This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/sU0CnD7fmFimr_rcXy1fRdF4mlw.roa File: sU0CnD7fmFimr_rcXy1fRdF4mlw.roa (raw, json) Hash identifier: /IZQqNWdeef3TByRifZMyHdV5Oe4U72Qr/QHSSpfxeY= Subject key identifier: B1:4D:02:9C:3E:DF:98:58:A6:AF:FA:DC:5F:2D:5F:45:D1:78:9A:5C Certificate issuer: /CN=576705b557b823086b6a532324bfbba36995cb1c Certificate serial: 019B7AC89C23A50EA5D820BC59AEE4A14FC1 Authority key identifier: 57:67:05:B5:57:B8:23:08:6B:6A:53:23:24:BF:BB:A3:69:95:CB:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V2cFtVe4IwhralMjJL-7o2mVyxw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/sU0CnD7fmFimr_rcXy1fRdF4mlw.roa Signing time: Thu 01 Jan 2026 18:18:46 +0000 ROA not before: Thu 01 Jan 2026 18:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214098 IP address blocks: 185.56.161.0/24 maxlen: 24 2a07:5c0:1::/48 maxlen: 48 2a07:5c0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/V2cFtVe4IwhralMjJL-7o2mVyxw.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/V2cFtVe4IwhralMjJL-7o2mVyxw.mft rsync://rpki.ripe.net/repository/DEFAULT/V2cFtVe4IwhralMjJL-7o2mVyxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:9c:23:a5:0e:a5:d8:20:bc:59:ae:e4:a1:4f:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=576705b557b823086b6a532324bfbba36995cb1c Validity Not Before: Jan 1 18:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b14d029c3edf9858a6affadc5f2d5f45d1789a5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:37:a2:80:d4:45:b1:ba:0b:46:cc:99:f2:f0: 66:7c:47:82:bb:21:a5:ef:fa:24:e3:25:f5:05:68: d6:86:99:a5:3a:67:ba:ef:e7:aa:7c:bb:29:4a:83: c2:a6:9e:af:53:8e:6e:f1:c9:4e:d3:33:22:01:fd: 02:2d:7e:30:4b:14:08:53:db:13:33:cc:b7:0a:0c: f6:57:ee:24:bc:bf:26:8e:dd:00:54:7f:f4:73:5a: ce:a7:2d:8e:63:cd:8d:06:38:1e:70:96:05:e0:e5: 2b:9f:d5:0a:de:62:c0:d3:c0:67:dc:70:0f:85:c8: 58:a2:70:a7:6f:96:52:a5:08:54:db:c0:1d:4c:b8: 5c:29:15:7b:48:7e:5f:38:09:87:75:95:ad:42:77: d9:bc:ea:10:f6:7d:c2:dd:8f:c1:df:a6:80:69:d8: f3:ae:5d:cd:29:e8:66:bd:0f:ae:c3:4e:b1:86:c2: b0:a6:76:a0:07:af:28:01:97:4b:be:f1:5f:28:5b: 7c:ea:40:44:45:e1:9e:8e:fc:d7:3f:12:56:61:64: 27:9d:dc:18:df:bc:bd:d0:f3:fc:40:72:5a:c1:63: f3:eb:b3:51:92:d0:9b:74:85:84:ea:60:24:71:0b: e1:45:c1:ea:5a:2b:13:3c:38:17:68:9c:b6:0f:12: 58:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:4D:02:9C:3E:DF:98:58:A6:AF:FA:DC:5F:2D:5F:45:D1:78:9A:5C X509v3 Authority Key Identifier: keyid:57:67:05:B5:57:B8:23:08:6B:6A:53:23:24:BF:BB:A3:69:95:CB:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V2cFtVe4IwhralMjJL-7o2mVyxw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/sU0CnD7fmFimr_rcXy1fRdF4mlw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/V2cFtVe4IwhralMjJL-7o2mVyxw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.56.161.0/24 