This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/d7Oiy-xT-SexaolqG9PRJlxgqjU.roa File: d7Oiy-xT-SexaolqG9PRJlxgqjU.roa (raw, json) Hash identifier: 4jNxmS+Ck07zOfCR3EWOcxcJ2oApBPu6aJ/ogvm3WZk= Subject key identifier: 77:B3:A2:CB:EC:53:F9:27:B1:6A:89:6A:1B:D3:D1:26:5C:60:AA:35 Certificate issuer: /CN=a5b9df7e98f6f39fe2ba4022da277d2819828021 Certificate serial: 019B7D732831F0A614BC9BE17B02ABF846ED Authority key identifier: A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/d7Oiy-xT-SexaolqG9PRJlxgqjU.roa Signing time: Fri 02 Jan 2026 06:44:17 +0000 ROA not before: Fri 02 Jan 2026 06:44:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197019 IP address blocks: 31.31.72.0/21 maxlen: 24 37.157.192.0/21 maxlen: 24 46.28.104.0/21 maxlen: 21 89.221.208.0/20 maxlen: 24 185.8.236.0/22 maxlen: 24 2a02:2b88::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.mft rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:73:28:31:f0:a6:14:bc:9b:e1:7b:02:ab:f8:46:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5b9df7e98f6f39fe2ba4022da277d2819828021 Validity Not Before: Jan 2 06:44:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=77b3a2cbec53f927b16a896a1bd3d1265c60aa35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c0:a0:7b:ca:05:79:ee:fe:44:c7:bb:72:b1: c5:71:3b:d9:ba:17:24:7e:97:e8:58:38:6a:ce:17: e3:a2:64:55:32:08:31:2f:2a:07:8f:07:70:c7:04: 3f:36:b3:ff:f4:95:54:44:56:80:c1:c1:3f:9e:4a: 2d:60:64:19:aa:d3:1d:26:e2:4e:0f:13:24:d6:93: 28:04:0a:fa:46:df:0f:09:f9:fd:0c:31:ea:60:b1: 18:8d:14:20:6a:92:c0:c0:e7:46:f9:38:39:9f:f6: 70:e9:45:7a:be:00:50:c8:8b:d2:5e:22:22:a3:47: 8f:2b:68:f5:c1:ca:6f:f0:1c:37:35:69:02:16:d7: c4:0c:b5:6d:72:b7:95:64:ac:57:c8:d3:2c:49:3d: 11:8e:1a:02:9f:5a:7e:f4:be:36:31:cd:80:26:39: 48:6b:80:37:aa:bb:db:a1:db:5f:44:ea:16:70:22: 0f:47:4b:b9:39:30:08:da:b6:69:f9:3c:1b:2b:34: 64:86:cd:e0:a8:b6:ee:88:6b:94:9e:3f:47:15:17: 26:ea:58:2f:9f:42:e3:9a:8f:32:cc:e2:13:74:37: 29:a9:89:2c:af:be:bf:a7:1b:c3:d7:96:58:42:ea: 34:3e:fc:2d:15:9f:74:46:e1:18:7f:9d:41:87:3b: 6e:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:B3:A2:CB:EC:53:F9:27:B1:6A:89:6A:1B:D3:D1:26:5C:60:AA:35 X509v3 Authority Key Identifier: keyid:A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/d7Oiy-xT-SexaolqG9PRJlxgqjU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.31.72.0/21 37.157.192.0/21 46.28.104.0/21 89.221.208.0/20 185.8.236.0/22 IPv6: 