This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/D6outDiE1pK_DydHGZyVGQce45w.roa File: D6outDiE1pK_DydHGZyVGQce45w.roa (raw, json) Hash identifier: k67yvwHSAG5YZmtQAvs13ltyI5n27aqgR+L0RdVOVfU= Subject key identifier: 0F:AA:2E:B4:38:84:D6:92:BF:0F:27:47:19:9C:95:19:07:1E:E3:9C Certificate issuer: /CN=71601c0b8b13cc121017f6d25117ac1fd0664344 Certificate serial: 019B791131D1F4E7AB130CA4956F3EB254EE Authority key identifier: 71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/D6outDiE1pK_DydHGZyVGQce45w.roa Signing time: Thu 01 Jan 2026 10:18:48 +0000 ROA not before: Thu 01 Jan 2026 10:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49540 IP address blocks: 37.114.64.0/21 maxlen: 21 78.152.128.0/19 maxlen: 19 185.147.228.0/22 maxlen: 22 2a00:b180::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/cWAcC4sTzBIQF_bSUResH9BmQ0Q.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/cWAcC4sTzBIQF_bSUResH9BmQ0Q.mft rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:31:d1:f4:e7:ab:13:0c:a4:95:6f:3e:b2:54:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71601c0b8b13cc121017f6d25117ac1fd0664344 Validity Not Before: Jan 1 10:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0faa2eb43884d692bf0f2747199c9519071ee39c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:4b:f1:d9:fc:4a:80:42:65:31:da:8c:d4:9e: 68:9e:38:3b:80:b1:97:fd:2f:ce:c5:66:b5:38:1f: 47:16:ba:f2:98:15:fd:f7:fc:75:8b:2a:35:b6:10: c7:22:b2:53:ef:8d:cf:f0:9a:7d:90:23:b5:1f:12: 06:a3:76:60:08:f5:9a:7a:a9:59:7a:f2:d3:e2:29: bb:6d:b9:d9:7d:4f:10:ce:b9:0c:3f:67:92:cc:fa: 1a:38:11:08:e9:57:2a:a0:e6:16:bb:b7:c4:9c:8d: 2a:79:58:fb:ad:c2:b7:e2:11:56:a5:07:49:41:fd: f6:77:29:0d:56:4e:fd:59:e3:5d:92:80:8a:fc:57: 4f:e0:ca:5c:1e:08:37:d8:05:47:53:95:bc:fc:37: ad:a8:5e:b7:e9:a6:5b:2a:d7:cf:3b:6e:c3:56:13: 90:0d:3a:8d:c9:cb:53:36:96:2b:0e:b3:6c:b0:ad: 0f:f0:af:f8:0a:74:13:8f:d2:08:f9:56:8e:29:b5: 1f:ac:e6:c5:f4:6b:61:d8:e6:2b:91:d2:58:f0:42: ab:af:7e:f9:0d:9e:28:24:75:23:27:f6:76:bc:3c: 12:1b:29:65:36:4c:77:8d:04:81:d9:a2:11:b5:20: 38:19:d7:5a:f1:e8:70:99:de:90:ab:ac:59:d4:34: 88:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:AA:2E:B4:38:84:D6:92:BF:0F:27:47:19:9C:95:19:07:1E:E3:9C X509v3 Authority Key Identifier: keyid:71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/D6outDiE1pK_DydHGZyVGQce45w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/cWAcC4sTzBIQF_bSUResH9BmQ0Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.114.64.0/21 78.152.128.0/19 185.147.228.0/22 IPv6: 2a00:b180::/32 Signature Algorithm: