This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DFtEIWk6l-EYnRa4w6FRCOafgbQ.roa File: DFtEIWk6l-EYnRa4w6FRCOafgbQ.roa (raw, json) Hash identifier: je+PzT35d8DLpecSD76n2lea12dP2VewkCf6xgpSbKQ= Subject key identifier: 0C:5B:44:21:69:3A:97:E1:18:9D:16:B8:C3:A1:51:08:E6:9F:81:B4 Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003 Certificate serial: 019BC7EA4B4DD396647F4852B388B2C2B23F Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DFtEIWk6l-EYnRa4w6FRCOafgbQ.roa Signing time: Fri 16 Jan 2026 17:46:19 +0000 ROA not before: Fri 16 Jan 2026 17:46:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213520 IP address blocks: 64.188.68.0/22 maxlen: 24 64.188.74.0/24 maxlen: 24 64.188.104.0/22 maxlen: 24 77.239.120.0/23 maxlen: 24 144.31.16.0/23 maxlen: 24 144.31.18.0/23 maxlen: 24 144.31.84.0/23 maxlen: 24 144.31.116.0/23 maxlen: 24 144.31.118.0/23 maxlen: 24 144.31.122.0/23 maxlen: 24 144.31.134.0/23 maxlen: 24 144.31.138.0/23 maxlen: 24 144.31.196.0/23 maxlen: 24 144.31.232.0/24 maxlen: 24 144.31.233.0/24 maxlen: 24 150.241.78.0/23 maxlen: 24 193.23.197.0/24 maxlen: 24 193.23.210.0/23 maxlen: 24 193.23.218.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:c7:ea:4b:4d:d3:96:64:7f:48:52:b3:88:b2:c2:b2:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003 Validity Not Before: Jan 16 17:46:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0c5b4421693a97e1189d16b8c3a15108e69f81b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:10:68:02:1b:9c:b7:1b:04:2b:a1:7a:f5:8a: 7d:33:85:08:c2:36:a5:01:6a:71:bf:43:a3:29:35: 35:e3:b9:fa:55:ee:7c:1b:16:f9:63:86:c3:33:6e: 13:a7:ae:22:43:51:bc:81:db:9d:62:ca:db:53:ab: 00:fb:32:7e:83:54:9c:30:ba:8e:ac:24:f7:5c:12: 0f:e7:79:17:3a:bf:7e:fe:05:e1:3b:e7:1b:78:a0: 03:1e:f9:23:80:9d:7a:2d:4e:b1:54:bf:86:ac:24: 96:74:95:04:4a:a6:5c:d7:9c:c8:f9:60:89:7e:cf: 88:4e:d5:1d:8f:e9:79:59:65:aa:43:01:17:84:e2: 6b:aa:b9:ba:23:62:30:14:f1:e8:3f:4d:0e:31:cf: 8b:63:89:e6:20:1d:5b:2e:e6:df:be:67:25:59:a8: 1e:d2:29:d9:0d:e2:99:60:40:4f:8d:0b:68:91:af: 16:a9:a4:20:88:ff:93:7c:2c:5c:3a:eb:6e:48:b9: 71:d8:44:64:8b:86:cf:ad:2b:df:69:cd:06:55:6e: 17:a9:48:80:3c:1b:55:4c:ac:9e:30:83:fd:29:cc: e0:00:07:ed:fb:54:e0:f1:af:4c:99:e0:84:06:33: c9:c2:6b:1c:55:4e:ed:88:98:31:7c:62:31:9b:1e: c4:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:5B:44:21:69:3A:97:E1:18:9D:16:B8:C3:A1:51:08:E6:9F:81:B4 X509v3 Authority Key Identifier: keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DFtEIWk6l-EYnRa4w6FRCOafgbQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.188.68.0/22 64.188.74.0/24 64.188.104.0/22 