This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/D0UZ3ILhNCgnCNWzBa3mcwr0Pno.roa File: D0UZ3ILhNCgnCNWzBa3mcwr0Pno.roa (raw, json) Hash identifier: 7TfPe1F/LyooXh4AcQzOEBSmrk6QV7hbqByjjSb/LoE= Subject key identifier: 0F:45:19:DC:82:E1:34:28:27:08:D5:B3:05:AD:E6:73:0A:F4:3E:7A Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d Certificate serial: 019B791065AE2D05E75E15F2578FB586716D Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/D0UZ3ILhNCgnCNWzBa3mcwr0Pno.roa Signing time: Thu 01 Jan 2026 10:17:56 +0000 ROA not before: Thu 01 Jan 2026 10:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31679 IP address blocks: 84.16.32.0/19 maxlen: 19 185.165.36.0/22 maxlen: 24 212.55.224.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.mft rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 04:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:65:ae:2d:05:e7:5e:15:f2:57:8f:b5:86:71:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d Validity Not Before: Jan 1 10:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0f4519dc82e134282708d5b305ade6730af43e7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:4b:1f:03:c4:fc:13:f7:6f:10:4e:53:57:57: 9d:63:62:a0:4a:ae:fc:98:ac:6d:4f:02:ed:5d:bf: cf:1e:65:dc:39:50:41:49:0e:a8:21:a2:bf:6e:84: 54:e7:27:04:f0:a1:5c:ec:54:a0:76:32:9c:1a:70: 7e:5e:a2:3e:d1:20:82:d4:ae:7c:56:77:78:06:9f: 3e:57:1e:ec:6a:88:e3:56:83:4e:59:d1:cd:4a:8a: 73:69:16:92:42:08:50:51:60:54:39:08:d0:6a:8f: c2:71:04:10:b7:b7:33:d7:3b:54:29:53:ba:18:12: da:5e:c8:c6:77:cf:f8:99:a3:bf:ce:e5:a7:10:cd: c3:5f:23:1b:b4:2d:19:e5:6e:b1:7c:d2:4b:c3:7c: cd:0c:88:ac:03:eb:27:b7:db:ee:65:f7:83:7a:1d: d6:c7:c6:ae:9d:c4:e4:76:76:79:29:db:a6:43:b3: 39:20:c4:0b:8f:5d:90:c0:1f:ad:45:6c:21:97:5f: 2b:8f:32:19:97:54:4a:f8:23:6b:6a:65:22:c4:c8: 7d:d8:0f:84:77:a2:79:3f:b9:1e:6c:fd:68:1e:01: c9:5d:69:98:f2:e1:fe:1b:e2:02:88:37:79:4e:48: d8:81:17:60:c6:f2:14:8a:df:5b:27:d8:13:c8:06: c3:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:45:19:DC:82:E1:34:28:27:08:D5:B3:05:AD:E6:73:0A:F4:3E:7A X509v3 Authority Key Identifier: keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/D0UZ3ILhNCgnCNWzBa3mcwr0Pno.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.16.32.0/19 185.165.36.0/22 212.55.224.0/19 Signature Algorithm: sha256WithRSAEncryption 8d:35:76:f8:21:5f:d0:80:48:b4:43:f0:8a:ec:eb:fc:40:e7: c7:bb:45:0d:dd:5a:0a:ff:d8:a9:ff:22:4b:da:0d:6f:a8:0b: 9b:ec:46:6d:d1:4a:e3:37:df:e7:b9:68:f4:73:f4:06:eb:6a: 9f:fa:6f:68:c1:15:1f:ea:56:e8:0e:7a:2b:42:07:2d:a6:d3: f8:de:4a:ab:5d:c0:e9:48:9a:cd:55:8b:e1:32:25:36:da:1d: a8:f2:93:17:e3:f7:2b:89:b0:33:7e:00:94:96:72:fa:5a:11: 8e:5d:91:69:8d:29:ba:f2:30:e4:69:81:c9:c0:3f:11:ef:2c: 8e:f2:d3:82:3e:05:f2:4e:28:ff:ab:1e:98:68:1d:91:c9:52: d8:cf:34:ff:a5:16:be:65:ef:b8:93:85:ec:c8:5d:77:97:07: 92:a0:d1:ac:77:d6:1d:9f:ab:56:d0:2a:95:13:95:6b:0d:49: 66:3d:ae:20:f9:50:f7:e1:e5:0f:a0:64:a8:de:ea:d9:a9:7b: 23:3a:7e:f1:10:a4:c6:95:03:82:54:2b:e8:5f:ed:b1:b2:95: b2:aa:13:b1:b1:f7:bd:dc:92:63:1e:a1:15:e1:47:bd:d4:68: cb:b5:ce:cc:83:cd:44:fa:2d:e7:8e:84:d2:ab:7c:0a:39:27: 98:bd:35:03 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5EGWuLQXnXhXyV4+1hnFtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4 MGQwN2QwHhcNMjYwMTAxMTAxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZjQ1MTlkYzgyZTEzNDI4MjcwOGQ1YjMwNWFkZTY3MzBhZjQzZTdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnksfA8T8E/dvEE5TV1edY2KgSq78 mKxtTwLtXb/PHmXcOVBBSQ6oIaK/boRU5ycE8KFc7FSgdjKcGnB+XqI+0SCC1K58 Vnd4Bp8+Vx7saojjVoNOWdHNSopzaRaSQghQUWBUOQjQao/CcQQQt7cz1ztUKVO6 GBLaXsjGd8/4maO/zuWnEM3DXyMbtC0Z5W6xfNJLw3zNDIisA+snt9vuZfeDeh3W x8auncTkdnZ5KdumQ7M5IMQLj12QwB+tRWwhl18rjzIZl1RK+CNramUixMh92A+E d6J5P7kebP1oHgHJXWmY8uH+G+ICiDd5TkjYgRdgxvIUit9bJ9gTyAbDKQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFA9FGdyC4TQoJwjVswWt5nMK9D56MB8GA1UdIwQY MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt NmU2ZThkOTMwM2U5LzEvRDBVWjNJTGhOQ2duQ05XekJhM21jd3IwUG5vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5 LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFVBAgAwQC uaUkAwQF1DfgMA0GCSqGSIb3DQEBCwUAA4IBAQCNNXb4IV/QgEi0Q/CK7Ov8QOfH u0UN3VoK/9ip/yJL2g1vqAub7EZt0UrjN9/nuWj0c/QG62qf+m9owRUf6lboDnor QgctptP43kqrXcDpSJrNVYvhMiU22h2o8pMX4/cribAzfgCUlnL6WhGOXZFpjSm6 8jDkaYHJwD8R7yyO8tOCPgXyTij/qx6YaB2RyVLYzzT/pRa+Ze+4k4XsyF13lweS oNGsd9Ydn6tW0CqVE5VrDUlmPa4g+VD34eUPoGSo3urZqXsjOn7xEKTGlQOCVCvo X+2xspWyqhOxsfe93JJjHqEV4Ue91GjLtc7Mg81E+i3njoTSq3wKOSeYvTUD -----END CERTIFICATE-----Generated at Mon Jan 26 14:45:50 2026 by rpki-client