This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/a9024d-bbd8-4dee-a323-0050ea36c296/1/0ppkgAkMVUZmtvxiis_JaRg_jKc.roa File: 0ppkgAkMVUZmtvxiis_JaRg_jKc.roa (raw, json) Hash identifier: hmBjjzY/GLh0BaP+YN19dWeqC0F3ldt8pYexHB8bxW0= Subject key identifier: D2:9A:64:80:09:0C:55:46:66:B6:FC:62:8A:CF:C9:69:18:3F:8C:A7 Certificate issuer: /CN=462767a7375f1ac546691aaf2a511fbb6277031d Certificate serial: 019B8DD9C447EAE0761FFC9D80D24FB32A5A Authority key identifier: 46:27:67:A7:37:5F:1A:C5:46:69:1A:AF:2A:51:1F:BB:62:77:03:1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RidnpzdfGsVGaRqvKlEfu2J3Ax0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/a9024d-bbd8-4dee-a323-0050ea36c296/1/0ppkgAkMVUZmtvxiis_JaRg_jKc.roa Signing time: Mon 05 Jan 2026 11:10:17 +0000 ROA not before: Mon 05 Jan 2026 11:10:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12976 IP address blocks: 212.65.64.0/19 maxlen: 19 213.152.128.0/19 maxlen: 19 2a01:6e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/a9024d-bbd8-4dee-a323-0050ea36c296/1/RidnpzdfGsVGaRqvKlEfu2J3Ax0.crl rsync://rpki.ripe.net/repository/DEFAULT/d4/a9024d-bbd8-4dee-a323-0050ea36c296/1/RidnpzdfGsVGaRqvKlEfu2J3Ax0.mft rsync://rpki.ripe.net/repository/DEFAULT/RidnpzdfGsVGaRqvKlEfu2J3Ax0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8d:d9:c4:47:ea:e0:76:1f:fc:9d:80:d2:4f:b3:2a:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=462767a7375f1ac546691aaf2a511fbb6277031d Validity Not Before: Jan 5 11:10:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d29a6480090c554666b6fc628acfc969183f8ca7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:a2:d7:3e:73:a7:f2:18:e1:1e:03:64:b3:f5: b8:22:47:77:1c:49:64:e6:f0:74:eb:09:ac:5a:c9: 79:74:ac:6c:2c:1e:d0:04:6c:a8:1d:4a:b4:48:9d: b2:7b:bf:6b:11:61:95:9e:fe:5a:a5:75:1f:c0:ca: d4:e7:a1:51:8d:29:b4:5c:73:f3:75:f8:84:cc:48: c3:35:a0:32:75:cd:17:0e:11:64:31:d1:ec:7a:d2: 80:77:74:09:81:83:10:e5:63:b3:37:2d:34:ca:ed: 44:21:bd:38:bb:d1:e8:94:b2:74:fa:b5:39:ef:55: 8c:b2:8b:82:f1:e9:c2:15:95:83:03:5c:25:fc:47: 44:2d:ea:24:a7:c3:4b:1b:44:22:26:00:7d:f0:ab: fb:10:97:82:ea:d8:44:a4:f8:0e:04:85:cc:05:f7: 6f:d0:55:26:6c:1a:c3:ab:7c:fe:ab:75:d7:3f:da: 42:54:ec:8e:cd:b5:1d:30:b9:a1:58:73:2d:cd:9b: fa:f5:ed:7f:67:be:cc:89:99:39:02:36:34:64:bd: e2:92:01:f0:c7:f8:6c:a5:93:20:c9:ee:4d:f7:4e: 77:40:d8:53:7d:c1:d5:36:b2:9f:63:aa:c3:91:eb: 41:e3:3c:3a:89:44:8f:a3:b3:d4:25:d8:e0:66:5f: ad:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:9A:64:80:09:0C:55:46:66:B6:FC:62:8A:CF:C9:69:18:3F:8C:A7 X509v3 Authority Key Identifier: keyid:46:27:67:A7:37:5F:1A:C5:46:69:1A:AF:2A:51:1F:BB:62:77:03:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RidnpzdfGsVGaRqvKlEfu2J3Ax0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/a9024d-bbd8-4dee-a323-0050ea36c296/1/0ppkgAkMVUZmtvxiis_JaRg_jKc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/a9024d-bbd8-4dee-a323-0050ea36c296/1/RidnpzdfGsVGaRqvKlEfu2J3Ax0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.65.64.0/19 