This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/28LudlG1yP68N48FiZaHtqk72K8.roa File: 28LudlG1yP68N48FiZaHtqk72K8.roa (raw, json) Hash identifier: 5dBhZER1Qa42n7n8NoOAfpg90tBUobSV95L4NLM5PZA= Subject key identifier: DB:C2:EE:76:51:B5:C8:FE:BC:37:8F:05:89:96:87:B6:A9:3B:D8:AF Certificate issuer: /CN=d1df4803e54b084a99cb7bb044bf791327594b73 Certificate serial: 019B7759469A2B1B1D0EDB2843F2BE1D38A4 Authority key identifier: D1:DF:48:03:E5:4B:08:4A:99:CB:7B:B0:44:BF:79:13:27:59:4B:73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d9IA-VLCEqZy3uwRL95EydZS3M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/28LudlG1yP68N48FiZaHtqk72K8.roa Signing time: Thu 01 Jan 2026 02:18:18 +0000 ROA not before: Thu 01 Jan 2026 02:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48981 IP address blocks: 91.198.28.0/24 maxlen: 24 2a0f:5c40::/29 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/0d9IA-VLCEqZy3uwRL95EydZS3M.crl rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/0d9IA-VLCEqZy3uwRL95EydZS3M.mft rsync://rpki.ripe.net/repository/DEFAULT/0d9IA-VLCEqZy3uwRL95EydZS3M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:46:9a:2b:1b:1d:0e:db:28:43:f2:be:1d:38:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1df4803e54b084a99cb7bb044bf791327594b73 Validity Not Before: Jan 1 02:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dbc2ee7651b5c8febc378f05899687b6a93bd8af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:76:fb:e5:95:5e:40:65:ac:07:59:cb:0f:e5: df:1a:cb:49:c4:25:9f:4c:89:06:cd:1b:06:c0:7c: 9f:57:25:9e:46:c6:dc:a9:f9:e2:a7:36:29:fd:ee: 6c:01:c4:49:21:84:25:d1:c4:31:81:95:e4:5b:ac: 9d:e2:0e:cf:64:1c:59:e0:ce:57:88:c9:63:e8:b2: d8:62:fd:e0:e1:0d:a8:b8:29:97:97:0a:cb:15:c1: 21:5d:0a:29:b1:37:bc:ee:f1:14:72:46:6b:ab:57: 9e:c0:5c:69:c7:f8:6c:89:d9:49:cd:19:52:8a:8a: f4:e2:a2:77:ca:7e:a3:e0:11:55:65:aa:28:56:cb: 8e:15:85:b4:47:8a:b7:ac:1e:49:76:39:1e:33:2f: f8:7d:8c:5e:01:02:13:eb:a7:82:9b:04:a5:3c:c6: 81:15:ac:a7:8f:49:dc:4c:2b:53:8f:0a:5d:8e:4e: 92:49:7a:45:69:e9:12:1b:a2:d3:84:90:f4:53:d0: 1e:28:c3:87:ab:f5:94:ac:c0:46:e4:ed:28:64:6d: 0f:4d:a0:c9:9a:3b:b0:85:13:af:5e:91:55:36:bc: d0:fd:c5:cf:5d:60:33:8c:3a:40:43:98:26:5b:81: 87:2e:32:09:86:5d:cf:58:6b:e8:e3:da:e0:fe:9f: 0f:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:C2:EE:76:51:B5:C8:FE:BC:37:8F:05:89:96:87:B6:A9:3B:D8:AF X509v3 Authority Key Identifier: keyid:D1:DF:48:03:E5:4B:08:4A:99:CB:7B:B0:44:BF:79:13:27:59:4B:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d9IA-VLCEqZy3uwRL95EydZS3M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/28LudlG1yP68N48FiZaHtqk72K8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/0d5f53-9653-47fb-a977-48f5e8767d02/1/0d9IA-VLCEqZy3uwRL95EydZS3M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.198.28.0/24 