This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/Pk5JLOSd1QInAh2OTvMfyyR1NPI.roa File: Pk5JLOSd1QInAh2OTvMfyyR1NPI.roa (raw, json) Hash identifier: O7rw9h1GQCgx5zvERGlnO4YLbgkL7RaVJgOWvuy279I= Subject key identifier: 3E:4E:49:2C:E4:9D:D5:02:27:02:1D:8E:4E:F3:1F:CB:24:75:34:F2 Certificate issuer: /CN=0d23064e3c27ec92b7eab667649d204e5673838e Certificate serial: 019BB31FF31FEF29C1D4030135CCD9823879 Authority key identifier: 0D:23:06:4E:3C:27:EC:92:B7:EA:B6:67:64:9D:20:4E:56:73:83:8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/Pk5JLOSd1QInAh2OTvMfyyR1NPI.roa Signing time: Mon 12 Jan 2026 16:52:54 +0000 ROA not before: Mon 12 Jan 2026 16:52:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50178 IP address blocks: 147.189.211.0/24 maxlen: 24 185.251.24.0/24 maxlen: 24 2a11:f00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/DSMGTjwn7JK36rZnZJ0gTlZzg44.crl rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/DSMGTjwn7JK36rZnZJ0gTlZzg44.mft rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b3:1f:f3:1f:ef:29:c1:d4:03:01:35:cc:d9:82:38:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d23064e3c27ec92b7eab667649d204e5673838e Validity Not Before: Jan 12 16:52:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3e4e492ce49dd50227021d8e4ef31fcb247534f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:58:4c:1a:63:26:2b:48:db:03:6f:2e:4f:5d: 23:c2:41:b9:c7:77:06:98:16:91:e6:e4:82:63:8f: 6d:74:b9:ed:aa:a6:50:30:2c:f9:36:3b:1d:e8:cb: 5e:f9:19:e0:d8:0c:0a:a0:21:98:46:3d:d9:d2:7f: 9b:e7:ef:cf:0b:5e:47:07:ed:69:2b:74:b5:79:1a: bb:77:65:92:60:48:55:30:c4:df:34:e7:d9:6d:71: 6c:1c:e2:bb:1f:15:1a:4b:c8:76:96:2f:b7:4b:d7: 28:22:1a:04:fc:2a:26:ba:66:92:1e:08:0e:d2:4d: 81:22:5b:a4:b2:a1:c3:5e:29:11:05:61:d6:1c:23: 0a:a5:83:3b:8f:fc:88:a1:ee:34:c3:45:9e:65:62: 45:02:75:e6:0c:4f:71:3d:c7:fc:28:f9:04:c8:11: 6c:eb:0b:c3:6b:fb:93:bd:3f:b0:bb:12:49:4f:c8: 5d:5a:a0:26:5c:df:0c:34:89:d9:8f:6a:3c:b8:01: 05:83:b9:88:fb:98:e5:dd:49:1c:4d:78:f2:e6:05: f2:9c:56:e1:6a:1c:f7:5b:7f:d2:47:e6:d2:3e:9d: 7b:65:e0:d9:40:bf:b6:02:31:8e:3c:cd:2a:ae:51: 98:05:2b:3a:b5:ec:a7:65:9e:d2:4a:37:f6:1a:bd: c2:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:4E:49:2C:E4:9D:D5:02:27:02:1D:8E:4E:F3:1F:CB:24:75:34:F2 X509v3 Authority Key Identifier: keyid:0D:23:06:4E:3C:27:EC:92:B7:EA:B6:67:64:9D:20:4E:56:73:83:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/Pk5JLOSd1QInAh2OTvMfyyR1NPI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/DSMGTjwn7JK36rZnZJ0gTlZzg44.