This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/18e0f5-4e14-431a-b793-1217729af1c8/1/rd59wLEfvKNOBwKpms9JkojXq3k.roa File: rd59wLEfvKNOBwKpms9JkojXq3k.roa (raw, json) Hash identifier: mBuGXrrAweGoBjDpEtI+r5ofDk/b87Lh559SU3SJ+WE= Subject key identifier: AD:DE:7D:C0:B1:1F:BC:A3:4E:07:02:A9:9A:CF:49:92:88:D7:AB:79 Certificate issuer: /CN=4a0973c1f443ec4a8387aad7aca75d07b6faa9da Certificate serial: 019B7FF26263CBFF9370E4A0A3D6C6F15829 Authority key identifier: 4A:09:73:C1:F4:43:EC:4A:83:87:AA:D7:AC:A7:5D:07:B6:FA:A9:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SglzwfRD7EqDh6rXrKddB7b6qdo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/18e0f5-4e14-431a-b793-1217729af1c8/1/rd59wLEfvKNOBwKpms9JkojXq3k.roa Signing time: Fri 02 Jan 2026 18:22:29 +0000 ROA not before: Fri 02 Jan 2026 18:22:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204457 IP address blocks: 87.121.22.0/24 maxlen: 24 185.248.12.0/22 maxlen: 22 185.248.12.0/24 maxlen: 24 185.248.13.0/24 maxlen: 24 185.248.14.0/24 maxlen: 24 185.248.15.0/24 maxlen: 24 194.4.153.0/24 maxlen: 24 2a0a:a580::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/18e0f5-4e14-431a-b793-1217729af1c8/1/SglzwfRD7EqDh6rXrKddB7b6qdo.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/18e0f5-4e14-431a-b793-1217729af1c8/1/SglzwfRD7EqDh6rXrKddB7b6qdo.mft rsync://rpki.ripe.net/repository/DEFAULT/SglzwfRD7EqDh6rXrKddB7b6qdo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:62:63:cb:ff:93:70:e4:a0:a3:d6:c6:f1:58:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4a0973c1f443ec4a8387aad7aca75d07b6faa9da Validity Not Before: Jan 2 18:22:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=adde7dc0b11fbca34e0702a99acf499288d7ab79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:00:11:d0:83:6e:30:a3:bb:37:0d:40:14:8e: 8b:ec:0d:79:20:97:9f:83:70:85:8e:f6:3f:87:f2: 9d:6e:e7:33:c4:e2:11:08:b1:16:d1:3a:d7:2a:9f: 21:5a:d3:b8:6d:66:2a:72:85:9a:ef:e0:dc:c0:ee: 28:2e:cd:7a:1f:48:29:29:e1:2b:ce:b3:60:3d:fa: b2:c7:1e:55:48:33:cf:79:34:df:e6:48:ec:03:3c: d4:ee:aa:98:1c:8a:0f:e7:86:2e:3f:2a:c6:cc:84: d5:cb:db:0d:9d:64:6e:d0:49:a3:6e:b1:84:0a:33: fd:37:b1:1a:69:4e:6c:69:63:f4:25:85:2e:df:ac: 54:93:3c:00:01:9b:87:9c:3f:af:b3:df:80:0c:27: 95:50:08:a4:c0:ab:0e:44:a2:24:69:f8:52:c4:28: 6c:c5:de:4e:f1:ba:56:84:cd:f6:4c:f2:da:02:69: 95:e7:2c:29:69:73:b3:a6:ef:a6:8c:5b:88:27:9c: 21:c6:10:03:22:13:e6:d5:8d:33:25:4a:06:eb:86: b8:38:91:1e:46:0b:31:8c:61:a4:7d:39:6f:ee:aa: 03:e6:72:c9:99:df:67:23:de:8b:e3:d5:62:e6:0b: 31:db:08:29:f3:35:17:a2:1e:70:a0:99:37:21:cb: 73:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:DE:7D:C0:B1:1F:BC:A3:4E:07:02:A9:9A:CF:49:92:88:D7:AB:79 X509v3 Authority Key Identifier: