This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/DvIctBZSmJLEtaUcD7bCK6NQCY0.roa File: DvIctBZSmJLEtaUcD7bCK6NQCY0.roa (raw, json) Hash identifier: oCuijjXHgGm50a2aRFIYkyg82b9NCKAQLaPxn1yaYag= Subject key identifier: 0E:F2:1C:B4:16:52:98:92:C4:B5:A5:1C:0F:B6:C2:2B:A3:50:09:8D Certificate issuer: /CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c Certificate serial: 019B7CEE2F18AEB5AB9DD187A17F30FDF1A5 Authority key identifier: D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/DvIctBZSmJLEtaUcD7bCK6NQCY0.roa Signing time: Fri 02 Jan 2026 04:19:02 +0000 ROA not before: Fri 02 Jan 2026 04:19:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57928 IP address blocks: 37.157.11.0/24 maxlen: 24 2a14:6c40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:2f:18:ae:b5:ab:9d:d1:87:a1:7f:30:fd:f1:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c Validity Not Before: Jan 2 04:19:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0ef21cb416529892c4b5a51c0fb6c22ba350098d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:0e:9b:03:08:52:00:3e:7c:5e:3c:58:b1:18: 64:9b:41:ed:11:44:f8:7e:a7:8d:41:0a:f6:fe:5f: 80:62:92:ec:46:ae:a1:32:df:13:4a:19:fc:d1:c2: 83:bb:f6:be:b9:3e:ab:d8:98:75:88:23:3b:ac:9c: 9b:54:a0:37:e1:ca:a6:8d:8c:c6:43:3e:90:35:f0: 94:d8:3d:a7:01:33:73:2c:b5:66:03:a9:82:a5:0d: fc:fa:53:4f:7c:64:48:a6:3e:21:80:ec:6b:bd:e6: f5:6e:37:e4:3a:e1:4c:4d:5e:e0:28:4a:cb:79:dd: dd:73:0d:48:66:cf:dd:b1:a2:ad:59:4c:0f:7a:c1: 73:de:e2:72:25:ec:48:ad:36:b1:c2:82:49:00:fc: 39:3e:fd:65:d5:90:75:13:76:47:ae:49:ae:21:41: 9a:21:66:05:a7:bb:4e:21:2a:14:5c:3d:ab:4a:88: 03:42:78:51:a7:03:44:e6:c0:61:86:f7:73:6b:3d: e4:82:a6:5b:cd:b8:88:56:4d:ad:2e:c0:d0:47:15: 87:e1:90:5a:4c:c4:f3:e0:dc:03:49:25:91:a9:8d: f2:1c:91:85:3e:9d:2b:a2:e4:f9:25:c5:87:60:b6: ea:78:3e:36:b9:b2:c2:1a:11:db:00:55:78:b4:a1: 81:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:F2:1C:B4:16:52:98:92:C4:B5:A5:1C:0F:B6:C2:2B:A3:50:09:8D X509v3 Authority Key Identifier: keyid:D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/DvIctBZSmJLEtaUcD7bCK6NQCY0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.157.11.0/24 IPv6: 2a14:6c40::/29 Signature Algorithm: sha256WithRSAEncryption 29:a9:26:09:2c:dc:e6:bd:b5:59:f4:8d:4a:f9:91:99:2e:c3: f2:6b:aa:da:7b:02:d5:b1:fd:bf:fd:a6:2d:50:52:fe:a4:ad: c6:e9:0b:1b:ad:bf:81:d7:83:44:af:51:46:3d:54:7a:38:86: f4:c0:e5:f3:f8:be:ca:ac:6d:f1:b7:cc:a0:9c:04:11:eb:55: de:dc:f2:07:4c:70:d6:e2:23:d8:00:16:19:eb:2c:2d:49:47: be:1a:39:ca:67:b2:8d:56:d9:f8:b3:69:a6:e4:a1:27:6a:3e: 1b:d9:40:25:c0:44:a0:a3:be:5c:91:7e:0c:f3:f2:cb:59:6b: 65:f3:50:57:fd:ac:2a:98:c8:9d:a7:e3:26:1b:0f:0a:2a:04: b8:c4:5c:0a:e4:5e:ab:c2:45:45:2a:e2:2e:3c:45:cf:d3:ca: 25:84:83:89:c0:c2:c0:ee:97:d8:63:94:0b:8e:86:f2:d2:e9: fd:87:21:6f:f7:09:32:b2:e2:d4:74:d0:b6:a5:2a:eb:04:f7: 03:28:20:59:48:ed:5e:1a:1b:3d:b5:4f:3a:86:f5:c4:6b:7a: fd:55:4d:dc:89:2c:ad:13:c5:18:ac:c6:74:15:70:72:5e:a9: 91:2a:55:4f:1d:41:5c:64:b0:95:f4:27:3f:f1:98:66:87:c4: fb:37:56:be -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt87i8YrrWrndGHoX8w/fGlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ODJhMTk3MzQwZDM1ODRlNmFjMTdjMWZiMmE5OTAwYWU0 ZjYwM2MwHhcNMjYwMTAyMDQxOTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZWYyMWNiNDE2NTI5ODkyYzRiNWE1MWMwZmI2YzIyYmEzNTAwOThkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug6bAwhSAD58XjxYsRhkm0HtEUT4 fqeNQQr2/l+AYpLsRq6hMt8TShn80cKDu/a+uT6r2Jh1iCM7rJybVKA34cqmjYzG Qz6QNfCU2D2nATNzLLVmA6mCpQ38+lNPfGRIpj4hgOxrveb1bjfkOuFMTV7gKErL ed3dcw1IZs/dsaKtWUwPesFz3uJyJexIrTaxwoJJAPw5Pv1l1ZB1E3ZHrkmuIUGa IWYFp7tOISoUXD2rSogDQnhRpwNE5sBhhvdzaz3kgqZbzbiIVk2tLsDQRxWH4ZBa TMTz4NwDSSWRqY3yHJGFPp0rouT5JcWHYLbqeD42ubLCGhHbAFV4tKGBpQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFA7yHLQWUpiSxLWlHA+2wiujUAmNMB8GA1UdIwQY MBaAFNiCoZc0DTWE5qwXwfsqmQCuT2A8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUt YjA1YWU1Y2EyZDVlLzEvRHZJY3RCWlNtSkxFdGFVY0Q3YkNLNk5RQ1kwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUtYjA1YWU1Y2EyZDVl LzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAJZ0LMA0E AgACMAcDBQMqFGxAMA0GCSqGSIb3DQEBCwUAA4IBAQApqSYJLNzmvbVZ9I1K+ZGZ LsPya6raewLVsf2//aYtUFL+pK3G6Qsbrb+B14NEr1FGPVR6OIb0wOXz+L7KrG3x t8ygnAQR61Xe3PIHTHDW4iPYABYZ6ywtSUe+GjnKZ7KNVtn4s2mm5KEnaj4b2UAl wESgo75ckX4M8/LLWWtl81BX/awqmMidp+MmGw8KKgS4xFwK5F6rwkVFKuIuPEXP 08olhIOJwMLA7pfYY5QLjoby0un9hyFv9wkysuLUdNC2pSrrBPcDKCBZSO1eGhs9 tU86hvXEa3r9VU3ciSytE8UYrMZ0FXByXqmRKlVPHUFcZLCV9Cc/8Zhmh8T7N1a+ -----END CERTIFICATE-----Generated at Mon Jan 26 00:14:08 2026 by rpki-client