This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/1dnKy71ofDf4gYNI2KAkrU9kzh8.roa File: 1dnKy71ofDf4gYNI2KAkrU9kzh8.roa (raw, json) Hash identifier: MZO4jDWSpb/PyhryjkODVE5dJvKnrUZbR0xYvl98uuA= Subject key identifier: D5:D9:CA:CB:BD:68:7C:37:F8:81:83:48:D8:A0:24:AD:4F:64:CE:1F Certificate issuer: /CN=3bad7c91d81891a5947d7e14a6684912063a5dd9 Certificate serial: 019B7A59F3FAEFBEA3949CF7128A53765E9E Authority key identifier: 3B:AD:7C:91:D8:18:91:A5:94:7D:7E:14:A6:68:49:12:06:3A:5D:D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O618kdgYkaWUfX4UpmhJEgY6Xdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/1dnKy71ofDf4gYNI2KAkrU9kzh8.roa Signing time: Thu 01 Jan 2026 16:17:53 +0000 ROA not before: Thu 01 Jan 2026 16:17:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215674 IP address blocks: 198.52.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/O618kdgYkaWUfX4UpmhJEgY6Xdk.crl rsync://rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/O618kdgYkaWUfX4UpmhJEgY6Xdk.mft rsync://rpki.ripe.net/repository/DEFAULT/O618kdgYkaWUfX4UpmhJEgY6Xdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:59:f3:fa:ef:be:a3:94:9c:f7:12:8a:53:76:5e:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bad7c91d81891a5947d7e14a6684912063a5dd9 Validity Not Before: Jan 1 16:17:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d5d9cacbbd687c37f8818348d8a024ad4f64ce1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:8e:eb:6a:87:fa:af:bb:1c:71:54:ea:34:48: f8:a2:4a:fe:eb:71:0a:6d:99:7d:b4:88:f7:77:e4: 7c:79:79:e7:b5:cc:2a:aa:4f:76:3e:6a:95:25:74: 3f:d8:a1:5b:6b:3d:d8:f1:ce:33:99:a2:17:81:e0: 19:05:54:12:5e:4e:78:f8:09:c5:83:11:0e:6e:ef: f0:95:4c:cd:eb:1b:93:cd:f9:d1:e1:7d:b7:9d:b6: 36:52:c1:46:b5:98:dc:ee:6b:3f:1c:31:94:f6:e6: 75:60:b1:fe:35:1c:c8:66:95:59:de:a2:ea:38:74: d6:ed:c1:a3:c4:bd:99:b3:01:3d:03:0a:54:03:9a: 96:b6:e4:50:64:c5:58:8e:43:59:96:78:c0:a8:a9: 0c:9e:93:64:f6:22:65:97:1a:8d:36:4d:9b:c1:7c: a9:06:0a:58:30:d3:42:a7:3e:c2:a8:5c:82:b2:d6: 0c:f7:0e:0f:2c:88:96:6d:17:4e:1d:d7:18:01:bf: 8b:85:40:4b:71:ad:3f:5b:d9:70:33:d3:4c:d4:6f: bd:38:e9:33:fb:7c:4f:73:70:f5:72:03:75:3e:dd: 93:19:cb:2d:74:bf:d5:21:74:86:5f:7a:0f:e4:2c: ac:f9:83:87:a0:ab:52:d2:8a:72:a1:1e:bd:03:31: 7d:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:D9:CA:CB:BD:68:7C:37:F8:81:83:48:D8:A0:24:AD:4F:64:CE:1F X509v3 Authority Key Identifier: keyid:3B:AD:7C:91:D8:18:91:A5:94:7D:7E:14:A6:68:49:12:06:3A:5D:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O618kdgYkaWUfX4UpmhJEgY6Xdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/1dnKy71ofDf4gYNI2KAkrU9kzh8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/O618kdgYkaWUfX4UpmhJEgY6Xdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 