2a02:2b88::/32 Signature Algorithm: sha256WithRSAEncryption 93:b0:f3:a2:e6:5c:93:f8:7d:18:84:e5:fb:90:cb:19:32:42: 59:cc:64:c3:fa:bc:f4:0e:a2:3c:f0:23:08:35:19:b0:13:c8: 19:59:24:98:fa:0b:b2:1d:38:1e:32:79:01:00:c0:1b:2d:31: b9:31:2e:86:86:39:a7:30:22:3c:d0:2e:79:63:b7:6b:7e:a3: 72:99:80:ba:d3:71:3e:a5:37:48:7b:1f:96:70:46:65:c1:70: 72:dc:d6:c8:a6:9a:6e:89:7a:cf:a9:01:18:3f:08:cb:ca:3e: 1b:ac:97:65:cb:18:13:79:8a:77:34:b6:05:1c:60:8a:fc:47: 5a:ae:a2:2e:22:fa:d3:fa:3f:0f:79:66:21:47:20:46:25:97: 23:8a:cd:31:a6:f9:4e:e7:15:3b:ff:11:08:a4:53:e2:45:1c: e3:27:40:f6:ef:dd:f8:29:e5:e8:83:56:e0:1a:55:58:69:40: cf:b0:e0:ff:c6:02:1f:dc:c8:04:ba:53:c1:81:ba:9d:54:ab: a2:89:45:43:07:58:b1:0a:52:81:b6:c7:ee:37:35:ef:45:fe: fa:75:75:de:7e:43:2f:97:3d:0d:3a:c2:44:7d:e2:91:5a:10: 03:44:f8:7d:ec:87:f0:1b:ac:f0:5a:ea:ec:de:fc:c3:24:72: e1:89:2f:3c -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt9cygx8KYUvJvhewKr+EbtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1YjlkZjdlOThmNmYzOWZlMmJhNDAyMmRhMjc3ZDI4MTk4 MjgwMjEwHhcNMjYwMTAyMDY0NDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3N2IzYTJjYmVjNTNmOTI3YjE2YTg5NmExYmQzZDEyNjVjNjBhYTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsCge8oFee7+RMe7crHFcTvZuhck fpfoWDhqzhfjomRVMggxLyoHjwdwxwQ/NrP/9JVURFaAwcE/nkotYGQZqtMdJuJO DxMk1pMoBAr6Rt8PCfn9DDHqYLEYjRQgapLAwOdG+Tg5n/Zw6UV6vgBQyIvSXiIi o0ePK2j1wcpv8Bw3NWkCFtfEDLVtcreVZKxXyNMsST0RjhoCn1p+9L42Mc2AJjlI a4A3qrvbodtfROoWcCIPR0u5OTAI2rZp+TwbKzRkhs3gqLbuiGuUnj9HFRcm6lgv n0Ljmo8yzOITdDcpqYksr76/pxvD15ZYQuo0PvwtFZ90RuEYf51BhztuUwIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFHezosvsU/knsWqJahvT0SZcYKo1MB8GA1UdIwQY MBaAFKW5336Y9vOf4rpAItonfSgZgoAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAt MGFjN2I3ZWRlNDJiLzEvZDdPaXkteFQtU2V4YW9scUc5UFJKbHhncWpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJi LzEvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHx9IAwQD JZ3AAwQDLhxoAwQEWd3QAwQCuQjsMA0EAgACMAcDBQAqAiuIMA0GCSqGSIb3DQEB CwUAA4IBAQCTsPOi5lyT+H0YhOX7kMsZMkJZzGTD+rz0DqI88CMINRmwE8gZWSSY +guyHTgeMnkBAMAbLTG5MS6GhjmnMCI80C55Y7drfqNymYC603E+pTdIex+WcEZl wXBy3NbIpppuiXrPqQEYPwjLyj4brJdlyxgTeYp3NLYFHGCK/EdarqIuIvrT+j8P eWYhRyBGJZcjis0xpvlO5xU7/xEIpFPiRRzjJ0D27934KeXog1bgGlVYaUDPsOD/ xgIf3MgEulPBgbqdVKuiiUVDB1ixClKBtsfuNzXvRf76dXXefkMvlz0NOsJEfeKR WhADRPh97IfwG6zwWurs3vzDJHLhiS88 -----END CERTIFICATE-----Generated at Mon Jan 26 18:40:47 2026 by rpki-client