213.152.128.0/19 IPv6: 2a01:6e0::/32 Signature Algorithm: sha256WithRSAEncryption a2:3f:32:35:9c:b7:17:ff:14:f4:14:b4:85:11:4e:7c:07:69: 52:7a:80:b0:5f:a0:ce:2a:2c:02:8f:1e:92:74:70:c6:ed:d4: 70:c4:d8:6a:08:2f:bb:62:82:81:4e:ba:11:0f:22:bf:1d:19: 53:33:60:6d:d1:94:c4:2d:50:7e:3c:1b:ca:6d:9d:e1:bc:42: e1:1b:2a:41:ad:f7:46:3b:0a:59:45:79:9a:52:32:54:31:f1: 3c:dc:11:fc:53:03:69:2f:bd:63:f5:22:7f:e1:94:e8:16:86: f0:5e:61:4d:4d:5b:1c:f1:81:0c:67:f4:da:2c:46:c5:f7:d9: 70:8a:bb:61:81:30:16:fe:29:76:e5:de:8a:cd:63:e2:d2:09: 52:02:44:1d:f9:25:56:08:76:13:ec:91:27:0d:9a:26:6a:d5: dd:0f:44:6b:21:3e:fe:c1:78:21:13:84:1d:06:b1:0c:c6:9c: 61:85:32:b4:4c:d3:0e:a9:50:c5:f0:79:8a:ae:fd:2b:f5:1d: bf:cb:9b:b6:2b:23:4d:e8:0b:17:07:d5:58:9c:78:cb:93:f7: ea:1d:fe:58:bc:08:52:24:11:95:83:74:02:1a:31:27:86:f1: 14:00:5b:dc:dc:39:7e:1d:e7:98:66:2f:49:8a:f1:29:b2:ac: 3f:30:93:dc -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZuN2cRH6uB2H/ydgNJPsypaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2Mjc2N2E3Mzc1ZjFhYzU0NjY5MWFhZjJhNTExZmJiNjI3 NzAzMWQwHhcNMjYwMTA1MTExMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMjlhNjQ4MDA5MGM1NTQ2NjZiNmZjNjI4YWNmYzk2OTE4M2Y4Y2E3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraLXPnOn8hjhHgNks/W4Ikd3HElk 5vB06wmsWsl5dKxsLB7QBGyoHUq0SJ2ye79rEWGVnv5apXUfwMrU56FRjSm0XHPz dfiEzEjDNaAydc0XDhFkMdHsetKAd3QJgYMQ5WOzNy00yu1EIb04u9HolLJ0+rU5 71WMsouC8enCFZWDA1wl/EdELeokp8NLG0QiJgB98Kv7EJeC6thEpPgOBIXMBfdv 0FUmbBrDq3z+q3XXP9pCVOyOzbUdMLmhWHMtzZv69e1/Z77MiZk5AjY0ZL3ikgHw x/hspZMgye5N9053QNhTfcHVNrKfY6rDketB4zw6iUSPo7PUJdjgZl+tiwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNKaZIAJDFVGZrb8YorPyWkYP4ynMB8GA1UdIwQY MBaAFEYnZ6c3XxrFRmkarypRH7tidwMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUmlkbnB6ZGZHc1ZHYVJxdktsRWZ1MkozQXgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9hOTAyNGQtYmJkOC00ZGVlLWEzMjMt MDA1MGVhMzZjMjk2LzEvMHBwa2dBa01WVVptdHZ4aWlzX0phUmdfaktjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNC9hOTAyNGQtYmJkOC00ZGVlLWEzMjMtMDA1MGVhMzZjMjk2 LzEvUmlkbnB6ZGZHc1ZHYVJxdktsRWZ1MkozQXgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQF1EFAAwQF 1ZiAMA0EAgACMAcDBQAqAQbgMA0GCSqGSIb3DQEBCwUAA4IBAQCiPzI1nLcX/xT0 FLSFEU58B2lSeoCwX6DOKiwCjx6SdHDG7dRwxNhqCC+7YoKBTroRDyK/HRlTM2Bt 0ZTELVB+PBvKbZ3hvELhGypBrfdGOwpZRXmaUjJUMfE83BH8UwNpL71j9SJ/4ZTo FobwXmFNTVsc8YEMZ/TaLEbF99lwirthgTAW/il25d6KzWPi0glSAkQd+SVWCHYT 7JEnDZomatXdD0RrIT7+wXghE4QdBrEMxpxhhTK0TNMOqVDF8HmKrv0r9R2/y5u2 KyNN6AsXB9VYnHjLk/fqHf5YvAhSJBGVg3QCGjEnhvEUAFvc3Dl+HeeYZi9JivEp sqw/MJPc -----END CERTIFICATE-----Generated at Mon Jan 26 09:23:41 2026 by rpki-client