This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/49e974-d724-4caf-9a04-f0c9d6417ee7/1/DTajfEiYAfwU9wznkihFnvtM700.roa File: DTajfEiYAfwU9wznkihFnvtM700.roa (raw, json) Hash identifier: 0NM6zYcwmQ05W0Dcf5q5e1n9JwwtYJ2TI/Zem3bjahI= Subject key identifier: 0D:36:A3:7C:48:98:01:FC:14:F7:0C:E7:92:28:45:9E:FB:4C:EF:4D Certificate issuer: /CN=f505578215acee73c17fa30d0295e0d8dd7be89d Certificate serial: 019B7DC9FF863789177191351DA9100ED75B Authority key identifier: F5:05:57:82:15:AC:EE:73:C1:7F:A3:0D:02:95:E0:D8:DD:7B:E8:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QVXghWs7nPBf6MNApXg2N176J0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/49e974-d724-4caf-9a04-f0c9d6417ee7/1/DTajfEiYAfwU9wznkihFnvtM700.roa Signing time: Fri 02 Jan 2026 08:19:08 +0000 ROA not before: Fri 02 Jan 2026 08:19:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60729 IP address blocks: 185.220.101.0/24 maxlen: 24 185.220.102.0/24 maxlen: 24 2a0b:f4c1:2::/48 maxlen: 48 2a0b:f4c2::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/49e974-d724-4caf-9a04-f0c9d6417ee7/1/9QVXghWs7nPBf6MNApXg2N176J0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/49e974-d724-4caf-9a04-f0c9d6417ee7/1/9QVXghWs7nPBf6MNApXg2N176J0.mft rsync://rpki.ripe.net/repository/DEFAULT/9QVXghWs7nPBf6MNApXg2N176J0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:ff:86:37:89:17:71:91:35:1d:a9:10:0e:d7:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f505578215acee73c17fa30d0295e0d8dd7be89d Validity Not Before: Jan 2 08:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0d36a37c489801fc14f70ce79228459efb4cef4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:31:42:19:20:02:6f:8f:92:94:0c:70:92:02: 92:c0:cb:4c:b5:25:6b:01:17:a6:1f:5b:bd:0d:7d: 6b:02:11:f7:7a:21:c5:16:e5:9e:20:0c:12:42:6d: e5:8a:41:c2:1c:cd:59:1c:ca:7f:58:f9:2c:a2:db: 12:a8:1f:29:4c:c7:c3:18:c3:ca:c9:74:73:1d:58: 1d:03:44:e2:41:51:03:3e:79:ed:5c:a8:53:13:cc: 13:59:be:cf:49:ad:e1:ef:ce:79:31:65:53:0c:0b: 46:65:12:2a:f7:d5:33:e6:c0:87:6b:4b:8d:44:9a: 3f:4b:ca:3f:c3:5d:1c:20:05:5b:ae:af:fd:a7:92: 35:b0:3d:6b:31:81:4f:60:c5:c2:e3:23:34:25:ab: 30:c3:c5:83:4d:3a:50:4a:90:99:26:b5:03:ed:46: 2f:2c:a3:9e:42:17:f1:28:59:6f:1a:9b:3a:6b:45: d3:f7:fa:cb:7d:10:66:02:c9:e7:4f:b4:8b:4b:f5: 96:4a:d4:26:97:78:3a:7e:1f:21:b3:3c:38:8a:0c: ce:1c:2e:5d:08:14:64:a0:05:ee:52:14:8f:d2:d2: d3:37:ce:e5:38:3d:9b:71:c7:6c:6f:c8:9d:4f:57: ed:3e:8a:f5:a1:2a:57:10:db:98:2b:35:13:c4:05: 48:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:36:A3:7C:48:98:01:FC:14:F7:0C:E7:92:28:45:9E:FB:4C:EF:4D X509v3 Authority Key Identifier: keyid:F5:05:57:82:15:AC:EE:73:C1:7F:A3:0D:02:95:E0:D8:DD:7B:E8:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QVXghWs7nPBf6MNApXg2N176J0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/49e974-d724-4caf-9a04-f0c9d6417ee7/1/DTajfEiYAfwU9wznkihFnvtM700.