This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/a-sD4Ve_BhBlDNttECgt_UyCfR0.roa File: a-sD4Ve_BhBlDNttECgt_UyCfR0.roa (raw, json) Hash identifier: aI0igKsZ4eNQIFBZXqc1yefqNFVOWSGRybfJEGiv5hA= Subject key identifier: 6B:EB:03:E1:57:BF:06:10:65:0C:DB:6D:10:28:2D:FD:4C:82:7D:1D Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Certificate serial: 019B77C69C20C3093939A88A06AE3565BBC7 Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/a-sD4Ve_BhBlDNttECgt_UyCfR0.roa Signing time: Thu 01 Jan 2026 04:17:43 +0000 ROA not before: Thu 01 Jan 2026 04:17:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210791 IP address blocks: 78.136.110.0/24 maxlen: 24 109.167.106.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:9c:20:c3:09:39:39:a8:8a:06:ae:35:65:bb:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Validity Not Before: Jan 1 04:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6beb03e157bf0610650cdb6d10282dfd4c827d1d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:af:f6:d4:fe:ac:e3:bb:de:70:c3:65:b9:94: 1f:4e:8e:1c:eb:21:ef:22:79:8e:c7:6e:67:d4:27: d9:7c:80:ab:4d:5f:f2:f2:e6:97:db:27:34:0c:65: 60:47:74:99:f6:d9:10:f5:e1:f3:3a:a2:b8:0f:89: 26:84:4c:e1:8b:7c:fe:6a:c8:fb:46:55:1c:d6:87: b7:26:32:b1:7b:2a:b1:e4:ac:17:ab:5a:0e:18:4c: 70:11:4d:75:62:7c:ff:3a:8c:e7:26:44:a3:2b:8e: 62:7c:71:85:8f:ee:0f:1d:e8:ef:0c:7d:e4:c5:69: 61:37:ff:7f:4a:82:71:c7:33:3c:76:25:45:04:37: e8:a7:6a:ea:da:64:a2:05:6d:48:0c:7b:71:d0:fe: d9:0c:5d:02:95:fb:56:0b:e5:ae:eb:4e:89:c1:7c: 2f:ce:be:3d:a4:1c:72:54:75:f7:b1:e3:32:51:da: b3:9f:f8:01:30:45:6d:5e:a3:29:d2:2d:e0:7d:9f: 9d:48:34:e9:b3:67:74:e7:52:13:5a:e5:4d:99:8e: a3:57:2f:e1:bb:88:73:d7:d3:40:2c:e8:94:8e:6f: a1:fc:b7:4a:d0:0d:36:02:c8:21:5c:51:3a:5b:99: 1e:c6:ce:b4:16:ba:3d:77:ad:bb:55:32:35:90:31: d8:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:EB:03:E1:57:BF:06:10:65:0C:DB:6D:10:28:2D:FD:4C:82:7D:1D X509v3 Authority Key Identifier: keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/a-sD4Ve_BhBlDNttECgt_UyCfR0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.136.110.0/24 109.167.106.0/24 Signature Algorithm: sha256WithRSAEncryption a4:3e:13:01:7d:48:32:b5:71:14:18:84:9d:e9:7d:77:92:2f: fc:d6:76:fc:13:6f:be:58:5d:04:c1:f4:5a:d0:94:c1:64:34: 26:fc:10:77:b2:40:aa:71:c4:5c:1b:a5:12:30:43:61:b5:20: 1c:cc:8d:84:41:8f:1f:66:d2:9a:e0:f8:fe:47:ad:d0:6e:a9: 9a:f3:1b:77:dc:93:df:c5:ed:a3:c3:a5:aa:a8:39:3f:89:e2: 88:24:41:a3:e1:32:b7:b9:e7:71:2e:d7:56:1c:ed:f8:d6:b5: 95:b2:da:65:3e:ab:bc:b8:59:29:95:a1:48:3e:95:90:a5:ab: 7f:77:f4:30:46:34:2f:cb:34:f6:67:3d:99:16:7c:0b:0f:b1: dc:c7:d3:f1:a4:ec:89:bc:c5:4c:03:c3:8a:a6:db:c0:a1:79: 07:3d:5e:ee:bd:2c:c5:1e:73:88:93:99:85:90:ba:93:cc:b7: 32:30:9e:6e:1c:ad:c6:a4:34:bb:7f:d2:29:5b:3f:ab:c3:88: ea:57:4c:57:c4:33:c9:68:2b:00:a6:f8:12:72:0d:69:b9:d7: db:92:bf:89:0e:3e:3c:23:17:d3:66:e3:73:25:62:e7:2c:e6: 4f:63:23:5c:58:4a:45:fd:75:38:3b:fe:f3:a7:c5:11:d8:05: 8b:cd:49:96 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xpwgwwk5OaiKBq41ZbvHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy MGI3M2UwHhcNMjYwMTAxMDQxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YmViMDNlMTU3YmYwNjEwNjUwY2RiNmQxMDI4MmRmZDRjODI3ZDFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6/21P6s47vecMNluZQfTo4c6yHv InmOx25n1CfZfICrTV/y8uaX2yc0DGVgR3SZ9tkQ9eHzOqK4D4kmhEzhi3z+asj7 RlUc1oe3JjKxeyqx5KwXq1oOGExwEU11Ynz/OoznJkSjK45ifHGFj+4PHejvDH3k xWlhN/9/SoJxxzM8diVFBDfop2rq2mSiBW1IDHtx0P7ZDF0ClftWC+Wu606JwXwv zr49pBxyVHX3seMyUdqzn/gBMEVtXqMp0i3gfZ+dSDTps2d051ITWuVNmY6jVy/h u4hz19NALOiUjm+h/LdK0A02AsghXFE6W5kexs60Fro9d627VTI1kDHYxQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGvrA+FXvwYQZQzbbRAoLf1Mgn0dMB8GA1UdIwQY MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt Y2YwNmQxOTgzYmExLzEvYS1zRDRWZV9CaEJsRE50dEVDZ3RfVXlDZlIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATohuAwQA badqMA0GCSqGSIb3DQEBCwUAA4IBAQCkPhMBfUgytXEUGISd6X13ki/81nb8E2++ WF0EwfRa0JTBZDQm/BB3skCqccRcG6USMENhtSAczI2EQY8fZtKa4Pj+R63Qbqma 8xt33JPfxe2jw6WqqDk/ieKIJEGj4TK3uedxLtdWHO341rWVstplPqu8uFkplaFI PpWQpat/d/QwRjQvyzT2Zz2ZFnwLD7Hcx9PxpOyJvMVMA8OKptvAoXkHPV7uvSzF HnOIk5mFkLqTzLcyMJ5uHK3GpDS7f9IpWz+rw4jqV0xXxDPJaCsApvgScg1pudfb kr+JDj48IxfTZuNzJWLnLOZPYyNcWEpF/XU4O/7zp8UR2AWLzUmW -----END CERTIFICATE-----Generated at Sun Jan 25 10:08:48 2026 by rpki-client