This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/D-8LG2tVdd5-uleb8t-_wqh_Jl8.roa File: D-8LG2tVdd5-uleb8t-_wqh_Jl8.roa (raw, json) Hash identifier: mVxwGRDiuc9C3st3JN7liHp0YNkXDsxa9l1VHNbN9/Q= Subject key identifier: 0F:EF:0B:1B:6B:55:75:DE:7E:BA:57:9B:F2:DF:BF:C2:A8:7F:26:5F Certificate issuer: /CN=7d5695786f8450d1041dc88ad892cbb570d5972b Certificate serial: 019B79ECCBC5BD7AED4575727BDAAA405CC0 Authority key identifier: 7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/D-8LG2tVdd5-uleb8t-_wqh_Jl8.roa Signing time: Thu 01 Jan 2026 14:18:40 +0000 ROA not before: Thu 01 Jan 2026 14:18:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56598 IP address blocks: 193.168.204.0/23 maxlen: 32 193.168.206.0/23 maxlen: 32 2a09:6980::/29 maxlen: 48 2a0e:9900::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/fVaVeG-EUNEEHciK2JLLtXDVlys.crl rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/fVaVeG-EUNEEHciK2JLLtXDVlys.mft rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:cb:c5:bd:7a:ed:45:75:72:7b:da:aa:40:5c:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7d5695786f8450d1041dc88ad892cbb570d5972b Validity Not Before: Jan 1 14:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0fef0b1b6b5575de7eba579bf2dfbfc2a87f265f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:46:14:84:bf:9c:dd:4b:d8:e5:8b:94:a2:4a: 74:6d:11:de:93:18:38:c2:7a:64:dc:71:69:1a:27: c1:7a:c3:6a:43:ce:09:0a:ab:fb:a1:62:e9:56:29: af:38:24:f9:a2:bd:70:cd:20:b8:ff:23:a0:7b:4b: 91:5b:50:13:8a:63:af:e7:02:a5:0b:36:0e:28:bf: f2:21:c8:87:9b:5c:9f:2c:10:af:eb:0f:ba:79:f2: 18:ce:0e:02:15:d0:83:63:eb:77:85:eb:c4:b2:11: 03:4f:40:2a:a4:e0:dc:ca:58:57:92:14:4a:e4:22: 4c:04:e6:43:9a:50:8a:8e:91:9a:53:0c:16:9e:01: b9:c7:0f:62:ba:47:27:0a:b3:b0:44:fa:5b:ba:bc: 0f:c6:9a:43:63:2b:1f:03:d5:86:b0:0d:35:23:ca: 08:39:ad:a9:84:47:5e:22:83:db:fb:57:d1:06:00: 79:f6:a1:92:e1:0a:c8:d4:0c:a6:58:3c:6a:94:50: b9:34:3c:49:56:ea:ae:f1:80:a4:59:5b:22:96:db: bf:da:dd:00:f2:ae:32:bd:71:1a:b8:00:8a:11:a1: 84:46:3f:c1:25:cc:d3:7d:12:5d:04:6e:d3:4e:76: 87:7f:20:f2:2b:80:3c:06:d2:be:87:61:39:60:6d: 0e:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:EF:0B:1B:6B:55:75:DE:7E:BA:57:9B:F2:DF:BF:C2:A8:7F:26:5F X509v3 Authority Key Identifier: keyid:7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/D-8LG2tVdd5-uleb8t-_wqh_Jl8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/fVaVeG-EUNEEHciK2JLLtXDVlys.