This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/DkVdvbXhpbo9CQqVcVFBg1LNoNE.roa File: DkVdvbXhpbo9CQqVcVFBg1LNoNE.roa (raw, json) Hash identifier: qaF1R+er71d5hFs2KTiNhXAjh56KPYgioy+6tvssIEE= Subject key identifier: 0E:45:5D:BD:B5:E1:A5:BA:3D:09:0A:95:71:51:41:83:52:CD:A0:D1 Certificate issuer: /CN=0f091bdc666b8a59433c68d90e0d8cc37acdce92 Certificate serial: 019B7CED9E7CEAC190EA0C17F6B151AED461 Authority key identifier: 0F:09:1B:DC:66:6B:8A:59:43:3C:68:D9:0E:0D:8C:C3:7A:CD:CE:92 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/DkVdvbXhpbo9CQqVcVFBg1LNoNE.roa Signing time: Fri 02 Jan 2026 04:18:25 +0000 ROA not before: Fri 02 Jan 2026 04:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198399 IP address blocks: 37.34.72.0/21 maxlen: 24 185.95.224.0/22 maxlen: 24 195.93.168.0/23 maxlen: 24 2a00:c5e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/Dwkb3GZrillDPGjZDg2Mw3rNzpI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/Dwkb3GZrillDPGjZDg2Mw3rNzpI.mft rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:9e:7c:ea:c1:90:ea:0c:17:f6:b1:51:ae:d4:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f091bdc666b8a59433c68d90e0d8cc37acdce92 Validity Not Before: Jan 2 04:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0e455dbdb5e1a5ba3d090a957151418352cda0d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:fe:7b:8d:ae:29:ec:f1:22:10:fa:9f:b6:26: 98:95:b1:62:49:02:8d:0b:f3:21:bf:d7:10:32:1b: e1:38:09:4f:eb:6a:fa:5f:72:c6:7d:cc:fd:52:eb: 3a:02:78:c8:a1:2b:71:cd:9e:21:32:24:28:6d:e6: ea:6c:2e:79:5d:09:de:22:c7:b6:49:7c:4b:5f:1b: 33:d2:ed:ed:98:aa:20:28:7c:1b:44:69:ab:91:c4: 52:cb:f2:83:65:e8:95:d5:ce:5b:72:10:a1:83:a5: 6d:2b:ca:ec:a3:f9:2d:b2:6a:c6:29:13:f8:2b:8b: 41:9c:44:a4:f0:e5:5a:28:4b:d8:d5:54:9d:f0:45: 7b:27:f2:9a:26:31:d3:7b:c3:05:de:5c:c4:f4:82: 3e:3d:af:4e:4c:27:8e:3b:63:e6:c7:99:ac:0a:fc: b5:15:a8:5f:62:fd:3a:19:8f:3f:90:e6:aa:53:74: 66:6c:20:dd:83:93:42:a8:c7:80:7b:4a:f7:9a:1c: a4:c4:c5:77:37:05:8f:f7:3c:c1:a9:8f:37:50:d6: 57:c7:e2:d9:27:31:f1:b5:5d:42:b0:56:40:79:07: 27:e9:ac:6c:2b:f1:7d:8c:80:e6:e8:58:ff:eb:b0: 6c:1b:43:00:ba:b3:bd:3a:7e:01:1c:1f:c2:26:09: 1c:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:45:5D:BD:B5:E1:A5:BA:3D:09:0A:95:71:51:41:83:52:CD:A0:D1 X509v3 Authority Key Identifier: keyid:0F:09:1B:DC:66:6B:8A:59:43:3C:68:D9:0E:0D:8C:C3:7A:CD:CE:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/DkVdvbXhpbo9CQqVcVFBg1LNoNE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/Dwkb3GZrillDPGjZDg2Mw3rNzpI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.34.72.0/21 185.95.224.0/22 195.93.168.0/23 