This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/dorf3vXiF8po1xw2yVEc19fH3qg.roa File: dorf3vXiF8po1xw2yVEc19fH3qg.roa (raw, json) Hash identifier: aKIMUfFNrtICIbFoumkp4rd3G4RSV0nPoRkpF++bDVw= Subject key identifier: 76:8A:DF:DE:F5:E2:17:CA:68:D7:1C:36:C9:51:1C:D7:D7:C7:DE:A8 Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5 Certificate serial: 019B76EB510DA587BBF10235228219D72311 Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/dorf3vXiF8po1xw2yVEc19fH3qg.roa Signing time: Thu 01 Jan 2026 00:18:11 +0000 ROA not before: Thu 01 Jan 2026 00:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48944 IP address blocks: 2.188.240.0/22 maxlen: 22 2.188.244.0/22 maxlen: 22 2.188.248.0/22 maxlen: 22 2.188.252.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:51:0d:a5:87:bb:f1:02:35:22:82:19:d7:23:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5 Validity Not Before: Jan 1 00:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=768adfdef5e217ca68d71c36c9511cd7d7c7dea8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:32:e9:d8:93:9d:4f:18:2b:3c:8c:a9:cb:b7: 53:25:78:b3:4c:47:2b:c2:36:20:28:82:80:d2:19: 18:dd:b2:9f:53:06:55:85:97:c2:37:47:c8:f4:a1: a9:1b:23:43:5a:4b:36:31:ed:73:c3:85:c4:63:ff: 58:01:ad:c4:c9:03:39:be:27:c6:af:0d:9c:4c:a4: 5a:9a:35:c3:32:12:65:36:7b:76:84:33:29:7f:44: 3c:cd:be:f3:39:21:fc:7f:9f:a7:b1:6f:31:97:a2: 7c:d7:25:7e:ed:ea:7c:87:70:fd:39:d5:c5:1d:92: 49:c0:ca:80:ca:62:93:e1:f2:31:52:4f:c1:77:ca: a8:c3:94:00:ad:74:8f:3b:d6:dd:ae:be:95:03:d3: 17:7c:b2:cb:0c:36:70:4b:cc:dd:5b:80:e4:d5:30: 7b:c4:cb:2f:50:a4:42:e1:23:84:38:95:4d:b0:2d: 01:d3:8b:0c:e4:3c:99:9f:ea:4d:cb:c0:fd:93:7e: 10:74:29:a5:01:f3:ff:bd:a7:f0:4a:28:21:49:ff: 62:51:f3:35:ee:8d:99:79:5d:8c:ee:e0:e9:b0:79: 13:4a:b2:9b:f1:78:85:64:cd:ef:7b:e6:22:80:25: 7e:5c:a8:6c:f2:67:8f:02:d5:7d:ea:e7:09:0e:76: 09:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:8A:DF:DE:F5:E2:17:CA:68:D7:1C:36:C9:51:1C:D7:D7:C7:DE:A8 X509v3 Authority Key Identifier: keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/dorf3vXiF8po1xw2yVEc19fH3qg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.188.240.0/20 Signature Algorithm: sha256WithRSAEncryption 5a:d4:83:61:94:98:35:b2:39:d0:f9:12:e6:24:9f:b6:76:f9: 69:7e:05:f7:cf:2a:38:60:d1:e0:c7:bc:0b:cc:4e:1e:d0:49: 0c:a1:c7:c8:f3:f2:c2:ca:5f:8b:88:c6:ae:57:23:91:db:20: cb:a7:75:62:70:1e:55:32:b5:e1:39:91:83:64:c2:fd:e9:47: 28:17:1f:cd:92:86:9b:5e:67:e6:58:e4:eb:e8:9a:9f:c7:10: 3f:52:33:91:22:f1:ff:0f:30:f4:cf:c9:fc:81:ee:02:ae:50: 63:b9:fc:5f:4c:db:f8:e7:f9:9b:64:0b:3d:28:a7:af:9d:8a: 5d:55:bd:07:2b:1c:d1:93:59:36:95:9d:0f:06:7e:e2:a7:c7: 88:40:a0:65:82:9b:d4:00:a2:29:55:8e:f6:63:44:a9:c4:9a: 28:5f:f6:51:16:c9:01:5c:ba:a8:b5:a8:8c:6e:d0:15:36:90: 5a:9d:d0:8d:16:8e:ca:5b:9f:db:4a:13:ea:54:c4:bb:c8:40: 27:4b:14:93:cb:1f:ec:2a:5d:9d:9e:1d:5e:8f:35:d5:25:77: 66:3a:de:33:04:60:28:5d:0d:03:18:1a:13:da:67:2f:14:ef: 61:b6:cb:e2:24:31:98:89:78:3d:ac:cb:73:2b:a3:d9:5c:5f: 8c:15:63:8d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt261ENpYe78QI1IoIZ1yMRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy NjBhZTUwHhcNMjYwMTAxMDAxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NjhhZGZkZWY1ZTIxN2NhNjhkNzFjMzZjOTUxMWNkN2Q3YzdkZWE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDLp2JOdTxgrPIypy7dTJXizTEcr wjYgKIKA0hkY3bKfUwZVhZfCN0fI9KGpGyNDWks2Me1zw4XEY/9YAa3EyQM5vifG rw2cTKRamjXDMhJlNnt2hDMpf0Q8zb7zOSH8f5+nsW8xl6J81yV+7ep8h3D9OdXF HZJJwMqAymKT4fIxUk/Bd8qow5QArXSPO9bdrr6VA9MXfLLLDDZwS8zdW4Dk1TB7 xMsvUKRC4SOEOJVNsC0B04sM5DyZn+pNy8D9k34QdCmlAfP/vafwSighSf9iUfM1 7o2ZeV2M7uDpsHkTSrKb8XiFZM3ve+YigCV+XKhs8mePAtV96ucJDnYJOwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHaK39714hfKaNccNslRHNfXx96oMB8GA1UdIwQY MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt Zjc0ZDk1MTg1NzZjLzEvZG9yZjN2WGlGOHBvMXh3MnlWRWMxOWZIM3FnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEArzwMA0G CSqGSIb3DQEBCwUAA4IBAQBa1INhlJg1sjnQ+RLmJJ+2dvlpfgX3zyo4YNHgx7wL zE4e0EkMocfI8/LCyl+LiMauVyOR2yDLp3VicB5VMrXhOZGDZML96UcoFx/Nkoab XmfmWOTr6JqfxxA/UjORIvH/DzD0z8n8ge4CrlBjufxfTNv45/mbZAs9KKevnYpd Vb0HKxzRk1k2lZ0PBn7ip8eIQKBlgpvUAKIpVY72Y0SpxJooX/ZRFskBXLqotaiM btAVNpBandCNFo7KW5/bShPqVMS7yEAnSxSTyx/sKl2dnh1ejzXVJXdmOt4zBGAo XQ0DGBoT2mcvFO9htsviJDGYiXg9rMtzK6PZXF+MFWON -----END CERTIFICATE-----Generated at Sun Jan 25 20:31:06 2026 by rpki-client