This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/Dla58c4NF4e-8Fh3gF-JldNSHSM.roa File: Dla58c4NF4e-8Fh3gF-JldNSHSM.roa (raw, json) Hash identifier: fUcyUatpA7Zq3P4h9Dkuq1MejOsAl/ix3+G/GiH0qeM= Subject key identifier: 0E:56:B9:F1:CE:0D:17:87:BE:F0:58:77:80:5F:89:95:D3:52:1D:23 Certificate issuer: /CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c Certificate serial: 019B7BA50CF69F92E578B98E97B78B1F5D97 Authority key identifier: DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/Dla58c4NF4e-8Fh3gF-JldNSHSM.roa Signing time: Thu 01 Jan 2026 22:19:32 +0000 ROA not before: Thu 01 Jan 2026 22:19:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15917 IP address blocks: 217.31.0.0/20 maxlen: 20 217.31.0.0/22 maxlen: 22 217.31.4.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.crl rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.mft rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:0c:f6:9f:92:e5:78:b9:8e:97:b7:8b:1f:5d:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c Validity Not Before: Jan 1 22:19:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0e56b9f1ce0d1787bef05877805f8995d3521d23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:f4:d1:7f:ab:c1:ff:63:44:ca:f9:ee:67:9d: a4:34:9b:1f:69:b2:fe:54:50:a1:2c:58:bf:15:fb: 0c:c9:29:36:a2:00:f1:eb:69:6f:e3:5a:6f:76:ad: 90:e5:bc:2c:ed:88:cc:dc:5a:91:66:8a:bb:b1:d1: 3d:f8:ae:2c:c1:88:77:f1:6d:68:51:50:c3:59:cc: 7f:42:17:8e:5b:a1:ca:8d:b4:b1:2c:3a:83:2a:37: e0:59:75:55:79:c9:e2:4f:c7:94:a6:21:e7:41:2b: fb:d0:9b:14:53:34:ae:c5:40:82:45:11:fa:70:38: dd:09:15:22:b7:86:12:42:e5:74:38:8a:56:b0:f6: 65:1f:2c:f7:7d:65:03:b6:7f:78:57:a1:22:82:13: 92:8d:11:23:0f:3e:11:d5:ea:70:3b:64:a9:46:78: f7:9d:15:42:e1:e2:1e:f4:4a:db:07:02:14:5d:78: 99:cd:b1:b6:e5:eb:f4:da:17:62:70:09:ef:90:e9: 17:b3:8f:03:af:3e:b2:13:fa:5f:1f:c8:bc:2f:84: 29:1a:c5:9d:52:57:6a:d8:82:f5:6c:dc:4b:dc:96: bb:79:ca:11:28:f6:ac:80:b7:91:a6:aa:7b:23:06: 81:93:e4:1a:9f:9b:f3:db:46:33:4a:c7:ec:2f:37: 32:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:56:B9:F1:CE:0D:17:87:BE:F0:58:77:80:5F:89:95:D3:52:1D:23 X509v3 Authority Key Identifier: keyid:DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/Dla58c4NF4e-8Fh3gF-JldNSHSM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.31.0.0/20 Signature Algorithm: sha256WithRSAEncryption 15:14:e4:7a:06:3c:0c:01:ef:22:81:42:22:77:39:e0:3d:d8: 2c:d8:20:a1:d1:98:59:5a:f5:c6:03:72:dd:19:f1:a7:75:5f: b0:e8:a3:eb:b2:2a:4d:cf:6f:b6:5a:fa:b6:0b:cc:81:6d:16: 00:54:18:99:c7:5b:52:f1:f0:ff:74:6c:29:a9:cd:c7:52:a9: 65:b9:5b:e3:3f:e4:30:c5:45:6f:1f:2d:f5:98:74:07:cb:72: 9d:bf:04:1d:e2:4d:47:ec:df:f4:f9:3e:d7:52:9d:6e:ee:6b: 49:be:c2:29:24:60:c2:a7:8c:15:82:6b:3e:91:a3:3e:b5:f6: bb:b3:03:f0:14:28:c7:a4:1b:d2:9e:91:40:e4:00:7a:90:bc: 97:2f:71:c3:02:7c:e6:41:d0:43:e2:f2:fe:df:ca:82:c7:a5: 0f:15:f5:c4:aa:23:82:f2:f7:a7:45:62:86:e9:d9:f2:e7:00: 2d:b2:52:e2:51:c8:f4:bf:fb:cb:c1:92:b7:62:8c:a6:a5:f0: e6:38:fa:02:24:69:cb:4f:73:2e:dc:e7:e4:56:4c:4c:eb:33: 86:a1:db:7c:01:00:75:1e:56:03:43:46:ea:24:0b:fe:e7:a9: dc:af:03:62:05:b2:ce:0e:4e:c1:81:ea:d0:0b:95:84:52:49: c2:e3:ff:ab -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7pQz2n5LleLmOl7eLH12XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlNjY0MDM1N2FlNGFlMTBmYzBiM2U5ZDk4ZjJhMGNiMDEx ODkwM2MwHhcNMjYwMTAxMjIxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZTU2YjlmMWNlMGQxNzg3YmVmMDU4Nzc4MDVmODk5NWQzNTIxZDIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvTRf6vB/2NEyvnuZ52kNJsfabL+ VFChLFi/FfsMySk2ogDx62lv41pvdq2Q5bws7YjM3FqRZoq7sdE9+K4swYh38W1o UVDDWcx/QheOW6HKjbSxLDqDKjfgWXVVecniT8eUpiHnQSv70JsUUzSuxUCCRRH6 cDjdCRUit4YSQuV0OIpWsPZlHyz3fWUDtn94V6EighOSjREjDz4R1epwO2SpRnj3 nRVC4eIe9ErbBwIUXXiZzbG25ev02hdicAnvkOkXs48Drz6yE/pfH8i8L4QpGsWd Uldq2IL1bNxL3Ja7ecoRKPasgLeRpqp7IwaBk+Qan5vz20YzSsfsLzcyLwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFA5WufHODReHvvBYd4BfiZXTUh0jMB8GA1UdIwQY MBaAFN5mQDV65K4Q/As+nZjyoMsBGJA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAt ZmY5N2Y2MmEwOTQ1LzEvRGxhNThjNE5GNGUtOEZoM2dGLUpsZE5TSFNNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAtZmY5N2Y2MmEwOTQ1 LzEvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2R8AMA0G CSqGSIb3DQEBCwUAA4IBAQAVFOR6BjwMAe8igUIidzngPdgs2CCh0ZhZWvXGA3Ld GfGndV+w6KPrsipNz2+2Wvq2C8yBbRYAVBiZx1tS8fD/dGwpqc3HUqlluVvjP+Qw xUVvHy31mHQHy3KdvwQd4k1H7N/0+T7XUp1u7mtJvsIpJGDCp4wVgms+kaM+tfa7 swPwFCjHpBvSnpFA5AB6kLyXL3HDAnzmQdBD4vL+38qCx6UPFfXEqiOC8venRWKG 6dny5wAtslLiUcj0v/vLwZK3YoympfDmOPoCJGnLT3Mu3OfkVkxM6zOGodt8AQB1 HlYDQ0bqJAv+56ncrwNiBbLODk7BgerQC5WEUknC4/+r -----END CERTIFICATE-----Generated at Sun Jan 25 16:11:27 2026 by rpki-client