This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_dg99Pgu9sXy9n61V1SOyIAsz68.roa File: _dg99Pgu9sXy9n61V1SOyIAsz68.roa (raw, json) Hash identifier: ljG6pKAy2VwHE3QsWNyoPRAh/FEzLDZlVIYW5TWBjuw= Subject key identifier: FD:D8:3D:F4:F8:2E:F6:C5:F2:F6:7E:B5:57:54:8E:C8:80:2C:CF:AF Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Certificate serial: 019B77C7159CC81FBBEB0C3519498D60E7E9 Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_dg99Pgu9sXy9n61V1SOyIAsz68.roa Signing time: Thu 01 Jan 2026 04:18:14 +0000 ROA not before: Thu 01 Jan 2026 04:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204834 IP address blocks: 85.133.160.0/22 maxlen: 24 85.133.229.0/24 maxlen: 24 85.133.242.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:15:9c:c8:1f:bb:eb:0c:35:19:49:8d:60:e7:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Validity Not Before: Jan 1 04:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fdd83df4f82ef6c5f2f67eb557548ec8802ccfaf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e7:fd:52:a3:7b:06:3c:b1:3f:68:95:e5:17: 57:38:4d:a6:bd:17:68:3b:bb:e4:6a:3e:2c:8f:41: 13:1c:6a:80:24:fb:0c:26:e5:9e:b5:f8:bc:32:ec: 9e:5b:79:00:c6:75:94:f3:ac:de:d8:b3:42:3d:9c: c3:97:11:98:38:84:58:17:8e:b1:ba:47:a2:f6:92: b0:63:72:19:0a:b4:f4:ff:aa:e0:64:40:d6:3c:63: ec:6f:55:0c:e4:b9:65:18:15:c2:ec:11:b9:d7:03: 85:0a:87:c7:1e:e3:9a:fc:51:8c:81:df:ed:99:52: f5:f0:c9:01:d1:c6:c4:44:f1:bf:87:72:f0:40:67: 0f:eb:8e:86:90:9b:61:2f:bd:68:16:0d:07:11:35: d6:92:58:47:54:81:99:59:a3:6f:26:24:51:6b:4a: a2:2c:a5:ed:3a:18:1a:5f:24:a2:e1:b9:ef:e5:30: 98:5f:9a:d3:d5:d0:c7:03:28:13:9c:98:18:dc:3c: fd:67:38:aa:98:54:76:46:66:36:12:f4:51:a8:93: 7b:b7:f9:6d:10:e1:ce:b6:f0:86:97:57:c8:d2:be: 28:5b:cd:e9:d8:aa:b7:a0:3a:e4:7f:0c:24:75:38: b5:4f:f5:93:5b:38:f9:48:2a:a4:e0:f7:9a:2c:fa: d0:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:D8:3D:F4:F8:2E:F6:C5:F2:F6:7E:B5:57:54:8E:C8:80:2C:CF:AF X509v3 Authority Key Identifier: keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/_dg99Pgu9sXy9n61V1SOyIAsz68.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.133.160.0/22 85.133.229.0/24 85.133.242.0/24 Signature Algorithm: sha256WithRSAEncryption ae:c4:9c:13:27:35:dd:88:c9:68:0f:e1:26:6b:eb:f8:48:eb: c6:93:f6:84:24:32:f1:21:83:e5:9c:8c:2a:75:23:2b:22:f0: 9a:ec:e5:3c:f9:b0:63:fc:e8:58:26:94:d7:1c:e5:82:a6:6c: 8d:ff:3c:3b:66:4b:25:26:ff:bb:b6:a3:47:9a:07:8c:05:eb: 62:00:e3:36:68:9c:b0:d0:1f:c8:fc:9c:d1:c8:e9:47:f6:83: 8a:43:bc:e9:be:fe:26:2e:eb:ae:ec:1a:17:f0:5f:a7:ca:a2: 15:33:d9:8d:18:4e:8c:8d:5c:3c:b6:9e:ba:27:e7:7f:00:3d: 10:55:15:ca:86:e8:80:1a:53:55:31:75:2c:b6:d2:3f:5a:e2: 3d:e7:e8:51:d8:e9:be:cb:a6:6b:0a:33:68:d5:62:d7:2c:e5: 42:cc:4e:b7:d6:2b:3c:17:f3:52:ae:e9:39:2f:02:da:69:db: 91:e7:8f:3d:5e:ee:2d:c1:0c:81:52:ad:f6:bc:18:1b:fa:8d: 41:a7:c4:26:20:1e:6d:6f:4a:7e:95:32:3e:cd:b0:68:8c:2a: 3a:09:12:ca:7e:f9:15:38:27:28:92:a8:23:f7:ec:8b:67:f7: 8b:8f:c3:9a:08:65:4b:28:60:2f:3a:4d:eb:6d:a5:e3:96:1a: ec:39:54:24 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt3xxWcyB+76ww1GUmNYOfpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5 NDY3MDIwHhcNMjYwMTAxMDQxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZGQ4M2RmNGY4MmVmNmM1ZjJmNjdlYjU1NzU0OGVjODgwMmNjZmFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoef9UqN7BjyxP2iV5RdXOE2mvRdo O7vkaj4sj0ETHGqAJPsMJuWetfi8MuyeW3kAxnWU86ze2LNCPZzDlxGYOIRYF46x ukei9pKwY3IZCrT0/6rgZEDWPGPsb1UM5LllGBXC7BG51wOFCofHHuOa/FGMgd/t mVL18MkB0cbERPG/h3LwQGcP646GkJthL71oFg0HETXWklhHVIGZWaNvJiRRa0qi LKXtOhgaXySi4bnv5TCYX5rT1dDHAygTnJgY3Dz9ZziqmFR2RmY2EvRRqJN7t/lt EOHOtvCGl1fI0r4oW83p2Kq3oDrkfwwkdTi1T/WTWzj5SCqk4PeaLPrQWwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFP3YPfT4LvbF8vZ+tVdUjsiALM+vMB8GA1UdIwQY MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt NWQxZmE2NmMzNjNiLzEvX2RnOTlQZ3U5c1h5OW42MVYxU095SUFzejY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVYWgAwQA VYXlAwQAVYXyMA0GCSqGSIb3DQEBCwUAA4IBAQCuxJwTJzXdiMloD+Ema+v4SOvG k/aEJDLxIYPlnIwqdSMrIvCa7OU8+bBj/OhYJpTXHOWCpmyN/zw7ZkslJv+7tqNH mgeMBetiAOM2aJyw0B/I/JzRyOlH9oOKQ7zpvv4mLuuu7BoX8F+nyqIVM9mNGE6M jVw8tp66J+d/AD0QVRXKhuiAGlNVMXUsttI/WuI95+hR2Om+y6ZrCjNo1WLXLOVC zE631is8F/NSruk5LwLaaduR5489Xu4twQyBUq32vBgb+o1Bp8QmIB5tb0p+lTI+ zbBojCo6CRLKfvkVOCcokqgj9+yLZ/eLj8OaCGVLKGAvOk3rbaXjlhrsOVQk -----END CERTIFICATE-----Generated at Sun Jan 25 20:47:56 2026 by rpki-client