sha256WithRSAEncryption 98:e7:a1:26:c3:18:ff:4b:1f:6c:98:5a:d1:b6:7f:29:32:a5: 89:24:3f:76:9e:cd:89:94:24:7a:f3:4a:14:9f:77:4c:bd:20: 0d:3e:29:0d:d3:f4:8d:72:9f:55:2b:d5:a6:a7:70:a0:b6:c5: c4:e3:49:3a:f1:01:3b:b4:84:5e:03:84:47:f8:ab:d3:ce:68: ce:68:ca:43:9c:5c:b3:29:81:7d:dc:d0:9b:ac:2b:25:19:4c: 1c:3b:56:a9:e3:ea:1d:13:46:cf:40:27:5d:08:2b:57:71:07: ce:95:ec:b4:e6:e2:bd:3c:11:b1:9e:96:16:91:3f:84:0c:d9: 1e:65:e8:67:5c:00:94:77:54:8b:be:52:72:f5:9e:67:a7:f8: 8f:a3:66:26:d1:d7:e2:7d:5c:01:54:6b:04:95:34:ab:a4:0d: 00:ca:4c:a5:33:6c:3a:6b:c9:8b:0c:09:36:0e:89:36:2e:c8: c9:2f:e8:64:7c:43:b6:2f:c2:fc:fe:e4:69:9b:b1:ac:9f:60: af:75:65:ec:24:64:aa:05:a5:19:45:b3:9c:49:c9:b6:b7:ec: 7a:a0:2d:a5:35:74:b6:a3:25:ae:5e:9e:2e:48:fe:aa:1a:b2: b2:19:af:d6:d2:15:45:3e:4b:10:e3:6e:8d:30:cc:d2:ae:9f: b1:ff:0c:16 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt5ETHR9OerEwyklW8+slTuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxNjAxYzBiOGIxM2NjMTIxMDE3ZjZkMjUxMTdhYzFmZDA2 NjQzNDQwHhcNMjYwMTAxMTAxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZmFhMmViNDM4ODRkNjkyYmYwZjI3NDcxOTljOTUxOTA3MWVlMzljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkvx2fxKgEJlMdqM1J5onjg7gLGX /S/OxWa1OB9HFrrymBX99/x1iyo1thDHIrJT743P8Jp9kCO1HxIGo3ZgCPWaeqlZ evLT4im7bbnZfU8QzrkMP2eSzPoaOBEI6VcqoOYWu7fEnI0qeVj7rcK34hFWpQdJ Qf32dykNVk79WeNdkoCK/FdP4MpcHgg32AVHU5W8/DetqF636aZbKtfPO27DVhOQ DTqNyctTNpYrDrNssK0P8K/4CnQTj9II+VaOKbUfrObF9Gth2OYrkdJY8EKrr375 DZ4oJHUjJ/Z2vDwSGyllNkx3jQSB2aIRtSA4Gdda8ehwmd6Qq6xZ1DSIgwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFA+qLrQ4hNaSvw8nRxmclRkHHuOcMB8GA1UdIwQY MBaAFHFgHAuLE8wSEBf20lEXrB/QZkNEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY1dBY0M0c1R6QklRRl9iU1VSZXNIOUJtUTBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kNWE0OWEtNGYxYS00OTYxLTljMWYt NzZiMDMyNWMzYjA3LzEvRDZvdXREaUUxcEtfRHlkSEdaeVZHUWNlNDV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC9kNWE0OWEtNGYxYS00OTYxLTljMWYtNzZiMDMyNWMzYjA3 LzEvY1dBY0M0c1R6QklRRl9iU1VSZXNIOUJtUTBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJXJAAwQF TpiAAwQCuZPkMA0EAgACMAcDBQAqALGAMA0GCSqGSIb3DQEBCwUAA4IBAQCY56Em wxj/Sx9smFrRtn8pMqWJJD92ns2JlCR680oUn3dMvSANPikN0/SNcp9VK9Wmp3Cg tsXE40k68QE7tIReA4RH+KvTzmjOaMpDnFyzKYF93NCbrCslGUwcO1ap4+odE0bP QCddCCtXcQfOley05uK9PBGxnpYWkT+EDNkeZehnXACUd1SLvlJy9Z5np/iPo2Ym 0dfifVwBVGsElTSrpA0AykylM2w6a8mLDAk2Dok2LsjJL+hkfEO2L8L8/uRpm7Gs n2CvdWXsJGSqBaUZRbOcScm2t+x6oC2lNXS2oyWuXp4uSP6qGrKyGa/W0hVFPksQ 426NMMzSrp+x/wwW -----END CERTIFICATE-----Generated at Mon Jan 26 02:08:07 2026 by rpki-client