This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/37hbQJ7zVxzVagSbASxlGNa7rGQ.roa File: 37hbQJ7zVxzVagSbASxlGNa7rGQ.roa (raw, json) Hash identifier: ZiPWwSin+eQu8Naroa7jWI6Yudz7OyFOeo7L1bmKWLo= Subject key identifier: DF:B8:5B:40:9E:F3:57:1C:D5:6A:04:9B:01:2C:65:18:D6:BB:AC:64 Certificate issuer: /CN=d5f0f4bac5f9a5022fc2dcbc4a3db4cc6b116644 Certificate serial: 019B797F01B3E0359DAFDA06288203A6AD6E Authority key identifier: D5:F0:F4:BA:C5:F9:A5:02:2F:C2:DC:BC:4A:3D:B4:CC:6B:11:66:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1fD0usX5pQIvwty8Sj20zGsRZkQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/37hbQJ7zVxzVagSbASxlGNa7rGQ.roa Signing time: Thu 01 Jan 2026 12:18:45 +0000 ROA not before: Thu 01 Jan 2026 12:18:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50779 IP address blocks: 185.106.12.0/22 maxlen: 24 2001:67c:2698::/48 maxlen: 48 2a0c:db80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/1fD0usX5pQIvwty8Sj20zGsRZkQ.crl rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/1fD0usX5pQIvwty8Sj20zGsRZkQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1fD0usX5pQIvwty8Sj20zGsRZkQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:01:b3:e0:35:9d:af:da:06:28:82:03:a6:ad:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5f0f4bac5f9a5022fc2dcbc4a3db4cc6b116644 Validity Not Before: Jan 1 12:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dfb85b409ef3571cd56a049b012c6518d6bbac64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:5a:c6:01:8e:07:12:69:60:2b:c7:d3:02:8e: 19:21:f7:4b:30:75:cb:91:f2:b3:39:15:9c:a4:3c: 40:8c:b5:2c:06:83:fd:db:0a:50:10:01:e6:41:f6: 5c:48:8e:93:a6:d8:8c:79:68:77:aa:07:68:c8:ac: 61:4a:c9:57:21:67:13:e8:ce:0c:61:14:63:95:65: 17:8e:31:34:b1:19:8c:75:19:49:39:0d:81:dd:9e: 40:8b:ce:46:92:66:68:7f:4e:93:85:dc:41:dc:4e: bc:d6:40:cb:4b:5a:62:69:23:89:2e:2a:f6:e8:fb: 23:79:9a:73:e2:c9:32:4c:52:4e:6a:e8:0a:ad:7e: 20:e3:c8:ba:f4:64:f5:d3:51:19:6c:92:33:a8:09: 04:66:77:d5:d1:a7:c8:5d:09:97:c4:d9:67:eb:3a: 81:d9:4d:6b:8a:09:90:b6:c1:7b:41:1a:26:bd:ea: f4:f8:51:6c:dc:ac:36:d3:7c:2f:97:a0:9e:95:d3: 12:b7:53:cc:39:7d:fd:c0:94:cf:24:86:5c:41:8b: 9b:52:3c:e7:44:20:bf:b5:9e:1e:51:2b:1e:9e:87: bc:ec:78:b9:37:84:39:72:82:ae:68:de:59:d1:82: 8c:7e:82:20:1d:36:9a:4e:6e:b1:c6:17:b6:27:67: ed:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:B8:5B:40:9E:F3:57:1C:D5:6A:04:9B:01:2C:65:18:D6:BB:AC:64 X509v3 Authority Key Identifier: keyid:D5:F0:F4:BA:C5:F9:A5:02:2F:C2:DC:BC:4A:3D:B4:CC:6B:11:66:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fD0usX5pQIvwty8Sj20zGsRZkQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/37hbQJ7zVxzVagSbASxlGNa7rGQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/1fD0usX5pQIvwty8Sj20zGsRZkQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.106.12.0/22 