This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/daRE9O1fZqkKzy4fulwDE1DZwPw.roa File: daRE9O1fZqkKzy4fulwDE1DZwPw.roa (raw, json) Hash identifier: QKM8Dv9ERwfYZf45lCGN842GGmFpg8jICmmZMoRDLpw= Subject key identifier: 75:A4:44:F4:ED:5F:66:A9:0A:CF:2E:1F:BA:5C:03:13:50:D9:C0:FC Certificate issuer: /CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2 Certificate serial: 019B7E38089253D6B3D9F03CEC7DA2556715 Authority key identifier: 00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/daRE9O1fZqkKzy4fulwDE1DZwPw.roa Signing time: Fri 02 Jan 2026 10:19:20 +0000 ROA not before: Fri 02 Jan 2026 10:19:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9051 IP address blocks: 185.40.208.0/22 maxlen: 24 2a04:86c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/AK-d2jB8tSU4XvkPUG0NV7udK_I.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/AK-d2jB8tSU4XvkPUG0NV7udK_I.mft rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:08:92:53:d6:b3:d9:f0:3c:ec:7d:a2:55:67:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2 Validity Not Before: Jan 2 10:19:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=75a444f4ed5f66a90acf2e1fba5c031350d9c0fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:1b:8b:03:0f:5a:22:e1:31:8b:41:e1:55:ff: d1:fd:81:5d:44:8a:e0:68:f3:e9:f3:22:46:bd:3c: c1:fc:42:5e:12:93:a4:da:ac:1c:42:3f:20:5f:11: 19:3c:92:66:3c:a1:85:15:33:65:d6:ec:1f:70:ac: 86:72:7d:06:02:3b:5c:0b:78:77:6b:14:73:d4:36: 60:7c:80:50:d3:dd:43:7d:2f:83:be:29:29:c4:70: ee:90:c1:57:37:c3:80:ac:b3:fe:29:81:54:0f:66: f9:04:ca:c6:9d:13:a3:90:49:de:9d:fb:e3:c7:c2: ec:12:f6:c8:54:01:df:ab:43:7e:2b:27:a2:fb:85: 67:31:5c:84:97:3f:4c:47:10:b8:c1:80:6b:7b:e4: 20:c9:d5:83:cd:36:9a:50:92:84:13:ea:2e:98:7a: 44:c7:cf:24:cc:ba:0f:e7:ce:54:50:6c:ee:70:c3: b6:35:5e:81:77:c5:90:cd:66:95:86:e6:b9:a4:e6: 63:fb:5c:f9:b6:40:82:01:eb:81:10:0b:0d:e3:c3: 38:ba:3e:4e:da:79:7b:aa:06:4c:22:82:b5:c5:bc: 52:86:b8:19:5e:a6:fb:1d:92:df:f5:08:85:70:9a: 6f:c4:c4:65:23:30:d9:1d:6e:bc:20:00:e8:39:3b: cd:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:A4:44:F4:ED:5F:66:A9:0A:CF:2E:1F:BA:5C:03:13:50:D9:C0:FC X509v3 Authority Key Identifier: keyid:00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/daRE9O1fZqkKzy4fulwDE1DZwPw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/AK-d2jB8tSU4XvkPUG0NV7udK_I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.40.208.0/22 IPv6: 2a04:86c0::/29 Signature Algorithm: sha256WithRSAEncryption 