keyid:4A:09:73:C1:F4:43:EC:4A:83:87:AA:D7:AC:A7:5D:07:B6:FA:A9:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SglzwfRD7EqDh6rXrKddB7b6qdo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/18e0f5-4e14-431a-b793-1217729af1c8/1/rd59wLEfvKNOBwKpms9JkojXq3k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/18e0f5-4e14-431a-b793-1217729af1c8/1/SglzwfRD7EqDh6rXrKddB7b6qdo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.121.22.0/24 185.248.12.0/22 194.4.153.0/24 IPv6: 2a0a:a580::/29 Signature Algorithm: sha256WithRSAEncryption 46:99:dc:b5:69:bb:89:e7:e3:f4:2c:a0:01:70:74:dd:e7:df: 69:91:62:e4:13:2d:0d:33:b1:fe:c8:9c:e9:ad:17:49:3f:c9: 0b:a2:9c:7a:e9:39:ea:cb:07:68:34:ef:9f:31:b3:e9:76:28: 87:ce:7f:42:0b:18:98:83:42:f9:0d:b8:14:75:de:90:cb:e3: f5:a8:b8:4f:db:66:99:d2:87:30:d5:9e:ce:18:d0:ba:72:60: 48:9e:4e:32:e9:f7:e7:72:7d:f8:7a:55:ca:51:c0:30:7e:01: 53:e9:6d:37:16:67:43:9e:dd:5b:41:37:a7:5f:2f:30:50:83: 46:2e:72:1d:18:f9:34:f4:ab:67:f0:b6:a4:55:56:b2:1c:74: e9:81:7d:4b:9c:58:40:48:41:f7:08:ae:e1:ea:29:dd:b8:66: 7b:89:5c:45:e9:9b:3a:4f:c9:81:f2:56:26:39:43:fd:8e:d4: d1:03:1d:a0:e1:6d:a0:e8:d8:92:df:a4:38:4d:88:5a:9f:b1: 20:c9:d1:81:72:52:5a:53:b6:1c:c7:36:cf:ee:1c:b9:b3:3d: 65:c4:d5:53:5d:27:d0:7a:85:1f:ff:d7:66:d2:67:fa:9e:87: ac:e2:ca:6c:ca:93:6e:ed:3e:37:90:f3:5e:86:07:21:3e:50: eb:2c:45:de -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt/8mJjy/+TcOSgo9bG8VgpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhMDk3M2MxZjQ0M2VjNGE4Mzg3YWFkN2FjYTc1ZDA3YjZm YWE5ZGEwHhcNMjYwMTAyMTgyMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZGRlN2RjMGIxMWZiY2EzNGUwNzAyYTk5YWNmNDk5Mjg4ZDdhYjc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAAR0INuMKO7Nw1AFI6L7A15IJef g3CFjvY/h/KdbuczxOIRCLEW0TrXKp8hWtO4bWYqcoWa7+DcwO4oLs16H0gpKeEr zrNgPfqyxx5VSDPPeTTf5kjsAzzU7qqYHIoP54YuPyrGzITVy9sNnWRu0EmjbrGE CjP9N7EaaU5saWP0JYUu36xUkzwAAZuHnD+vs9+ADCeVUAikwKsORKIkafhSxChs xd5O8bpWhM32TPLaAmmV5ywpaXOzpu+mjFuIJ5whxhADIhPm1Y0zJUoG64a4OJEe RgsxjGGkfTlv7qoD5nLJmd9nI96L49Vi5gsx2wgp8zUXoh5woJk3IctzjwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFK3efcCxH7yjTgcCqZrPSZKI16t5MB8GA1UdIwQY MBaAFEoJc8H0Q+xKg4eq16ynXQe2+qnaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU2dsendmUkQ3RXFEaDZyWHJLZGRCN2I2cWRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xOGUwZjUtNGUxNC00MzFhLWI3OTMt MTIxNzcyOWFmMWM4LzEvcmQ1OXdMRWZ2S05PQndLcG1zOUprb2pYcTNrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS8xOGUwZjUtNGUxNC00MzFhLWI3OTMtMTIxNzcyOWFmMWM4 LzEvU2dsendmUkQ3RXFEaDZyWHJLZGRCN2I2cWRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAV3kWAwQC ufgMAwQAwgSZMA0EAgACMAcDBQMqCqWAMA0GCSqGSIb3DQEBCwUAA4IBAQBGmdy1 abuJ5+P0LKABcHTd599pkWLkEy0NM7H+yJzprRdJP8kLopx66TnqywdoNO+fMbPp diiHzn9CCxiYg0L5DbgUdd6Qy+P1qLhP22aZ0ocw1Z7OGNC6cmBInk4y6ffncn34 elXKUcAwfgFT6W03FmdDnt1bQTenXy8wUINGLnIdGPk09Ktn8LakVVayHHTpgX1L nFhASEH3CK7h6induGZ7iVxF6Zs6T8mB8lYmOUP9jtTRAx2g4W2g6NiS36Q4TYha n7EgydGBclJaU7YcxzbP7hy5sz1lxNVTXSfQeoUf/9dm0mf6noes4spsypNu7T43 kPNehgchPlDrLEXe -----END CERTIFICATE-----Generated at Sun Jan 25 17:40:35 2026 by rpki-client