This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/rKdvuJIJFgGPfjR9_tkt7GpYbuU.roa File: rKdvuJIJFgGPfjR9_tkt7GpYbuU.roa (raw, json) Hash identifier: cOdZ/AGn383MF+NUE+R43rPhYLUIwbGM9+ozFG63CYw= Subject key identifier: AC:A7:6F:B8:92:09:16:01:8F:7E:34:7D:FE:D9:2D:EC:6A:58:6E:E5 Certificate issuer: /CN=09d1a634bbb7aefad87d121a5fe545648738c8c5 Certificate serial: 019B76EB37F7309012BFA20987C929B257BD Authority key identifier: 09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/rKdvuJIJFgGPfjR9_tkt7GpYbuU.roa Signing time: Thu 01 Jan 2026 00:18:05 +0000 ROA not before: Thu 01 Jan 2026 00:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8769 IP address blocks: 185.40.184.0/22 maxlen: 22 185.118.118.0/24 maxlen: 24 185.121.28.0/22 maxlen: 22 185.254.132.0/22 maxlen: 22 2a06:9c40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.crl rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.mft rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:37:f7:30:90:12:bf:a2:09:87:c9:29:b2:57:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=09d1a634bbb7aefad87d121a5fe545648738c8c5 Validity Not Before: Jan 1 00:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=aca76fb8920916018f7e347dfed92dec6a586ee5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:61:02:72:e0:0d:ce:c0:96:1f:be:5c:df:6a: 88:91:e7:29:a5:9a:ce:27:42:da:06:85:3d:68:d2: f6:28:f8:2b:e7:9f:d5:87:f3:44:36:e0:e9:d6:60: 1b:77:f3:a8:c0:f7:a7:01:0a:b6:01:dd:9b:14:68: 3a:12:56:25:82:47:e7:ac:bd:47:27:d7:97:89:75: 99:0d:54:67:f3:b4:f0:be:9a:dd:1e:d3:62:f8:fd: 86:96:12:97:b5:6e:24:8f:6d:4a:39:0e:ce:f4:31: 1d:ca:c2:ec:af:40:42:40:e3:1b:ed:f8:fe:fb:e9: d5:de:87:10:73:62:29:72:a7:19:c8:46:29:ce:97: ef:c7:cf:4d:34:fb:28:11:5a:8b:ca:8e:82:10:0d: 4d:c3:5b:fe:c2:5a:ec:f2:bd:a2:e8:20:6f:d9:15: ff:45:d5:7e:f8:8c:9e:c7:51:88:39:2d:9b:d7:b2: 32:49:fe:cb:ff:e9:d4:50:39:89:88:56:e7:40:2f: f6:26:b7:4c:6b:eb:f2:80:02:fd:75:cc:d1:88:55: e8:36:08:b2:c4:57:1f:d4:4a:85:7b:de:16:b2:5d: 3c:7a:08:a0:d3:6e:46:ae:dc:91:66:2b:3d:be:85: 7b:81:0e:51:ef:d6:42:ec:bc:2a:fb:86:74:08:ba: 6c:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:A7:6F:B8:92:09:16:01:8F:7E:34:7D:FE:D9:2D:EC:6A:58:6E:E5 X509v3 Authority Key Identifier: keyid:09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/rKdvuJIJFgGPfjR9_tkt7GpYbuU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.40.184.0/22 185.118.118.0/24 185.121.28.0/22 185.254.132.0/22 IPv6: 