IPv6: 2a07:5c0:1::-2a07:5c0:2:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption e1:9d:1d:0a:c6:23:ed:88:e1:30:93:f7:7f:14:14:14:1e:03: 4f:72:2d:50:6c:34:b3:ba:5c:e6:95:45:42:57:3e:cd:54:f9: fd:02:fd:c6:75:8f:74:c9:7e:43:62:44:90:12:4e:0b:e3:d3: bc:42:13:71:de:fb:ed:36:c0:e2:d1:4a:a8:85:84:64:bd:52: 0a:5b:7e:e8:22:45:b9:9e:94:89:92:75:a4:20:36:cf:43:2d: 2d:bb:76:01:60:91:08:df:7e:e6:48:ab:28:68:72:dd:ec:cf: 3f:50:62:59:35:af:a8:28:0a:b8:38:af:aa:1c:f1:b9:5d:d0: b6:5e:f7:4a:c9:30:b2:4e:e3:c0:53:b6:29:9f:56:90:48:aa: 40:18:fe:d9:6b:d9:23:ea:a9:f3:38:2c:c6:df:49:3a:bf:fd: 93:80:91:a8:ba:4e:5a:ad:11:c9:ea:70:c5:4f:b1:ea:4d:2c: c7:e1:d0:28:52:a8:b4:98:79:45:20:70:01:a6:1e:eb:f7:95: d9:98:9f:4a:64:7d:35:9f:bb:8b:62:81:c6:f5:b6:65:1e:f6: fe:a6:5e:c3:e1:79:0a:6b:30:90:2c:77:4b:e3:22:c6:cc:f9: ec:9f:0c:7e:04:89:09:20:db:65:ae:40:64:9b:5f:ed:aa:c0: a4:14:f0:4c -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt6yJwjpQ6l2CC8Wa7koU/BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3NjcwNWI1NTdiODIzMDg2YjZhNTMyMzI0YmZiYmEzNjk5 NWNiMWMwHhcNMjYwMTAxMTgxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMTRkMDI5YzNlZGY5ODU4YTZhZmZhZGM1ZjJkNWY0NWQxNzg5YTVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDeigNRFsboLRsyZ8vBmfEeCuyGl 7/ok4yX1BWjWhpmlOme67+eqfLspSoPCpp6vU45u8clO0zMiAf0CLX4wSxQIU9sT M8y3Cgz2V+4kvL8mjt0AVH/0c1rOpy2OY82NBjgecJYF4OUrn9UK3mLA08Bn3HAP hchYonCnb5ZSpQhU28AdTLhcKRV7SH5fOAmHdZWtQnfZvOoQ9n3C3Y/B36aAadjz rl3NKehmvQ+uw06xhsKwpnagB68oAZdLvvFfKFt86kBEReGejvzXPxJWYWQnndwY 37y90PP8QHJawWPz67NRktCbdIWE6mAkcQvhRcHqWisTPDgXaJy2DxJYwwIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFLFNApw+35hYpq/63F8tX0XReJpcMB8GA1UdIwQY MBaAFFdnBbVXuCMIa2pTIyS/u6NplcscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjJjRnRWZTRJd2hyYWxNakpMLTdvMm1WeXh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83ZDdlMWQtMzNjMC00MzQyLWIyNTkt YTdiZjNiZjkwMmQ4LzEvc1UwQ25EN2ZtRmltcl9yY1h5MWZSZEY0bWx3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC83ZDdlMWQtMzNjMC00MzQyLWIyNTktYTdiZjNiZjkwMmQ4 LzEvVjJjRnRWZTRJd2hyYWxNakpMLTdvMm1WeXh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAuTihMBoE AgACMBQwEgMHACoHBcAAAQMHACoHBcAAAjANBgkqhkiG9w0BAQsFAAOCAQEA4Z0d CsYj7YjhMJP3fxQUFB4DT3ItUGw0s7pc5pVFQlc+zVT5/QL9xnWPdMl+Q2JEkBJO C+PTvEITcd777TbA4tFKqIWEZL1SClt+6CJFuZ6UiZJ1pCA2z0MtLbt2AWCRCN9+ 5kirKGhy3ezPP1BiWTWvqCgKuDivqhzxuV3Qtl73Sskwsk7jwFO2KZ9WkEiqQBj+ 2WvZI+qp8zgsxt9JOr/9k4CRqLpOWq0RyepwxU+x6k0sx+HQKFKotJh5RSBwAaYe 6/eV2ZifSmR9NZ+7i2KBxvW2ZR72/qZew+F5CmswkCx3S+Mixsz57J8MfgSJCSDb Za5AZJtf7arApBTwTA== -----END CERTIFICATE-----Generated at Sun Jan 25 17:32:45 2026 by rpki-client