This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/00NnGOjb0Kliq8h03PUkoF2V-mQ.roa File: 00NnGOjb0Kliq8h03PUkoF2V-mQ.roa (raw, json) Hash identifier: VSJr4YxEOTSjkg/Ic9pjW8DLPur6HW+mqH3Z3+8+mfg= Subject key identifier: D3:43:67:18:E8:DB:D0:A9:62:AB:C8:74:DC:F5:24:A0:5D:95:FA:64 Certificate issuer: /CN=bd7410f4e62c7772c78d5750b21fc214339e94a2 Certificate serial: 019B76EAB2906844209D199A70CE4E6B5E38 Authority key identifier: BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/00NnGOjb0Kliq8h03PUkoF2V-mQ.roa Signing time: Thu 01 Jan 2026 00:17:31 +0000 ROA not before: Thu 01 Jan 2026 00:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42310 IP address blocks: 77.72.72.0/23 maxlen: 23 77.72.74.0/23 maxlen: 23 77.72.76.0/23 maxlen: 23 77.72.78.0/23 maxlen: 23 77.72.78.0/24 maxlen: 24 77.72.79.0/24 maxlen: 24 2a01:4b0::/48 maxlen: 48 2a01:4b0:1::/48 maxlen: 48 2a01:4b0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.mft rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 03:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:b2:90:68:44:20:9d:19:9a:70:ce:4e:6b:5e:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bd7410f4e62c7772c78d5750b21fc214339e94a2 Validity Not Before: Jan 1 00:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d3436718e8dbd0a962abc874dcf524a05d95fa64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:f3:83:97:fd:d9:a5:ac:92:28:e7:44:9f:29: eb:1f:a3:1d:24:b5:ae:d5:8f:1e:dd:74:39:21:57: df:81:d1:17:c2:e2:7e:2c:96:53:cd:a8:33:d3:20: b7:5a:5d:c3:01:21:78:d3:11:f5:a8:68:b7:9f:1a: ae:85:9b:ce:34:20:85:82:0e:80:ed:f6:67:fc:64: ff:f9:91:d2:b9:90:d7:af:c8:1f:d1:e3:81:04:2a: cf:13:58:e7:a4:d4:57:79:4b:ef:fa:21:61:c2:49: 7d:1e:65:e0:69:82:6f:18:56:93:12:c2:fd:d2:64: 75:52:17:a9:0b:9c:82:90:7d:6d:52:53:ae:1f:c4: 1f:95:ed:23:59:be:e3:70:57:3d:f0:fe:bc:68:96: 1d:04:39:f2:ca:6d:c8:e2:9b:a5:56:e2:7b:25:85: d8:00:b4:0c:db:b3:11:fb:75:43:48:61:2e:04:a9: 31:45:e7:ec:52:dd:62:b4:af:32:6f:91:dd:50:7a: 9d:fa:86:ea:5c:50:5b:20:74:d3:a5:dd:b3:53:49: b2:34:f9:2f:b9:06:e0:0c:33:c7:61:71:62:d8:44: ee:ef:9d:c9:8d:5b:94:c2:26:84:16:56:fd:0b:81: 9c:42:fb:fa:b1:97:2a:0e:5b:16:ed:26:ed:87:fd: 2e:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:43:67:18:E8:DB:D0:A9:62:AB:C8:74:DC:F5:24:A0:5D:95:FA:64 X509v3 Authority Key Identifier: keyid:BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/00NnGOjb0Kliq8h03PUkoF2V-mQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.72.72.0/21 