IPv6: 2a0f:5c40::/29 Signature Algorithm: sha256WithRSAEncryption 7b:5c:a9:90:2b:66:c5:ba:fa:b8:aa:4d:d6:90:4f:c1:84:ad: 34:a2:b3:7f:4c:4b:14:27:d0:75:c4:69:25:81:e5:d0:ce:86: 7b:a4:d3:fb:19:da:ef:af:d0:68:d1:da:87:34:33:97:63:fc: 3a:c4:72:f8:ad:0d:8c:32:32:1d:75:23:4a:03:7b:c0:10:fb: c9:dc:9f:2f:d4:f8:c0:67:3c:b5:d2:f4:a2:57:79:42:70:39: c6:b7:dc:51:f3:8b:37:fb:3c:67:34:8f:a6:db:3e:c6:5a:94: 6a:31:e5:bf:c8:2c:07:fd:7b:d5:09:19:97:65:26:37:45:49: d2:2a:f5:57:84:ff:25:79:3e:0a:ad:9c:4d:63:fe:62:91:6f: 8f:7e:4b:5d:64:79:22:7e:b0:8e:a1:c9:36:5c:ed:a5:d7:cb: a1:ce:e9:be:53:d1:61:b2:7a:b0:8f:ed:eb:93:9f:8f:8c:90: 24:d0:20:15:12:a3:8c:45:c3:20:fb:61:21:3f:4a:b0:89:06: a7:53:db:a8:f1:70:65:f8:38:d8:ac:1d:ca:bb:de:08:24:62: 0e:83:9d:26:bf:df:a7:c8:a7:b2:ca:05:fe:19:2a:37:5c:89: 71:73:a0:1d:ab:10:bd:d0:01:f9:ef:ab:3f:e9:f3:e2:f1:35: ff:67:4c:60 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3WUaaKxsdDtsoQ/K+HTikMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxZGY0ODAzZTU0YjA4NGE5OWNiN2JiMDQ0YmY3OTEzMjc1 OTRiNzMwHhcNMjYwMTAxMDIxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYmMyZWU3NjUxYjVjOGZlYmMzNzhmMDU4OTk2ODdiNmE5M2JkOGFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnb75ZVeQGWsB1nLD+XfGstJxCWf TIkGzRsGwHyfVyWeRsbcqfnipzYp/e5sAcRJIYQl0cQxgZXkW6yd4g7PZBxZ4M5X iMlj6LLYYv3g4Q2ouCmXlwrLFcEhXQopsTe87vEUckZrq1eewFxpx/hsidlJzRlS ior04qJ3yn6j4BFVZaooVsuOFYW0R4q3rB5JdjkeMy/4fYxeAQIT66eCmwSlPMaB Faynj0ncTCtTjwpdjk6SSXpFaekSG6LThJD0U9AeKMOHq/WUrMBG5O0oZG0PTaDJ mjuwhROvXpFVNrzQ/cXPXWAzjDpAQ5gmW4GHLjIJhl3PWGvo49rg/p8PYQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFNvC7nZRtcj+vDePBYmWh7apO9ivMB8GA1UdIwQY MBaAFNHfSAPlSwhKmct7sES/eRMnWUtzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGQ5SUEtVkxDRXFaeTN1d1JMOTVFeWRaUzNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8wZDVmNTMtOTY1My00N2ZiLWE5Nzct NDhmNWU4NzY3ZDAyLzEvMjhMdWRsRzF5UDY4TjQ4RmlaYUh0cWs3Mks4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNi8wZDVmNTMtOTY1My00N2ZiLWE5NzctNDhmNWU4NzY3ZDAy LzEvMGQ5SUEtVkxDRXFaeTN1d1JMOTVFeWRaUzNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8YcMA0E AgACMAcDBQMqD1xAMA0GCSqGSIb3DQEBCwUAA4IBAQB7XKmQK2bFuvq4qk3WkE/B hK00orN/TEsUJ9B1xGklgeXQzoZ7pNP7Gdrvr9Bo0dqHNDOXY/w6xHL4rQ2MMjId dSNKA3vAEPvJ3J8v1PjAZzy10vSiV3lCcDnGt9xR84s3+zxnNI+m2z7GWpRqMeW/ yCwH/XvVCRmXZSY3RUnSKvVXhP8leT4KrZxNY/5ikW+PfktdZHkifrCOock2XO2l 18uhzum+U9Fhsnqwj+3rk5+PjJAk0CAVEqOMRcMg+2EhP0qwiQanU9uo8XBl+DjY rB3Ku94IJGIOg50mv9+nyKeyygX+GSo3XIlxc6AdqxC90AH576s/6fPi8TX/Z0xg -----END CERTIFICATE-----Generated at Sun Jan 25 16:54:41 2026 by rpki-client