This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/kdVFzfIFoNutx6KMtzHhR1hLGFM.roa File: kdVFzfIFoNutx6KMtzHhR1hLGFM.roa (raw, json) Hash identifier: YR7ZxedJoLeyhYyTUjhkMFVysR8hg1hUTr+cTRHKDAs= Subject key identifier: 91:D5:45:CD:F2:05:A0:DB:AD:C7:A2:8C:B7:31:E1:47:58:4B:18:53 Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59 Certificate serial: 019B77596B04D82B403CA3907752A5822D8B Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/kdVFzfIFoNutx6KMtzHhR1hLGFM.roa Signing time: Thu 01 Jan 2026 02:18:27 +0000 ROA not before: Thu 01 Jan 2026 02:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62322 IP address blocks: 89.33.132.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:6b:04:d8:2b:40:3c:a3:90:77:52:a5:82:2d:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59 Validity Not Before: Jan 1 02:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=91d545cdf205a0dbadc7a28cb731e147584b1853 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:5b:31:d4:ca:4a:32:40:92:e3:72:6b:5a:ff: a2:6f:2d:21:98:59:97:77:4b:2b:8e:0c:86:c4:53: 3f:af:31:a2:41:1f:99:a2:e9:67:03:06:55:5c:28: 85:4d:b1:4c:02:a9:ae:52:63:c1:21:c3:07:b5:0f: 01:36:8d:59:7a:84:5f:d2:16:d7:92:75:60:33:c3: 81:96:df:aa:32:c0:f2:67:7c:0a:26:5f:d1:8c:f3: e0:c5:5e:c7:f5:0a:ad:ec:fd:90:13:4d:88:61:58: 87:3a:28:46:a5:38:03:fd:f3:d7:92:8a:9b:0d:61: 06:40:5b:86:21:b0:bc:0a:68:7d:36:f8:f3:09:2e: 18:bf:8f:dc:87:4d:14:65:d7:a5:bb:af:f8:f9:68: a5:14:69:65:9e:ed:24:56:0b:8c:0f:da:66:44:f1: 52:78:b6:d6:e7:97:69:66:46:c5:71:ed:11:90:b5: d8:14:2a:9a:dc:a4:4e:a9:f1:62:bc:33:21:d9:1f: 2e:25:aa:12:b7:20:fd:be:4e:6f:5d:3b:7f:2b:e1: ef:b6:11:73:1b:bf:2e:3e:59:8b:4a:90:b7:32:ea: ec:2a:88:45:a2:c8:6a:ba:c5:3b:cc:16:2e:9f:b5: 13:b0:39:12:f4:4d:6f:df:ac:2a:68:c9:e5:b9:02: 14:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:D5:45:CD:F2:05:A0:DB:AD:C7:A2:8C:B7:31:E1:47:58:4B:18:53 X509v3 Authority Key Identifier: keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/kdVFzfIFoNutx6KMtzHhR1hLGFM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.33.132.0/24 Signature Algorithm: sha256WithRSAEncryption 6d:ba:6b:ee:aa:fb:f6:df:e9:26:31:e2:29:91:41:c6:a8:c0: 90:22:e3:e6:0e:a1:cd:41:8e:e8:87:65:54:36:6a:82:0d:14: a3:e4:54:58:ff:32:45:c3:a9:fb:ef:8e:4e:58:ed:0c:74:90: f5:50:c8:69:0c:58:bd:0a:c9:4f:18:17:3c:7d:b0:d3:ac:e2: f4:d0:4c:f2:f4:10:56:0f:76:78:93:8b:36:f3:39:9f:7b:19: 61:7d:1a:e0:27:cd:81:82:3b:6e:eb:ee:01:c7:26:c3:1a:77: 61:3f:9d:4d:e0:2a:7d:76:b9:91:35:67:01:0e:0b:e2:fa:a2: cb:fb:ed:ee:18:a1:93:bb:69:2c:b1:06:ed:c6:a2:57:c3:e2: 39:59:d5:96:e4:92:d5:5e:87:8a:80:4e:85:1a:fe:1c:be:5a: 68:21:e4:ee:40:3a:78:e2:d6:02:72:37:a0:68:69:d6:df:4e: 52:3f:49:cb:68:bc:a7:42:2b:1d:4e:e2:69:29:02:9d:9f:e4: 16:63:fa:25:d9:ea:87:88:1c:c0:f8:6b:46:ba:6c:4a:df:bf: fb:3f:d7:30:2a:04:9a:13:73:c5:ae:a6:6a:b3:08:7b:2b:fe: f3:90:79:7c:92:92:f5:c0:23:de:98:2a:f7:89:76:16:4a:46: f5:7f:52:a8 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt3WWsE2CtAPKOQd1Klgi2LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy MTliNTkwHhcNMjYwMTAxMDIxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MWQ1NDVjZGYyMDVhMGRiYWRjN2EyOGNiNzMxZTE0NzU4NGIxODUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlsx1MpKMkCS43JrWv+iby0hmFmX d0srjgyGxFM/rzGiQR+ZoulnAwZVXCiFTbFMAqmuUmPBIcMHtQ8BNo1ZeoRf0hbX knVgM8OBlt+qMsDyZ3wKJl/RjPPgxV7H9Qqt7P2QE02IYViHOihGpTgD/fPXkoqb DWEGQFuGIbC8Cmh9NvjzCS4Yv4/ch00UZdelu6/4+WilFGllnu0kVguMD9pmRPFS eLbW55dpZkbFce0RkLXYFCqa3KROqfFivDMh2R8uJaoStyD9vk5vXTt/K+HvthFz G78uPlmLSpC3MursKohFoshqusU7zBYun7UTsDkS9E1v36wqaMnluQIUMwIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFJHVRc3yBaDbrceijLcx4UdYSxhTMB8GA1UdIwQY MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl LTkyZTI1ZmUxNjMzMS8xL2tkVkZ6ZklGb051dHg2S010ekhoUjFoTEdGTS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABZIYQw DQYJKoZIhvcNAQELBQADggEBAG26a+6q+/bf6SYx4imRQcaowJAi4+YOoc1BjuiH ZVQ2aoINFKPkVFj/MkXDqfvvjk5Y7Qx0kPVQyGkMWL0KyU8YFzx9sNOs4vTQTPL0 EFYPdniTizbzOZ97GWF9GuAnzYGCO27r7gHHJsMad2E/nU3gKn12uZE1ZwEOC+L6 osv77e4YoZO7aSyxBu3GolfD4jlZ1ZbkktVeh4qAToUa/hy+Wmgh5O5AOnji1gJy N6BoadbfTlI/SctovKdCKx1O4mkpAp2f5BZj+iXZ6oeIHMD4a0a6bErfv/s/1zAq BJoTc8WupmqzCHsr/vOQeXySkvXAI96YKveJdhZKRvV/Uqg= -----END CERTIFICATE-----Generated at Sun Jan 25 14:36:23 2026 by rpki-client