This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/c1k5DpW670XTtOlEvTkIz9kZXlc.roa File: c1k5DpW670XTtOlEvTkIz9kZXlc.roa (raw, json) Hash identifier: Y49a9m/TdUFutVOSA2rIEcmP18u8ki2BwGqjBT3Sy90= Subject key identifier: 73:59:39:0E:95:BA:EF:45:D3:B4:E9:44:BD:39:08:CF:D9:19:5E:57 Certificate issuer: /CN=df0ba4f56e6f037725286037afc3c14c293b9b82 Certificate serial: 019B76EB2531FA7C570B6CBEAF1A81EFF026 Authority key identifier: DF:0B:A4:F5:6E:6F:03:77:25:28:60:37:AF:C3:C1:4C:29:3B:9B:82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wuk9W5vA3clKGA3r8PBTCk7m4I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/c1k5DpW670XTtOlEvTkIz9kZXlc.roa Signing time: Thu 01 Jan 2026 00:18:00 +0000 ROA not before: Thu 01 Jan 2026 00:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50629 IP address blocks: 31.172.0.0/18 maxlen: 24 31.172.96.0/21 maxlen: 24 83.243.0.0/21 maxlen: 24 185.148.248.0/22 maxlen: 24 195.182.2.0/24 maxlen: 24 2001:67c:194::/48 maxlen: 48 2a01:a700::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/3wuk9W5vA3clKGA3r8PBTCk7m4I.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/3wuk9W5vA3clKGA3r8PBTCk7m4I.mft rsync://rpki.ripe.net/repository/DEFAULT/3wuk9W5vA3clKGA3r8PBTCk7m4I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:25:31:fa:7c:57:0b:6c:be:af:1a:81:ef:f0:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df0ba4f56e6f037725286037afc3c14c293b9b82 Validity Not Before: Jan 1 00:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7359390e95baef45d3b4e944bd3908cfd9195e57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:de:d0:50:3b:6c:7f:8d:e3:9c:ac:89:db:ce: 12:55:47:3b:95:58:3f:d7:6b:17:55:ba:67:10:e4: d3:88:20:4d:a6:69:41:8c:fa:cd:50:cc:c7:f5:43: 8b:9a:ba:2c:71:43:26:de:a1:1d:63:de:cc:b3:70: fc:1a:05:89:c1:c5:d6:99:48:7e:b6:15:51:94:bb: 36:24:c7:05:e7:55:f6:9d:7e:b1:4e:82:b6:95:6b: d5:ba:0f:02:66:89:de:c4:4a:53:26:ed:af:f1:14: 00:08:c4:16:2a:e9:25:ed:3d:8c:08:95:f6:7b:a3: 61:eb:77:76:01:ee:a1:fd:7f:dd:b6:ea:9f:62:ff: 94:4b:66:27:ed:cc:40:6b:1f:10:17:1d:1c:68:75: d6:94:b5:f8:9b:89:b2:52:61:9d:97:2b:2b:73:b2: 27:ab:bd:93:9e:f1:71:4b:2f:5a:e7:de:e8:d3:07: fe:e8:c5:54:8e:cd:e3:06:30:a9:f1:78:72:3a:68: 18:54:82:cd:e2:39:46:2d:87:3f:f5:ee:b3:21:7a: 13:75:80:81:43:dd:b8:34:64:f9:5c:c5:1b:14:c2: 84:64:ae:25:c3:cf:2f:3f:01:3b:f9:fa:0d:f2:08: 29:82:39:a8:ae:f9:e1:02:72:21:64:c2:40:f1:50: 3f:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:59:39:0E:95:BA:EF:45:D3:B4:E9:44:BD:39:08:CF:D9:19:5E:57 X509v3 Authority Key Identifier: keyid:DF:0B:A4:F5:6E:6F:03:77:25:28:60:37:AF:C3:C1:4C:29:3B:9B:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wuk9W5vA3clKGA3r8PBTCk7m4I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/c1k5DpW670XTtOlEvTkIz9kZXlc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/3wuk9W5vA3clKGA3r8PBTCk7m4I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.172.0.0/18 