IPv6: 2a01:4b0::-2a01:4b0:2:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 42:01:39:fd:83:a8:55:3b:92:39:07:50:a7:d4:8c:2f:ba:64: e1:79:12:6c:24:82:e3:9a:66:9d:4f:ff:ad:ed:ce:4f:fa:bb: 17:09:88:b8:d9:26:55:93:6d:19:f6:6e:ed:bb:b5:b0:b9:d4: 2c:96:ae:55:04:16:81:51:0e:57:2c:dd:43:c2:5f:63:83:fa: 61:58:ab:27:61:17:be:43:26:9f:fc:e6:3e:34:68:0b:40:6d: d5:65:fb:34:b7:a0:ee:de:77:42:69:d1:3d:8d:d8:88:16:19: 7e:ff:d1:d8:84:a7:f8:c0:e0:79:a6:5e:95:d1:33:1b:00:10: d5:48:6d:ad:70:c6:05:dc:81:25:6f:08:1e:fc:d1:5c:47:1f: 66:fe:bb:06:d8:d9:5e:bb:31:c7:76:ec:7b:b8:5e:17:75:87: 37:c6:dc:4a:a0:45:06:ad:e8:c9:8a:94:f3:ad:14:95:20:a1: 29:22:bb:50:3c:bf:f0:ee:3d:de:8f:c6:96:16:c9:12:42:e1: 4f:76:59:34:60:5d:bc:80:42:cc:04:32:c4:d1:56:b7:8c:5e: 34:49:e5:81:05:27:a4:0b:e4:4c:50:43:21:1e:ac:43:09:83: 37:3b:75:40:6c:d3:72:47:7a:75:47:dc:e4:48:4a:00:ab:4b: a5:25:84:ca -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt26rKQaEQgnRmacM5Oa144MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkNzQxMGY0ZTYyYzc3NzJjNzhkNTc1MGIyMWZjMjE0MzM5 ZTk0YTIwHhcNMjYwMTAxMDAxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMzQzNjcxOGU4ZGJkMGE5NjJhYmM4NzRkY2Y1MjRhMDVkOTVmYTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvODl/3ZpaySKOdEnynrH6MdJLWu 1Y8e3XQ5IVffgdEXwuJ+LJZTzagz0yC3Wl3DASF40xH1qGi3nxquhZvONCCFgg6A 7fZn/GT/+ZHSuZDXr8gf0eOBBCrPE1jnpNRXeUvv+iFhwkl9HmXgaYJvGFaTEsL9 0mR1UhepC5yCkH1tUlOuH8Qfle0jWb7jcFc98P68aJYdBDnyym3I4pulVuJ7JYXY ALQM27MR+3VDSGEuBKkxRefsUt1itK8yb5HdUHqd+obqXFBbIHTTpd2zU0myNPkv uQbgDDPHYXFi2ETu753JjVuUwiaEFlb9C4GcQvv6sZcqDlsW7Sbth/0uNQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFNNDZxjo29CpYqvIdNz1JKBdlfpkMB8GA1UdIwQY MBaAFL10EPTmLHdyx41XULIfwhQznpSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMt MjY4NDhmZmVlNzY1LzEvMDBObkdPamIwS2xpcThoMDNQVWtvRjJWLW1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMtMjY4NDhmZmVlNzY1 LzEvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQDTUhIMBgE AgACMBIwEAMFBCoBBLADBwAqAQSwAAIwDQYJKoZIhvcNAQELBQADggEBAEIBOf2D qFU7kjkHUKfUjC+6ZOF5EmwkguOaZp1P/63tzk/6uxcJiLjZJlWTbRn2bu27tbC5 1CyWrlUEFoFRDlcs3UPCX2OD+mFYqydhF75DJp/85j40aAtAbdVl+zS3oO7ed0Jp 0T2N2IgWGX7/0diEp/jA4HmmXpXRMxsAENVIba1wxgXcgSVvCB780VxHH2b+uwbY 2V67Mcd27Hu4Xhd1hzfG3EqgRQat6MmKlPOtFJUgoSkiu1A8v/DuPd6PxpYWyRJC 4U92WTRgXbyAQswEMsTRVreMXjRJ5YEFJ6QL5ExQQyEerEMJgzc7dUBs03JHenVH 3ORISgCrS6UlhMo= -----END CERTIFICATE-----Generated at Mon Jan 26 11:45:02 2026 by rpki-client