This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/diqL8yy16y9LeHsnwIPIVvp6VbU.roa File: diqL8yy16y9LeHsnwIPIVvp6VbU.roa (raw, json) Hash identifier: YGl2HS6I4il7qWh5+OC1YzjKf4mXOjsrZzrKCkNnHPM= Subject key identifier: 76:2A:8B:F3:2C:B5:EB:2F:4B:78:7B:27:C0:83:C8:56:FA:7A:55:B5 Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Certificate serial: 019B78A36B9C864F53BC8ECB9A842E009F08 Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/diqL8yy16y9LeHsnwIPIVvp6VbU.roa Signing time: Thu 01 Jan 2026 08:18:54 +0000 ROA not before: Thu 01 Jan 2026 08:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8280 IP address blocks: 151.236.29.0/24 maxlen: 24 188.190.25.0/24 maxlen: 24 212.52.16.0/24 maxlen: 24 2a03:f80:30::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 08:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:6b:9c:86:4f:53:bc:8e:cb:9a:84:2e:00:9f:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Validity Not Before: Jan 1 08:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=762a8bf32cb5eb2f4b787b27c083c856fa7a55b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:63:8c:97:39:72:40:98:72:0e:61:d8:07:66: 31:88:27:a3:0a:ca:ef:57:ae:12:c0:d7:a7:bc:ad: 87:0d:b6:2e:b9:da:80:af:c1:fa:38:41:fd:71:7d: 77:57:8a:dc:70:df:ec:01:fb:8d:16:6f:2e:6f:b3: 8d:3a:2d:af:a0:74:b8:88:65:fa:20:4c:c3:4a:9b: 47:f0:e9:59:93:92:f5:69:85:a6:57:ab:96:60:d1: cb:c5:02:a5:75:f3:92:8a:b9:cb:52:82:bd:c9:ab: 99:98:f2:fa:db:cf:17:25:6d:66:b9:3f:2f:90:d0: 07:c4:12:9d:b3:0f:e4:f6:74:44:2d:95:93:4f:ee: 0e:4d:fc:60:89:58:d4:79:51:9f:73:00:c1:b5:6d: f2:90:a5:b6:d3:fa:be:12:23:18:ca:6c:b7:56:ef: b5:67:46:ad:85:c6:d1:9c:d8:d9:d2:c4:39:83:3a: d2:98:f2:61:5c:ac:95:cc:14:7b:ca:3b:cf:77:2d: a7:fc:22:af:45:e8:26:93:df:77:3b:94:d2:80:fc: 5a:9c:89:0b:8a:82:7e:d6:6c:fd:23:55:14:f5:b8: 0a:28:eb:b0:38:45:2b:35:48:f4:a7:6a:77:f7:d0: d1:06:71:c6:46:68:77:0c:0d:be:e8:f7:55:0e:d4: 9d:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:2A:8B:F3:2C:B5:EB:2F:4B:78:7B:27:C0:83:C8:56:FA:7A:55:B5 X509v3 Authority Key Identifier: keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/diqL8yy16y9LeHsnwIPIVvp6VbU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.236.29.0/24 188.190.25.0/24 212.52.16.0/24 IPv6: 2a03:f80:30::/48 Signature Algorithm: sha256WithRSAEncryption 6a:ed:15:02:5a:f8:70:12:01:46:8e:d7:f7:ab:d2:c4:60:9c: c5:fe:87:db:d4:d5:11:00:8f:a4:b7:79:90:d0:9b:ad:23:51: e4:2f:a1:c1:30:bd:b7:1a:73:2b:b7:94:54:6e:07:c2:0e:3d: 9e:38:98:65:35:95:31:c5:b9:21:0e:87:61:13:d8:d7:83:ff: 98:cf:8b:50:2b:dd:74:23:c8:72:2d:c2:a5:2b:a0:e5:eb:62: 77:c0:4e:01:99:4a:67:b0:77:b0:7c:96:54:74:2a:e0:c3:c5: d2:9a:6e:50:d4:e5:d5:eb:55:f2:60:67:0c:00:7b:71:00:f5: 9a:29:c5:79:48:8b:55:93:b0:77:62:95:ce:32:d7:22:d8:dd: 66:f6:9b:ce:03:40:cc:4b:74:d4:9d:c5:55:aa:b3:bf:cf:b9: ad:34:d4:6b:12:f9:2b:f0:50:0d:98:a5:c9:38:7a:fd:f7:67: 69:cd:27:33:b1:22:e5:ef:39:a8:18:e7:ed:2c:95:6c:43:7e: d2:a0:a1:7a:4b:d7:d4:6d:e2:6e:15:2a:2b:11:1b:6e:95:d0: a1:9e:10:23:82:dd:0c:65:74:1d:15:52:99:f0:64:21:a7:e4: c5:a5:31:43:6a:aa:e8:a6:e4:66:c2:fe:02:ba:71:4f:a5:1f: 62:af:b7:05 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt4o2uchk9TvI7LmoQuAJ8IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj MjhmNmEwHhcNMjYwMTAxMDgxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NjJhOGJmMzJjYjVlYjJmNGI3ODdiMjdjMDgzYzg1NmZhN2E1NWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWOMlzlyQJhyDmHYB2YxiCejCsrv V64SwNenvK2HDbYuudqAr8H6OEH9cX13V4rccN/sAfuNFm8ub7ONOi2voHS4iGX6 IEzDSptH8OlZk5L1aYWmV6uWYNHLxQKldfOSirnLUoK9yauZmPL6288XJW1muT8v kNAHxBKdsw/k9nRELZWTT+4OTfxgiVjUeVGfcwDBtW3ykKW20/q+EiMYymy3Vu+1 Z0athcbRnNjZ0sQ5gzrSmPJhXKyVzBR7yjvPdy2n/CKvRegmk993O5TSgPxanIkL ioJ+1mz9I1UU9bgKKOuwOEUrNUj0p2p399DRBnHGRmh3DA2+6PdVDtSd+wIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFHYqi/MstesvS3h7J8CDyFb6elW1MB8GA1UdIwQY MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt YjM4ZTI2NzdiM2RjLzEvZGlxTDh5eTE2eTlMZUhzbndJUElWdnA2VmJVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAl+wdAwQA vL4ZAwQA1DQQMA8EAgACMAkDBwAqAw+AADAwDQYJKoZIhvcNAQELBQADggEBAGrt FQJa+HASAUaO1/er0sRgnMX+h9vU1REAj6S3eZDQm60jUeQvocEwvbcacyu3lFRu B8IOPZ44mGU1lTHFuSEOh2ET2NeD/5jPi1Ar3XQjyHItwqUroOXrYnfATgGZSmew d7B8llR0KuDDxdKablDU5dXrVfJgZwwAe3EA9ZopxXlIi1WTsHdilc4y1yLY3Wb2 m84DQMxLdNSdxVWqs7/Pua001GsS+SvwUA2Ypck4ev33Z2nNJzOxIuXvOagY5+0s lWxDftKgoXpL19Rt4m4VKisRG26V0KGeECOC3QxldB0VUpnwZCGn5MWlMUNqquim 5GbC/gK6cU+lH2KvtwU= -----END CERTIFICATE-----Generated at Sun Jan 25 18:08:40 2026 by rpki-client