This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/7b8ozyWTjDv0dhZ7ua-y_cjPuyI.roa File: 7b8ozyWTjDv0dhZ7ua-y_cjPuyI.roa (raw, json) Hash identifier: 38AuHkgBMFf7/nuVWCNssWlQtSQh16b1R73OJQ2+6XU= Subject key identifier: ED:BF:28:CF:25:93:8C:3B:F4:76:16:7B:B9:AF:B2:FD:C8:CF:BB:22 Certificate issuer: /CN=bd7410f4e62c7772c78d5750b21fc214339e94a2 Certificate serial: 019B76EAB2260CA9A71A3288662A24FB7B69 Authority key identifier: BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/7b8ozyWTjDv0dhZ7ua-y_cjPuyI.roa Signing time: Thu 01 Jan 2026 00:17:31 +0000 ROA not before: Thu 01 Jan 2026 00:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 786 IP address blocks: 77.72.72.0/23 maxlen: 23 77.72.74.0/23 maxlen: 23 77.72.76.0/23 maxlen: 23 2a01:4b0:1::/48 maxlen: 48 2a01:4b0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.mft rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:b2:26:0c:a9:a7:1a:32:88:66:2a:24:fb:7b:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bd7410f4e62c7772c78d5750b21fc214339e94a2 Validity Not Before: Jan 1 00:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=edbf28cf25938c3bf476167bb9afb2fdc8cfbb22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:61:8e:ad:d5:3b:88:03:bb:9a:22:f0:34:95: 25:5a:04:00:b0:df:08:0d:3e:4f:33:96:45:e3:53: 85:ec:d3:0d:b8:1c:e5:cf:5a:da:47:df:dd:41:2f: 07:58:87:81:09:18:e5:a5:2c:28:4a:c0:d7:fb:e7: a8:9f:fc:8c:eb:76:28:96:5a:a3:62:ea:6d:4b:56: 5f:01:48:c3:d7:2a:3f:0e:1d:94:b4:7e:34:b3:af: 15:b8:16:05:4b:d5:c9:c0:d8:c2:40:7c:2e:41:f3: 20:7d:3b:46:a1:12:72:86:31:c3:4a:a7:d1:27:95: f6:43:5a:d1:d0:d5:0a:c6:6b:1a:6e:fa:7a:5f:ce: c6:5a:25:3e:ec:ef:69:34:90:54:9d:de:6f:b6:e1: 10:28:f8:05:a8:f7:d0:67:cf:cb:21:7f:86:34:3e: f7:fe:cc:03:21:b5:b7:4c:86:aa:81:80:00:df:7c: 5c:20:52:28:d7:2a:8e:bd:03:65:1e:9a:94:af:f7: 39:a8:1d:12:4a:8f:05:d7:df:30:37:d9:88:e9:b1: 48:05:bc:1c:93:5b:80:4a:64:58:82:b3:7a:98:66: ea:b4:d0:42:42:55:df:ed:87:a8:9a:9f:ec:d4:c1: 7c:e0:21:b0:6d:5f:44:ba:dd:f5:5b:89:ec:88:25: ff:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:BF:28:CF:25:93:8C:3B:F4:76:16:7B:B9:AF:B2:FD:C8:CF:BB:22 X509v3 Authority Key Identifier: keyid:BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/7b8ozyWTjDv0dhZ7ua-y_cjPuyI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.72.72.0-77.72.77.255 IPv6: 2a01:4b0:1::-2a01:4b0:2:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption