This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/dMRJpZJ1JNYLWgq3FuqchxjnETE.roa File: dMRJpZJ1JNYLWgq3FuqchxjnETE.roa (raw, json) Hash identifier: fce7GbHsuDUNjDLPVqwrMpy3SolSS3TeDUI3vt7NKIY= Subject key identifier: 74:C4:49:A5:92:75:24:D6:0B:5A:0A:B7:16:EA:9C:87:18:E7:11:31 Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5 Certificate serial: 019B7BA375EBE2132061FF73CB631F0A2683 Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/dMRJpZJ1JNYLWgq3FuqchxjnETE.roa Signing time: Thu 01 Jan 2026 22:17:48 +0000 ROA not before: Thu 01 Jan 2026 22:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41175 IP address blocks: 81.201.208.0/20 maxlen: 24 185.114.104.0/22 maxlen: 24 2a00:e900::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.mft rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:75:eb:e2:13:20:61:ff:73:cb:63:1f:0a:26:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5 Validity Not Before: Jan 1 22:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=74c449a5927524d60b5a0ab716ea9c8718e71131 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:16:ba:f5:0e:43:0b:f3:b4:be:17:b3:9d:6e: 83:1c:1f:c7:12:88:e8:f9:65:fd:58:84:db:c1:f2: 96:fd:4f:43:7c:87:9c:37:f2:e5:1a:c5:26:bc:d1: 78:c3:5a:45:59:62:c4:ef:f0:0c:be:e5:c0:3e:71: 3b:4f:cb:c4:b9:cc:04:af:30:bf:51:aa:e0:60:84: 0e:51:7d:d1:57:24:fc:03:b2:b2:44:2b:c9:71:c7: 7b:72:f7:be:d8:4a:ae:21:9c:5f:7a:fa:2a:2d:d1: 16:a3:40:0b:25:9b:67:12:de:9a:21:12:a4:25:c9: e9:3f:58:b0:92:68:0d:78:87:00:99:89:ef:81:01: 82:6f:37:c2:e2:50:be:c9:99:9b:5f:ea:43:1d:c5: af:fa:5a:6b:f1:a0:72:2d:dc:5a:f7:c9:db:20:d4: 53:cd:8d:d3:96:e6:35:44:ef:cc:e2:0a:4b:5e:72: 5a:7f:98:2e:2e:5d:70:e7:0c:90:85:2b:3c:90:50: b5:43:30:b8:3e:6b:2f:aa:81:69:36:60:79:e4:cb: f6:65:cd:ce:af:b9:80:ca:f4:c4:71:13:b1:67:52: 85:10:86:96:87:b3:c3:c7:c2:7c:46:1b:43:8a:d5: d4:38:98:7c:04:ae:65:d2:c4:aa:b5:f7:63:b8:8f: df:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:C4:49:A5:92:75:24:D6:0B:5A:0A:B7:16:EA:9C:87:18:E7:11:31 X509v3 Authority Key Identifier: keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/dMRJpZJ1JNYLWgq3FuqchxjnETE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.201.208.0/20 185.114.104.0/22 IPv6: 2a00:e900::/29 Signature Algorithm: sha256WithRSAEncryption 3f:0d:cd:76:ac:d1:f4:74:94:80:d4:ba:6b:49:9f:d2:9a:6e: 7b:71:64:a2:bd:67:80:1f:47:11:fb:98:93:c5:cd:5c:bd:e0: d8:e5:50:af:0f:e4:b2:ff:2a:be:18:e0:67:d0:bc:66:4d:4d: 4c:80:2d:87:2d:dd:46:43:1b:12:a9:82:55:be:bd:07:5f:62: 1c:44:01:a9:81:8c:40:a5:6e:b7:80:06:bd:f4:06:3d:8e:5d: 3a:bf:7b:97:bc:4d:67:0e:75:6c:f9:d2:ac:ce:b9:1d:85:3b: 27:c5:44:b2:95:22:a6:2f:d5:c3:75:06:4a:97:f9:f9:e4:5a: 0b:20:24:51:6c:05:6a:15:a3:bd:b3:51:d8:8d:78:34:1c:2c: f9:6c:32:e3:5e:b3:ac:f2:fa:3c:94:c1:05:b4:8a:7f:94:11: b8:94:88:b9:7f:1d:52:34:63:5b:49:c8:e9:e8:74:8e:a4:1d: 79:59:2d:70:02:eb:be:44:47:09:8f:e8:40:50:b6:6f:c6:f1: a6:58:a1:84:0c:8c:0c:0f:55:8f:26:0b:07:ef:bd:9f:a0:57: c9:f9:ac:e9:cd:d2:55:f7:a6:a2:10:8f:25:c5:db:e1:f2:83: ca:cc:59:61:23:24:c4:09:37:9e:71:6b:82:ce:07:a6:79:22: eb:45:e5:a2 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7o3Xr4hMgYf9zy2MfCiaDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj NDE1ZDUwHhcNMjYwMTAxMjIxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NGM0NDlhNTkyNzUyNGQ2MGI1YTBhYjcxNmVhOWM4NzE4ZTcxMTMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRa69Q5DC/O0vheznW6DHB/HEojo +WX9WITbwfKW/U9DfIecN/LlGsUmvNF4w1pFWWLE7/AMvuXAPnE7T8vEucwErzC/ UargYIQOUX3RVyT8A7KyRCvJccd7cve+2EquIZxfevoqLdEWo0ALJZtnEt6aIRKk JcnpP1iwkmgNeIcAmYnvgQGCbzfC4lC+yZmbX+pDHcWv+lpr8aByLdxa98nbINRT zY3TluY1RO/M4gpLXnJaf5guLl1w5wyQhSs8kFC1QzC4PmsvqoFpNmB55Mv2Zc3O r7mAyvTEcROxZ1KFEIaWh7PDx8J8RhtDitXUOJh8BK5l0sSqtfdjuI/fCwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFHTESaWSdSTWC1oKtxbqnIcY5xExMB8GA1UdIwQY MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt OGZkMzk0YjUzNTdjLzEvZE1SSnBaSjFKTllMV2dxM0Z1cWNoeGpuRVRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUcnQAwQC uXJoMA0EAgACMAcDBQMqAOkAMA0GCSqGSIb3DQEBCwUAA4IBAQA/Dc12rNH0dJSA 1LprSZ/Smm57cWSivWeAH0cR+5iTxc1cveDY5VCvD+Sy/yq+GOBn0LxmTU1MgC2H Ld1GQxsSqYJVvr0HX2IcRAGpgYxApW63gAa99AY9jl06v3uXvE1nDnVs+dKszrkd hTsnxUSylSKmL9XDdQZKl/n55FoLICRRbAVqFaO9s1HYjXg0HCz5bDLjXrOs8vo8 lMEFtIp/lBG4lIi5fx1SNGNbScjp6HSOpB15WS1wAuu+REcJj+hAULZvxvGmWKGE DIwMD1WPJgsH772foFfJ+azpzdJV96aiEI8lxdvh8oPKzFlhIyTECTeecWuCzgem eSLrReWi -----END CERTIFICATE-----Generated at Sun Jan 25 20:47:07 2026 by rpki-client