This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/DdT52dECsPLxwOU1Dbn08lkn-hU.roa File: DdT52dECsPLxwOU1Dbn08lkn-hU.roa (raw, json) Hash identifier: QO5UQIGdffH2OqEFgJtI2ITxGgY+D7vhORFq9Yj/3uk= Subject key identifier: 0D:D4:F9:D9:D1:02:B0:F2:F1:C0:E5:35:0D:B9:F4:F2:59:27:FA:15 Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511 Certificate serial: 019B7C8017A770FE47059B2F0689F41834B5 Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/DdT52dECsPLxwOU1Dbn08lkn-hU.roa Signing time: Fri 02 Jan 2026 02:18:47 +0000 ROA not before: Fri 02 Jan 2026 02:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31629 IP address blocks: 81.255.154.0/23 maxlen: 24 81.255.154.0/24 maxlen: 24 81.255.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:17:a7:70:fe:47:05:9b:2f:06:89:f4:18:34:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511 Validity Not Before: Jan 2 02:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0dd4f9d9d102b0f2f1c0e5350db9f4f25927fa15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:e4:45:5e:2d:35:52:36:0a:ea:ae:17:a0:eb: 12:c8:9b:88:a7:81:78:ff:f6:f1:c8:a2:a8:e8:ed: d7:bd:5f:72:9d:95:9a:b4:16:5b:45:d8:88:b7:0a: fc:9e:74:3a:cb:ec:47:a5:e9:bd:be:06:fd:bb:8c: ec:c9:82:e4:62:31:df:90:6f:43:b1:da:c9:47:27: 3d:92:8d:fe:17:9b:7d:29:94:3d:21:09:14:70:52: e8:f9:10:fd:fc:20:58:f5:f6:e8:c2:c0:85:9c:30: f6:49:04:5b:24:b3:36:80:36:34:a1:54:13:b2:6e: ba:1f:b7:62:02:f6:b6:a0:f0:df:c0:e0:15:d0:f0: 6c:90:0e:f3:82:39:a1:c3:04:3d:fd:84:0d:8a:02: 4c:01:d8:d3:50:c6:8c:d3:c9:21:3a:96:f2:17:c7: 10:01:cb:8d:67:81:ce:a7:f6:dd:8a:dc:af:24:d2: a9:1f:16:5b:12:18:92:8f:b7:2b:38:d0:0c:04:f7: 98:df:78:6c:e1:be:c9:3c:50:80:49:99:7e:6c:8c: 84:dd:91:61:27:34:42:66:aa:63:3f:ae:87:17:67: 37:14:7c:16:48:42:8d:cd:52:55:be:4e:da:96:b9: b6:b2:31:3e:cb:cc:0a:ca:67:83:be:3e:a0:6c:d5: 44:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:D4:F9:D9:D1:02:B0:F2:F1:C0:E5:35:0D:B9:F4:F2:59:27:FA:15 X509v3 Authority Key Identifier: keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/DdT52dECsPLxwOU1Dbn08lkn-hU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.255.154.0/23 Signature Algorithm: sha256WithRSAEncryption 19:4f:c6:20:35:d3:5c:ad:83:2b:61:49:be:bf:54:d1:fa:d0: c4:46:60:63:a6:f1:39:d7:b0:30:95:f6:b4:54:4e:88:8a:22: 2b:f1:a7:e8:74:12:d2:27:5e:42:bf:ee:4a:d0:15:28:47:00: 7d:76:fa:3e:a2:cf:08:c5:11:8d:b6:cc:41:c7:e9:c6:33:a9: a1:7f:af:be:7e:9e:f3:2f:48:a0:ad:1b:84:cf:68:39:20:46: 31:0c:11:8b:92:5e:07:d7:72:33:87:2e:44:40:68:e4:0a:8b: 78:70:08:91:20:f5:97:02:9b:3c:26:29:cf:78:6d:46:93:5d: 3b:4c:ee:78:61:a0:f4:be:50:47:0a:af:3b:6b:3d:3d:b0:51: c8:50:b8:e9:6f:a8:2e:0c:ec:bf:5d:b4:8c:ed:28:9b:63:f5: f5:09:cf:7a:63:1f:67:d7:5c:6b:9a:52:9e:ad:a0:7f:29:0c: aa:1e:df:5e:7e:38:8e:a1:74:cb:d0:f1:12:86:77:8f:1c:e9: 39:81:e0:42:b8:3b:4e:ef:3a:8a:aa:09:8c:8b:77:c7:2e:e0: 44:61:fd:db:50:ed:01:b9:81:0c:5e:2c:f8:87:24:fc:04:d3: e9:45:98:83:63:17:a5:50:6c:af:6d:cb:66:ec:55:75:11:3b: 2f:00:56:bc -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8gBencP5HBZsvBon0GDS1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh MTA1MTEwHhcNMjYwMTAyMDIxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZGQ0ZjlkOWQxMDJiMGYyZjFjMGU1MzUwZGI5ZjRmMjU5MjdmYTE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwORFXi01UjYK6q4XoOsSyJuIp4F4 //bxyKKo6O3XvV9ynZWatBZbRdiItwr8nnQ6y+xHpem9vgb9u4zsyYLkYjHfkG9D sdrJRyc9ko3+F5t9KZQ9IQkUcFLo+RD9/CBY9fbowsCFnDD2SQRbJLM2gDY0oVQT sm66H7diAva2oPDfwOAV0PBskA7zgjmhwwQ9/YQNigJMAdjTUMaM08khOpbyF8cQ AcuNZ4HOp/bdityvJNKpHxZbEhiSj7crONAMBPeY33hs4b7JPFCASZl+bIyE3ZFh JzRCZqpjP66HF2c3FHwWSEKNzVJVvk7alrm2sjE+y8wKymeDvj6gbNVEjQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFA3U+dnRArDy8cDlNQ259PJZJ/oVMB8GA1UdIwQY MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt NDU5MzVmNTA2YTEyLzEvRGRUNTJkRUNzUEx4d09VMURibjA4bGtuLWhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUf+aMA0G CSqGSIb3DQEBCwUAA4IBAQAZT8YgNdNcrYMrYUm+v1TR+tDERmBjpvE517Awlfa0 VE6IiiIr8afodBLSJ15Cv+5K0BUoRwB9dvo+os8IxRGNtsxBx+nGM6mhf6++fp7z L0igrRuEz2g5IEYxDBGLkl4H13Izhy5EQGjkCot4cAiRIPWXAps8JinPeG1Gk107 TO54YaD0vlBHCq87az09sFHIULjpb6guDOy/XbSM7SibY/X1Cc96Yx9n11xrmlKe raB/KQyqHt9efjiOoXTL0PEShnePHOk5geBCuDtO7zqKqgmMi3fHLuBEYf3bUO0B uYEMXiz4hyT8BNPpRZiDYxelUGyvbctm7FV1ETsvAFa8 -----END CERTIFICATE-----Generated at Sun Jan 25 23:31:40 2026 by rpki-client