This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/sJZVmKX-G_XNNEcca8MTXPH-dbc.roa File: sJZVmKX-G_XNNEcca8MTXPH-dbc.roa (raw, json) Hash identifier: DQKLyMn35LbEuueIciMk2w6CESjK2ZNYZ5n5ZL//wOw= Subject key identifier: B0:96:55:98:A5:FE:1B:F5:CD:34:47:1C:6B:C3:13:5C:F1:FE:75:B7 Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a Certificate serial: 019B7FF271626E357DAE03EF0E57BA909A86 Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/sJZVmKX-G_XNNEcca8MTXPH-dbc.roa Signing time: Fri 02 Jan 2026 18:22:33 +0000 ROA not before: Fri 02 Jan 2026 18:22:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41703 IP address blocks: 89.252.227.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:71:62:6e:35:7d:ae:03:ef:0e:57:ba:90:9a:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a Validity Not Before: Jan 2 18:22:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b0965598a5fe1bf5cd34471c6bc3135cf1fe75b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:11:0b:09:af:26:e9:a6:af:41:c4:f5:8f:c2: d6:cc:3f:c4:d8:a2:77:8a:4f:1c:ef:b5:5d:96:45: 3c:92:0a:90:51:ef:af:7f:9b:37:6e:ec:7d:56:32: 3a:f6:c4:b6:ef:65:83:2f:48:f0:3c:9b:fd:59:6b: 5a:59:f0:e0:13:ef:c9:59:89:ee:ed:74:d2:a0:90: 96:14:5f:f1:97:52:a5:85:57:11:71:c6:46:74:4b: 6f:0c:6a:08:b4:92:43:7d:a1:cb:69:c8:53:6f:52: d4:a8:a6:46:2e:70:f2:84:9e:38:00:41:c5:b0:e8: 49:b4:76:8d:8c:56:02:4d:08:e8:18:56:ef:0b:c1: 03:14:d8:cb:bd:dd:44:73:fe:ec:00:38:d5:e9:6e: 0e:76:4f:a5:52:2e:8a:82:e0:d3:c0:c4:04:67:e8: a6:44:49:86:3d:63:c3:56:fa:9c:7d:fe:b7:4c:fc: 9d:d8:bf:b6:36:f9:51:2d:3b:79:f3:51:f7:38:91: d8:db:47:46:68:0c:cf:26:4b:db:b0:57:c8:ff:87: ae:e4:5b:22:4b:73:16:eb:08:62:bd:7c:bb:9b:da: b2:aa:56:a4:aa:49:9d:11:47:e6:0c:13:9f:7d:71: 05:05:bc:0b:0f:88:77:74:35:1a:ee:d7:fc:c6:77: 62:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:96:55:98:A5:FE:1B:F5:CD:34:47:1C:6B:C3:13:5C:F1:FE:75:B7 X509v3 Authority Key Identifier: keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/sJZVmKX-G_XNNEcca8MTXPH-dbc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.252.227.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:f9:4a:ec:64:e1:d7:c2:70:9f:c2:41:45:3b:7e:8e:e2:cc: 37:fc:ea:3e:34:83:d5:1f:e4:ae:41:78:68:5e:19:11:a3:94: 2c:3f:92:df:e4:b1:b1:f9:fc:fc:9a:2f:38:b6:54:44:cf:41: de:e8:f1:d7:8e:99:34:df:21:2d:bf:cc:05:75:51:8b:70:13: 0c:e9:e0:2c:58:8a:05:cd:3f:3a:7a:83:e6:2a:a8:5d:95:25: 20:73:77:28:8f:cb:a8:02:ba:4a:9d:df:7a:a7:75:bc:0c:86: c0:75:f6:9f:46:3e:af:e3:de:01:12:ad:2a:b4:eb:d3:00:8a: 36:ba:c1:f5:83:59:9a:64:2e:89:8a:75:5f:6e:b0:13:70:8d: ef:b8:c3:1c:67:c7:64:fd:27:64:e1:20:6c:45:11:41:6c:5e: 7d:39:85:3a:da:75:31:88:96:7e:6b:13:7f:c2:c1:5f:56:c7: 7f:fb:f8:0c:6e:d4:e4:d7:8b:67:fb:d3:5e:f2:f9:69:b3:2f: 9d:2f:d7:91:26:2f:99:63:0a:80:b8:6b:f5:61:0d:11:fb:9e: 0d:10:ab:70:80:70:18:30:84:2b:e9:0b:74:72:7f:e2:52:38: 96:53:00:ce:2a:9a:a8:3a:96:28:d0:1c:3d:2c:7f:31:9a:9a: 05:92:6f:11 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/8nFibjV9rgPvDle6kJqGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj M2YwMGEwHhcNMjYwMTAyMTgyMjMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMDk2NTU5OGE1ZmUxYmY1Y2QzNDQ3MWM2YmMzMTM1Y2YxZmU3NWI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshELCa8m6aavQcT1j8LWzD/E2KJ3 ik8c77VdlkU8kgqQUe+vf5s3bux9VjI69sS272WDL0jwPJv9WWtaWfDgE+/JWYnu 7XTSoJCWFF/xl1KlhVcRccZGdEtvDGoItJJDfaHLachTb1LUqKZGLnDyhJ44AEHF sOhJtHaNjFYCTQjoGFbvC8EDFNjLvd1Ec/7sADjV6W4Odk+lUi6KguDTwMQEZ+im REmGPWPDVvqcff63TPyd2L+2NvlRLTt581H3OJHY20dGaAzPJkvbsFfI/4eu5Fsi S3MW6whivXy7m9qyqlakqkmdEUfmDBOffXEFBbwLD4h3dDUa7tf8xndiCwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLCWVZil/hv1zTRHHGvDE1zx/nW3MB8GA1UdIwQY MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt YjI3ZDZlMjc4ZTE4LzEvc0paVm1LWC1HX1hOTkVjY2E4TVRYUEgtZGJjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4 LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfzjMA0G CSqGSIb3DQEBCwUAA4IBAQAv+UrsZOHXwnCfwkFFO36O4sw3/Oo+NIPVH+SuQXho XhkRo5QsP5Lf5LGx+fz8mi84tlREz0He6PHXjpk03yEtv8wFdVGLcBMM6eAsWIoF zT86eoPmKqhdlSUgc3coj8uoArpKnd96p3W8DIbAdfafRj6v494BEq0qtOvTAIo2 usH1g1maZC6JinVfbrATcI3vuMMcZ8dk/Sdk4SBsRRFBbF59OYU62nUxiJZ+axN/ wsFfVsd/+/gMbtTk14tn+9Ne8vlpsy+dL9eRJi+ZYwqAuGv1YQ0R+54NEKtwgHAY MIQr6Qt0cn/iUjiWUwDOKpqoOpYo0Bw9LH8xmpoFkm8R -----END CERTIFICATE-----Generated at Sun Jan 25 23:16:32 2026 by rpki-client