This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/tI1eWKq17tDG9hQWcAP-FozruWU.roa File: tI1eWKq17tDG9hQWcAP-FozruWU.roa (raw, json) Hash identifier: yszzGKzH2Y3utLHy31Xungt79IkdPWx2rbVckLVltxM= Subject key identifier: B4:8D:5E:58:AA:B5:EE:D0:C6:F6:14:16:70:03:FE:16:8C:EB:B9:65 Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b Certificate serial: 019B775914C5BBFF9B1E32FA50B73666233F Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/tI1eWKq17tDG9hQWcAP-FozruWU.roa Signing time: Thu 01 Jan 2026 02:18:05 +0000 ROA not before: Thu 01 Jan 2026 02:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60078 IP address blocks: 85.204.248.0/24 maxlen: 24 85.204.249.0/24 maxlen: 24 2a10:52c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:14:c5:bb:ff:9b:1e:32:fa:50:b7:36:66:23:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b Validity Not Before: Jan 1 02:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b48d5e58aab5eed0c6f614167003fe168cebb965 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:dc:e5:84:f2:80:e6:5e:6a:9e:dc:ef:39:a1: fe:cd:73:6c:47:b4:93:9e:ed:e8:85:8c:60:ea:3f: 05:57:e0:82:07:37:8f:7c:3e:86:91:90:37:3b:d6: b8:38:24:1a:8a:c5:b2:8c:cd:01:fe:01:fb:24:e9: 09:0f:5e:ba:85:73:08:cc:96:e6:1f:b3:34:06:0d: 84:5b:29:d9:78:d5:29:a5:28:48:10:9b:d6:2e:02: 55:b0:22:34:b1:f8:24:2a:d7:13:9e:e6:24:44:02: 63:c7:b4:5d:3b:7a:01:b4:1d:e6:5f:12:00:88:19: 02:3e:3a:c1:f6:c8:27:cd:89:dd:13:98:70:94:78: eb:d9:1a:f6:7c:e1:8d:12:d2:80:74:da:4d:9f:0d: f4:fd:ac:6d:a7:d5:82:6f:a2:d5:9d:c1:f4:d5:e9: f9:17:8c:7e:e9:cf:0f:0a:d3:91:e8:de:42:af:a5: e5:ba:f5:12:78:89:03:24:a8:a1:b1:54:e3:01:ec: 8f:6e:11:5d:6a:59:c7:19:76:ac:ec:78:51:c3:46: 72:3e:d4:4d:10:26:03:d6:97:c2:5d:c1:a7:c6:84: 78:2c:66:16:de:d2:db:f4:56:49:23:5f:ff:a8:bf: ab:b7:28:ff:6a:10:f5:75:bd:de:0c:47:8d:35:4e: 91:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:8D:5E:58:AA:B5:EE:D0:C6:F6:14:16:70:03:FE:16:8C:EB:B9:65 X509v3 Authority Key Identifier: keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/tI1eWKq17tDG9hQWcAP-FozruWU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.204.248.0/23 IPv6: 2a10:52c0::/48 Signature Algorithm: sha256WithRSAEncryption 97:a2:43:91:85:79:83:64:68:27:4b:3c:1f:77:39:4f:3a:da: 59:a9:80:71:75:2c:14:37:88:78:9e:dc:6b:5a:6b:eb:ec:04: 2e:b0:c2:8f:f0:94:dd:92:81:2b:25:7b:2c:f3:b0:5b:61:16: 79:ef:45:05:59:31:ee:62:32:6e:08:b1:70:a6:6f:97:fd:6e: cc:2a:f9:dc:f4:47:b2:eb:77:8e:27:25:e4:c1:e1:36:4f:44: 70:fa:c2:38:6d:a0:f0:9f:33:81:8d:68:0a:1c:db:17:b5:f5: 02:f8:e4:7e:72:39:20:c8:36:7b:bd:9e:54:f9:54:69:9d:97: 7b:05:0b:60:4e:f9:c3:7d:f9:f9:d5:bf:6b:d5:86:08:cf:30: ba:fe:ac:10:e2:14:77:b0:06:84:15:35:39:9b:5e:ec:11:ac: 87:d5:ed:a2:ab:9c:72:78:c6:ff:1a:95:e8:43:fd:99:8c:52: be:b1:e3:bb:0c:25:58:64:0c:db:7e:5d:ef:ec:0e:0a:59:e7: 13:f8:61:53:7f:cc:53:11:29:80:d0:16:29:da:33:d8:9f:65: d7:54:6b:88:0a:d3:56:8c:94:4e:f4:79:ab:63:82:9e:2e:42: c0:6f:53:42:f4:9c:c9:42:b1:b8:d5:06:3e:b3:2f:86:96:f7: 58:ca:7b:bf -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt3WRTFu/+bHjL6ULc2ZiM/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk ODI0MGIwHhcNMjYwMTAxMDIxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNDhkNWU1OGFhYjVlZWQwYzZmNjE0MTY3MDAzZmUxNjhjZWJiOTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dzlhPKA5l5qntzvOaH+zXNsR7ST nu3ohYxg6j8FV+CCBzePfD6GkZA3O9a4OCQaisWyjM0B/gH7JOkJD166hXMIzJbm H7M0Bg2EWynZeNUppShIEJvWLgJVsCI0sfgkKtcTnuYkRAJjx7RdO3oBtB3mXxIA iBkCPjrB9sgnzYndE5hwlHjr2Rr2fOGNEtKAdNpNnw30/axtp9WCb6LVncH01en5 F4x+6c8PCtOR6N5Cr6XluvUSeIkDJKihsVTjAeyPbhFdalnHGXas7HhRw0ZyPtRN ECYD1pfCXcGnxoR4LGYW3tLb9FZJI1//qL+rtyj/ahD1db3eDEeNNU6R/wIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFLSNXliqte7QxvYUFnAD/haM67llMB8GA1UdIwQY MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt MWQ3MDNiNDk2NjM0LzEvdEkxZVdLcTE3dERHOWhRV2NBUC1Gb3pydVdVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0 LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBVcz4MA8E AgACMAkDBwAqEFLAAAAwDQYJKoZIhvcNAQELBQADggEBAJeiQ5GFeYNkaCdLPB93 OU862lmpgHF1LBQ3iHie3Gtaa+vsBC6wwo/wlN2SgSsleyzzsFthFnnvRQVZMe5i Mm4IsXCmb5f9bswq+dz0R7Lrd44nJeTB4TZPRHD6wjhtoPCfM4GNaAoc2xe19QL4 5H5yOSDINnu9nlT5VGmdl3sFC2BO+cN9+fnVv2vVhgjPMLr+rBDiFHewBoQVNTmb XuwRrIfV7aKrnHJ4xv8alehD/ZmMUr6x47sMJVhkDNt+Xe/sDgpZ5xP4YVN/zFMR KYDQFinaM9ifZddUa4gK01aMlE70eatjgp4uQsBvU0L0nMlCsbjVBj6zL4aW91jK e78= -----END CERTIFICATE-----Generated at Mon Jan 26 05:14:44 2026 by rpki-client