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.189.211.0/24 185.251.24.0/24 IPv6: 2a11:f00::/29 Signature Algorithm: sha256WithRSAEncryption 23:b2:24:ad:50:f9:98:68:7d:17:17:8f:05:c8:51:4f:2b:f6: b4:00:45:40:88:87:ef:66:54:8d:bb:e0:93:70:5d:2c:74:ce: 98:4e:cd:d5:f4:c3:01:01:ba:40:16:da:aa:8d:d6:07:3b:64: 2f:0e:3c:aa:79:f8:35:00:b7:b9:fc:e1:25:b3:03:94:15:17: a6:e2:14:18:e3:82:16:ae:dc:06:80:ca:43:d8:9a:30:de:1b: e5:7e:bd:90:59:08:64:f8:6f:df:b2:a2:05:db:53:98:86:6d: 37:8e:5d:36:23:e6:ce:cc:5a:00:4a:e8:c8:73:c2:ab:8b:6a: 71:b8:45:1d:b8:c7:5a:67:d7:ff:3b:52:49:4f:78:6d:dc:2e: 06:11:f8:66:3b:da:64:6e:f2:2f:13:a8:4f:86:28:60:f6:d7: 42:f4:6e:f3:fa:f1:32:f4:a9:a4:11:96:8a:89:69:b3:57:03: 51:b6:a8:65:2e:c7:95:b9:95:f0:d9:15:5b:d0:70:cb:5b:7b: da:d4:83:4c:86:ea:95:c8:a0:29:14:db:f8:0b:92:b6:5d:32: 46:14:b4:af:a0:c9:c1:89:c5:eb:82:9c:2b:4e:3d:19:42:44: 23:99:dd:b6:72:08:f0:9e:e6:be:96:a2:a1:49:3f:a8:d0:c1: 64:0e:96:b8 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZuzH/Mf7ynB1AMBNczZgjh5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkMjMwNjRlM2MyN2VjOTJiN2VhYjY2NzY0OWQyMDRlNTY3 MzgzOGUwHhcNMjYwMTEyMTY1MjU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZTRlNDkyY2U0OWRkNTAyMjcwMjFkOGU0ZWYzMWZjYjI0NzUzNGYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lhMGmMmK0jbA28uT10jwkG5x3cG mBaR5uSCY49tdLntqqZQMCz5Njsd6Mte+Rng2AwKoCGYRj3Z0n+b5+/PC15HB+1p K3S1eRq7d2WSYEhVMMTfNOfZbXFsHOK7HxUaS8h2li+3S9coIhoE/ComumaSHggO 0k2BIluksqHDXikRBWHWHCMKpYM7j/yIoe40w0WeZWJFAnXmDE9xPcf8KPkEyBFs 6wvDa/uTvT+wuxJJT8hdWqAmXN8MNInZj2o8uAEFg7mI+5jl3UkcTXjy5gXynFbh ahz3W3/SR+bSPp17ZeDZQL+2AjGOPM0qrlGYBSs6teynZZ7SSjf2Gr3C3wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFD5OSSzkndUCJwIdjk7zH8skdTTyMB8GA1UdIwQY MBaAFA0jBk48J+ySt+q2Z2SdIE5Wc4OOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFNNR1Rqd243SkszNnJablpKMGdUbFp6ZzQ0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83MmZhZWQtYThmOC00YTMzLThkZGMt NWNlZjA0Yjc5NzM3LzEvUGs1SkxPU2QxUUluQWgyT1R2TWZ5eVIxTlBJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS83MmZhZWQtYThmOC00YTMzLThkZGMtNWNlZjA0Yjc5NzM3 LzEvRFNNR1Rqd243SkszNnJablpKMGdUbFp6ZzQ0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAk73TAwQA ufsYMA0EAgACMAcDBQMqEQ8AMA0GCSqGSIb3DQEBCwUAA4IBAQAjsiStUPmYaH0X F48FyFFPK/a0AEVAiIfvZlSNu+CTcF0sdM6YTs3V9MMBAbpAFtqqjdYHO2QvDjyq efg1ALe5/OElswOUFRem4hQY44IWrtwGgMpD2Jow3hvlfr2QWQhk+G/fsqIF21OY hm03jl02I+bOzFoASujIc8Kri2pxuEUduMdaZ9f/O1JJT3ht3C4GEfhmO9pkbvIv E6hPhihg9tdC9G7z+vEy9KmkEZaKiWmzVwNRtqhlLseVuZXw2RVb0HDLW3va1INM huqVyKApFNv4C5K2XTJGFLSvoMnBicXrgpwrTj0ZQkQjmd22cgjwnua+lqKhST+o 0MFkDpa4 -----END CERTIFICATE-----Generated at Mon Jan 26 05:48:46 2026 by rpki-client