This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/0zAvG8q_rQz542VLQHfI3pwn2hU.roa File: 0zAvG8q_rQz542VLQHfI3pwn2hU.roa (raw, json) Hash identifier: EpeZpmHs3b50RgbC9T7I86EOA85BMvieUCH/Qo6Mt6U= Subject key identifier: D3:30:2F:1B:CA:BF:AD:0C:F9:E3:65:4B:40:77:C8:DE:9C:27:DA:15 Certificate issuer: /CN=dd0b663c45d7bc2724d168485087581e14448fb6 Certificate serial: 019B7834894E768498ED9501E3A42E25E2CF Authority key identifier: DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/0zAvG8q_rQz542VLQHfI3pwn2hU.roa Signing time: Thu 01 Jan 2026 06:17:47 +0000 ROA not before: Thu 01 Jan 2026 06:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24634 IP address blocks: 37.209.248.0/21 maxlen: 24 82.112.160.0/21 maxlen: 24 185.124.212.0/22 maxlen: 24 193.227.160.0/19 maxlen: 24 213.175.160.0/19 maxlen: 24 2a06:b540::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.crl rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.mft rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:89:4e:76:84:98:ed:95:01:e3:a4:2e:25:e2:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd0b663c45d7bc2724d168485087581e14448fb6 Validity Not Before: Jan 1 06:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d3302f1bcabfad0cf9e3654b4077c8de9c27da15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:49:d3:03:c8:94:fb:08:31:1d:37:a5:c1:06: 1a:3c:00:fd:8c:37:e7:e6:e7:d3:fe:7c:3f:06:09: 0e:4c:42:39:f2:fa:8b:58:6e:cd:38:1a:3d:12:e0: e8:14:e1:b1:ee:99:8b:e7:d2:13:71:a3:49:7c:37: 40:f2:40:6b:5f:02:a7:68:ae:6b:01:a5:e4:4d:35: a6:28:5d:16:c7:d1:26:74:1b:b0:68:70:d3:90:21: ad:a7:e0:ec:97:e2:ce:2e:43:ba:7f:3b:e4:9f:a8: 8b:7c:6d:ee:b8:ef:a3:c5:3e:ec:a3:0d:04:88:21: ad:35:7b:4b:b8:10:c1:f0:27:e3:ee:41:3b:2e:a3: 39:7f:89:a4:a3:0e:2b:8e:6e:79:2e:fc:d6:31:71: 5b:1c:6a:d4:8b:94:2e:fa:a5:69:eb:e5:e9:13:a8: 9e:5f:6e:61:d6:96:19:c2:ad:0d:b6:0b:8a:af:ee: ff:dc:0c:40:25:6c:db:79:e2:f8:68:a4:9e:ca:9a: 05:46:bd:46:8b:0a:36:bb:da:99:1c:8b:55:8a:d3: df:38:f5:34:be:f6:ef:b5:77:bd:29:15:40:11:d5: f6:07:8b:44:a8:27:81:78:1c:17:e6:b6:94:c0:11: f6:9b:e8:81:0f:23:7e:8f:80:18:1b:00:19:c1:8c: a0:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:30:2F:1B:CA:BF:AD:0C:F9:E3:65:4B:40:77:C8:DE:9C:27:DA:15 X509v3 Authority Key Identifier: keyid:DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/0zAvG8q_rQz542VLQHfI3pwn2hU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.209.248.0/21 82.112.160.0/21 185.124.212.0/22 193.227.160.0/19 