b5:e3:4a:fa:56:77:94:6b:53:62:f0:ec:1a:e4:2b:e6:ed:3f: 84:81:a8:a7:6a:b7:c1:70:96:7f:84:14:3c:14:3b:46:3e:86: e6:3e:e2:1c:5d:22:ce:c4:f4:04:f1:96:dd:e8:ef:f0:72:de: 26:31:aa:2f:ce:8e:c1:90:1f:c9:8e:ee:9a:6c:06:54:d9:f0: 0a:79:b4:f2:c9:4a:be:30:75:55:5f:b5:61:a1:7e:46:ac:8b: 27:2e:07:bd:11:cd:3e:eb:19:bb:d9:1c:67:1e:45:05:ae:b6: 73:6d:eb:df:db:d0:a5:d5:e9:74:34:01:c8:8b:d6:f4:05:93: 75:7d:bd:71:8c:be:ea:ed:6a:98:1d:69:f3:9c:b4:7b:f6:cb: cc:00:3a:1a:ac:7a:db:3f:b9:e8:b9:c7:9e:aa:fd:c2:88:75: 0f:b8:62:3f:e1:39:de:09:84:a5:ac:ad:2a:eb:eb:ff:9d:6a: 56:2a:44:5b:24:20:0f:ec:0a:9a:76:9b:b0:fa:91:e2:af:df: 0e:43:f5:2f:40:e2:29:73:a5:f6:76:0d:1a:16:43:32:7e:5e: f4:c7:fc:34:4f:9d:d1:a7:04:98:0b:8a:04:44:ce:9a:2c:e8: b5:f8:98:14:fd:d2:88:f1:e1:21:03:ed:30:b5:ae:45:a7:5f: 5d:4e:06:65 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt26rImDKmnGjKIZiok+3tpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkNzQxMGY0ZTYyYzc3NzJjNzhkNTc1MGIyMWZjMjE0MzM5 ZTk0YTIwHhcNMjYwMTAxMDAxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlZGJmMjhjZjI1OTM4YzNiZjQ3NjE2N2JiOWFmYjJmZGM4Y2ZiYjIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2GOrdU7iAO7miLwNJUlWgQAsN8I DT5PM5ZF41OF7NMNuBzlz1raR9/dQS8HWIeBCRjlpSwoSsDX++eon/yM63Yollqj YuptS1ZfAUjD1yo/Dh2UtH40s68VuBYFS9XJwNjCQHwuQfMgfTtGoRJyhjHDSqfR J5X2Q1rR0NUKxmsabvp6X87GWiU+7O9pNJBUnd5vtuEQKPgFqPfQZ8/LIX+GND73 /swDIbW3TIaqgYAA33xcIFIo1yqOvQNlHpqUr/c5qB0SSo8F198wN9mI6bFIBbwc k1uASmRYgrN6mGbqtNBCQlXf7Yeomp/s1MF84CGwbV9Eut31W4nsiCX/JwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFO2/KM8lk4w79HYWe7mvsv3Iz7siMB8GA1UdIwQY MBaAFL10EPTmLHdyx41XULIfwhQznpSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMt MjY4NDhmZmVlNzY1LzEvN2I4b3p5V1RqRHYwZGhaN3VhLXlfY2pQdXlJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMtMjY4NDhmZmVlNzY1 LzEvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBANNSEgD BAFNSEwwGgQCAAIwFDASAwcAKgEEsAABAwcAKgEEsAACMA0GCSqGSIb3DQEBCwUA A4IBAQC140r6VneUa1Ni8Owa5Cvm7T+EgainarfBcJZ/hBQ8FDtGPobmPuIcXSLO xPQE8Zbd6O/wct4mMaovzo7BkB/Jju6abAZU2fAKebTyyUq+MHVVX7VhoX5GrIsn Lge9Ec0+6xm72RxnHkUFrrZzbevf29Cl1el0NAHIi9b0BZN1fb1xjL7q7WqYHWnz nLR79svMADoarHrbP7nouceeqv3CiHUPuGI/4TneCYSlrK0q6+v/nWpWKkRbJCAP 7Aqadpuw+pHir98OQ/UvQOIpc6X2dg0aFkMyfl70x/w0T53RpwSYC4oERM6aLOi1 +JgU/dKI8eEhA+0wta5Fp19dTgZl -----END CERTIFICATE-----Generated at Mon Jan 26 06:03:21 2026 by rpki-client