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/49e974-d724-4caf-9a04-f0c9d6417ee7/1/9QVXghWs7nPBf6MNApXg2N176J0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.220.101.0-185.220.102.255 IPv6: 2a0b:f4c1:2::/48 2a0b:f4c2::/40 Signature Algorithm: sha256WithRSAEncryption 8e:02:60:a5:5c:9d:c4:93:85:72:95:47:86:ae:dc:3e:bf:6d: 97:eb:82:44:b5:36:fc:05:a4:10:63:f4:63:9d:9a:78:ef:03: 89:fa:d4:f5:7e:23:df:01:e2:82:fb:9d:6a:91:b4:14:42:bf: 29:e7:6a:23:40:6b:57:a6:7c:fc:61:8d:9a:da:25:d6:c6:ce: 41:eb:ff:10:f4:d2:69:62:6d:ff:42:a8:c5:1b:5f:d3:64:15: 0c:e5:50:08:79:78:2b:37:c0:bd:0d:83:ac:5a:6d:71:48:4f: 05:2b:b1:fa:28:f3:df:96:f1:03:24:ce:eb:ea:1b:b7:ee:17: 18:55:25:26:d0:84:2e:32:bd:9c:19:16:6c:86:4f:9f:7e:47: 23:bd:0d:ce:af:d8:a5:bc:a6:78:ed:d6:b7:70:b9:01:66:23: a4:f0:1e:dc:0b:a9:78:28:29:9b:81:3c:c2:dd:3b:0a:96:3b: 73:32:02:c1:c4:5a:2d:a4:23:44:67:2a:92:0b:aa:9a:78:e1: 3f:d4:a2:8b:c3:97:50:5a:52:34:db:08:dd:e0:67:60:60:6b: 93:b8:28:de:5b:b1:62:17:e7:b3:09:1c:10:10:af:85:0f:cf: 42:72:e7:e5:3b:2a:85:76:eb:f0:a3:8d:37:59:15:c0:8c:d6: 4e:23:f4:60 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt9yf+GN4kXcZE1HakQDtdbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1MDU1NzgyMTVhY2VlNzNjMTdmYTMwZDAyOTVlMGQ4ZGQ3 YmU4OWQwHhcNMjYwMTAyMDgxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZDM2YTM3YzQ4OTgwMWZjMTRmNzBjZTc5MjI4NDU5ZWZiNGNlZjRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjFCGSACb4+SlAxwkgKSwMtMtSVr ARemH1u9DX1rAhH3eiHFFuWeIAwSQm3likHCHM1ZHMp/WPksotsSqB8pTMfDGMPK yXRzHVgdA0TiQVEDPnntXKhTE8wTWb7PSa3h7855MWVTDAtGZRIq99Uz5sCHa0uN RJo/S8o/w10cIAVbrq/9p5I1sD1rMYFPYMXC4yM0Jasww8WDTTpQSpCZJrUD7UYv LKOeQhfxKFlvGps6a0XT9/rLfRBmAsnnT7SLS/WWStQml3g6fh8hszw4igzOHC5d CBRkoAXuUhSP0tLTN87lOD2bccdsb8idT1ftPor1oSpXENuYKzUTxAVICQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFA02o3xImAH8FPcM55IoRZ77TO9NMB8GA1UdIwQY MBaAFPUFV4IVrO5zwX+jDQKV4Njde+idMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOVFWWGdoV3M3blBCZjZNTkFwWGcyTjE3NkowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy80OWU5NzQtZDcyNC00Y2FmLTlhMDQt ZjBjOWQ2NDE3ZWU3LzEvRFRhamZFaVlBZndVOXd6bmtpaEZudnRNNzAwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy80OWU5NzQtZDcyNC00Y2FmLTlhMDQtZjBjOWQ2NDE3ZWU3 LzEvOVFWWGdoV3M3blBCZjZNTkFwWGcyTjE3NkowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAUBAIAATAOMAwDBAC53GUD BAC53GYwFwQCAAIwEQMHACoL9MEAAgMGACoL9MIAMA0GCSqGSIb3DQEBCwUAA4IB AQCOAmClXJ3Ek4VylUeGrtw+v22X64JEtTb8BaQQY/RjnZp47wOJ+tT1fiPfAeKC +51qkbQUQr8p52ojQGtXpnz8YY2a2iXWxs5B6/8Q9NJpYm3/QqjFG1/TZBUM5VAI eXgrN8C9DYOsWm1xSE8FK7H6KPPflvEDJM7r6hu37hcYVSUm0IQuMr2cGRZshk+f fkcjvQ3Or9ilvKZ47da3cLkBZiOk8B7cC6l4KCmbgTzC3TsKljtzMgLBxFotpCNE ZyqSC6qaeOE/1KKLw5dQWlI02wjd4GdgYGuTuCjeW7FiF+ezCRwQEK+FD89Ccufl OyqFduvwo403WRXAjNZOI/Rg -----END CERTIFICATE-----Generated at Mon Jan 26 07:09:21 2026 by rpki-client