This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/ddmt2-uWwkD03hR8f-AnYnhHvEQ.roa File: ddmt2-uWwkD03hR8f-AnYnhHvEQ.roa (raw, json) Hash identifier: NzfyOsp8qB/kzAypqWkHF3Ue4tcxIJ2yaDyTF4sPpVU= Subject key identifier: 75:D9:AD:DB:EB:96:C2:40:F4:DE:14:7C:7F:E0:27:62:78:47:BC:44 Certificate issuer: /CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39 Certificate serial: 019B7C11115E7FA85BC3962FA798E374B508 Authority key identifier: 90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/ddmt2-uWwkD03hR8f-AnYnhHvEQ.roa Signing time: Fri 02 Jan 2026 00:17:31 +0000 ROA not before: Fri 02 Jan 2026 00:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57129 IP address blocks: 185.128.32.0/22 maxlen: 24 185.202.200.0/22 maxlen: 24 2a06:cd00::/29 maxlen: 48 2a0d:5900::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/kK5TjiqRNG8EAlmLD_L7mpXAfDk.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/kK5TjiqRNG8EAlmLD_L7mpXAfDk.mft rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:11:5e:7f:a8:5b:c3:96:2f:a7:98:e3:74:b5:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39 Validity Not Before: Jan 2 00:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=75d9addbeb96c240f4de147c7fe027627847bc44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:a2:dc:f1:8f:8a:96:9f:ba:d3:1c:67:00:6c: 17:fb:16:a7:69:15:e4:f9:54:a3:c5:9f:14:f0:db: fc:dd:4a:24:5b:d3:21:8b:ee:d6:ce:7a:99:b7:74: fa:fa:af:b5:ac:fa:0e:04:5d:b3:94:2e:03:5c:e7: 3d:2f:f8:ff:b7:df:b3:b6:83:93:64:ab:71:a7:c0: d7:45:ea:e9:40:de:c8:26:30:32:14:cb:a2:70:70: 5d:8c:f3:93:6f:17:cb:9f:79:26:12:ff:57:64:d8: ce:66:6a:34:1f:6b:7f:16:db:0a:06:98:f3:1f:53: 4c:88:89:de:c5:a5:bd:62:29:26:ba:b8:17:65:b8: df:00:03:68:ec:2f:3b:00:36:31:d8:2e:84:da:0d: 22:dd:55:53:78:71:72:ca:51:ef:cc:9f:c4:7d:62: 24:3e:f6:17:57:c3:0b:46:21:be:0d:e7:91:2c:bc: 63:a2:68:a9:53:15:6c:e6:1d:a0:d8:4a:49:1a:08: bd:27:9c:0a:12:16:61:c8:60:3a:86:56:00:3a:37: 53:74:7e:55:9f:06:03:b7:a6:82:10:5c:8a:3d:04: 0d:5a:1e:2c:d7:ec:c4:53:6e:2e:19:52:28:6c:1f: 7a:18:26:09:da:f1:83:43:7b:3e:7c:e5:b8:d1:67: 78:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:D9:AD:DB:EB:96:C2:40:F4:DE:14:7C:7F:E0:27:62:78:47:BC:44 X509v3 Authority Key Identifier: keyid:90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/ddmt2-uWwkD03hR8f-AnYnhHvEQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/kK5TjiqRNG8EAlmLD_L7mpXAfDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.128.32.0/22 