This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/PKDBX_5rlrKVrUIFrHV2ZsSxOyY.roa File: PKDBX_5rlrKVrUIFrHV2ZsSxOyY.roa (raw, json) Hash identifier: BQOkCEhu+u6OghGz5UOaFPhVuOtvrXbTcbi4yCOPXRc= Subject key identifier: 3C:A0:C1:5F:FE:6B:96:B2:95:AD:42:05:AC:75:76:66:C4:B1:3B:26 Certificate issuer: /CN=fbbf4d59cbd978ae1127c67fd22f04c62ff837cf Certificate serial: 019B7910C4A3C2025EC041F33D83035DE8D3 Authority key identifier: FB:BF:4D:59:CB:D9:78:AE:11:27:C6:7F:D2:2F:04:C6:2F:F8:37:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/PKDBX_5rlrKVrUIFrHV2ZsSxOyY.roa Signing time: Thu 01 Jan 2026 10:18:20 +0000 ROA not before: Thu 01 Jan 2026 10:18:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57707 IP address blocks: 217.28.88.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.crl rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.mft rsync://rpki.ripe.net/repository/DEFAULT/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:c4:a3:c2:02:5e:c0:41:f3:3d:83:03:5d:e8:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fbbf4d59cbd978ae1127c67fd22f04c62ff837cf Validity Not Before: Jan 1 10:18:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3ca0c15ffe6b96b295ad4205ac757666c4b13b26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:78:c5:48:d6:c0:23:ff:8a:03:71:d3:ee:5d: 21:77:26:dd:a8:44:70:14:4f:52:57:e8:8a:85:0a: 7c:a4:49:70:de:cc:8e:30:7e:44:25:b0:df:ef:1f: 5a:f2:f0:24:61:30:66:8e:04:8f:e7:37:73:ab:24: 5b:fa:43:1f:ee:77:14:32:79:28:30:a5:d4:d2:b9: 80:a0:45:e1:44:23:7f:30:20:4d:50:b8:5d:76:9b: 1a:f7:56:2d:9a:c5:93:9b:33:03:a2:e0:cd:10:0d: f7:2b:82:69:8b:93:9d:e8:fb:2f:78:04:cb:7c:cb: e5:1b:66:dd:93:73:3c:65:92:f2:69:d7:0b:13:8f: 32:04:b3:82:15:70:0a:60:43:e4:d0:f4:3a:01:26: 07:35:bf:d7:a4:d7:3c:09:f4:5c:49:b3:b6:47:70: a7:7b:7b:a8:77:38:97:df:ed:da:da:c0:6f:18:f0: 81:d4:64:f9:30:f3:0d:3e:35:fb:a1:15:57:da:f0: 6b:64:94:6d:99:41:f5:a3:df:cf:c6:54:a5:f2:ac: 0e:92:e2:53:32:5a:08:18:31:f5:99:f8:83:c1:9b: 75:63:40:e6:35:7f:07:cc:4e:9b:c2:04:b7:56:7c: dc:bf:f1:19:2c:45:63:27:83:24:6a:ce:7a:ad:8c: 5f:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:A0:C1:5F:FE:6B:96:B2:95:AD:42:05:AC:75:76:66:C4:B1:3B:26 X509v3 Authority Key Identifier: keyid:FB:BF:4D:59:CB:D9:78:AE:11:27:C6:7F:D2:2F:04:C6:2F:F8:37:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/PKDBX_5rlrKVrUIFrHV2ZsSxOyY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.28.88.0/21 Signature Algorithm: sha256WithRSAEncryption 