2a06:9c40::/29 Signature Algorithm: sha256WithRSAEncryption 53:1e:e8:47:4d:3a:a8:60:90:1d:a3:80:92:b6:79:9d:49:90: 86:a3:8c:f9:ff:6c:e2:de:69:74:29:28:3f:82:c9:53:3c:2e: 44:e0:03:3e:f0:09:46:5e:af:f0:3e:c3:3e:ee:b8:4f:6c:21: b0:54:25:b9:6e:de:7d:4e:e1:25:cf:d4:f9:a5:d8:a0:89:0c: 0d:f7:d8:ae:56:68:a1:84:84:4c:9b:bd:d6:ac:bc:cf:17:79: 04:50:59:56:22:44:87:c1:53:a8:00:e2:47:68:cf:1a:dd:cc: c3:42:6d:55:ef:30:db:3c:76:7c:ad:9b:c7:59:41:57:c4:a4: 2f:8c:ff:df:8d:d4:d9:7a:dd:af:89:f3:5d:84:b2:43:1b:e2: 57:76:d7:59:1f:c5:f4:98:fd:36:44:38:db:85:04:6d:b9:8f: ce:b3:81:12:e7:fd:c8:2d:3d:95:1b:33:32:35:c8:76:a2:d9: f7:d4:4f:72:61:4c:89:3d:6b:48:55:43:31:37:9a:21:8a:04: b5:2f:5f:5a:da:97:3f:c2:f7:8f:59:75:65:66:de:34:fd:ef: 84:7a:76:9f:48:c0:d1:55:65:17:29:74:1e:12:e5:93:0b:98: 3a:98:b9:fa:3b:d9:29:d7:7c:79:2f:93:64:5c:c2:1d:ca:2d: ed:d6:f9:cd -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt26zf3MJASv6IJh8kpsle9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5ZDFhNjM0YmJiN2FlZmFkODdkMTIxYTVmZTU0NTY0ODcz OGM4YzUwHhcNMjYwMTAxMDAxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhY2E3NmZiODkyMDkxNjAxOGY3ZTM0N2RmZWQ5MmRlYzZhNTg2ZWU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2ECcuANzsCWH75c32qIkecppZrO J0LaBoU9aNL2KPgr55/Vh/NENuDp1mAbd/OowPenAQq2Ad2bFGg6ElYlgkfnrL1H J9eXiXWZDVRn87TwvprdHtNi+P2GlhKXtW4kj21KOQ7O9DEdysLsr0BCQOMb7fj+ ++nV3ocQc2IpcqcZyEYpzpfvx89NNPsoEVqLyo6CEA1Nw1v+wlrs8r2i6CBv2RX/ RdV++Iyex1GIOS2b17IySf7L/+nUUDmJiFbnQC/2JrdMa+vygAL9dczRiFXoNgiy xFcf1EqFe94Wsl08egig025GrtyRZis9voV7gQ5R79ZC7Lwq+4Z0CLpsawIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFKynb7iSCRYBj340ff7ZLexqWG7lMB8GA1UdIwQY MBaAFAnRpjS7t6762H0SGl/lRWSHOMjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjIt NWU1YjhiMjgwNTlhLzEvcktkdnVKSUpGZ0dQZmpSOV90a3Q3R3BZYnVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjItNWU1YjhiMjgwNTlh LzEvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSi4AwQA uXZ2AwQCuXkcAwQCuf6EMA0EAgACMAcDBQMqBpxAMA0GCSqGSIb3DQEBCwUAA4IB AQBTHuhHTTqoYJAdo4CStnmdSZCGo4z5/2zi3ml0KSg/gslTPC5E4AM+8AlGXq/w PsM+7rhPbCGwVCW5bt59TuElz9T5pdigiQwN99iuVmihhIRMm73WrLzPF3kEUFlW IkSHwVOoAOJHaM8a3czDQm1V7zDbPHZ8rZvHWUFXxKQvjP/fjdTZet2vifNdhLJD G+JXdtdZH8X0mP02RDjbhQRtuY/Os4ES5/3ILT2VGzMyNch2otn31E9yYUyJPWtI VUMxN5ohigS1L19a2pc/wvePWXVlZt40/e+EenafSMDRVWUXKXQeEuWTC5g6mLn6 O9kp13x5L5NkXMIdyi3t1vnN -----END CERTIFICATE-----Generated at Sun Jan 25 20:01:34 2026 by rpki-client