198.52.247.0/24 Signature Algorithm: sha256WithRSAEncryption 57:a4:d9:db:e2:db:1a:fe:55:6f:f7:94:31:cb:e5:4f:6f:4c: f9:c3:a2:03:5f:2a:ea:bf:5a:27:ae:f9:9c:f7:64:d8:aa:3e: 40:d7:39:72:4b:8d:3e:c8:50:35:af:de:6b:83:01:cb:50:8c: 31:06:f0:3a:b2:08:30:ec:c6:68:73:8a:d7:77:96:d6:63:00: ac:6c:2f:6a:f1:c9:10:f3:b0:9a:b5:9c:9a:b7:b2:ad:c9:6b: ea:98:fb:d6:b6:84:e8:02:ce:00:c5:ee:dd:d9:43:30:b6:9b: c9:d6:a8:fd:d8:91:5a:7b:ea:a5:58:67:47:ca:9f:5c:5f:38: 28:d8:37:41:53:09:cf:e3:cb:63:89:7b:13:e4:27:a7:0b:c4: 9d:d1:8c:9f:d9:39:3f:69:bd:4e:af:3d:50:6b:96:54:9a:d4: 75:40:dd:7e:7c:b1:a3:69:49:80:48:eb:d6:e6:58:04:6b:b8: 7f:b9:37:27:ee:c1:11:62:c3:c2:bc:28:40:b0:73:0e:9c:fc: da:00:a5:10:c9:ed:ca:80:28:46:47:42:ae:2b:39:85:34:56: b0:e8:0f:fa:d7:60:89:bf:ba:0e:7f:8e:23:56:d9:5b:40:e7: fd:d6:57:0a:0f:d3:05:e7:91:bb:b3:e8:23:7c:00:9e:9e:48: 7d:7f:0f:79 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6WfP6776jlJz3EopTdl6eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiYWQ3YzkxZDgxODkxYTU5NDdkN2UxNGE2Njg0OTEyMDYz YTVkZDkwHhcNMjYwMTAxMTYxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNWQ5Y2FjYmJkNjg3YzM3Zjg4MTgzNDhkOGEwMjRhZDRmNjRjZTFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtY7raof6r7sccVTqNEj4okr+63EK bZl9tIj3d+R8eXnntcwqqk92PmqVJXQ/2KFbaz3Y8c4zmaIXgeAZBVQSXk54+AnF gxEObu/wlUzN6xuTzfnR4X23nbY2UsFGtZjc7ms/HDGU9uZ1YLH+NRzIZpVZ3qLq OHTW7cGjxL2ZswE9AwpUA5qWtuRQZMVYjkNZlnjAqKkMnpNk9iJllxqNNk2bwXyp BgpYMNNCpz7CqFyCstYM9w4PLIiWbRdOHdcYAb+LhUBLca0/W9lwM9NM1G+9OOkz +3xPc3D1cgN1Pt2TGcstdL/VIXSGX3oP5Cys+YOHoKtS0opyoR69AzF9iwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNXZysu9aHw3+IGDSNigJK1PZM4fMB8GA1UdIwQY MBaAFDutfJHYGJGllH1+FKZoSRIGOl3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzYxOGtkZ1lrYVdVZlg0VXBtaEpFZ1k2WGRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85NDkzZWUtN2EwNS00MWVmLWJjZjYt NDIyMDIyNDk5YWNhLzEvMWRuS3k3MW9mRGY0Z1lOSTJLQWtyVTlremg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC85NDkzZWUtN2EwNS00MWVmLWJjZjYtNDIyMDIyNDk5YWNh LzEvTzYxOGtkZ1lrYVdVZlg0VXBtaEpFZ1k2WGRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAxjT3MA0G CSqGSIb3DQEBCwUAA4IBAQBXpNnb4tsa/lVv95Qxy+VPb0z5w6IDXyrqv1onrvmc 92TYqj5A1zlyS40+yFA1r95rgwHLUIwxBvA6sggw7MZoc4rXd5bWYwCsbC9q8ckQ 87CatZyat7KtyWvqmPvWtoToAs4Axe7d2UMwtpvJ1qj92JFae+qlWGdHyp9cXzgo 2DdBUwnP48tjiXsT5CenC8Sd0Yyf2Tk/ab1Orz1Qa5ZUmtR1QN1+fLGjaUmASOvW 5lgEa7h/uTcn7sERYsPCvChAsHMOnPzaAKUQye3KgChGR0KuKzmFNFaw6A/612CJ v7oOf44jVtlbQOf91lcKD9MF55G7s+gjfACenkh9fw95 -----END CERTIFICATE-----Generated at Mon Jan 26 03:27:36 2026 by rpki-client