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.168.204.0/22 IPv6: 2a09:6980::/29 2a0e:9900::/29 Signature Algorithm: sha256WithRSAEncryption 80:70:f5:ca:e2:2b:28:bd:e2:4d:fc:91:13:c7:04:d8:87:4a: e0:8e:15:a9:b2:07:fe:06:9f:91:b0:eb:c7:fd:a1:b6:d9:a5: 8b:9f:3a:d0:39:bb:e1:4b:57:55:49:d0:b8:31:fa:3b:23:2c: 13:2c:9c:a1:cd:90:e3:9b:f8:cd:9c:e3:7e:5e:a2:5f:6a:59: e3:5c:0f:c2:e8:b0:90:18:c8:45:05:53:16:10:cc:1d:3d:d2: e9:bc:d6:82:64:ca:69:26:55:f7:5d:96:ab:8b:df:8f:0b:44: 45:86:94:bb:e3:3e:c8:28:df:7c:db:fa:6e:7e:a5:ba:cd:c8: 3f:26:b5:c1:da:11:3e:b5:70:43:54:13:d4:18:94:cc:d6:55: 4d:af:44:bb:db:40:9f:6a:05:73:7d:68:55:0e:fe:10:87:c3: 8f:2a:ce:db:2c:d0:71:2a:1b:fd:85:20:20:8e:db:a1:89:db: b3:09:8c:ed:4a:7e:ba:c7:53:54:df:1d:07:1f:15:65:1e:0c: bc:5d:01:ab:6e:4b:db:3b:5b:62:2c:63:42:63:12:52:4c:67: 87:0e:01:08:c4:c6:b5:e0:53:bf:21:78:1f:ff:aa:b0:5c:52: 2a:41:75:89:1e:00:da:cf:07:4b:5e:73:94:3e:58:c8:10:dc: 0a:85:79:03 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt57MvFvXrtRXVye9qqQFzAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkNTY5NTc4NmY4NDUwZDEwNDFkYzg4YWQ4OTJjYmI1NzBk NTk3MmIwHhcNMjYwMTAxMTQxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZmVmMGIxYjZiNTU3NWRlN2ViYTU3OWJmMmRmYmZjMmE4N2YyNjVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0YUhL+c3UvY5YuUokp0bRHekxg4 wnpk3HFpGifBesNqQ84JCqv7oWLpVimvOCT5or1wzSC4/yOge0uRW1ATimOv5wKl CzYOKL/yIciHm1yfLBCv6w+6efIYzg4CFdCDY+t3hevEshEDT0AqpODcylhXkhRK 5CJMBOZDmlCKjpGaUwwWngG5xw9iukcnCrOwRPpburwPxppDYysfA9WGsA01I8oI Oa2phEdeIoPb+1fRBgB59qGS4QrI1AymWDxqlFC5NDxJVuqu8YCkWVsiltu/2t0A 8q4yvXEauACKEaGERj/BJczTfRJdBG7TTnaHfyDyK4A8BtK+h2E5YG0OgQIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFA/vCxtrVXXefrpXm/Lfv8KofyZfMB8GA1UdIwQY MBaAFH1WlXhvhFDRBB3IitiSy7Vw1ZcrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDIt NjNiMzM4MDhhNmE4LzEvRC04TEcydFZkZDUtdWxlYjh0LV93cWhfSmw4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDItNjNiMzM4MDhhNmE4 LzEvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCwajMMBQE AgACMA4DBQMqCWmAAwUDKg6ZADANBgkqhkiG9w0BAQsFAAOCAQEAgHD1yuIrKL3i TfyRE8cE2IdK4I4VqbIH/gafkbDrx/2httmli5860Dm74UtXVUnQuDH6OyMsEyyc oc2Q45v4zZzjfl6iX2pZ41wPwuiwkBjIRQVTFhDMHT3S6bzWgmTKaSZV912Wq4vf jwtERYaUu+M+yCjffNv6bn6lus3IPya1wdoRPrVwQ1QT1BiUzNZVTa9Eu9tAn2oF c31oVQ7+EIfDjyrO2yzQcSob/YUgII7boYnbswmM7Up+usdTVN8dBx8VZR4MvF0B q25L2ztbYixjQmMSUkxnhw4BCMTGteBTvyF4H/+qsFxSKkF1iR4A2s8HS15zlD5Y yBDcCoV5Aw== -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:30 2026 by rpki-client