This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sdf7hf0ZLESM3KsRFMw4x3fQJy8.roa File: sdf7hf0ZLESM3KsRFMw4x3fQJy8.roa (raw, json) Hash identifier: nhDMvjg+qkAXP21hdixA/t50psvPT7CvcynL0Z7iop8= Subject key identifier: B1:D7:FB:85:FD:19:2C:44:8C:DC:AB:11:14:CC:38:C7:77:D0:27:2F Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Certificate serial: 019B77C691E48004F12F79B6519EDDEC8AAC Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sdf7hf0ZLESM3KsRFMw4x3fQJy8.roa Signing time: Thu 01 Jan 2026 04:17:40 +0000 ROA not before: Thu 01 Jan 2026 04:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201337 IP address blocks: 84.236.137.0/24 maxlen: 24 84.236.189.0/24 maxlen: 24 178.156.75.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 21:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:91:e4:80:04:f1:2f:79:b6:51:9e:dd:ec:8a:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Validity Not Before: Jan 1 04:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b1d7fb85fd192c448cdcab1114cc38c777d0272f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:b6:44:fd:a2:6a:c0:9e:a2:ae:fc:a9:e5:0a: bb:6f:36:a7:89:c0:06:7c:50:4b:4e:ef:ba:ef:00: 86:90:ae:eb:db:dc:76:e6:f0:c5:ea:d4:55:6c:57: 57:c0:a0:fa:59:39:0f:50:4e:9c:87:aa:95:64:fc: 5a:93:94:46:ea:ff:38:a4:2e:30:4b:3e:7f:83:a1: 66:03:f9:19:ef:27:22:6c:5a:e1:d1:6f:41:da:82: af:17:14:85:26:47:1d:3f:90:13:52:65:da:c6:1c: e5:57:59:bc:42:05:4f:d2:36:5c:5a:df:c6:94:cc: 4c:40:c3:69:87:83:82:00:2d:4e:4d:04:4e:67:2a: 8a:6c:02:57:6c:97:06:d9:47:66:5d:77:45:6b:d1: d7:b4:5e:b0:c2:1e:41:dd:8f:af:85:d7:23:82:0b: 7a:98:76:dc:71:72:33:95:ec:fc:f6:8f:34:f2:b2: 56:31:7d:d7:e5:c6:7c:d9:04:94:f8:28:17:d4:ae: 09:b8:65:d1:37:1c:15:41:2f:e2:33:fd:e4:5d:91: ed:2b:da:70:55:35:67:e2:16:01:91:3e:6d:4a:d4: ad:45:0f:45:e7:a8:8c:db:ad:e1:dc:eb:67:d7:87: 6a:54:75:29:bd:0c:94:3e:26:5b:1d:d7:c0:ff:03: 1a:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:D7:FB:85:FD:19:2C:44:8C:DC:AB:11:14:CC:38:C7:77:D0:27:2F X509v3 Authority Key Identifier: keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sdf7hf0ZLESM3KsRFMw4x3fQJy8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.236.137.0/24 84.236.189.0/24 178.156.75.0/24 Signature Algorithm: sha256WithRSAEncryption a1:26:8a:3b:e0:76:c1:dd:98:35:d2:77:ae:cb:0a:70:b6:b7: cc:58:4c:ec:cd:86:57:43:ec:0a:29:56:52:bc:99:1b:d4:38: 61:8f:41:b1:b2:82:88:1c:31:bb:d2:37:1c:00:8d:82:cc:c9: 16:89:f0:7b:ae:6c:72:b6:2e:08:02:10:aa:e3:05:6e:e1:2c: cc:43:69:16:d6:9c:05:29:35:2b:97:ea:a3:9e:cf:e2:0b:e8: 9a:71:c3:6e:cd:e4:c4:20:66:cd:c2:57:e2:0e:85:0c:3e:af: ae:67:da:e8:c9:a8:2a:c4:7e:c1:d6:19:86:14:2e:ee:a4:4f: c4:1b:aa:b5:cd:38:1d:86:98:f7:ab:34:c8:a8:2b:a7:ee:a9: 62:2a:88:f5:83:78:b0:81:4e:85:64:0c:22:bf:4a:9f:ca:cd: 2e:3a:a6:03:19:37:51:cd:73:1c:7b:85:16:77:1e:fd:38:d2: 46:51:87:db:e2:46:21:f4:53:0c:19:b6:bd:6a:20:f2:b6:c9: 7b:38:a6:95:92:2e:d4:3f:25:f3:ef:ae:a3:77:3f:ea:2b:37: 44:34:a8:c8:22:7f:66:d3:b6:0b:43:d0:0a:e8:50:a0:be:41: b6:f6:2b:a5:ab:c7:10:5b:0c:b8:cc:9d:f1:83:fb:3d:f0:52: d4:b3:ef:51 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt3xpHkgATxL3m2UZ7d7IqsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy MGI3M2UwHhcNMjYwMTAxMDQxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMWQ3ZmI4NWZkMTkyYzQ0OGNkY2FiMTExNGNjMzhjNzc3ZDAyNzJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbZE/aJqwJ6irvyp5Qq7bzanicAG fFBLTu+67wCGkK7r29x25vDF6tRVbFdXwKD6WTkPUE6ch6qVZPxak5RG6v84pC4w Sz5/g6FmA/kZ7ycibFrh0W9B2oKvFxSFJkcdP5ATUmXaxhzlV1m8QgVP0jZcWt/G lMxMQMNph4OCAC1OTQROZyqKbAJXbJcG2UdmXXdFa9HXtF6wwh5B3Y+vhdcjggt6 mHbccXIzlez89o808rJWMX3X5cZ82QSU+CgX1K4JuGXRNxwVQS/iM/3kXZHtK9pw VTVn4hYBkT5tStStRQ9F56iM263h3Otn14dqVHUpvQyUPiZbHdfA/wMarQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFLHX+4X9GSxEjNyrERTMOMd30CcvMB8GA1UdIwQY MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt Y2YwNmQxOTgzYmExLzEvc2RmN2hmMFpMRVNNM0tzUkZNdzR4M2ZRSnk4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVOyJAwQA VOy9AwQAspxLMA0GCSqGSIb3DQEBCwUAA4IBAQChJoo74HbB3Zg10neuywpwtrfM WEzszYZXQ+wKKVZSvJkb1Dhhj0GxsoKIHDG70jccAI2CzMkWifB7rmxyti4IAhCq 4wVu4SzMQ2kW1pwFKTUrl+qjns/iC+iaccNuzeTEIGbNwlfiDoUMPq+uZ9royagq xH7B1hmGFC7upE/EG6q1zTgdhpj3qzTIqCun7qliKoj1g3iwgU6FZAwiv0qfys0u OqYDGTdRzXMce4UWdx79ONJGUYfb4kYh9FMMGba9aiDytsl7OKaVki7UPyXz766j dz/qKzdENKjIIn9m07YLQ9AK6FCgvkG29iulq8cQWwy4zJ3xg/s98FLUs+9R -----END CERTIFICATE-----Generated at Sun Jan 25 07:17:32 2026 by rpki-client