IPv6: 2001:67c:2698::/48 2a0c:db80::/29 Signature Algorithm: sha256WithRSAEncryption 10:f0:21:f4:3c:cb:db:50:ea:5a:c1:3c:f0:3b:ab:6c:b1:58: 94:58:d2:b7:cb:65:bf:0c:c8:d5:e3:30:ca:76:78:c2:7a:d5: 66:70:01:86:2a:1d:ef:01:ca:df:7a:0e:2e:ae:87:9b:fe:5f: c2:c5:48:a4:27:3b:b8:14:31:19:69:b1:6c:de:a6:7d:4c:23: 9f:3b:25:e0:ce:e8:e4:57:e2:a9:2a:ec:8e:05:44:91:82:49: 59:5e:38:66:d2:9d:0d:89:46:73:d3:a4:d6:e0:2a:cf:43:20: 26:ee:b7:64:fe:a3:41:be:4b:82:10:5a:cb:46:88:9a:ae:91: e8:3b:79:09:b2:3a:b5:57:b1:cc:c5:de:3a:96:25:1c:3b:42: eb:72:40:56:d2:d8:3b:52:2a:48:34:27:6d:eb:62:11:4f:fa: 58:3d:8b:bf:01:a5:54:d5:1f:e5:7a:a1:f6:57:2e:7b:f2:f0: 71:02:fa:6e:cf:50:c3:4d:79:15:9b:c0:9e:41:bb:62:c6:67: bb:86:57:a9:09:45:bb:69:33:86:e1:c0:1f:a0:00:32:63:f7: ef:3a:c2:e9:f2:d7:cd:c6:21:b2:19:11:bf:b5:e6:f0:69:9d: e4:55:ee:f7:8e:7d:25:45:cd:83:8e:9d:3f:78:fe:89:4c:17: e8:24:f1:e1 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt5fwGz4DWdr9oGKIIDpq1uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1ZjBmNGJhYzVmOWE1MDIyZmMyZGNiYzRhM2RiNGNjNmIx MTY2NDQwHhcNMjYwMTAxMTIxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZmI4NWI0MDllZjM1NzFjZDU2YTA0OWIwMTJjNjUxOGQ2YmJhYzY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklrGAY4HEmlgK8fTAo4ZIfdLMHXL kfKzORWcpDxAjLUsBoP92wpQEAHmQfZcSI6TptiMeWh3qgdoyKxhSslXIWcT6M4M YRRjlWUXjjE0sRmMdRlJOQ2B3Z5Ai85GkmZof06ThdxB3E681kDLS1piaSOJLir2 6PsjeZpz4skyTFJOaugKrX4g48i69GT101EZbJIzqAkEZnfV0afIXQmXxNln6zqB 2U1rigmQtsF7QRomver0+FFs3Kw203wvl6CeldMSt1PMOX39wJTPJIZcQYubUjzn RCC/tZ4eUSsenoe87Hi5N4Q5coKuaN5Z0YKMfoIgHTaaTm6xxhe2J2ftdwIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFN+4W0Ce81cc1WoEmwEsZRjWu6xkMB8GA1UdIwQY MBaAFNXw9LrF+aUCL8LcvEo9tMxrEWZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWZEMHVzWDVwUUl2d3R5OFNqMjB6R3NSWmtRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hNmQ1NzItMzA0My00ZDE5LTkxNDAt OTkyNTQxZmRlYmVhLzEvMzdoYlFKN3pWeHpWYWdTYkFTeGxHTmE3ckdRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy9hNmQ1NzItMzA0My00ZDE5LTkxNDAtOTkyNTQxZmRlYmVh LzEvMWZEMHVzWDVwUUl2d3R5OFNqMjB6R3NSWmtRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuWoMMBYE AgACMBADBwAgAQZ8JpgDBQMqDNuAMA0GCSqGSIb3DQEBCwUAA4IBAQAQ8CH0PMvb UOpawTzwO6tssViUWNK3y2W/DMjV4zDKdnjCetVmcAGGKh3vAcrfeg4uroeb/l/C xUikJzu4FDEZabFs3qZ9TCOfOyXgzujkV+KpKuyOBUSRgklZXjhm0p0NiUZz06TW 4CrPQyAm7rdk/qNBvkuCEFrLRoiarpHoO3kJsjq1V7HMxd46liUcO0LrckBW0tg7 UipINCdt62IRT/pYPYu/AaVU1R/leqH2Vy578vBxAvpuz1DDTXkVm8CeQbtixme7 hlepCUW7aTOG4cAfoAAyY/fvOsLp8tfNxiGyGRG/tebwaZ3kVe73jn0lRc2Djp0/ eP6JTBfoJPHh -----END CERTIFICATE-----Generated at Mon Jan 26 01:42:28 2026 by rpki-client