185.202.200.0/22 IPv6: 2a06:cd00::/29 2a0d:5900::/29 Signature Algorithm: sha256WithRSAEncryption a0:17:55:25:58:44:8e:b1:60:ce:21:cd:29:ad:0b:0e:f8:81: e6:b5:6a:18:08:a9:3c:b8:fa:5f:99:af:f8:b5:5d:1f:36:2b: 1b:01:08:be:57:cb:5f:0f:73:48:f3:e7:4c:be:7d:da:92:bc: fd:60:09:7b:d8:6b:52:a4:e7:9b:30:46:04:a1:18:66:e8:f1: bd:ae:4d:75:7f:5f:ee:0f:1f:68:f9:5c:14:55:31:6c:ab:38: ba:00:76:5a:2e:22:d1:5b:3d:cb:b5:ed:b4:db:ac:dc:e1:e2: 5e:2e:05:dd:e8:0d:c2:41:8e:9d:16:3c:27:9e:49:3f:24:33: 30:fd:cc:89:88:23:a3:50:98:53:8a:be:e0:66:88:f8:dc:f8: 15:c2:8b:bf:0e:e6:81:38:2f:2b:5f:c2:d0:78:30:5d:e6:cf: a7:ff:a0:68:14:1b:7d:f4:35:4d:11:47:71:44:d7:8a:98:df: ff:2b:37:38:51:56:c1:b4:bc:0e:f2:84:86:6d:b5:11:c0:72: 9b:ea:37:48:2b:60:bc:2d:d5:82:9e:e1:72:f0:16:b1:49:0f: a6:ae:b8:96:ef:7b:89:d5:94:b5:0a:7a:79:c2:21:e8:67:8b: 66:c6:c9:5c:33:af:2f:3e:33:33:50:67:f4:00:c3:4f:a5:fa: 9b:37:09:0a -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt8ERFef6hbw5Yvp5jjdLUIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwYWU1MzhlMmE5MTM0NmYwNDAyNTk4YjBmZjJmYjlhOTVj MDdjMzkwHhcNMjYwMTAyMDAxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NWQ5YWRkYmViOTZjMjQwZjRkZTE0N2M3ZmUwMjc2Mjc4NDdiYzQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qLc8Y+Klp+60xxnAGwX+xanaRXk +VSjxZ8U8Nv83UokW9Mhi+7WznqZt3T6+q+1rPoOBF2zlC4DXOc9L/j/t9+ztoOT ZKtxp8DXRerpQN7IJjAyFMuicHBdjPOTbxfLn3kmEv9XZNjOZmo0H2t/FtsKBpjz H1NMiInexaW9YikmurgXZbjfAANo7C87ADYx2C6E2g0i3VVTeHFyylHvzJ/EfWIk PvYXV8MLRiG+DeeRLLxjomipUxVs5h2g2EpJGgi9J5wKEhZhyGA6hlYAOjdTdH5V nwYDt6aCEFyKPQQNWh4s1+zEU24uGVIobB96GCYJ2vGDQ3s+fOW40Wd4IwIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFHXZrdvrlsJA9N4UfH/gJ2J4R7xEMB8GA1UdIwQY MBaAFJCuU44qkTRvBAJZiw/y+5qVwHw5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4Mzkt YzVlNzgyMTU3OWYxLzEvZGRtdDItdVd3a0QwM2hSOGYtQW5ZbmhIdkVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4MzktYzVlNzgyMTU3OWYx LzEva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuYAgAwQC ucrIMBQEAgACMA4DBQMqBs0AAwUDKg1ZADANBgkqhkiG9w0BAQsFAAOCAQEAoBdV JVhEjrFgziHNKa0LDviB5rVqGAipPLj6X5mv+LVdHzYrGwEIvlfLXw9zSPPnTL59 2pK8/WAJe9hrUqTnmzBGBKEYZujxva5NdX9f7g8faPlcFFUxbKs4ugB2Wi4i0Vs9 y7XttNus3OHiXi4F3egNwkGOnRY8J55JPyQzMP3MiYgjo1CYU4q+4GaI+Nz4FcKL vw7mgTgvK1/C0HgwXebPp/+gaBQbffQ1TRFHcUTXipjf/ys3OFFWwbS8DvKEhm21 EcBym+o3SCtgvC3Vgp7hcvAWsUkPpq64lu97idWUtQp6ecIh6GeLZsbJXDOvLz4z M1Bn9ADDT6X6mzcJCg== -----END CERTIFICATE-----Generated at Mon Jan 26 06:57:15 2026 by rpki-client