37:59:28:f4:42:c2:bf:48:38:b3:af:40:f9:91:1e:25:3a:4c: 2b:ab:02:b5:2c:ab:09:e4:e0:2f:85:52:c1:e4:81:81:e3:15: d6:b7:3d:d2:6a:bb:a2:01:5c:af:90:63:b4:26:83:42:cb:f3: a7:ce:89:bf:c1:c9:8e:fe:23:02:03:be:ef:83:2a:92:4f:c3: 4b:58:f4:f6:be:a1:d9:9b:99:bb:5d:a4:af:5f:df:88:86:56: 80:99:72:73:24:38:77:25:46:72:e3:be:30:c2:36:81:2a:b4: d4:53:5c:c1:64:0d:18:56:6c:17:d0:6a:a3:4f:94:31:b9:3e: 85:e4:7e:15:2a:7c:94:2e:80:60:0b:1c:41:5c:bf:94:a2:4e: 6e:f3:37:20:d3:09:38:57:5b:c4:b0:f3:34:44:87:48:0c:a9: d0:94:ec:8a:ba:35:53:01:19:c1:0e:52:fb:55:fe:14:7c:aa: 6a:b6:8f:5b:f7:e1:80:42:02:3b:9b:f5:7c:58:4a:0c:29:24: f3:c3:00:f8:9c:3a:7e:5e:e1:fe:33:3f:d2:89:b7:b2:ed:55: 70:fa:5e:e7:fb:13:91:3b:29:9a:c1:c5:33:aa:ed:1e:55:b6: 66:41:8d:cc:77:55:63:96:ee:8a:03:7c:2b:a8:54:3a:4d:7a: f6:26:e0:b9 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt5EMSjwgJewEHzPYMDXejTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZiYmY0ZDU5Y2JkOTc4YWUxMTI3YzY3ZmQyMmYwNGM2MmZm ODM3Y2YwHhcNMjYwMTAxMTAxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzY2EwYzE1ZmZlNmI5NmIyOTVhZDQyMDVhYzc1NzY2NmM0YjEzYjI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3jFSNbAI/+KA3HT7l0hdybdqERw FE9SV+iKhQp8pElw3syOMH5EJbDf7x9a8vAkYTBmjgSP5zdzqyRb+kMf7ncUMnko MKXU0rmAoEXhRCN/MCBNULhddpsa91YtmsWTmzMDouDNEA33K4Jpi5Od6PsveATL fMvlG2bdk3M8ZZLyadcLE48yBLOCFXAKYEPk0PQ6ASYHNb/XpNc8CfRcSbO2R3Cn e3uodziX3+3a2sBvGPCB1GT5MPMNPjX7oRVX2vBrZJRtmUH1o9/PxlSl8qwOkuJT MloIGDH1mfiDwZt1Y0DmNX8HzE6bwgS3Vnzcv/EZLEVjJ4Mkas56rYxf5wIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFDygwV/+a5ayla1CBax1dmbEsTsmMB8GA1UdIwQY MBaAFPu/TVnL2XiuESfGf9IvBMYv+DfPMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS03OU5XY3ZaZUs0Uko4Wl8waThFeGlfNE44OC5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvODhjOTk1LWVkZTAtNGNjNC1hNjZk LTI1YmFhODIzMGZjYi8xL1BLREJYXzVybHJLVnJVSUZySFYyWnNTeE95WS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMzQvODhjOTk1LWVkZTAtNGNjNC1hNjZkLTI1YmFhODIzMGZj Yi8xLzEtNzlOV2N2WmVLNFJKOFpfMGk4RXhpXzROODguY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPZHFgw DQYJKoZIhvcNAQELBQADggEBADdZKPRCwr9IOLOvQPmRHiU6TCurArUsqwnk4C+F UsHkgYHjFda3PdJqu6IBXK+QY7Qmg0LL86fOib/ByY7+IwIDvu+DKpJPw0tY9Pa+ odmbmbtdpK9f34iGVoCZcnMkOHclRnLjvjDCNoEqtNRTXMFkDRhWbBfQaqNPlDG5 PoXkfhUqfJQugGALHEFcv5SiTm7zNyDTCThXW8Sw8zREh0gMqdCU7Iq6NVMBGcEO UvtV/hR8qmq2j1v34YBCAjub9XxYSgwpJPPDAPicOn5e4f4zP9KJt7LtVXD6Xuf7 E5E7KZrBxTOq7R5VtmZBjcx3VWOW7ooDfCuoVDpNevYm4Lk= -----END CERTIFICATE-----Generated at Sun Jan 25 22:31:30 2026 by rpki-client