77.239.120.0/23 144.31.16.0/22 144.31.84.0/23 144.31.116.0/22 144.31.122.0/23 144.31.134.0/23 144.31.138.0/23 144.31.196.0/23 144.31.232.0/23 150.241.78.0/23 193.23.197.0/24 193.23.210.0/23 193.23.218.0/23 Signature Algorithm: sha256WithRSAEncryption 87:7e:4d:1f:a3:31:2d:d5:30:fe:d1:fb:38:46:2b:77:c1:62: 5a:3e:b4:a4:dd:00:3f:03:9d:ab:1c:1d:6b:c6:ea:02:b3:72: f8:37:45:74:a4:4a:2f:68:2d:f7:ff:c1:36:f4:52:a8:38:47: c2:ec:67:8a:7b:f0:1d:d4:62:06:e7:c3:27:a6:fa:1a:b9:07: 24:15:53:63:f7:ec:b1:3e:e3:67:78:7e:eb:36:86:ca:fb:b5: 21:ce:1a:de:54:d9:93:a3:13:d2:91:2c:a3:7f:df:4c:6a:b3: 52:41:86:08:f8:b4:80:12:06:94:c2:07:cd:1a:01:1d:f4:98: 33:4e:73:87:29:56:45:f8:bb:d6:1b:fd:2d:30:5d:30:33:c2: bf:32:89:56:6f:4c:a5:e8:6b:43:f2:67:47:fd:0b:1d:9d:5f: e8:88:03:a4:1e:e2:d6:8d:69:76:63:16:f0:ad:08:49:66:74: bb:1d:0d:c6:37:a5:ba:31:5c:43:db:f4:7f:ff:0a:8d:0a:ca: 39:38:0b:ad:a2:1d:09:6c:75:d3:79:f4:f8:00:d8:6c:ec:4f: b7:87:7c:98:c7:e1:f0:b1:ec:c5:d8:bf:08:48:44:8b:66:7f: 00:e2:e3:68:60:f0:88:40:8b:6a:94:84:90:b5:e9:0b:01:24: 28:e5:92:3e -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgISAZvH6ktN05Zkf0hSs4iywrI/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4 NDAwMDMwHhcNMjYwMTE2MTc0NjE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYzViNDQyMTY5M2E5N2UxMTg5ZDE2YjhjM2ExNTEwOGU2OWY4MWI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xBoAhuctxsEK6F69Yp9M4UIwjal AWpxv0OjKTU147n6Ve58Gxb5Y4bDM24Tp64iQ1G8gdudYsrbU6sA+zJ+g1ScMLqO rCT3XBIP53kXOr9+/gXhO+cbeKADHvkjgJ16LU6xVL+GrCSWdJUESqZc15zI+WCJ fs+ITtUdj+l5WWWqQwEXhOJrqrm6I2IwFPHoP00OMc+LY4nmIB1bLubfvmclWage 0inZDeKZYEBPjQtoka8WqaQgiP+TfCxcOutuSLlx2ERki4bPrSvfac0GVW4XqUiA PBtVTKyeMIP9KczgAAft+1Tg8a9MmeCEBjPJwmscVU7tiJgxfGIxmx7EhQIDAQAB o4ICYzCCAl8wHQYDVR0OBBYEFAxbRCFpOpfhGJ0WuMOhUQjmn4G0MB8GA1UdIwQY MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt MTQzOTY3YThmZTA4LzEvREZ0RUlXazZsLUVZblJhNHc2RlJDT2FmZ2JRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4 LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQCQLxEAwQA QLxKAwQCQLxoAwQBTe94AwQCkB8QAwQBkB9UAwQCkB90AwQBkB96AwQBkB+GAwQB kB+KAwQBkB/EAwQBkB/oAwQBlvFOAwQAwRfFAwQBwRfSAwQBwRfaMA0GCSqGSIb3 DQEBCwUAA4IBAQCHfk0fozEt1TD+0fs4Rit3wWJaPrSk3QA/A52rHB1rxuoCs3L4 N0V0pEovaC33/8E29FKoOEfC7GeKe/Ad1GIG58MnpvoauQckFVNj9+yxPuNneH7r NobK+7UhzhreVNmToxPSkSyjf99MarNSQYYI+LSAEgaUwgfNGgEd9JgzTnOHKVZF +LvWG/0tMF0wM8K/MolWb0yl6GtD8mdH/QsdnV/oiAOkHuLWjWl2YxbwrQhJZnS7 HQ3GN6W6MVxD2/R//wqNCso5OAutoh0JbHXTefT4ANhs7E+3h3yYx+HwsezF2L8I SESLZn8A4uNoYPCIQItqlISQtekLASQo5ZI+ -----END CERTIFICATE-----Generated at Sun Jan 25 12:06:28 2026 by rpki-client