31.172.96.0/21 83.243.0.0/21 185.148.248.0/22 195.182.2.0/24 IPv6: 2001:67c:194::/48 2a01:a700::/29 Signature Algorithm: sha256WithRSAEncryption bd:c1:3e:26:2f:b1:c5:9c:92:bd:7b:33:2c:df:6b:18:24:bb: 40:1d:65:7c:7c:f6:0a:31:a8:cb:3c:8f:0e:96:6c:c1:25:ad: 4a:97:75:51:15:1c:3c:b2:eb:80:78:92:24:e0:80:c9:c0:5b: 39:a3:30:a3:4f:4c:1a:52:cf:51:d7:26:77:37:90:07:3c:a1: 68:80:ce:21:50:5d:f2:ff:3c:f0:df:59:4b:85:52:ff:f5:34: fc:19:4f:c0:86:92:5c:10:23:8e:a8:20:f7:25:c7:b2:66:22: 69:3a:27:17:40:b8:c1:2a:1a:e9:fa:13:5a:fd:0e:76:0c:8a: fc:32:16:f3:e5:bf:16:2d:eb:fd:3d:17:46:be:20:06:48:f1: 28:78:d0:6d:96:28:d3:0a:b4:44:20:f4:e4:c7:24:0e:c8:fd: 49:d6:61:14:df:8c:65:d3:73:59:75:36:1b:3f:ab:31:c4:78: 07:52:7b:eb:2e:ff:0b:5e:1e:88:bc:e1:99:95:91:54:f1:ad: 5f:44:cc:4c:35:e4:e8:9f:6c:37:1c:04:69:4f:c5:15:f8:a3: ef:48:9e:be:be:13:e0:b0:01:54:e5:ad:46:6b:86:27:8a:3d: 91:e9:87:95:eb:77:19:a0:fd:74:e6:07:e3:7d:50:ed:67:b7: aa:90:05:b8 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgISAZt26yUx+nxXC2y+rxqB7/AmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmMGJhNGY1NmU2ZjAzNzcyNTI4NjAzN2FmYzNjMTRjMjkz YjliODIwHhcNMjYwMTAxMDAxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MzU5MzkwZTk1YmFlZjQ1ZDNiNGU5NDRiZDM5MDhjZmQ5MTk1ZTU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnN7QUDtsf43jnKyJ284SVUc7lVg/ 12sXVbpnEOTTiCBNpmlBjPrNUMzH9UOLmroscUMm3qEdY97Ms3D8GgWJwcXWmUh+ thVRlLs2JMcF51X2nX6xToK2lWvVug8CZonexEpTJu2v8RQACMQWKukl7T2MCJX2 e6Nh63d2Ae6h/X/dtuqfYv+US2Yn7cxAax8QFx0caHXWlLX4m4myUmGdlysrc7In q72TnvFxSy9a597o0wf+6MVUjs3jBjCp8XhyOmgYVILN4jlGLYc/9e6zIXoTdYCB Q924NGT5XMUbFMKEZK4lw88vPwE7+foN8ggpgjmorvnhAnIhZMJA8VA/lQIDAQAB o4ICOTCCAjUwHQYDVR0OBBYEFHNZOQ6Vuu9F07TpRL05CM/ZGV5XMB8GA1UdIwQY MBaAFN8LpPVubwN3JShgN6/DwUwpO5uCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3d1azlXNXZBM2NsS0dBM3I4UEJUQ2s3bTRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hODBiZDktYmExMS00NThlLTg0ZTIt MzZjNjc4OTAwZjc5LzEvYzFrNURwVzY3MFhUdE9sRXZUa0l6OWtaWGxjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy9hODBiZDktYmExMS00NThlLTg0ZTItMzZjNjc4OTAwZjc5 LzEvM3d1azlXNXZBM2NsS0dBM3I4UEJUQ2s3bTRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQGH6wAAwQD H6xgAwQDU/MAAwQCuZT4AwQAw7YCMBYEAgACMBADBwAgAQZ8AZQDBQMqAacAMA0G CSqGSIb3DQEBCwUAA4IBAQC9wT4mL7HFnJK9ezMs32sYJLtAHWV8fPYKMajLPI8O lmzBJa1Kl3VRFRw8suuAeJIk4IDJwFs5ozCjT0waUs9R1yZ3N5AHPKFogM4hUF3y /zzw31lLhVL/9TT8GU/AhpJcECOOqCD3JceyZiJpOicXQLjBKhrp+hNa/Q52DIr8 Mhbz5b8WLev9PRdGviAGSPEoeNBtlijTCrREIPTkxyQOyP1J1mEU34xl03NZdTYb P6sxxHgHUnvrLv8LXh6IvOGZlZFU8a1fRMxMNeTon2w3HARpT8UV+KPvSJ6+vhPg sAFU5a1Ga4Ynij2R6YeV63cZoP105gfjfVDtZ7eqkAW4 -----END CERTIFICATE-----Generated at Mon Jan 26 08:38:59 2026 by rpki-client