This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/D5CU0J4aOE-guuZrF-x88dYJu60.roa File: D5CU0J4aOE-guuZrF-x88dYJu60.roa (raw, json) Hash identifier: 3+UAZWoH8Ujlfit64dH7jiUqGde2nrxqjoG3SgyDLRU= Subject key identifier: 0F:90:94:D0:9E:1A:38:4F:A0:BA:E6:6B:17:EC:7C:F1:D6:09:BB:AD Certificate issuer: /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc Certificate serial: 019B79ECDB5DBEBBBF5935C63E129BFFF8DC Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/D5CU0J4aOE-guuZrF-x88dYJu60.roa Signing time: Thu 01 Jan 2026 14:18:44 +0000 ROA not before: Thu 01 Jan 2026 14:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204436 IP address blocks: 91.197.228.0/22 maxlen: 24 185.181.116.0/22 maxlen: 24 2a0a:cb80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.mft rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:db:5d:be:bb:bf:59:35:c6:3e:12:9b:ff:f8:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc Validity Not Before: Jan 1 14:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0f9094d09e1a384fa0bae66b17ec7cf1d609bbad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:72:65:3a:be:4f:9b:42:9b:96:bb:6c:7b:9a: ac:14:b9:d4:37:5e:0f:8e:69:95:3f:c2:77:3f:09: 42:9e:4b:fd:35:73:ee:8b:b2:c0:0e:fe:9d:b6:f1: 99:12:1b:3b:ce:3a:0b:0a:72:b3:97:32:70:76:4c: 63:a0:65:19:02:08:48:e7:d2:9b:b1:10:34:91:94: 68:04:83:eb:e3:4c:c2:6f:21:b0:d7:11:52:91:85: e6:1d:4d:99:14:2c:2d:f0:80:b1:51:c8:ba:99:40: aa:0f:90:0c:d4:5a:64:9e:99:b4:b4:2a:47:00:88: 83:53:1f:e7:bf:eb:bf:89:2f:63:54:b0:16:14:db: f3:bc:84:20:f0:d1:0d:1c:fc:04:d1:2f:1c:89:e4: 60:0d:6d:db:f8:5d:88:dc:a5:90:fb:57:00:5f:0d: 18:60:d1:27:04:4b:3c:ba:95:4a:81:67:81:37:c9: a8:6c:25:a1:cf:1b:9e:b7:19:cb:16:df:11:3a:ea: 2f:76:65:7d:ae:48:07:ef:54:dc:80:ce:31:66:de: e2:0e:2e:3b:1e:03:02:43:e8:ea:66:c8:44:fd:34: dc:79:20:7b:7e:57:75:78:a1:38:df:09:af:96:03: ff:90:8b:c0:cf:fd:20:44:23:06:7f:80:06:47:bf: e3:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:90:94:D0:9E:1A:38:4F:A0:BA:E6:6B:17:EC:7C:F1:D6:09:BB:AD X509v3 Authority Key Identifier: keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/D5CU0J4aOE-guuZrF-x88dYJu60.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.228.0/22 185.181.116.0/22 IPv6: 2a0a:cb80::/32 Signature Algorithm: sha256WithRSAEncryption 11:a6:87:cc:77:00:e6:87:44:af:22:5c:39:0a:ba:64:49:72: 78:a7:6f:68:3d:ab:57:90:48:3a:ff:d9:d4:12:a3:8d:2e:a5: 0a:dc:1b:da:3e:b9:05:3b:49:4a:8f:54:f6:63:9f:2a:38:81: 22:53:55:c6:4d:97:f1:89:5b:98:c0:6e:04:0c:0c:f7:b3:6a: 7d:8f:1e:9f:c0:82:f6:2e:d7:00:7b:19:54:91:0a:17:8b:d2: f4:52:ce:3a:06:ee:0b:16:56:58:28:ac:3f:37:2f:a6:82:8a: d9:68:80:9c:5c:de:1f:f1:08:ce:30:ef:ed:ae:4e:61:a8:3e: af:31:55:ba:3d:16:23:65:af:a0:e1:cf:da:2d:6e:c8:84:e6: 50:3c:99:9d:98:66:4b:98:f0:60:1c:d0:12:77:c8:9e:38:c2: 12:8a:1d:3a:ab:be:58:6c:32:60:93:56:ee:5d:2f:21:38:a4: 81:0d:2a:77:e5:7f:89:ba:74:7a:4a:24:76:04:53:e1:15:ab: 2f:fa:05:65:15:96:21:11:ee:7d:3f:63:3f:a6:3e:55:e8:ac: a9:ff:3c:cf:89:5d:1e:75:66:b4:09:e4:c2:e9:11:ce:7b:77: 02:ce:e6:8b:ad:3a:b9:e2:41:ce:71:2c:1d:dd:cc:c4:5b:43: 58:65:cb:4c -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt57Ntdvru/WTXGPhKb//jcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm MTFkZmMwHhcNMjYwMTAxMTQxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZjkwOTRkMDllMWEzODRmYTBiYWU2NmIxN2VjN2NmMWQ2MDliYmFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnJlOr5Pm0Kblrtse5qsFLnUN14P jmmVP8J3PwlCnkv9NXPui7LADv6dtvGZEhs7zjoLCnKzlzJwdkxjoGUZAghI59Kb sRA0kZRoBIPr40zCbyGw1xFSkYXmHU2ZFCwt8ICxUci6mUCqD5AM1Fpknpm0tCpH AIiDUx/nv+u/iS9jVLAWFNvzvIQg8NENHPwE0S8cieRgDW3b+F2I3KWQ+1cAXw0Y YNEnBEs8upVKgWeBN8mobCWhzxuetxnLFt8ROuovdmV9rkgH71TcgM4xZt7iDi47 HgMCQ+jqZshE/TTceSB7fld1eKE43wmvlgP/kIvAz/0gRCMGf4AGR7/jswIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFA+QlNCeGjhPoLrmaxfsfPHWCbutMB8GA1UdIwQY MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt ZDE2M2I1NDk5ZTY4LzEvRDVDVTBKNGFPRS1ndXVackYteDg4ZFlKdTYwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4 LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQARpofMdwDmh0Sv Ilw5CrpkSXJ4p29oPatXkEg6/9nUEqONLqUK3BvaPrkFO0lKj1T2Y58qOIEiU1XG TZfxiVuYwG4EDAz3s2p9jx6fwIL2LtcAexlUkQoXi9L0Us46Bu4LFlZYKKw/Ny+m gorZaICcXN4f8QjOMO/trk5hqD6vMVW6PRYjZa+g4c/aLW7IhOZQPJmdmGZLmPBg HNASd8ieOMISih06q75YbDJgk1buXS8hOKSBDSp35X+JunR6SiR2BFPhFasv+gVl FZYhEe59P2M/pj5V6Kyp/zzPiV0edWa0CeTC6RHOe3cCzuaLrTq54kHOcSwd3czE W0NYZctM -----END CERTIFICATE-----Generated at Sun Jan 25 23:03:50 2026 by rpki-client