07:41:33:f1:f6:1d:48:5e:6b:13:b8:4f:3a:3c:59:64:65:7a: da:ea:aa:a8:89:96:10:a7:a4:65:4e:b9:cd:58:51:df:66:41: 7d:d7:1d:d9:08:71:7f:33:5e:cd:f6:49:97:58:34:8e:65:55: 28:ef:db:5d:5d:53:ee:88:d6:a5:4f:43:8a:ab:65:5f:2b:0c: d2:ab:6b:4d:09:c4:fa:51:e0:b8:46:0f:9f:4c:23:ac:1e:5e: ff:db:d2:fd:7c:66:d5:5d:00:5f:71:07:db:df:5f:b2:73:8f: 27:34:34:f9:4a:ed:13:5d:70:84:e8:ec:49:0d:0f:34:e7:ab: 9b:d4:16:ae:f8:b5:92:c5:24:c2:3b:af:be:22:44:5a:88:7e: 50:46:fc:51:c4:54:ca:3c:b3:41:6a:f2:41:c7:94:67:b3:b1: 6e:1e:59:23:53:55:84:75:dc:76:e9:16:f6:8b:f3:26:2f:a6: f7:9e:bf:03:9b:04:0c:56:c4:75:8d:6b:54:67:25:8b:0c:ff: b4:ef:17:69:0d:db:30:54:04:8b:2f:a3:e1:ce:8b:5d:b8:91: f8:01:7c:f2:2f:fd:26:88:dd:fe:36:5a:16:04:73:95:36:d5: 16:f6:bf:ce:05:74:71:80:24:67:05:33:08:1d:53:b3:24:ff: e3:80:26:87 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OAiSU9az2fA87H2iVWcVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwYWY5ZGRhMzA3Y2I1MjUzODVlZjkwZjUwNmQwZDU3YmI5 ZDJiZjIwHhcNMjYwMTAyMTAxOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NWE0NDRmNGVkNWY2NmE5MGFjZjJlMWZiYTVjMDMxMzUwZDljMGZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxuLAw9aIuExi0HhVf/R/YFdRIrg aPPp8yJGvTzB/EJeEpOk2qwcQj8gXxEZPJJmPKGFFTNl1uwfcKyGcn0GAjtcC3h3 axRz1DZgfIBQ091DfS+DvikpxHDukMFXN8OArLP+KYFUD2b5BMrGnROjkEnenfvj x8LsEvbIVAHfq0N+Kyei+4VnMVyElz9MRxC4wYBre+QgydWDzTaaUJKEE+oumHpE x88kzLoP585UUGzucMO2NV6Bd8WQzWaVhua5pOZj+1z5tkCCAeuBEAsN48M4uj5O 2nl7qgZMIoK1xbxShrgZXqb7HZLf9QiFcJpvxMRlIzDZHW68IADoOTvNxwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHWkRPTtX2apCs8uH7pcAxNQ2cD8MB8GA1UdIwQY MBaAFACvndowfLUlOF75D1BtDVe7nSvyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUstZDJqQjh0U1U0WHZrUFVHME5WN3VkS19JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9kMGUyZjQtYjYwYS00MGIyLTkyZTkt OTBlYWNlOWUwNTllLzEvZGFSRTlPMWZacWtLenk0ZnVsd0RFMURad1B3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9kMGUyZjQtYjYwYS00MGIyLTkyZTktOTBlYWNlOWUwNTll LzEvQUstZDJqQjh0U1U0WHZrUFVHME5WN3VkS19JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSjQMA0E AgACMAcDBQMqBIbAMA0GCSqGSIb3DQEBCwUAA4IBAQAHQTPx9h1IXmsTuE86PFlk ZXra6qqoiZYQp6RlTrnNWFHfZkF91x3ZCHF/M17N9kmXWDSOZVUo79tdXVPuiNal T0OKq2VfKwzSq2tNCcT6UeC4Rg+fTCOsHl7/29L9fGbVXQBfcQfb31+yc48nNDT5 Su0TXXCE6OxJDQ8056ub1Bau+LWSxSTCO6++IkRaiH5QRvxRxFTKPLNBavJBx5Rn s7FuHlkjU1WEddx26Rb2i/MmL6b3nr8DmwQMVsR1jWtUZyWLDP+07xdpDdswVASL L6PhzotduJH4AXzyL/0miN3+NloWBHOVNtUW9r/OBXRxgCRnBTMIHVOzJP/jgCaH -----END CERTIFICATE-----Generated at Sun Jan 25 19:36:43 2026 by rpki-client