IPv6: 2a00:c5e0::/32 Signature Algorithm: sha256WithRSAEncryption 00:db:92:b8:f5:05:ce:bc:b1:ab:10:0c:5b:1a:d5:12:c3:69: 33:3d:86:55:96:9a:c2:48:33:0c:63:e2:f9:7c:7f:80:52:48: 11:28:ba:cb:44:81:07:88:d5:3b:6e:87:cd:38:76:5b:8f:0b: 41:c4:41:0b:df:59:a5:2a:d0:2d:e0:ff:94:65:f8:95:cf:b7: 7e:d8:5b:20:8d:89:f8:fd:db:4c:47:f7:98:74:51:5d:c5:eb: e3:10:67:eb:05:9b:fc:be:c6:a8:a2:50:e7:3c:a6:0b:44:61: 2f:18:b0:f3:59:46:84:53:5d:25:e3:f2:45:b3:42:42:13:6d: 76:18:a4:ba:60:b1:11:79:bc:44:91:7b:e3:95:93:79:e6:04: 97:5d:f5:36:14:af:8f:e6:15:d7:0f:6d:8d:7d:ce:17:ef:60: ba:5f:d9:24:18:7d:a5:b3:09:63:67:31:23:78:ff:6e:56:91: 9b:42:01:e0:76:e3:dd:d4:7b:16:5f:ee:d3:7e:04:62:5c:43: 3d:80:72:d9:8b:0a:f3:5e:1e:8b:84:fe:dc:41:33:4c:a4:ec: cc:18:d2:3d:98:ba:57:7e:e0:bb:4a:f2:6d:88:2f:5d:68:21: 6e:9c:3a:80:6e:dd:0e:68:f2:42:b8:8a:23:19:00:ee:a9:a8: 6a:17:5f:de -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt87Z586sGQ6gwX9rFRrtRhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmMDkxYmRjNjY2YjhhNTk0MzNjNjhkOTBlMGQ4Y2MzN2Fj ZGNlOTIwHhcNMjYwMTAyMDQxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZTQ1NWRiZGI1ZTFhNWJhM2QwOTBhOTU3MTUxNDE4MzUyY2RhMGQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlP57ja4p7PEiEPqftiaYlbFiSQKN C/Mhv9cQMhvhOAlP62r6X3LGfcz9Uus6AnjIoStxzZ4hMiQobebqbC55XQneIse2 SXxLXxsz0u3tmKogKHwbRGmrkcRSy/KDZeiV1c5bchChg6VtK8rso/ktsmrGKRP4 K4tBnESk8OVaKEvY1VSd8EV7J/KaJjHTe8MF3lzE9II+Pa9OTCeOO2Pmx5msCvy1 FahfYv06GY8/kOaqU3RmbCDdg5NCqMeAe0r3mhykxMV3NwWP9zzBqY83UNZXx+LZ JzHxtV1CsFZAeQcn6axsK/F9jIDm6Fj/67BsG0MAurO9On4BHB/CJgkcgwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFA5FXb214aW6PQkKlXFRQYNSzaDRMB8GA1UdIwQY MBaAFA8JG9xma4pZQzxo2Q4NjMN6zc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRHdrYjNHWnJpbGxEUEdqWkRnMk13M3JOenBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iNjQwODMtNTUwZS00Y2FmLWJjMjkt YTM0YThiODA2ODMyLzEvRGtWZHZiWGhwYm85Q1FxVmNWRkJnMUxOb05FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC9iNjQwODMtNTUwZS00Y2FmLWJjMjktYTM0YThiODA2ODMy LzEvRHdrYjNHWnJpbGxEUEdqWkRnMk13M3JOenBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJSJIAwQC uV/gAwQBw12oMA0EAgACMAcDBQAqAMXgMA0GCSqGSIb3DQEBCwUAA4IBAQAA25K4 9QXOvLGrEAxbGtUSw2kzPYZVlprCSDMMY+L5fH+AUkgRKLrLRIEHiNU7bofNOHZb jwtBxEEL31mlKtAt4P+UZfiVz7d+2FsgjYn4/dtMR/eYdFFdxevjEGfrBZv8vsao olDnPKYLRGEvGLDzWUaEU10l4/JFs0JCE212GKS6YLERebxEkXvjlZN55gSXXfU2 FK+P5hXXD22Nfc4X72C6X9kkGH2lswljZzEjeP9uVpGbQgHgduPd1HsWX+7TfgRi XEM9gHLZiwrzXh6LhP7cQTNMpOzMGNI9mLpXfuC7SvJtiC9daCFunDqAbt0OaPJC uIojGQDuqahqF1/e -----END CERTIFICATE-----Generated at Mon Jan 26 04:50:28 2026 by rpki-client