213.175.160.0/19 IPv6: 2a06:b540::/29 Signature Algorithm: sha256WithRSAEncryption 7b:c4:63:56:08:25:82:ec:65:8f:10:bd:2e:e4:6a:96:d7:23: 29:70:ce:0b:ad:73:1d:6b:11:42:37:fa:19:ac:c1:c8:e7:98: 24:ec:8e:7d:87:d4:a5:ea:03:a5:c4:84:47:1f:a6:26:d9:80: 6e:71:62:0e:28:f8:88:b1:ca:be:85:90:ed:3d:7d:a5:c5:aa: 75:17:10:62:88:e8:de:c3:ed:ee:d0:55:0c:a0:8a:f7:ae:a5: 65:e0:a8:ed:8a:64:38:f7:2f:70:15:73:a3:ff:5a:d3:f6:d8: bd:a3:b2:b8:53:a3:0b:23:a9:0a:96:ed:01:22:f8:35:60:7b: e8:00:15:b8:0d:57:19:d7:61:7d:37:e2:be:52:e4:c2:01:e0: 8d:14:66:ba:94:7b:a5:9e:43:d7:75:c1:90:f0:29:c9:f3:cf: 7e:91:95:bf:83:9c:fe:bf:cc:a3:8c:f0:c1:8c:f1:ad:f3:99: fe:ad:db:0d:a0:22:13:37:67:55:c6:13:ba:4b:de:43:ce:85: ed:75:be:71:e1:a6:ca:0a:e1:bf:57:fb:f2:e6:4b:22:8d:9a: 66:a7:9f:fa:41:7c:2a:9e:cc:2a:b7:df:48:56:fe:73:a1:cb: c0:38:b3:57:5b:05:d9:b5:a8:7a:19:e0:5e:3c:62:1a:3e:13: 09:2d:3d:ed -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt4NIlOdoSY7ZUB46QuJeLPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkMGI2NjNjNDVkN2JjMjcyNGQxNjg0ODUwODc1ODFlMTQ0 NDhmYjYwHhcNMjYwMTAxMDYxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMzMwMmYxYmNhYmZhZDBjZjllMzY1NGI0MDc3YzhkZTljMjdkYTE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3knTA8iU+wgxHTelwQYaPAD9jDfn 5ufT/nw/BgkOTEI58vqLWG7NOBo9EuDoFOGx7pmL59ITcaNJfDdA8kBrXwKnaK5r AaXkTTWmKF0Wx9EmdBuwaHDTkCGtp+Dsl+LOLkO6fzvkn6iLfG3uuO+jxT7sow0E iCGtNXtLuBDB8Cfj7kE7LqM5f4mkow4rjm55LvzWMXFbHGrUi5Qu+qVp6+XpE6ie X25h1pYZwq0NtguKr+7/3AxAJWzbeeL4aKSeypoFRr1Giwo2u9qZHItVitPfOPU0 vvbvtXe9KRVAEdX2B4tEqCeBeBwX5raUwBH2m+iBDyN+j4AYGwAZwYyg1wIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFNMwLxvKv60M+eNlS0B3yN6cJ9oVMB8GA1UdIwQY MBaAFN0LZjxF17wnJNFoSFCHWB4URI+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQt M2I5ZTNjOGEyZmNhLzEvMHpBdkc4cV9yUXo1NDJWTFFIZkkzcHduMmhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQtM2I5ZTNjOGEyZmNh LzEvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJdH4AwQD UnCgAwQCuXzUAwQFweOgAwQF1a+gMA0EAgACMAcDBQMqBrVAMA0GCSqGSIb3DQEB CwUAA4IBAQB7xGNWCCWC7GWPEL0u5GqW1yMpcM4LrXMdaxFCN/oZrMHI55gk7I59 h9Sl6gOlxIRHH6Ym2YBucWIOKPiIscq+hZDtPX2lxap1FxBiiOjew+3u0FUMoIr3 rqVl4KjtimQ49y9wFXOj/1rT9ti9o7K4U6MLI6kKlu0BIvg1YHvoABW4DVcZ12F9 N+K+UuTCAeCNFGa6lHulnkPXdcGQ8CnJ889+kZW/g5z+v8yjjPDBjPGt85n+rdsN oCITN2dVxhO6S95DzoXtdb5x4abKCuG/V/vy5ksijZpmp5/6QXwqnswqt99IVv5z ocvAOLNXWwXZtah6GeBePGIaPhMJLT3t -----END CERTIFICATE-----Generated at Mon Jan 26 07:40:14 2026 by rpki-client