This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d5f9aa-337b-4d60-8f5e-02125e44e3a8/1/dK7BHFnWg4Ak5BA73uAKBbgJyrU.roa File: dK7BHFnWg4Ak5BA73uAKBbgJyrU.roa (raw, json) Hash identifier: h8SstddteIMfyTQvh7qKg5ql0pCJQQ+o3Yc6Ve2+nJo= Subject key identifier: 74:AE:C1:1C:59:D6:83:80:24:E4:10:3B:DE:E0:0A:05:B8:09:CA:B5 Certificate issuer: /CN=bb57561ca2dbf750e8f5e0b7389ef09ce9b5bcea Certificate serial: 019B7DCAA2B4040F0A8133C5D361D861426A Authority key identifier: BB:57:56:1C:A2:DB:F7:50:E8:F5:E0:B7:38:9E:F0:9C:E9:B5:BC:EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u1dWHKLb91Do9eC3OJ7wnOm1vOo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d5f9aa-337b-4d60-8f5e-02125e44e3a8/1/dK7BHFnWg4Ak5BA73uAKBbgJyrU.roa Signing time: Fri 02 Jan 2026 08:19:50 +0000 ROA not before: Fri 02 Jan 2026 08:19:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2852 IP address blocks: 193.84.32.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/d5f9aa-337b-4d60-8f5e-02125e44e3a8/1/u1dWHKLb91Do9eC3OJ7wnOm1vOo.crl rsync://rpki.ripe.net/repository/DEFAULT/19/d5f9aa-337b-4d60-8f5e-02125e44e3a8/1/u1dWHKLb91Do9eC3OJ7wnOm1vOo.mft rsync://rpki.ripe.net/repository/DEFAULT/u1dWHKLb91Do9eC3OJ7wnOm1vOo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 23:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:a2:b4:04:0f:0a:81:33:c5:d3:61:d8:61:42:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bb57561ca2dbf750e8f5e0b7389ef09ce9b5bcea Validity Not Before: Jan 2 08:19:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=74aec11c59d6838024e4103bdee00a05b809cab5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ed:aa:13:bf:41:29:82:55:a8:2f:ec:b1:df: b5:aa:bf:6b:e1:cd:96:14:5f:c6:9d:16:7d:de:8c: 84:06:31:56:5e:08:95:e8:d6:2e:1a:ee:ca:1f:f3: 22:be:82:a8:5d:d3:da:04:5e:73:da:99:91:ef:01: 4d:68:ba:5e:e6:5f:1a:ed:67:b9:9c:da:57:68:b3: 17:e9:16:19:bb:3e:56:3f:70:af:d0:dc:31:fc:d7: 2d:c2:06:8d:5d:80:7b:32:2b:a2:2a:2c:e5:d4:7e: 62:34:b1:2d:e6:f0:e9:c4:d6:b8:87:7b:a0:a8:16: 22:45:a2:d4:0f:4a:fb:45:0e:6a:a1:12:2c:44:77: 2a:b3:c9:0a:37:c5:72:ee:08:a2:6a:07:c3:54:8e: e7:5f:34:03:cb:cd:f4:8c:55:27:be:fe:de:18:ba: 86:52:e6:47:1b:04:f2:f8:5d:9a:67:8b:37:6f:4d: 82:cf:11:23:5e:2b:8f:b5:98:e1:05:5a:9f:03:8d: 01:b5:64:12:d5:2e:5f:d6:fa:2c:34:00:59:27:76: 4a:6d:9a:23:0f:99:75:96:31:8f:45:57:30:c4:3e: e8:f6:9c:a5:36:97:34:14:e2:e5:45:e8:3c:bd:ce: 5e:bf:b9:2c:ca:43:c4:cf:7d:46:3f:a4:fe:f4:21: b6:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:AE:C1:1C:59:D6:83:80:24:E4:10:3B:DE:E0:0A:05:B8:09:CA:B5 X509v3 Authority Key Identifier: