:90:66:42:a6:67:67:15:ae: 0e:9f:85:8e:26:cf:0e:81:7d:ba:80:f2:49:9c:21:6a:4c:92: aa:c0:11:d5:47:65:09:b3:bf:9f:6e:91:26:cf:71:82:07:07: 04:da:0d:8f:83:f3:e2:7c:49:1f:bd:59:c8:61:25:b1:2b:db: 8c:ce:b7:a7:ba:9e:a9:2d:15:c9:d0:2b:62:da:75:d7:55:bf: a2:19:b1:15:f8:1e:c6:de:a2:54:7f:d7:e2:54:8d:e2:10:5d: 0e:d7:77:68:66:ab:0d:f2:5c:ce:4b:49:62:0b:93:4a:ae:d8: 03:f3:e4:04:63:f2:21:3a:da:c9:8d:5f:98:34:14:6a:9f:af: 84:69:f6:39:b7:c2:fb:33:1f:2d:f9:5d:ce:a1:9d:11:f5:1f: ef:74:36:76:ee:9b:5d:cb:60:b2:e8:00:c4:8e:91:3f:40:55: 53:2d:08:08:95:e7:73:8a:3c:ac:68:17:d7:f4:20:b4:ce:08: 82:33:a7:32:3c:a4:ec:b3:a7:d3:1f:43:a1:ea:d9:ec:87:89: b3:c9:23:be:83:14:ff:6f:43:75:cc:cf:bf:7f:62:98:e9:34: 3d:28:d7:83 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4ozcJumsuLoaDdQvYOV2jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkMTA5ZGVlNmZiZGMyNTZkZjkxMTQ2MGNjYzkxNWQwNjZh OGZmOGIwHhcNMjYwMTAxMDgxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZDI3ZGUxNGUwOGM0YjQ1ZjQwZGIyYjZkMzU3ZWZlZTY4NGVhOWI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPv37Pt2+QcVO8ut7JQH+p1OQJIz f2LD5MKvC3FNM2TWluUkDtBjW4i3xic1/CacD8KejTDT4nvM/SAq7QSIzFIpsHuC GgJ5DHFBWpEwbLco1M17rH+BEFannTHj9N4qmpinY82wgTW9tY1LKaWe/J5k9Kbl g2J2efciZnrbS8+vYQL2F1fHBQDBX+87TlzTWX3L9e7ULpPj7KaU/Ap0NBSiScWE yp3dmolTs4Jcs8h7/8a+2rJuzgeO7yGw6h/F7/Vn/D1e59tpbQfNtEcUZ/Rp+t3Q 6rK9C4mvEwq/F1KUgksQEREU7U0HAaFty1V2CA27PaImfmRpyRToRfz1OwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFD0n3hTgjEtF9A2yttNX7+5oTqm0MB8GA1UdIwQY MBaAFK0Qne5vvcJW35EUYMzJFdBmqP+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclJDZDdtLTl3bGJma1JSZ3pNa1YwR2FvXzRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80NjE1YmUtZTU2Ni00MjUzLTgzZWYt ZjY2MjZiNjMzODNlLzEvUFNmZUZPQ01TMFgwRGJLMjAxZnY3bWhPcWJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi80NjE1YmUtZTU2Ni00MjUzLTgzZWYtZjY2MjZiNjMzODNl LzEvclJDZDdtLTl3bGJma1JSZ3pNa1YwR2FvXzRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVBRdMA0G CSqGSIb3DQEBCwUAA4IBAQCvoa7xZtPWELGEuQIvlE2xuSOZ8hViz0IqL06QkGZC pmdnFa4On4WOJs8OgX26gPJJnCFqTJKqwBHVR2UJs7+fbpEmz3GCBwcE2g2Pg/Pi fEkfvVnIYSWxK9uMzrenup6pLRXJ0Cti2nXXVb+iGbEV+B7G3qJUf9fiVI3iEF0O 13doZqsN8lzOS0liC5NKrtgD8+QEY/IhOtrJjV+YNBRqn6+EafY5t8L7Mx8t+V3O oZ0R9R/vdDZ27ptdy2Cy6ADEjpE/QFVTLQgIledzijysaBfX9CC0zgiCM6cyPKTs s6fTH0Oh6tnsh4mzySO+gxT/b0N1zM+/f2KY6TQ9KNeD -----END CERTIFICATE-----Generated at Wed Jan 7 15:56:10 2026 by rpki-client