keyid:BB:57:56:1C:A2:DB:F7:50:E8:F5:E0:B7:38:9E:F0:9C:E9:B5:BC:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u1dWHKLb91Do9eC3OJ7wnOm1vOo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d5f9aa-337b-4d60-8f5e-02125e44e3a8/1/dK7BHFnWg4Ak5BA73uAKBbgJyrU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d5f9aa-337b-4d60-8f5e-02125e44e3a8/1/u1dWHKLb91Do9eC3OJ7wnOm1vOo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.84.32.0/20 Signature Algorithm: sha256WithRSAEncryption 59:4e:b7:f7:38:7c:af:dd:b0:86:cd:7f:be:14:27:6a:1b:dc: f8:30:9d:53:c9:a4:fd:71:13:55:4b:79:f7:79:8f:cd:df:6a: be:4c:43:c7:ee:ec:fd:8b:df:5b:0e:0e:96:a5:e5:b1:a5:6b: 72:64:59:71:83:1e:84:ce:5e:01:b3:be:58:cf:30:f8:e2:3b: 88:1e:2c:63:aa:03:2b:04:da:f5:07:dd:fe:91:7b:6e:01:55: ef:fe:3e:37:2f:3d:aa:80:ae:75:e5:ed:9d:68:37:15:e9:65: 94:8d:e0:5c:36:71:50:06:08:1c:80:9b:61:67:28:af:46:e3: 0e:b8:b0:08:0c:22:86:2d:a5:21:4a:bd:7c:78:03:cf:98:6f: df:e1:15:f7:ed:ba:41:37:87:9e:54:76:c8:af:91:e4:b7:ef: 84:14:66:8f:6d:32:10:db:d4:6d:ac:6a:2c:fb:9e:a0:80:08: 1b:81:bb:eb:26:98:b5:c8:2b:82:f6:dc:a1:d4:ed:09:96:4d: c8:74:de:19:20:f4:3b:d7:2e:da:24:eb:ad:20:f1:03:d3:22: 34:e4:83:98:67:5f:7c:b9:75:ba:10:5d:d8:30:2e:d7:54:92: 18:de:82:66:fd:fd:1b:c8:56:1d:eb:9d:17:b7:31:e2:ec:ef: 53:92:7c:5c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yqK0BA8KgTPF02HYYUJqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiNTc1NjFjYTJkYmY3NTBlOGY1ZTBiNzM4OWVmMDljZTli NWJjZWEwHhcNMjYwMTAyMDgxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NGFlYzExYzU5ZDY4MzgwMjRlNDEwM2JkZWUwMGEwNWI4MDljYWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO2qE79BKYJVqC/ssd+1qr9r4c2W FF/GnRZ93oyEBjFWXgiV6NYuGu7KH/MivoKoXdPaBF5z2pmR7wFNaLpe5l8a7We5 nNpXaLMX6RYZuz5WP3Cv0Nwx/NctwgaNXYB7MiuiKizl1H5iNLEt5vDpxNa4h3ug qBYiRaLUD0r7RQ5qoRIsRHcqs8kKN8Vy7giiagfDVI7nXzQDy830jFUnvv7eGLqG UuZHGwTy+F2aZ4s3b02CzxEjXiuPtZjhBVqfA40BtWQS1S5f1vosNABZJ3ZKbZoj D5l1ljGPRVcwxD7o9pylNpc0FOLlReg8vc5ev7ksykPEz31GP6T+9CG2xQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHSuwRxZ1oOAJOQQO97gCgW4Ccq1MB8GA1UdIwQY MBaAFLtXVhyi2/dQ6PXgtzie8JzptbzqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdTFkV0hLTGI5MURvOWVDM09KN3duT20xdk9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNWY5YWEtMzM3Yi00ZDYwLThmNWUt MDIxMjVlNDRlM2E4LzEvZEs3QkhGbldnNEFrNUJBNzN1QUtCYmdKeXJVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS9kNWY5YWEtMzM3Yi00ZDYwLThmNWUtMDIxMjVlNDRlM2E4 LzEvdTFkV0hLTGI5MURvOWVDM09KN3duT20xdk9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwVQgMA0G CSqGSIb3DQEBCwUAA4IBAQBZTrf3OHyv3bCGzX++FCdqG9z4MJ1TyaT9cRNVS3n3 eY/N32q+TEPH7uz9i99bDg6WpeWxpWtyZFlxgx6Ezl4Bs75YzzD44juIHixjqgMr BNr1B93+kXtuAVXv/j43Lz2qgK515e2daDcV6WWUjeBcNnFQBggcgJthZyivRuMO uLAIDCKGLaUhSr18eAPPmG/f4RX37bpBN4eeVHbIr5Hkt++EFGaPbTIQ29RtrGos +56ggAgbgbvrJpi1yCuC9tyh1O0Jlk3IdN4ZIPQ71y7aJOutIPED0yI05IOYZ198 uXW6EF3YMC7XVJIY3oJm/f0byFYd650XtzHi7O9Tknxc -----END CERTIFICATE-----Generated at Mon Jan 26 09:23:48 2026 by rpki-client